
W2k - ^DAEMON^

breakpoint table entries !!!DIFFER!!! to 9x!!!
entry 9x: 183h
entry 2k: 178h

entry must be this like:
0h   : TDJF
04h  : Breakpoint type
174h : TDJF



.text:00039DB4 table_corrupted proc near               ; CODE XREF: sub_39DDB+1Ap
.text:00039DB4                 pusha
.text:00039DB5                 mov     eax, ebx
.text:00039DB7                 sub     eax, offset aTdjf ; "TDJF"
.text:00039DBC                 xor     edx, edx
.text:00039DBE                 mov     ecx, 178h       ; length of entries !!!!
.text:00039DC3                 idiv    ecx
.text:00039DC5                 push    eax
.text:00039DC6                 push    ebx
.text:00039DC7                 push    22h
.text:00039DC9                 push    offset aBreakpointTabl ; "Breakpoint table has been corrupted @%x"...
.text:00039DCE                 call    sub_6422D
.text:00039DD3                 add     esp, 10h
.text:00039DD6                 popa
.text:00039DD7                 sti
.text:00039DD8 
.text:00039DD8 loc_39DD8:                              ; CODE XREF: table_corrupted+24j
.text:00039DD8                 jmp     short loc_39DD8
.text:00039DD8 table_corrupted endp


.text:00039DDB check_if_table_is_corrupted proc near   ; CODE XREF: sub_39DFC+25p
.text:00039DDB                                         ; sub_3AF8C+29p
.text:00039DDB                                         ; sub_3AFDC+3p
.text:00039DDB                                         ; sub_3B0AB+Dp
.text:00039DDB                                         ; sub_3B0C7+Ep
.text:00039DDB                 or      ebx, ebx
.text:00039DDD                 jz      short loc_39DF5
.text:00039DDF                 cmp     dword ptr [ebx], 'FJDT' ; is there an entry ?
.text:00039DE5                 jnz     short loc_39DF5
.text:00039DE7                 cmp     dword ptr [ebx+174h], 'FJDT' ; END OF ENTRY!
.text:00039DF1                 jnz     short loc_39DF5
.text:00039DF3                 clc
.text:00039DF4                 retn
.text:00039DF5 ; ---------------------------------------------------------------------------
.text:00039DF5 
.text:00039DF5 loc_39DF5:                              ; CODE XREF: check_if_table_is_corrupted+2j
.text:00039DF5                                         ; check_if_table_is_corrupted+Aj
.text:00039DF5                                         ; check_if_table_is_corrupted+16j
.text:00039DF5                 call    table_corrupted
.text:00039DFA                 stc
.text:00039DFB                 retn
.text:00039DFB check_if_table_is_corrupted endp
