//---------------------------------------------------------------------------
#include <windows.h>
#include <imagehlp.h>
#pragma argsused
//---------------------------------------------------------------------------
typedef void WINAPI (*SLEEPFUCTION)(DWORD dwMilliseconds);
SLEEPFUCTION P_Sleep;
void WINAPI MySleep(DWORD dwMilliseconds)


{
if(dwMilliseconds<20)
P_Sleep(1);
else
P_Sleep(dwMilliseconds/20);
}
//---------------------------------------------------------------------------
void WINAPI HookOneAPI(LPCTSTR ModuleName,LPCTSTR ApiName,PROC NewFuction,PROC &OldFuction)


{
DWORD size;
HMODULE hInstance = GetModuleHandle(NULL);
PROC HookAPIAddr = GetProcAddress(GetModuleHandle(ModuleName),ApiName);
OldFuction = HookAPIAddr;
PIMAGE_IMPORT_DESCRIPTOR pImportDesc = (PIMAGE_IMPORT_DESCRIPTOR)ImageDirectoryEntryToData(hInstance,TRUE,IMAGE_DIRECTORY_ENTRY_IMPORT,&size);
if(pImportDesc == NULL)
return;
for (;pImportDesc->Name;pImportDesc++)

{
LPSTR pszDllName = (LPSTR)((PBYTE)hInstance + pImportDesc->Name);
if(lstrcmpiA(pszDllName,ModuleName) == 0)
break;
}
if(pImportDesc->Name == NULL)
return;
PIMAGE_THUNK_DATA pThunk = (PIMAGE_THUNK_DATA)((PBYTE)hInstance + pImportDesc->FirstThunk);//IAT
for(;pThunk->u1.Function;pThunk++)

{
PROC * ppfn= (PROC *)&pThunk->u1.Function;
if (*ppfn == HookAPIAddr)

{
MEMORY_BASIC_INFORMATION mbi;
ZeroMemory(&mbi, sizeof(MEMORY_BASIC_INFORMATION));
VirtualQuery(ppfn,&mbi,sizeof(MEMORY_BASIC_INFORMATION));
VirtualProtect(mbi.BaseAddress,mbi.RegionSize,PAGE_READWRITE,&mbi.Protect);
*ppfn = *NewFuction;
DWORD dwOldProtect;
VirtualProtect(mbi.BaseAddress,mbi.RegionSize,mbi.Protect,&dwOldProtect);
return;
}
}
}
//---------------------------------------------------------------------------
int WINAPI DllEntryPoint(HINSTANCE hinst, unsigned long reason, void* lpReserved)


{
if(reason == DLL_PROCESS_ATTACH)

{
PROC SleepAddress = NULL;
HookOneAPI("kernel32.dll","Sleep",(PROC)MySleep,(PROC)SleepAddress);
P_Sleep = (SLEEPFUCTION)SleepAddress;
}
else if(reason == DLL_PROCESS_DETACH)

{
}
return true;
}
