[OllyDbg]My notes for current patch.

///////////////////////////////////////////////////////////////////////////////
Multi addy:

0047C134

///////////////////////////////////////////////////////////////////////////////
Anti vir:

0047A515
0047A517
0047A518
0047A519
0047A51A
0047A51F
0047A520

//////////////////////////////////////////////////////////////////////////////

no popups:

0048C4D6             /E9 DB000000 : nop out         JMP Conquer_.0048C5B6

0048C4D6              90                   NOP
0048C4D7              90                   NOP
0048C4D8              90                   NOP
0048C4D9              90                   NOP
0048C4DA              90                   NOP

0048CA24             /E9 DB000000 :nop out          JMP Conquer_.0048CB04

0048CA24              90                   NOP
0048CA25              90                   NOP
0048CA26              90                   NOP
0048CA27              90                   NOP
0048CA28              90                   NOP
////////////////////////////////////////////////////////////////////////////////

running co directly:

0047A5B0             7C 18                

change to:

0047A5B0             EB 41                

////////////////////////////////////////////////////////////////////////////////

enable PM commands

004BB9EC             74 17                JE SHORT Conquer_.004BBA05

change to:

004BB9EC             EB 17                JMP SHORT Conquer_.004BBA05

////////////////////////////////////////////////////////////////////////////////

Removing server.dat damaged

00432443              3C 7F
004FDC35              3C 7F

change into:

nop

////////////////////////////////////////////////////////////////////////////////
non d/c

004BB7C8              E8 ADAC0400          CALL <JMP.&WINMM.timeGetTime>


004BB7C8             /E9 33550800          JMP Conquer_.00540D00

00540D00              8105 C8275800 6A0400>ADD DWORD PTR DS:[5827C8],46A
00540D0A              A1 C8275800          MOV EAX,DWORD PTR DS:[5827C8]
00540D0F            ^ E9 B9AAF7FF          JMP Conquer_.004BB7CD

////////////////////////////////////////////////////////////////////////////////

Unequip with pathfind

0040D384              E8 FCAB0A00          CALL Conquer_.004B7F85

Change into:

0040D384             /E9 E73B1300          JMP Conquer_.00540F70

Make the codecave at 00540F70:

00540F70              E8 4163F1FF          CALL Conquer_.004572B6
00540F75              E8 6463F1FF          CALL Conquer_.004572DE
00540F7A              E8 8763F1FF          CALL Conquer_.00457306
00540F7F              E8 AA63F1FF          CALL Conquer_.0045732E
00540F84              E8 CD63F1FF          CALL Conquer_.00457356
00540F89              E8 F063F1FF          CALL Conquer_.0045737E
00540F8E              E8 1364F1FF          CALL Conquer_.004573A6
00540F93              E8 3664F1FF          CALL Conquer_.004573CE
00540F98            ^ E9 ECC3ECFF          JMP Conquer_.0040D389


the following needs to be nop'ed out.

004572BE             /75 1D                JNZ SHORT Conquer_.004572DD
004572E6             /75 1D                JNZ SHORT Conquer_.00457305
0045730E             /75 1D                JNZ SHORT Conquer_.0045732D
00457336             /75 1D                JNZ SHORT Conquer_.00457355
0045735E             /75 1D                JNZ SHORT Conquer_.0045737D
00457386             /75 1D                JNZ SHORT Conquer_.004573A5
004573AE             /75 1D                JNZ SHORT Conquer_.004573CD
004573D6             /75 1D                JNZ SHORT Conquer_.004573F5
004573D6             /75 1D                JNZ SHORT Conquer_.004573F5

004C6B08             /74 1D                JE SHORT Conquer_.004C6B27



/////////////////////////////////////////////////////////////////////////////////

Jumping without holding ctrl:

0047DDF9             /74 0F                

change to:

0047DDF9             /75 0F                


//////////////////////////////////////////////////////////////////////////////////