Hi,
I tried that way. I can't seem to be able to reverse the algo. I get wierd chars in the code and that also doesn't work in the actual program. The function they use on the name is

mov esi,OFFSET NameBuffer
cdq
@@:
mov eax,dword ptr [esi]
inc esi
add edx,eax
shr eax,18h
test eax,eax
jnz @B

Then they do this with the code:

mov esi,OFFSET CodeBuffer
xor edx,edx
xor ecx,ecx
@@:
inc ecx
movzx eax,byte ptr [esi+ecx]
not al
add dh,al
rol edx,5
not al
mov dl,al
cmp ecx,16
jne @B

It compares edx with the previous cksum. I tried reversing the second algo like this:

mov ecx,10h
xor eax,eax
mov edi,OFFSET CodeBuffer
@@:
mov al,dl
not al
ror edx,5
sub dh,al
not al
stosb
dec ecx
jne @B

Its not working. Please help!!

Thomas Antony