-
-
[旧帖] [求助]这段代码大家一起研究下 0.00雪花
-
发表于: 2008-2-18 14:18 2321
-
0040D08E /$ 56 push esi
0040D08F |. 8BF1 mov esi, ecx
0040D091 |. E8 38010000 call 0040D1CE
0040D096 |. FF7424 08 push dword ptr [esp+8]
0040D09A |. 66:C706 0800 mov word ptr [esi], 8
0040D09F |. FF15 A4814100 call dword ptr [<&OLEAUT32.#2>] ; OLEAUT32.SysAllocString
0040D0A5 |. 85C0 test eax, eax
0040D0A7 |. 8946 08 mov dword ptr [esi+8], eax
0040D0AA |. 75 12 jnz short 0040D0BE
0040D0AC |. 394424 08 cmp dword ptr [esp+8], eax
0040D0B0 |. 74 0C je short 0040D0BE
0040D0B2 |. 66:C706 0A00 mov word ptr [esi], 0A
0040D0B7 |. C746 08 0E000>mov dword ptr [esi+8], 8007000E
0040D0BE |> 8BC6 mov eax, esi
0040D0C0 |. 5E pop esi
0040D0C1 \. C2 0400 retn 4
0040D0C4 /$ 56 push esi
0040D0C5 |. 8BF1 mov esi, ecx
0040D0C7 |. 66:833E 0B cmp word ptr [esi], 0B
0040D0CB |. 74 0A je short 0040D0D7
0040D0CD |. E8 FC000000 call 0040D1CE
0040D0D2 |. 66:C706 0B00 mov word ptr [esi], 0B
0040D0D7 |> 8A4424 08 mov al, byte ptr [esp+8]
0040D0DB |. F6D8 neg al
0040D0DD |. 1BC0 sbb eax, eax
0040D0DF |. 66:8946 08 mov word ptr [esi+8], ax
0040D0E3 |. 8BC6 mov eax, esi
0040D0E5 |. 5E pop esi
0040D0E6 \. C2 0400 retn 4
0040D0E9 /$ 56 push esi
0040D0EA |. 8BF1 mov esi, ecx
0040D0EC |. 66:833E 13 cmp word ptr [esi], 13
0040D0F0 |. 74 0A je short 0040D0FC
0040D0F2 |. E8 D7000000 call 0040D1CE
0040D0F7 |. 66:C706 1300 mov word ptr [esi], 13
0040D0FC |> 8B4424 08 mov eax, dword ptr [esp+8]
0040D100 |. 8946 08 mov dword ptr [esi+8], eax
0040D103 |. 8BC6 mov eax, esi
0040D105 |. 5E pop esi
0040D106 \. C2 0400 retn 4
0040D109 /$ 56 push esi
0040D10A |. 8BF1 mov esi, ecx
0040D10C |. 66:833E 15 cmp word ptr [esi], 15
0040D110 |. 74 0A je short 0040D11C
0040D112 |. E8 B7000000 call 0040D1CE
0040D117 |. 66:C706 1500 mov word ptr [esi], 15
0040D11C |> 8B4424 08 mov eax, dword ptr [esp+8]
0040D120 |. 8946 08 mov dword ptr [esi+8], eax
0040D123 |. 8B4424 0C mov eax, dword ptr [esp+C]
0040D127 |. 8946 0C mov dword ptr [esi+C], eax
0040D12A |. 8BC6 mov eax, esi
0040D12C |. 5E pop esi
0040D12D \. C2 0800 retn 8
0040D130 /$ 56 push esi
0040D131 |. 8BF1 mov esi, ecx
0040D133 |. 66:833E 40 cmp word ptr [esi], 40
0040D137 |. 74 0A je short 0040D143
0040D139 |. E8 90000000 call 0040D1CE
0040D13E |. 66:C706 4000 mov word ptr [esi], 40
0040D143 |> 8B4424 08 mov eax, dword ptr [esp+8]
0040D147 |. 8B08 mov ecx, dword ptr [eax]
0040D149 |. 894E 08 mov dword ptr [esi+8], ecx
0040D14C |. 8B40 04 mov eax, dword ptr [eax+4]
0040D14F |. 8946 0C mov dword ptr [esi+C], eax
0040D152 |. 8BC6 mov eax, esi
0040D154 |. 5E pop esi
0040D155 \. C2 0400 retn 4
0040D158 /$ 51 push ecx
0040D159 |. E8 01000000 call 0040D15F
0040D15E \. C3 retn
0040D15F /$ 8B4C24 04 mov ecx, dword ptr [esp+4]
0040D163 |. 0FB701 movzx eax, word ptr [ecx]
0040D166 |. 83F8 13 cmp eax, 13 ; Switch (cases 2..40)
0040D169 |. 7F 23 jg short 0040D18E
0040D16B |. 83F8 10 cmp eax, 10
0040D16E |. 7D 2D jge short 0040D19D
0040D170 |. 83F8 02 cmp eax, 2
0040D173 |. 7C 0F jl short 0040D184
0040D175 |. 83F8 07 cmp eax, 7
0040D178 |. 7E 23 jle short 0040D19D
0040D17A |. 83F8 09 cmp eax, 9
0040D17D |. 7E 05 jle short 0040D184
0040D17F |. 83F8 0B cmp eax, 0B
0040D182 |. 7E 19 jle short 0040D19D
0040D184 |> 51 push ecx ; Default case of switch 0040D166
0040D185 |. FF15 A0814100 call dword ptr [<&OLEAUT32.#9>] ; OLEAUT32.VariantClear
0040D18B |> C2 0400 retn 4
0040D18E |> 83F8 15 cmp eax, 15
0040D191 |.^ 7C F1 jl short 0040D184
0040D193 |. 83F8 17 cmp eax, 17
0040D196 |. 7E 05 jle short 0040D19D
0040D198 |. 83F8 40 cmp eax, 40
0040D19B |.^ 75 E7 jnz short 0040D184
0040D19D |> 66:8321 00 and word ptr [ecx], 0 ; Cases 2,3,4,5,6,7,A,B,10,11,12,13,15,16,17,40 of switch 0040D166
0040D1A1 |. 33C0 xor eax, eax
0040D1A3 \.^ EB E6 jmp short 0040D18B
0040D1A5 /$ 56 push esi
0040D1A6 |. 8BF1 mov esi, ecx
0040D1A8 |. FF7424 08 push dword ptr [esp+8]
0040D1AC |. E8 AEFFFFFF call 0040D15F
0040D1B1 |. 85C0 test eax, eax
0040D1B3 |. 7C 15 jl short 0040D1CA
0040D1B5 |. 6A 10 push 10
0040D1B7 |. 56 push esi
0040D1B8 |. FF7424 10 push dword ptr [esp+10]
0040D1BC |. E8 2F410000 call 004112F0
0040D1C1 |. 66:8326 00 and word ptr [esi], 0
0040D1C5 |. 83C4 0C add esp, 0C
0040D1C8 |. 33C0 xor eax, eax
0040D1CA |> 5E pop esi
0040D1CB \. C2 0400 retn 4
0040D1CE /$ 56 push esi
0040D1CF |. 8BF1 mov esi, ecx
0040D1D1 |. E8 82FFFFFF call 0040D158
0040D1D6 |. 85C0 test eax, eax
0040D1D8 |. 7D 08 jge short 0040D1E2
0040D1DA |. 66:C706 0A00 mov word ptr [esi], 0A
0040D1DF |. 8946 08 mov dword ptr [esi+8], eax
0040D1E2 |> 5E pop esi
0040D1E3 \. C3 retn
0040D1E4 /$ B8 63734100 mov eax, 00417363
0040D1E9 |. E8 FE380000 call 00410AEC
0040D1EE |. 83EC 10 sub esp, 10
0040D1F1 |. 53 push ebx
0040D1F2 |. 56 push esi
0040D1F3 |. 57 push edi
0040D1F4 |. 33DB xor ebx, ebx
0040D1F6 |. 6A 0F push 0F
0040D1F8 |. 8D4D E4 lea ecx, dword ptr [ebp-1C]
0040D1FB |. 895D F0 mov dword ptr [ebp-10], ebx
0040D1FE |. 895D E4 mov dword ptr [ebp-1C], ebx
0040D201 |. 895D E8 mov dword ptr [ebp-18], ebx
0040D204 |. 895D EC mov dword ptr [ebp-14], ebx
0040D207 |. E8 60D8FFFF call 0040AA6C
0040D20C |. 6A 01 push 1
0040D20E |. BE 00010000 mov esi, 100
0040D213 |. 5F pop edi
0040D214 |. 897D FC mov dword ptr [ebp-4], edi
0040D217 |> 81C6 00010000 /add esi, 100
0040D21D |. 8D46 FF |lea eax, dword ptr [esi-1]
0040D220 |. 3B45 EC |cmp eax, dword ptr [ebp-14]
0040D223 |. 7C 0A |jl short 0040D22F
0040D225 |. 40 |inc eax
0040D226 |. 8D4D E4 |lea ecx, dword ptr [ebp-1C]
0040D229 |. 50 |push eax
0040D22A |. E8 3DD8FFFF |call 0040AA6C
0040D22F |> 56 |push esi ; /Count
0040D230 |. FF75 E4 |push dword ptr [ebp-1C] ; |Buffer
0040D233 |. FF75 0C |push dword ptr [ebp+C] ; |RsrcID
0040D236 |. FF35 DCF34100 |push dword ptr [41F3DC] ; |hInst = NULL
0040D23C |. FF15 E0814100 |call dword ptr [<&USER32.LoadStringA>; \LoadStringA
0040D242 |. 8BCE |mov ecx, esi
0040D244 |. 2BC8 |sub ecx, eax
0040D246 |. 3BCF |cmp ecx, edi
0040D248 |.^ 7E CD \jle short 0040D217
0040D24A |. 8B4D E4 mov ecx, dword ptr [ebp-1C]
0040D24D |. 33C0 xor eax, eax
0040D24F |. 3819 cmp byte ptr [ecx], bl
0040D251 |. 74 06 je short 0040D259
0040D253 |> 40 /inc eax
0040D254 |. 381C08 |cmp byte ptr [eax+ecx], bl
0040D257 |.^ 75 FA \jnz short 0040D253
0040D259 |> 881C08 mov byte ptr [eax+ecx], bl
0040D25C |. 8B4D 08 mov ecx, dword ptr [ebp+8]
0040D25F |. 8945 E8 mov dword ptr [ebp-18], eax
0040D262 |. 8D45 E4 lea eax, dword ptr [ebp-1C]
0040D265 |. 50 push eax
0040D266 |. E8 CBD7FFFF call 0040AA36
0040D26B |. 897D F0 mov dword ptr [ebp-10], edi
0040D26E |. FF75 E4 push dword ptr [ebp-1C]
0040D271 |. 885D FC mov byte ptr [ebp-4], bl
0040D274 |. E8 81340000 call 004106FA
0040D279 |. 8B45 08 mov eax, dword ptr [ebp+8]
0040D27C |. 59 pop ecx
0040D27D |. 8B4D F4 mov ecx, dword ptr [ebp-C]
0040D280 |. 5F pop edi
0040D281 |. 5E pop esi
0040D282 |. 5B pop ebx
0040D283 |. 64:890D 00000>mov dword ptr fs:[0], ecx
0040D28A |. C9 leave
0040D28B \. C2 0800 retn 8
0040D28E /$ B8 97734100 mov eax, 00417397
0040D293 |. E8 54380000 call 00410AEC
0040D298 |. 83EC 1C sub esp, 1C
0040D29B |. 53 push ebx
0040D29C |. 56 push esi
0040D29D |. 57 push edi
0040D29E |. 33DB xor ebx, ebx
0040D2A0 |. 6A 0F push 0F
0040D2A2 |. 8D4D E4 lea ecx, dword ptr [ebp-1C]
0040D2A5 |. 895D F0 mov dword ptr [ebp-10], ebx
0040D2A8 |. 895D E4 mov dword ptr [ebp-1C], ebx
0040D2AB |. 895D E8 mov dword ptr [ebp-18], ebx
0040D2AE |. 895D EC mov dword ptr [ebp-14], ebx
0040D2B1 |. E8 739DFFFF call 00407029
0040D2B6 |. 6A 01 push 1
0040D2B8 |. BF 00010000 mov edi, 100
0040D2BD |. 5E pop esi
0040D2BE |. 8975 FC mov dword ptr [ebp-4], esi
0040D2C1 |> 81C7 00010000 /add edi, 100
0040D2C7 |. 8D47 FF |lea eax, dword ptr [edi-1]
0040D2CA |. 3B45 EC |cmp eax, dword ptr [ebp-14]
0040D2CD |. 7C 0A |jl short 0040D2D9
0040D2CF |. 40 |inc eax
0040D2D0 |. 8D4D E4 |lea ecx, dword ptr [ebp-1C]
0040D2D3 |. 50 |push eax
0040D2D4 |. E8 509DFFFF |call 00407029
0040D2D9 |> 57 |push edi ; /Count
0040D2DA |. FF75 E4 |push dword ptr [ebp-1C] ; |Buffer
0040D2DD |. FF75 0C |push dword ptr [ebp+C] ; |RsrcID
0040D2E0 |. FF35 DCF34100 |push dword ptr [41F3DC] ; |hInst = NULL
0040D2E6 |. FF15 DC814100 |call dword ptr [<&USER32.LoadStringW>; \LoadStringW
0040D2EC |. 3BC3 |cmp eax, ebx
0040D2EE |. 74 0A |je short 0040D2FA
0040D2F0 |. 8BCF |mov ecx, edi
0040D2F2 |. 2BC8 |sub ecx, eax
0040D2F4 |. 3BCE |cmp ecx, esi
0040D2F6 |. 7F 43 |jg short 0040D33B
0040D2F8 |.^ EB C7 \jmp short 0040D2C1
0040D2FA |> FF15 2C804100 call dword ptr [<&KERNEL32.GetLastErr>; [GetLastError
0040D300 |. 83F8 78 cmp eax, 78
0040D303 |. 75 36 jnz short 0040D33B
0040D305 |. FF75 0C push dword ptr [ebp+C]
0040D308 |. 8D45 D8 lea eax, dword ptr [ebp-28]
0040D30B |. 50 push eax
0040D30C |. E8 D3FEFFFF call 0040D1E4
0040D311 |. 50 push eax
0040D312 |. C645 FC 02 mov byte ptr [ebp-4], 2
0040D316 |. FF75 08 push dword ptr [ebp+8]
0040D319 |. E8 1DE5FFFF call 0040B83B
0040D31E |. 8975 F0 mov dword ptr [ebp-10], esi
0040D321 |. FF75 D8 push dword ptr [ebp-28]
0040D324 |. C645 FC 01 mov byte ptr [ebp-4], 1
0040D328 |. E8 CD330000 call 004106FA
0040D32D |. FF75 E4 push dword ptr [ebp-1C]
0040D330 |. 885D FC mov byte ptr [ebp-4], bl
0040D333 |. E8 C2330000 call 004106FA
0040D338 |. 59 pop ecx
0040D339 |. EB 35 jmp short 0040D370
0040D33B |> 8B4D E4 mov ecx, dword ptr [ebp-1C]
0040D33E |. 33C0 xor eax, eax
0040D340 |. 66:3919 cmp word ptr [ecx], bx
0040D343 |. 74 0A je short 0040D34F
0040D345 |. 8BD1 mov edx, ecx
0040D347 |> 40 /inc eax
0040D348 |. 42 |inc edx
0040D349 |. 42 |inc edx
0040D34A |. 66:391A |cmp word ptr [edx], bx
0040D34D |.^ 75 F8 \jnz short 0040D347
0040D34F |> 66:891C41 mov word ptr [ecx+eax*2], bx
0040D353 |. 8B4D 08 mov ecx, dword ptr [ebp+8]
0040D356 |. 8945 E8 mov dword ptr [ebp-18], eax
0040D359 |. 8D45 E4 lea eax, dword ptr [ebp-1C]
0040D35C |. 50 push eax
0040D35D |. E8 6A9DFFFF call 004070CC
0040D362 |. FF75 E4 push dword ptr [ebp-1C]
0040D365 |. 8975 F0 mov dword ptr [ebp-10], esi
0040D368 |. 885D FC mov byte ptr [ebp-4], bl
0040D36B |. E8 8A330000 call 004106FA
0040D370 |> 8B45 08 mov eax, dword ptr [ebp+8]
0040D373 |. 59 pop ecx
0040D374 |. 8B4D F4 mov ecx, dword ptr [ebp-C]
0040D377 |. 5F pop edi
0040D378 |. 5E pop esi
0040D379 |. 5B pop ebx
0040D37A |. 64:890D 00000>mov dword ptr fs:[0], ecx
0040D381 |. C9 leave
0040D382 \. C2 0800 retn 8
0040D385 /$ B8 AC734100 mov eax, 004173AC
0040D38A |. E8 5D370000 call 00410AEC
0040D38F |. 51 push ecx
0040D390 |. 56 push esi
0040D391 |. 8BF1 mov esi, ecx
0040D393 |. 8975 F0 mov dword ptr [ebp-10], esi
0040D396 |. 8326 00 and dword ptr [esi], 0
0040D399 |. 8365 FC 00 and dword ptr [ebp-4], 0
0040D39D |. FF75 10 push dword ptr [ebp+10] ; /EventName
0040D3A0 |. 33C0 xor eax, eax ; |
0040D3A2 |. 3845 0C cmp byte ptr [ebp+C], al ; |
0040D3A5 |. 0F95C0 setne al ; |
0040D3A8 |. 50 push eax ; |InitiallySignaled
0040D3A9 |. 33C0 xor eax, eax ; |
0040D3AB |. 3845 08 cmp byte ptr [ebp+8], al ; |
0040D3AE |. 0F95C0 setne al ; |
0040D3B1 |. 50 push eax ; |ManualReset
0040D3B2 |. FF75 14 push dword ptr [ebp+14] ; |pSecurity
0040D3B5 |. FF15 CC804100 call dword ptr [<&KERNEL32.CreateEven>; \CreateEventA
0040D3BB |. 85C0 test eax, eax
0040D3BD |. 8906 mov dword ptr [esi], eax
0040D3BF 75 15 jnz short 0040D3D6
0040D3C1 |. 8D45 0C lea eax, dword ptr [ebp+C]
0040D3C4 |. 68 00A24100 push 0041A200 ; /Arg2 = 0041A200
0040D3C9 |. 50 push eax ; |Arg1
0040D3CA |. C745 0C 6CC24>mov dword ptr [ebp+C], 0041C26C ; |createevent error
0040D3D1 |. E8 35370000 call 00410B0B ; \wgjc.00410B0B
0040D3D6 |> 8B4D F4 mov ecx, dword ptr [ebp-C]
0040D3D9 |. 8BC6 mov eax, esi
0040D3DB |. 5E pop esi
0040D3DC |. 64:890D 00000>mov dword ptr fs:[0], ecx
0040D3E3 |. C9 leave
0040D3E4 \. C2 1000 retn 10
0040D3E7 /$ B8 C0734100 mov eax, 004173C0
0040D3EC |. E8 FB360000 call 00410AEC
0040D3F1 |. 83EC 18 sub esp, 18
0040D3F4 |. 56 push esi
0040D3F5 |. 8BF1 mov esi, ecx
0040D3F7 |. FF75 08 push dword ptr [ebp+8] ; /Text
0040D3FA |. FF36 push dword ptr [esi] ; |hWnd
0040D3FC |. FF15 D4814100 call dword ptr [<&USER32.SetWindowTex>; \SetWindowTextW
0040D08F |. 8BF1 mov esi, ecx
0040D091 |. E8 38010000 call 0040D1CE
0040D096 |. FF7424 08 push dword ptr [esp+8]
0040D09A |. 66:C706 0800 mov word ptr [esi], 8
0040D09F |. FF15 A4814100 call dword ptr [<&OLEAUT32.#2>] ; OLEAUT32.SysAllocString
0040D0A5 |. 85C0 test eax, eax
0040D0A7 |. 8946 08 mov dword ptr [esi+8], eax
0040D0AA |. 75 12 jnz short 0040D0BE
0040D0AC |. 394424 08 cmp dword ptr [esp+8], eax
0040D0B0 |. 74 0C je short 0040D0BE
0040D0B2 |. 66:C706 0A00 mov word ptr [esi], 0A
0040D0B7 |. C746 08 0E000>mov dword ptr [esi+8], 8007000E
0040D0BE |> 8BC6 mov eax, esi
0040D0C0 |. 5E pop esi
0040D0C1 \. C2 0400 retn 4
0040D0C4 /$ 56 push esi
0040D0C5 |. 8BF1 mov esi, ecx
0040D0C7 |. 66:833E 0B cmp word ptr [esi], 0B
0040D0CB |. 74 0A je short 0040D0D7
0040D0CD |. E8 FC000000 call 0040D1CE
0040D0D2 |. 66:C706 0B00 mov word ptr [esi], 0B
0040D0D7 |> 8A4424 08 mov al, byte ptr [esp+8]
0040D0DB |. F6D8 neg al
0040D0DD |. 1BC0 sbb eax, eax
0040D0DF |. 66:8946 08 mov word ptr [esi+8], ax
0040D0E3 |. 8BC6 mov eax, esi
0040D0E5 |. 5E pop esi
0040D0E6 \. C2 0400 retn 4
0040D0E9 /$ 56 push esi
0040D0EA |. 8BF1 mov esi, ecx
0040D0EC |. 66:833E 13 cmp word ptr [esi], 13
0040D0F0 |. 74 0A je short 0040D0FC
0040D0F2 |. E8 D7000000 call 0040D1CE
0040D0F7 |. 66:C706 1300 mov word ptr [esi], 13
0040D0FC |> 8B4424 08 mov eax, dword ptr [esp+8]
0040D100 |. 8946 08 mov dword ptr [esi+8], eax
0040D103 |. 8BC6 mov eax, esi
0040D105 |. 5E pop esi
0040D106 \. C2 0400 retn 4
0040D109 /$ 56 push esi
0040D10A |. 8BF1 mov esi, ecx
0040D10C |. 66:833E 15 cmp word ptr [esi], 15
0040D110 |. 74 0A je short 0040D11C
0040D112 |. E8 B7000000 call 0040D1CE
0040D117 |. 66:C706 1500 mov word ptr [esi], 15
0040D11C |> 8B4424 08 mov eax, dword ptr [esp+8]
0040D120 |. 8946 08 mov dword ptr [esi+8], eax
0040D123 |. 8B4424 0C mov eax, dword ptr [esp+C]
0040D127 |. 8946 0C mov dword ptr [esi+C], eax
0040D12A |. 8BC6 mov eax, esi
0040D12C |. 5E pop esi
0040D12D \. C2 0800 retn 8
0040D130 /$ 56 push esi
0040D131 |. 8BF1 mov esi, ecx
0040D133 |. 66:833E 40 cmp word ptr [esi], 40
0040D137 |. 74 0A je short 0040D143
0040D139 |. E8 90000000 call 0040D1CE
0040D13E |. 66:C706 4000 mov word ptr [esi], 40
0040D143 |> 8B4424 08 mov eax, dword ptr [esp+8]
0040D147 |. 8B08 mov ecx, dword ptr [eax]
0040D149 |. 894E 08 mov dword ptr [esi+8], ecx
0040D14C |. 8B40 04 mov eax, dword ptr [eax+4]
0040D14F |. 8946 0C mov dword ptr [esi+C], eax
0040D152 |. 8BC6 mov eax, esi
0040D154 |. 5E pop esi
0040D155 \. C2 0400 retn 4
0040D158 /$ 51 push ecx
0040D159 |. E8 01000000 call 0040D15F
0040D15E \. C3 retn
0040D15F /$ 8B4C24 04 mov ecx, dword ptr [esp+4]
0040D163 |. 0FB701 movzx eax, word ptr [ecx]
0040D166 |. 83F8 13 cmp eax, 13 ; Switch (cases 2..40)
0040D169 |. 7F 23 jg short 0040D18E
0040D16B |. 83F8 10 cmp eax, 10
0040D16E |. 7D 2D jge short 0040D19D
0040D170 |. 83F8 02 cmp eax, 2
0040D173 |. 7C 0F jl short 0040D184
0040D175 |. 83F8 07 cmp eax, 7
0040D178 |. 7E 23 jle short 0040D19D
0040D17A |. 83F8 09 cmp eax, 9
0040D17D |. 7E 05 jle short 0040D184
0040D17F |. 83F8 0B cmp eax, 0B
0040D182 |. 7E 19 jle short 0040D19D
0040D184 |> 51 push ecx ; Default case of switch 0040D166
0040D185 |. FF15 A0814100 call dword ptr [<&OLEAUT32.#9>] ; OLEAUT32.VariantClear
0040D18B |> C2 0400 retn 4
0040D18E |> 83F8 15 cmp eax, 15
0040D191 |.^ 7C F1 jl short 0040D184
0040D193 |. 83F8 17 cmp eax, 17
0040D196 |. 7E 05 jle short 0040D19D
0040D198 |. 83F8 40 cmp eax, 40
0040D19B |.^ 75 E7 jnz short 0040D184
0040D19D |> 66:8321 00 and word ptr [ecx], 0 ; Cases 2,3,4,5,6,7,A,B,10,11,12,13,15,16,17,40 of switch 0040D166
0040D1A1 |. 33C0 xor eax, eax
0040D1A3 \.^ EB E6 jmp short 0040D18B
0040D1A5 /$ 56 push esi
0040D1A6 |. 8BF1 mov esi, ecx
0040D1A8 |. FF7424 08 push dword ptr [esp+8]
0040D1AC |. E8 AEFFFFFF call 0040D15F
0040D1B1 |. 85C0 test eax, eax
0040D1B3 |. 7C 15 jl short 0040D1CA
0040D1B5 |. 6A 10 push 10
0040D1B7 |. 56 push esi
0040D1B8 |. FF7424 10 push dword ptr [esp+10]
0040D1BC |. E8 2F410000 call 004112F0
0040D1C1 |. 66:8326 00 and word ptr [esi], 0
0040D1C5 |. 83C4 0C add esp, 0C
0040D1C8 |. 33C0 xor eax, eax
0040D1CA |> 5E pop esi
0040D1CB \. C2 0400 retn 4
0040D1CE /$ 56 push esi
0040D1CF |. 8BF1 mov esi, ecx
0040D1D1 |. E8 82FFFFFF call 0040D158
0040D1D6 |. 85C0 test eax, eax
0040D1D8 |. 7D 08 jge short 0040D1E2
0040D1DA |. 66:C706 0A00 mov word ptr [esi], 0A
0040D1DF |. 8946 08 mov dword ptr [esi+8], eax
0040D1E2 |> 5E pop esi
0040D1E3 \. C3 retn
0040D1E4 /$ B8 63734100 mov eax, 00417363
0040D1E9 |. E8 FE380000 call 00410AEC
0040D1EE |. 83EC 10 sub esp, 10
0040D1F1 |. 53 push ebx
0040D1F2 |. 56 push esi
0040D1F3 |. 57 push edi
0040D1F4 |. 33DB xor ebx, ebx
0040D1F6 |. 6A 0F push 0F
0040D1F8 |. 8D4D E4 lea ecx, dword ptr [ebp-1C]
0040D1FB |. 895D F0 mov dword ptr [ebp-10], ebx
0040D1FE |. 895D E4 mov dword ptr [ebp-1C], ebx
0040D201 |. 895D E8 mov dword ptr [ebp-18], ebx
0040D204 |. 895D EC mov dword ptr [ebp-14], ebx
0040D207 |. E8 60D8FFFF call 0040AA6C
0040D20C |. 6A 01 push 1
0040D20E |. BE 00010000 mov esi, 100
0040D213 |. 5F pop edi
0040D214 |. 897D FC mov dword ptr [ebp-4], edi
0040D217 |> 81C6 00010000 /add esi, 100
0040D21D |. 8D46 FF |lea eax, dword ptr [esi-1]
0040D220 |. 3B45 EC |cmp eax, dword ptr [ebp-14]
0040D223 |. 7C 0A |jl short 0040D22F
0040D225 |. 40 |inc eax
0040D226 |. 8D4D E4 |lea ecx, dword ptr [ebp-1C]
0040D229 |. 50 |push eax
0040D22A |. E8 3DD8FFFF |call 0040AA6C
0040D22F |> 56 |push esi ; /Count
0040D230 |. FF75 E4 |push dword ptr [ebp-1C] ; |Buffer
0040D233 |. FF75 0C |push dword ptr [ebp+C] ; |RsrcID
0040D236 |. FF35 DCF34100 |push dword ptr [41F3DC] ; |hInst = NULL
0040D23C |. FF15 E0814100 |call dword ptr [<&USER32.LoadStringA>; \LoadStringA
0040D242 |. 8BCE |mov ecx, esi
0040D244 |. 2BC8 |sub ecx, eax
0040D246 |. 3BCF |cmp ecx, edi
0040D248 |.^ 7E CD \jle short 0040D217
0040D24A |. 8B4D E4 mov ecx, dword ptr [ebp-1C]
0040D24D |. 33C0 xor eax, eax
0040D24F |. 3819 cmp byte ptr [ecx], bl
0040D251 |. 74 06 je short 0040D259
0040D253 |> 40 /inc eax
0040D254 |. 381C08 |cmp byte ptr [eax+ecx], bl
0040D257 |.^ 75 FA \jnz short 0040D253
0040D259 |> 881C08 mov byte ptr [eax+ecx], bl
0040D25C |. 8B4D 08 mov ecx, dword ptr [ebp+8]
0040D25F |. 8945 E8 mov dword ptr [ebp-18], eax
0040D262 |. 8D45 E4 lea eax, dword ptr [ebp-1C]
0040D265 |. 50 push eax
0040D266 |. E8 CBD7FFFF call 0040AA36
0040D26B |. 897D F0 mov dword ptr [ebp-10], edi
0040D26E |. FF75 E4 push dword ptr [ebp-1C]
0040D271 |. 885D FC mov byte ptr [ebp-4], bl
0040D274 |. E8 81340000 call 004106FA
0040D279 |. 8B45 08 mov eax, dword ptr [ebp+8]
0040D27C |. 59 pop ecx
0040D27D |. 8B4D F4 mov ecx, dword ptr [ebp-C]
0040D280 |. 5F pop edi
0040D281 |. 5E pop esi
0040D282 |. 5B pop ebx
0040D283 |. 64:890D 00000>mov dword ptr fs:[0], ecx
0040D28A |. C9 leave
0040D28B \. C2 0800 retn 8
0040D28E /$ B8 97734100 mov eax, 00417397
0040D293 |. E8 54380000 call 00410AEC
0040D298 |. 83EC 1C sub esp, 1C
0040D29B |. 53 push ebx
0040D29C |. 56 push esi
0040D29D |. 57 push edi
0040D29E |. 33DB xor ebx, ebx
0040D2A0 |. 6A 0F push 0F
0040D2A2 |. 8D4D E4 lea ecx, dword ptr [ebp-1C]
0040D2A5 |. 895D F0 mov dword ptr [ebp-10], ebx
0040D2A8 |. 895D E4 mov dword ptr [ebp-1C], ebx
0040D2AB |. 895D E8 mov dword ptr [ebp-18], ebx
0040D2AE |. 895D EC mov dword ptr [ebp-14], ebx
0040D2B1 |. E8 739DFFFF call 00407029
0040D2B6 |. 6A 01 push 1
0040D2B8 |. BF 00010000 mov edi, 100
0040D2BD |. 5E pop esi
0040D2BE |. 8975 FC mov dword ptr [ebp-4], esi
0040D2C1 |> 81C7 00010000 /add edi, 100
0040D2C7 |. 8D47 FF |lea eax, dword ptr [edi-1]
0040D2CA |. 3B45 EC |cmp eax, dword ptr [ebp-14]
0040D2CD |. 7C 0A |jl short 0040D2D9
0040D2CF |. 40 |inc eax
0040D2D0 |. 8D4D E4 |lea ecx, dword ptr [ebp-1C]
0040D2D3 |. 50 |push eax
0040D2D4 |. E8 509DFFFF |call 00407029
0040D2D9 |> 57 |push edi ; /Count
0040D2DA |. FF75 E4 |push dword ptr [ebp-1C] ; |Buffer
0040D2DD |. FF75 0C |push dword ptr [ebp+C] ; |RsrcID
0040D2E0 |. FF35 DCF34100 |push dword ptr [41F3DC] ; |hInst = NULL
0040D2E6 |. FF15 DC814100 |call dword ptr [<&USER32.LoadStringW>; \LoadStringW
0040D2EC |. 3BC3 |cmp eax, ebx
0040D2EE |. 74 0A |je short 0040D2FA
0040D2F0 |. 8BCF |mov ecx, edi
0040D2F2 |. 2BC8 |sub ecx, eax
0040D2F4 |. 3BCE |cmp ecx, esi
0040D2F6 |. 7F 43 |jg short 0040D33B
0040D2F8 |.^ EB C7 \jmp short 0040D2C1
0040D2FA |> FF15 2C804100 call dword ptr [<&KERNEL32.GetLastErr>; [GetLastError
0040D300 |. 83F8 78 cmp eax, 78
0040D303 |. 75 36 jnz short 0040D33B
0040D305 |. FF75 0C push dword ptr [ebp+C]
0040D308 |. 8D45 D8 lea eax, dword ptr [ebp-28]
0040D30B |. 50 push eax
0040D30C |. E8 D3FEFFFF call 0040D1E4
0040D311 |. 50 push eax
0040D312 |. C645 FC 02 mov byte ptr [ebp-4], 2
0040D316 |. FF75 08 push dword ptr [ebp+8]
0040D319 |. E8 1DE5FFFF call 0040B83B
0040D31E |. 8975 F0 mov dword ptr [ebp-10], esi
0040D321 |. FF75 D8 push dword ptr [ebp-28]
0040D324 |. C645 FC 01 mov byte ptr [ebp-4], 1
0040D328 |. E8 CD330000 call 004106FA
0040D32D |. FF75 E4 push dword ptr [ebp-1C]
0040D330 |. 885D FC mov byte ptr [ebp-4], bl
0040D333 |. E8 C2330000 call 004106FA
0040D338 |. 59 pop ecx
0040D339 |. EB 35 jmp short 0040D370
0040D33B |> 8B4D E4 mov ecx, dword ptr [ebp-1C]
0040D33E |. 33C0 xor eax, eax
0040D340 |. 66:3919 cmp word ptr [ecx], bx
0040D343 |. 74 0A je short 0040D34F
0040D345 |. 8BD1 mov edx, ecx
0040D347 |> 40 /inc eax
0040D348 |. 42 |inc edx
0040D349 |. 42 |inc edx
0040D34A |. 66:391A |cmp word ptr [edx], bx
0040D34D |.^ 75 F8 \jnz short 0040D347
0040D34F |> 66:891C41 mov word ptr [ecx+eax*2], bx
0040D353 |. 8B4D 08 mov ecx, dword ptr [ebp+8]
0040D356 |. 8945 E8 mov dword ptr [ebp-18], eax
0040D359 |. 8D45 E4 lea eax, dword ptr [ebp-1C]
0040D35C |. 50 push eax
0040D35D |. E8 6A9DFFFF call 004070CC
0040D362 |. FF75 E4 push dword ptr [ebp-1C]
0040D365 |. 8975 F0 mov dword ptr [ebp-10], esi
0040D368 |. 885D FC mov byte ptr [ebp-4], bl
0040D36B |. E8 8A330000 call 004106FA
0040D370 |> 8B45 08 mov eax, dword ptr [ebp+8]
0040D373 |. 59 pop ecx
0040D374 |. 8B4D F4 mov ecx, dword ptr [ebp-C]
0040D377 |. 5F pop edi
0040D378 |. 5E pop esi
0040D379 |. 5B pop ebx
0040D37A |. 64:890D 00000>mov dword ptr fs:[0], ecx
0040D381 |. C9 leave
0040D382 \. C2 0800 retn 8
0040D385 /$ B8 AC734100 mov eax, 004173AC
0040D38A |. E8 5D370000 call 00410AEC
0040D38F |. 51 push ecx
0040D390 |. 56 push esi
0040D391 |. 8BF1 mov esi, ecx
0040D393 |. 8975 F0 mov dword ptr [ebp-10], esi
0040D396 |. 8326 00 and dword ptr [esi], 0
0040D399 |. 8365 FC 00 and dword ptr [ebp-4], 0
0040D39D |. FF75 10 push dword ptr [ebp+10] ; /EventName
0040D3A0 |. 33C0 xor eax, eax ; |
0040D3A2 |. 3845 0C cmp byte ptr [ebp+C], al ; |
0040D3A5 |. 0F95C0 setne al ; |
0040D3A8 |. 50 push eax ; |InitiallySignaled
0040D3A9 |. 33C0 xor eax, eax ; |
0040D3AB |. 3845 08 cmp byte ptr [ebp+8], al ; |
0040D3AE |. 0F95C0 setne al ; |
0040D3B1 |. 50 push eax ; |ManualReset
0040D3B2 |. FF75 14 push dword ptr [ebp+14] ; |pSecurity
0040D3B5 |. FF15 CC804100 call dword ptr [<&KERNEL32.CreateEven>; \CreateEventA
0040D3BB |. 85C0 test eax, eax
0040D3BD |. 8906 mov dword ptr [esi], eax
0040D3BF 75 15 jnz short 0040D3D6
0040D3C1 |. 8D45 0C lea eax, dword ptr [ebp+C]
0040D3C4 |. 68 00A24100 push 0041A200 ; /Arg2 = 0041A200
0040D3C9 |. 50 push eax ; |Arg1
0040D3CA |. C745 0C 6CC24>mov dword ptr [ebp+C], 0041C26C ; |createevent error
0040D3D1 |. E8 35370000 call 00410B0B ; \wgjc.00410B0B
0040D3D6 |> 8B4D F4 mov ecx, dword ptr [ebp-C]
0040D3D9 |. 8BC6 mov eax, esi
0040D3DB |. 5E pop esi
0040D3DC |. 64:890D 00000>mov dword ptr fs:[0], ecx
0040D3E3 |. C9 leave
0040D3E4 \. C2 1000 retn 10
0040D3E7 /$ B8 C0734100 mov eax, 004173C0
0040D3EC |. E8 FB360000 call 00410AEC
0040D3F1 |. 83EC 18 sub esp, 18
0040D3F4 |. 56 push esi
0040D3F5 |. 8BF1 mov esi, ecx
0040D3F7 |. FF75 08 push dword ptr [ebp+8] ; /Text
0040D3FA |. FF36 push dword ptr [esi] ; |hWnd
0040D3FC |. FF15 D4814100 call dword ptr [<&USER32.SetWindowTex>; \SetWindowTextW
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
赞赏
|
|
|---|---|
|
|
他的文章
赞赏
雪币:
留言: