Results 1 to 2 of 2

Thread: Dumping EHSVC

  1. #1
    drlunar
    drlunar is offline
    New member
    Join Date
    2012 Jun
    Posts
    4
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    2
    Thanked in
    1 Post
    Rep Power
    0

    Dumping EHSVC

    How could I dump EHSVC on a 64 bit system? I can't find any working programs. Help would be really appreciated.

  2. #2
    XxharCs
    XxharCs is offline
    Guest
    Join Date
    2012 Jun
    Posts
    3
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    u will need an ring0 debugger because the HShield driver(on x64 systems, and the newest version of HShield driver is meant) hooks the kernel directly(as i know) and so u need to use ring0 debugger, to jump or whatever else u want, to avoid hooking the kernel.

    after this u could use ollydbg and dump ehsvc and so on..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •