void CopyCode(PDWORD target, PDWORD newfunc) { Hook dwEhsvc + - TopicsExpress

void CopyCode(PDWORD target, PDWORD newfunc) { Hook dwEhsvc + i3gfx DWORD Jmpto=(DWORD)(newfunc)-(DWORD)target-5; DWORD a; VirtualProtect(target, 8, PAGE_EXECUTE_READWRITE, &a); *(PBYTE)(target)=0xE9; *(PDWORD)((DWORD)(target)+1)=Jmpto; VirtualProtect(target, 8, a, &a); } class CHSBypass { public: char _0x0000[168]; DWORD dwES; char _0x00AC[156]; DWORD dwDIP; }; HMODULE hGfxDx = LoadLibrary(i3GfxDx.dll); DWORD WINAPI HookUndetect5(LPVOID Param) { if (hGfxDx > 0) { DWORD tmp1 = (DWORD)GetProcAddress(hGfxDx, ?g_pRenderContext@@3PAVi3RenderContext@@A); DWORD tmp2 = 0; while(!pGDevice) { if(IsBadReadPtr((PDWORD)tmp1,4)==NULL)tmp2 = *(PDWORD)((DWORD)(tmp1))+ 0x5380; // ?EndRender@i3RenderContext@@QAEXXZ if(IsBadReadPtr((PDWORD)tmp2,4)==NULL) { DWORD OldProtect; VirtualProtect((void*)(tmp2), 4, PAGE_EXECUTE_READWRITE, &OldProtect); memcpy(&pGDevice, (void *)tmp2, 4); VirtualProtect((void*)(tmp2), 4, OldProtect, NULL); } } DWORD *g_pDevice = (DWORD*)pGDevice; g_pDevice = (DWORD*)g_pDevice[0]; while(!pDevice)pDevice = (LPDIRECT3DDEVICE9)(DWORD*)g_pDevice; *(PDWORD)&oEndScene = g_pDevice[42]; *(PDWORD)&oDrawIndexedPrimitive = g_pDevice[82]; CopyCode((PDWORD)(g_pDevice[1] - 5), (PDWORD)(g_pDevice[4] - 5)); CopyCode((PDWORD)(g_pDevice[2] - 5), (PDWORD)(g_pDevice[5] - 5)); CopyCode((PDWORD)(g_pDevice[3] - 5), (PDWORD)(g_pDevice[6] - 5)); CopyCode((PDWORD)(g_pDevice[4] - 5), (PDWORD)hkEndScene); CopyCode((PDWORD)(g_pDevice[5] - 5), (PDWORD)hkDrawIndexedPrimitive); while(1) { DWORD dwEhsvc = (DWORD)GetModuleHandleA(EhSvc.dll) + 0x126F64 + 0x7B; //1008EBA1 . 68 646F1210 PUSH ehsvc.10126F64 ; ASCII Exception Raised (Error : 0x%x) CHSBypass *CHS = *(CHSBypass**)dwEhsvc; g_pDevice[42] = (DWORD)g_pDevice[1] - 5; g_pDevice[82] = (DWORD)g_pDevice[2] - 5; CHS->dwES = g_pDevice[42]; CHS->dwDIP = g_pDevice[82]; Sleep(1000); } } return 0; } BOOL WINAPI DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpvReserved){ if(dwReason == DLL_PROCESS_ATTACH) { DisableThreadLibraryCalls(hModule); HideModule(hModule);//hide module and prevent detection from hackshield EraseHeaders(hModule);//erase header to dispatch any header like function in building from hackshield CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)HookUndetect5, NULL, NULL, NULL); } return TRUE; }

EarthEcho Educator Grants Due THIS WEEK, Feb 15 There’s

South China Sea Conflicts Ignited United States Pivot To Asia

Si concentráramos los rayos del sol a través de una lente

Hi. Im excited to be here on my journey through Google. Do you

ทางเลือก3 ??? :

Lets have a Black Friday sale...on the only two items I can offer

1] the prophet Muhammed (pbuh) was from Arabian Peninsula not

Thanks for this information from Aubrey Wiley. Eventually

Rufus on Pete Seeger: Whilst my late mother, the great Kate

As I stare into these ruins made by man I tremble as I realize its

The warm weather party is just about over with a chilly air mass

Taekwondo Championships Set for Saturday at SPI Convention Centre

The United States and most of the rest of the developed world

The Role of Christians and the Church in Enthroning and Sustaining

The Slippery Spiritual Slope The slippery slope to spiritual

Friendly Reminder! Creature Comforts Photo Shoot: 1 -

Taekwondo Championships Set for Saturday at SPI Convention Centre

Verilux Original Natural Spectrum Deluxe Desk Lamp, Ivory CLICK

“The U.N. Arms Trade Treaty is not yet in effect and yet it is