madshi.net

Dear Madshi,
okok..I will try to send the author a complaint for you
Best regards,
cch.

Dear Madshi,

1. Resource Hacker also can't edit the resources of compressed EXE.

Thanks.

Best regards,
cch.

Dear Madshi,

1. When some Exe was compressed by Aspack..etc,
   if we use "madRes" to change it's main-icon, we will
   get a "Access violiation message..".Are there some
   problem with "compressed execution"software?

Best regards,
cch

Dear Nildo,

1. Some time,we trace a function or API,it will be very useful ,if
   we can get a full "tree" of that function or API.

Thanks.
Best regards,
cch.

Dear Nildo, I had trace several functions in my Application.In some case "ParseFunction" can parse full code,but most stop at "jmp". It seem not the "full code"of the function.How can we know when and what condition or rule that "ParseFunction" will stop? :win...

Dear Madshi, When we trace the address of "WriteProcessMemory"API, finally we get the full "disAsm" message follow. 77e7adb9 public WriteProcessMemory: ; function entry point 77e7adb9 jmp -$17f55c3e ($5ff25180) Is "ParseFunction" still can work in high-memory which kern...

Dear madshi, When we hook a WinApi like "OpenProcess",it works very well. In some condition,if we has another program like firewall or other software which hook the same Api before our Applicatin ,then they will inject our code .Can we has another way to recapture the priority of the Api ?...

Dear Madshi, When we find some dlls or bad modules loaded by someprocess in other session or currentsession,can we remove it via Madshi' collection? In Delphi's TThread, we can use TThread.suspended to judge the state of Tthread,but it seem to has no such property or similer property in IThread. Ano...