for ( iIterator = 0; iIterator < 14; iIterator++ )
{
dwEAX = dwFindPattern ( dwVAC, dwDifference, ( PBYTE )"\xB8\x00\x20\x00\x00", "xxxxx" );

dwDisAsm = dwEAX;

do{
dwDisAsm += mlde32 ( ( PVOID )dwDisAsm );

}while ( *( PBYTE )dwDisAsm != 0xBB );

dwDisAsm += 0x1;

dwOffset = *( PDWORD )dwDisAsm - dwEAX;

dwDifference -= dwEAX - dwVAC;

dwDifference -= 0x5;

dwCodeBase2 = dwEAX + dwOffset;

dwOffsetToCode = *( PDWORD )( dwCodeBase2 );

dwCodeBase2 += 0x4;

dwLengthOfCode = *( PDWORD )( dwCodeBase2 );

dwCodeBase2 += 0x4;

dwCRC = *( PDWORD )( dwCodeBase2 );

dwCodeBase2 += 0x4;

printf ( "0x%X\n", dwCodeBase2 );

printf ( "dwEAX: 0x%X dwOffsetToCode: 0x%X dwLengthOfCode: 0x%X dwCRC: 0x%X\n", dwEAX, dwOffsetToCode, dwLengthOfCode, dwCRC );

printf ( "dwOffset 0x%X\n", dwOffset );

dwCodeBase = dwCodeBase2 + dwOffsetToCode + 0x7;

dwCodeBase &= 0xFFFFFFF8;

printf ( "Base Of Encrypted Code: 0x%X\n", dwCodeBase );

dwDecryptPoint = dwCodeBase2;

printf ( "Decrypt Point: 0x%X\n", dwDecryptPoint );

dwEAX -= dwVAC;

dwEAX += 0x5;

dwVAC += dwEAX;

g_dwVACScanFunctionCrcs[iIterator] = dwCRC;
g_dwVACScanCodeLength[iIterator] = dwLengthOfCode;
g_dwOffsetToEncryptedCode[iIterator] = dwOffsetToCode;

g_dwVACEncryptedCodeStart[iIterator] = dwCodeBase;
g_dwVACDecryptCodeStart[iIterator] = dwDecryptPoint;
}




dwEAX: 0x10001477 dwOffsetToCode: 0x428 dwLengthOfCode: 0x4AB dwCRC: 0xC5DF3B1
dwOffset 0x50
Base Of Encrypted Code: 0x100018FB
Decrypt Point: 0x100014D3

dwEAX: 0x10001DFF dwOffsetToCode: 0x108 dwLengthOfCode: 0x184 dwCRC: 0xF06D69AA
dwOffset 0x50
Base Of Encrypted Code: 0x10001F63
Decrypt Point: 0x10001E5B

dwEAX: 0x1000213F dwOffsetToCode: 0xE8 dwLengthOfCode: 0x18A dwCRC: 0x325886E7
dwOffset 0x50
Base Of Encrypted Code: 0x10002283
Decrypt Point: 0x1000219B

dwEAX: 0x10002465 dwOffsetToCode: 0xF8 dwLengthOfCode: 0x185 dwCRC: 0x27623363
dwOffset 0x50
Base Of Encrypted Code: 0x100025B9
Decrypt Point: 0x100024C1

dwEAX: 0x1000297E dwOffsetToCode: 0x4E8 dwLengthOfCode: 0x634 dwCRC: 0x2B4D977
dwOffset 0x50
Base Of Encrypted Code: 0x10002EC2
Decrypt Point: 0x100029DA

dwEAX: 0x10003554 dwOffsetToCode: 0x720 dwLengthOfCode: 0x7C9 dwCRC: 0x18431B44
dwOffset 0x50
Base Of Encrypted Code: 0x10003CD0
Decrypt Point: 0x100035B0

dwEAX: 0x10004514 dwOffsetToCode: 0x8C8 dwLengthOfCode: 0x960 dwCRC: 0xEC5D4900
dwOffset 0x50
Base Of Encrypted Code: 0x10004E38
Decrypt Point: 0x10004570

dwEAX: 0x10005829 dwOffsetToCode: 0x288 dwLengthOfCode: 0x317 dwCRC: 0xFDB56030
dwOffset 0x50
Base Of Encrypted Code: 0x10005B0D
Decrypt Point: 0x10005885

dwEAX: 0x100065DF dwOffsetToCode: 0x2B8 dwLengthOfCode: 0x31A dwCRC: 0xBE6ADD46
dwOffset 0x50
Base Of Encrypted Code: 0x100068F3
Decrypt Point: 0x1000663B

dwEAX: 0x10006FC8 dwOffsetToCode: 0x78 dwLengthOfCode: 0xBD dwCRC: 0xFB2B4258
dwOffset 0x50
Base Of Encrypted Code: 0x1000709C
Decrypt Point: 0x10007024

dwEAX: 0x100072E1 dwOffsetToCode: 0x378 dwLengthOfCode: 0x4AB dwCRC: 0x9829A293
dwOffset 0x50
Base Of Encrypted Code: 0x100076B5
Decrypt Point: 0x1000733D

dwEAX: 0x10007D65 dwOffsetToCode: 0x518 dwLengthOfCode: 0x638 dwCRC: 0x96FDBACC
dwOffset 0x5A
Base Of Encrypted Code: 0x100082E3
Decrypt Point: 0x10007DCB

dwEAX: 0x10008996 dwOffsetToCode: 0x17A8 dwLengthOfCode: 0x18FB dwCRC: 0xB3F6E987
dwOffset 0x5A
Base Of Encrypted Code: 0x1000A1A4
Decrypt Point: 0x100089FC

dwEAX: 0x1000F5A3 dwOffsetToCode: 0x6E0 dwLengthOfCode: 0x954 dwCRC: 0x3924989B
dwOffset 0x5A
Base Of Encrypted Code: 0x1000FCE9
Decrypt Point: 0x1000F609

Might as well post these here



{ 0x6c, 0xa3, 0xda, 0x1a, 0x35, 0x13, 0xc3, 0xc1 },
{ 0xa9, 0x5c, 0x1a, 0x9b, 0x98, 0x37, 0x76, 0x05 },
{ 0xea, 0xbe, 0xdf, 0x61, 0x62, 0xb2, 0x77, 0x11 },
{ 0x0b, 0x16, 0xd5, 0xe4, 0x76, 0x5b, 0xdf, 0xf3 },
{ 0xd0, 0xe6, 0xa5, 0x35, 0x1c, 0x93, 0x5a, 0xe5 },


Can't remember which ones work with which functions but eh