Results 1 to 4 of 4
  1. #1
    Ulquiorra
    Ulquiorra is offline
    Member-in-training Ulquiorra's Avatar
    Join Date
    2010 Dec
    Location
    brasil MG
    Posts
    74
    Thanks Thanks Given 
    21
    Thanks Thanks Received 
    183
    Thanked in
    30 Posts
    Rep Power
    0

    How to remove GameGuard in Aika

    Can someone show me some method to remove the gameguard.











    PHP Code:
    00402056     E8 859B0000    CALL AIKAINdo.0040BBE0
    0040205B  
    |. A0 287A6B02    MOV AL,BYTE PTR DS:[26B7A28]
    00402060  |. 84C0           TEST AL,AL
    00402062     74 36          JE SHORT AIKAINdo.0040209A
    00402064  
    |. 6A 00          PUSH 0                                   ; /Style MB_OK|MB_APPLMODAL
    00402066  
    |. 68 9C976200    PUSH AIKAINdo.0062979C                   ; |Title "GameGuard Error"
    0040206B  |. 68 287A6B02    PUSH AIKAINdo.026B7A28                   ; |Text ""
    00402070  |. 6A 00          PUSH 0                                   ; |hOwner NULL
    00402072  
    |. FF15 E8C36000  CALL DWORD PTR DS:[<&user32.MessageBoxA>>; \MessageBoxA
    00402078  |. 8B35 247A6B02  MOV ESI,DWORD PTR DS:[26B7A24]
    0040207E  |. 85F6           TEST ESI,ESI
    00402080     74 18          JE SHORT AIKAINdo.0040209A
    00402082     E8 69801F00    CALL AIKAINdo.005FA0F0
    00402087  |. 56             PUSH ESI
    00402088     E8 0B571E00    CALL AIKAINdo.005E7798
    0040208D  |. 83C4 04        ADD ESP,4
    00402090  |. C705 247A6B02 >MOV DWORD PTR DS:[26B7A24],0
    0040209A  |> 5F             POP EDI
    0040209B  |. 8BC3           MOV EAX,EBX
    0040209D  |. 5D             POP EBP
    0040209E  |. 5B             POP EBX
    0040209F  |. 5E             POP ESI
    004020A0  
    \. C2 1000        RETN 10
    004020A3     90             NOP
    004020A4     90             NOP
    004020A5     90             NOP
    004020A6     90             NOP
    004020A7     90             NOP
    004020A8     90             NOP
    004020A9     90             NOP
    004020AA     90             NOP
    004020AB     90             NOP
    004020AC     90             NOP
    004020AD     90             NOP
    004020AE     90             NOP
    004020AF     90             NOP
    004020B0   
    8B4424 10      MOV EAX,DWORD PTR SS:[ESP+10]
    004020B4   8B4C24 0C      MOV ECX,DWORD PTR SS:[ESP+C]
    004020B8   8B5424 08      MOV EDX,DWORD PTR SS:[ESP+8]
    004020BC   50             PUSH EAX
    004020BD   
    8B4424 08      MOV EAX,DWORD PTR SS:[ESP+8]
    004020C1   51             PUSH ECX
    004020C2   
    8B0D 6CC36400  MOV ECX,DWORD PTR DS:[64C36C]
    004020C8   52             PUSH EDX
    004020C9   
    50             PUSH EAX
    004020CA   
    E8 D13B0000    CALL AIKAINdo.00405CA0
    004020CF   
    C2 1000        RETN 10 







    PHP Code:
    00401FEE  |. 50             PUSH EAX                                 ; /Arg1
    00401FEF  
    |. E8 CC140000    CALL AIKAINdo.004034C0                   ; \AIKAINdo.004034C0
    00401FF4  
    |. 85C0           TEST EAX,EAX
    00401FF6  
    |. 75 12          JNZ SHORT AIKAINdo.0040200A
    00401FF8  
    |. 85F6           TEST ESI,ESI
    00401FFA  
    |. 74 08          JE SHORT AIKAINdo.00402004
    00401FFC  
    |. 8B16           MOV EDX,DWORD PTR DS:[ESI]
    00401FFE  |. 6A 01          PUSH 1
    00402000  
    |. 8BCE           MOV ECX,ESI
    00402002  
    |. FF12           CALL DWORD PTR DS:[EDX]
    00402004  |> 33C0           XOR EAX,EAX
    00402006  
    |. 5E             POP ESI
    00402007  
    |. C2 1000        RETN 10
    0040200A  
    |> 53             PUSH EBX
    0040200B  
    |. 55             PUSH EBP
    0040200C  
    |. 57             PUSH EDI
    0040200D  
    |. 8B3D E4C36000  MOV EDI,DWORD PTR DS:[<&user32.SystemPar>;  USER32.SystemParametersInfoA
    00402013  
    |. 6A 02          PUSH 2                                   ; /UpdateProfile SPIF_SENDWININICHANGE
    00402015  
    |. 6A 00          PUSH 0                                   ; |pParam NULL
    00402017  
    |. 6A 00          PUSH 0                                   ; |wParam 0
    00402019  |. 6A 11          PUSH 11                                  ; |Action SPI_SETSCREENSAVEACTIVE
    0040201B  
    |. FFD7           CALL EDI                                 ; \SystemParametersInfoA
    0040201D  
    |. 8B2D FCC26000  MOV EBP,DWORD PTR DS:[<&kernel32.SetThre>;  kernel32.SetThreadExecutionState
    00402023  
    |. 68 03000080    PUSH 80000003
    00402028  |. FFD5           CALL EBP                                 ;  <&kernel32.SetThreadExecutionState>
    0040202A  |. 8BCE           MOV ECX,ESI
    0040202C  
    |. E8 4F1F0000    CALL AIKAINdo.00403F80
    00402031  
    |. 85F6           TEST ESI,ESI
    00402033  
    |. 8BD8           MOV EBX,EAX
    00402035     74 
    08          JE SHORT AIKAINdo.0040203F
    00402037  
    |. 8B06           MOV EAX,DWORD PTR DS:[ESI]
    00402039  |. 
    6A 01          PUSH 1
    0040203B  
    |. 8BCE           MOV ECX,ESI
    0040203D  
    |. FF10           CALL DWORD PTR DS:[EAX]
    0040203F  |> 6A 02          PUSH 2
    00402041  
    |. 6A 00          PUSH 0
    00402043  
    |. 6A 01          PUSH 1
    00402045  
    |. 6A 11          PUSH 11
    00402047  
    |. FFD7           CALL EDI
    00402049  |. 68 00000080    PUSH 80000000
    0040204E  
    |. FFD5           CALL EBP
    00402050  
    |. FF15 94C56000  CALL DWORD PTR DS:[<&ole32.CoUninitializ>;  ole32.CoUninitialize 
    Last edited by Ulquiorra; 2011-12-28 at 12:07 AM.

  2. The Following 2 Users Say Thank You to Ulquiorra For This Useful Post:


  3. #2
    rodoxfnx
    rodoxfnx is offline
    Banned
    Join Date
    2011 Dec
    Posts
    281
    Thanks Thanks Given 
    48
    Thanks Thanks Received 
    745
    Thanked in
    77 Posts
    Rep Power
    0
    At first code, you could maybe use 3/4 jmp/nops it would be enought.
    Not sure if your in correct line, you should jmp/nops it then trace over wich lines are processing any of kinda GG process else.

  4. #3
    emoisback
    emoisback is offline
    Full member
    Join Date
    2011 Dec
    Location
    Indonesia there i'm
    Posts
    508
    Thanks Thanks Given 
    83
    Thanks Thanks Received 
    244
    Thanked in
    68 Posts
    Rep Power
    13
    Try to break point 1 by 1 find when the gameguard loaded...

    JMP it.
    Learn from PGC for Share on PGC..


    For another Stuff i have make try to find it [Please, register to view links]
    If i have help you, please thanks and respect ..

  5. #4
    Ulquiorra
    Ulquiorra is offline
    Member-in-training Ulquiorra's Avatar
    Join Date
    2010 Dec
    Location
    brasil MG
    Posts
    74
    Thanks Thanks Given 
    21
    Thanks Thanks Received 
    183
    Thanked in
    30 Posts
    Rep Power
    0
    2 call game guard





    but I believe it has something more.

    ---------- Post added 2011-12-28 at 12:19 PM ---------- Previous post was 2011-12-27 at 09:02 PM ----------



    ---------- Post added at 12:20 PM ---------- Previous post was at 12:19 PM ----------

    after some work gameguard down ^^
    2jmp 2nop
    Last edited by Ulquiorra; 2011-12-28 at 03:46 PM.

Similar Threads

  1. [Release] Aika Online SEA, Indo GameGuard Bypass
    By Dwar in forum Aika Bots, Hacks, Cheats
    Replies: 16
    Last Post: 2012-01-24, 12:14 PM
  2. [Guide] Aika Indo Gameguard bypass
    By Ulquiorra in forum Aika Bots, Hacks, Cheats
    Replies: 47
    Last Post: 2012-01-14, 08:01 PM
  3. what to do with gameguard..
    By S4R4H in forum Anti-Cheat Systems
    Replies: 3
    Last Post: 2011-11-19, 03:01 PM
  4. how to remove Xtrap
    By simpletouch in forum Anti-Cheat Systems
    Replies: 4
    Last Post: 2010-12-02, 04:09 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •