diff --git a/plugins/Dfusion/luafiles/onfunction/functions.asm b/plugins/Dfusion/luafiles/onfunction/functions.asm
index 75cc03327..857481a38 100644
--- a/plugins/Dfusion/luafiles/onfunction/functions.asm
+++ b/plugins/Dfusion/luafiles/onfunction/functions.asm
@@ -4,10 +4,10 @@ push edx
 push ecx
 push ebx
 push eax
-mov eax,[esp+24]
+mov eax,[esp+20]
 push eax
 function:
-call 0xdeadbeef
+call 0xdeadbee4
 function2:
 mov [0xdeadbeef],eax #self modifying code... :/
 pop eax
diff --git a/plugins/Dfusion/luafiles/onfunction/functions.o b/plugins/Dfusion/luafiles/onfunction/functions.o
index ec7310e1c..cf6e2d05c 100644
Binary files a/plugins/Dfusion/luafiles/onfunction/functions.o and b/plugins/Dfusion/luafiles/onfunction/functions.o differ
diff --git a/plugins/Dfusion/luafiles/onfunction/plugin.lua b/plugins/Dfusion/luafiles/onfunction/plugin.lua
index cf26bc88a..d1b27ca62 100644
--- a/plugins/Dfusion/luafiles/onfunction/plugin.lua
+++ b/plugins/Dfusion/luafiles/onfunction/plugin.lua
@@ -1,15 +1,18 @@
-onfunction={}
+onfunction=onfunction or {}
 function onfunction.install()
-	ModData=engine.installMod("dfusion/onfunction/functions.o","functions")
+	ModData=engine.installMod("dfusion/onfunction/functions.o","functions",4)
 	modpos=ModData.pos
 	modsize=ModData.size
 	onfunction.pos=modpos
 	trgpos=engine.getpushvalue()
 	print(string.format("Function installed in:%x function to call is: %x",modpos,trgpos))
 	local firstpos=modpos+engine.FindMarker(ModData,"function")
-	engine.poked(firstpos,trgpos-firstpos) --call first function
-	engine.poked(modpos+engine.FindMarker(ModData,"function2"),modpos+engine.FindMarker(ModData,"function3")) -- function table start
-	
+	engine.poked(firstpos,trgpos-firstpos-4) --call Lua-Onfunction
+	onfunction.fpos=modpos+engine.FindMarker(ModData,"function3")
+	engine.poked(modpos+engine.FindMarker(ModData,"function2"),modpos+modsize)
+	engine.poked(onfunction.fpos,modpos+modsize)
+	SetExecute(modpos)
+	onfunction.calls={}
 end
 function OnFunction(values)
 	print("Onfunction called!")
@@ -17,20 +20,23 @@ function OnFunction(values)
 	for k,v in pairs(values) do
 		print(string.format("%s=%x",k,v))
 	end
-	return 0 --todo return real address
+	return  onfunction.calls[values.ret] --returns real function to call
 end
 function onfunction.patch(addr)
 	
 	if(engine.peekb(addr)~=0xe8) then
 		error("Incorrect address, not a function call")
 	else
-		--todo add to list of functions after patch
-		engine.poked(addr+1,onfunction.pos-addr-1)
+		
+		onfunction.calls[addr+5]=addr+engine.peekd(addr+1)+5 --adds real function to call
+		engine.poked(addr+1,engine.getmod("functions")-addr-5)
+		
 	end
 end
 mypos=engine.getmod("functions")
 if mypos then
 	print("Onfunction already installed")
+	onfunction.patch(0x189dd6+offsets.base())
 else
 	onfunction.install()
 end
\ No newline at end of file