So I've been working on trying to disable XTrap on Steam.
Being a person that's still learning how to Reverse Engineer I'm having some troubles.
What I've done so far in order to disable xtrap was to find where LoadLibrary loaded XTrapVa.dll, I then managed to find every place that either referenced XTrapVa.dll or in one case where they put it together from individual letters, and disabled that.
Once Engine couldn't load XTrapVa.dll I found the function (that I think) initializes XTrap and nopped that out.
At this point XTrap no longer runs, the dll is not loaded at least.
At this point I noticed that Steam would close the game (or the api to be precise) because SteamAppId was not being set in an enviroment variable, so i did that. And Steam stopped closing the game.
However, once the game starts up it immediately closes!
I'm having trouble figuring out why, so I wondered if anyone else has any tips on how I can disable it?
My code so far is the following:
Code:
SetEnvironmentVariable("SteamAppId", "475100");
// Working Disable Load
BYTE Replace = 0x54;
MemcpyEx(0x008BA7F2, (DWORD)&Replace, 1);
MemcpyEx(0x00815A8A, (DWORD)&Replace, 1);
//00815E3A - len 16
const char* replace1 = "\x8B\x16\x8B\xCE\xEB\x0A\x30\x5F\x5E\x33\xC0\x5B\x8B\xE5\x5D\xC3";
MemcpyEx(0x00815E3A, (DWORD)replace1, 16);
//00815E4A - len 16
const char* replace2 = "\xB9\x18\x00\x00\x00\x8D\xB5\x20\xFC\xFF\xFF\xBF\x50\x5E\x9C\x00";
MemcpyEx(0x00815E4A, (DWORD)replace2, 16);
//const char* ReplaceLine = "\xEB\x06\x90\x90\x90\x83\xC4\x08\xFF\x15\x04\x16\x82\x00\x0F\xB6";
const char* ReplaceLine = "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90";
MemcpyEx(0x00776ED2, (DWORD)ReplaceLine, 17 );
.Thanks!
