madshi.net

Hello, I need hook freelibrary ... and I use this code : ... var FreeLibraryNext : function (hLibModule: HMODULE): BOOL; stdcall; function FreeLibraryCall(hLibModule: HMODULE): BOOL; stdcall; var strPath:array [1..MAX_PATH]of char; begin ProcessIdToFileName(ProcessHandleToId(hLibModule), Pchar(@strP...

I understand you… I forgive if I was insistent, more is that really this history of disassember is very confused. Thanks a lot for the aid.

Thank you, uall. Very interesting this code, but in the part of bypass doesn't work fine.

P.S.: what address of your site, any email use my username at hotmail.

Thanks... Very interesting, you can show me some example ?? This method "hop" is new for me, mortal simple . I use a madCollection and uallCollection, this are the magic's programmers and I am only a simple person.
Thanks.

Uall, thanks for you help.
I need do :
Find the hooks;
Unhook it.
I need unhook some functions, it are not protected. Because when I use Rootkit Unhooker, it works fine.

Hello, First my congratulations uall, you function works perfect with madCodeHook. I am trying to create a program that I can make with that the function (hooked) comes back to the normal one (In the Rootkit Unhooker it shows and removes all hooks). Testing the function of uall I perceived that it d...

Looking in the Internet on the subject, me it seems that I will need to create a driver to guarantee that my program initiates before the others. I did not obtain to find nothing on the development of driver in delphi, I believe that it does not have as.
Somebody has some suggestion?

Thanks

I need define, in some place, the sequence of windows start the applications.
I'll try the service, but how logic windows use to initialize the service ? (by name, exe, category, ... ).

Thanks

Hello,
I need know how I can define order of initialization for my program, because I need hook some dlls before another programs.

thanks

Maybe I wrong, but in my conception I can use a variable integer, because Dword=LongWord and the basic diferent is the range. Of course maybe I will be a problem. Thanks. Forget about system process, the dll is injected in some processes and I need uninject it. I get the process handles using the ma...

Hello, I need uninject a especific dll injected in system process. (not for my app) I try uninject process by process, using something like this : function TForm1.DesInjeta(intProcHandle : integer; strLib : String):boolean; begin result := UninjectLibrary (intProcHandle, strLib); end; In documentati...

What sugestion for replace function pos ???

Thansk

I need to stop loadlibrary, Somebody I can help me? I thought about using madcodehook because I have a small knowledge in the same one. More if somebody will have some another suggestion. Debtor.

:sorry: Same problem, I use this code : function LoadLibraryExWCallback(lib: pwidechar; file_, flags: dword) : dword; stdcall; var myresult : dword; begin if (pos('xxx.dll',lib) = 0) then result := LoadLibraryExWNext(lib, file_, flags) else begin result := ERROR_ACCESS_DENIED; {or result := ERROR_FI...

I using the madshi example for hooking the loadlibrary. But I need stop them, like this : function LoadLibraryExWCallback(lib: pwidechar; file_, flags: dword) : dword; stdcall; begin result := LoadLibraryExWNext(lib, file_, flags); if Pos('xxx.dll',lib)>0 then FreeLibrary(result); Log('LoadLibraryEx...