.386p
include	vmm.inc
include vkd.inc
 
_LDATA SEGMENT

ilim dw 0
iaddr dd 0
public PROTHOOK
PROTHOOK VxD_Desc_Block <,,,,,,"PROTHOOK",,OFFSET FLAT: yyy,,,,,,,>

_LDATA ENDS
 
_LTEXT SEGMENT

yyy proc
; cmp eax, Init_Complete
; jnz a2
 sidt ilim
 mov eax,[iaddr]
 mov bx,[eax+6eh]
 shl ebx,16
 mov bx,[eax+68h]
 cmp word ptr [ebx],0be60h
 jnz a2
 cmp dword ptr [ebx+2],34h
 jnz a2
 mov byte ptr [ebx+1],0e8h
 mov esi, offset xxx
 sub esi,ebx
 sub esi,6
 mov dword ptr [ebx+2],esi
a2:
 clc
 ret

yyy endp
 
xxx proc 

        CMP     EAX,52524C4CH
        JZ      MATCH
SKIP:   MOV     ESI,34H
        RET
MATCH:  MOV     EBP,ESP
        MOV     EBX,[EBP+28H]
        TEST    BYTE PTR [EBP+32H],2
        JZ      PROT
        MOVZX   EAX,WORD PTR [EBP+2CH]
        SHL     EAX,4
        ADD     EBX,EAX
PROT:   MOV     EAX,CS:[EBX]
        CMP     EAX,90C0200FH
        JNZ     SKIP
        ADD     DWORD PTR [EBP+28H],6
        ADD     EBX,8
        MOV     AX,30H
        MOV     DS,AX
        MOV     ES,AX
        POP     EAX
        MOV     [EBP+24H],EBX
        POPAD
        POP     EAX
        JMP     EAX

xxx endp
 
_LTEXT ENDS
end