////////////////////////////////////////////////////////////////////////////////////////
//˵޸anti-hook
//ҲFF15FF25ȡĲ
//ԼZP 1.4.9ûӳЧûǷл߿ܻкָܶĴ
//ˣûɵűȥ
//Ŀ԰æ£ЧãԼɽű
//ȻʲôԼҪ޸ģ߷ңлл
//just for fun
//ximo[LCG]
////////////////////////////////////////////////////////////////////////////////////////

var base
var FixAddr
var AIATAddr
var tmpjmp
var valueoffix
var fixedAddr
var IATSrart
vae IATEnd

mov base,00401000     ////////////////ʼһַ
mov IATStart,01001000  //////////////////////////////////////////////////////////IATStart
mov IATEnd,01001344    //////////////////////////////////////////////////////////IATEnd

case1:
find base,#e9????????908bc0#
cmp $RESULT,0
je case2
mov FixAddr,$RESULT
mov AIATAddr,FixAddr
mov tmpjmp,[AIATAddr+1]
add tmpjmp,5
add AIATAddr,tmpjmp   //ַ
mov eip,[AIATAddr]
loop33:
mov fixtmp,eip
cmp [fixtmp],E8,1
je startfix
sti
jmp loop33

find eip,#C20400#
mov GetIATbp,$RESULT
BPHWS GetIATbp,"x"
run
bphwc GetIATbp
mov valueoffix,eax  //ֵ

mov fixedAddr,IATStart
startfind:
cmp [fixedAddr],valueoffix
je fixing
add fixedAddr,4
jmp startfind

fixing:
mov [FixAddr],#FF25#
mov [FixAddr+2],fixedAddr
mov base,FixAddr
jmp case1

case2:
find base,#e8????????908bc0#
cmp $RESULT,0
je Exit

mov FixAddr,$RESULT
mov AIATAddr,FixAddr
mov tmpjmp,[AIATAddr+1]
add tmpjmp,5
add AIATAddr,tmpjmp   //ַ
mov eip,[AIATAddr]
loop44:
mov fixtmp,eip
cmp [fixtmp],E8,1
je startfix
sti
jmp loop44

find eip,#C20400#
mov GetIATbp,$RESULT
BPHWS GetIATbp,"x"
run
bphwc GetIATbp
mov valueoffix,eax  //ֵ

mov fixedAddr,IATStart
startfind:
cmp [fixedAddr],valueoffix
je fixing
add fixedAddr,4
jmp startfind

fixing:
mov [FixAddr],#FF15#
mov [FixAddr+2],fixedAddr
mov base,FixAddr
jmp case2



Exit:
ret