BOOLEAN 检查调试器(ULONG a1, LONG a2, SHORT a3, PBOOLEAN a4, LONG a5, LONG a6, LONG a7)
{
BOOLEAN result;
if ( 启动保护 )
{
if ( 启动检查调试器 )
{
a4 = KdDebuggerEnabled();
if ( (ULONG)KdDebuggerEnabled() <= 启动保护
|| (a1 = 启动保护 + (UINT)启动检查调试器,
(ULONG)KdDebuggerEnabled() >= 启动保护 + (ULONG)(UINT)启动检查调试器) )
{
黑名单解密扫描(a1, (UINT)启动检查调试器, 启动保护, a2, a3, (INT)KdDebuggerEnabled(), a5, a6, a7);
}
}
if ( 启动保护 )
{
if ( 启动检查调试器 )
{
if ( (ULONG)KdDisableDebugger() <= 启动保护
|| (a1 = 启动保护 + (UINT)启动检查调试器, (ULONG)KdDisableDebugger() >= a1) )
{
黑名单解密扫描(a1, (UINT)启动检查调试器, 启动保护, a2, a3, (INT)a4, a5, a6, a7);
}
}
}
}
while ( TRUE )
{
result = (UINT)((INT *)KdDebuggerEnabled() == 0 ? 0 : 1);
if ( !result )
break;
KdDisableDebugger();
}
return result;
}
