//code by skylly

//.dotfix fakesigner go to fake oep

#log

msg "忽略所有异常"

gpa "FindWindowA","user32.dll"

cmp $RESULT,0

je err

find $RESULT,#C20800#        //retn 8

cmp $RESULT,0

je err

bp $RESULT

esto

bc eip

mov eax,0   //findwindow ollydbg

sti

//到用户代码了

sti

sti

sti

sti

var esptemp

mov esptemp,esp

bphws esptemp,"r"

esto

esto

bphwc esptemp  //两次esp定律

var optemp

jmp end

//下面的自动走路代码有问题

firlop:

mov optemp,[eip]

and optemp,FF

cmp optemp,51     //push ecx

jne seclop

sti

find eip,#59#     //pop ecx

cmp $RESULT,0

je end

bp $RESULT

esto

bc eip

sti

sti

sti

jmp firlop



seclop:

sti

sti

sti



thilop:

mov optemp,[eip]

and optemp,FF

cmp optemp,51     //push ecx

jne end

sti

find eip,#59#     //pop ecx

cmp $RESULT,0

je end

bp $RESULT

esto

bc eip

sti

sti

sti

jmp thilop









end:





msg "set a break at code section,and trace into"

ret

err:

msg "error"

ret�