Thursday, February 26, 2009

dUP 2.19 Beta 10 - Diabolo2oo2 Universal Patcher 2.19 Beta 10

diablo2oo2's Universal Patcher [dUP] 2.19 Beta 10

Changelog: all controls can be made now transparent by using the colorvalue FFFFFFFF

Version: 2.19

-multiple file patcher
-create Offset and Search&Replace patch/loader
-compare files (RawOffset and VirtualAddress) with different filesize
-registry patcher, also for loaders
-attach files to patcher
-get filepaths from registry
-usage of CRC32 and filesize checks
-patching packed files
-compress patcher with your favorite packer
-saving projects
-use custom skin in your patcher
-add music (Tracker Modules: xm,mod,it,s3m,mtm,umx,v2m,ahx,sid) to patcher
-and many more...

Version History
-bugfix in s&r compare module
-other bugfixes from v2.18
-added linkcursor in patcherwindow
-registry editor now can import v5 reg files
-faster scrolltext engine
-better scrolltext font management
-new function: import long hexpatterns in offset-patch-dialog
-fixed loader_installer bug
-added support for relative paths (subfolders) for the targetfiles
-search & replace comments bugfix
-loader: registrypatcher bugfix
-added new internal environment variable: %dup2_last_path%
-skincontrols now can have transparent backgroundcolor (FFFFFFFF)




Language Files
: (Down - anyone have copy and can reup: Russian, German, French please?)

other things:

Download Mirror: - DDL
Search&Replace Engine sourcecode [masm]

TUTORIAL How to make Search&Replace patches [pdf]


New Themida Unpacking Stuff: Themidia unpack 8.41 KB


IceStealth 1.4

IMPROVE: more user friendly
IMPROVE: more compatibility for old hook buttons
ADDED: complete new type of protection
ADDED: NtTerminateProcess restore to fix a softice bug as option to use
ADDED: finally there no apis anymore to detect softice (for the new protection) future detections must be softice specific without a api
ADDED: MP support
FIX: 2 possible bugs
IMPROVE: int41 killed
ADDED: basic registry protection as option to use
IMPROVE: NtQuerySystemInformation
FIX: Crash cause PDG file is not loaded + improved method
IMPROVE: NtQuerySystemInformation

small tool to hide SoftICE (NT versions not Win9x) against some protectors
you can choose options what get loaded after you click 1 of the "Load Protection" buttons
the older version "Load Old Protection" is more compatible with computers
the other "Load New Protection" is the best protection i can do atm and protect from every possible api to detect softice
as sayed you can choose options what also get loaded with the normal protections:
1: Registry Protection will protect registry entrys of softice
2: seh bpm protection will protect from DRx clearing after SEH happend its normally kinda usefull and make BPM´s work better
3: UEF means UnhandledExceptionFilter and is a type of detection of softice you can kill it (no possible detection via this) or patch it i advive the patch cause this keeps functionality for softice


Download: IceStealth1.4.rar

Process Hacker by wj32

a great 'enhanced' open source Process Explorer and more...
Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them!

It can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit.

It loads symbols from various libraries automatically and uses them when displaying the call stacks of threads (just like Process Explorer). It also has a disassembler derived from OllyDbg's which can be accessed when viewing PE files' exports.
Process Hacker is written in C# and can be found at


No comments:

Post a Comment