[C++] 纯文本查看 复制代码
006F57B9 . 55 push ebp
006F57BA . 68 70676F00 push 006F6770
006F57BF . 64:FF30 push dword ptr fs:[eax]
006F57C2 . 64:8920 mov dword ptr fs:[eax],esp
006F57C5 . 8D85 E8FEFFFF lea eax,dword ptr ss:[ebp-0x118]
006F57CB . E8 9C4FDFFF call 004EA76C
006F57D0 . 8B95 E8FEFFFF mov edx,dword ptr ss:[ebp-0x118]
006F57D6 . 8D85 ECFEFFFF lea eax,dword ptr ss:[ebp-0x114]
006F57DC . B9 FF000000 mov ecx,0xFF
006F57E1 . E8 9AFED0FF call 00405680
006F57E6 . 8D95 ECFEFFFF lea edx,dword ptr ss:[ebp-0x114]
006F57EC . A1 B0FC7200 mov eax,dword ptr ds:[0x72FCB0]
006F57F1 . 83C0 0B add eax,0xB
006F57F4 . B1 1F mov cl,0x1F
006F57F6 . E8 25E2D0FF call 00403A20
006F57FB . 8D85 E4FEFFFF lea eax,dword ptr ss:[ebp-0x11C]
006F5801 . 8B15 B0FC7200 mov edx,dword ptr ds:[0x72FCB0] ; 最新脱no.007180FC
006F5807 . 83C2 0B add edx,0xB
006F580A . E8 39FED0FF call 00405648
006F580F . 8B95 E4FEFFFF mov edx,dword ptr ss:[ebp-0x11C]
006F5815 . A1 E05A7300 mov eax,dword ptr ds:[0x735AE0]
006F581A . 8B40 68 mov eax,dword ptr ds:[eax+0x68]
006F581D . E8 7E93D7FF call 0046EBA0
006F5822 . 8D85 E0FEFFFF lea eax,dword ptr ss:[ebp-0x120]
006F5828 . 8B15 B0FC7200 mov edx,dword ptr ds:[0x72FCB0] ; 最新脱no.007180FC
006F582E . 83C2 0B add edx,0xB
006F5831 . E8 12FED0FF call 00405648
006F5836 . 8B95 E0FEFFFF mov edx,dword ptr ss:[ebp-0x120]
006F583C . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F583F . 8B80 98060000 mov eax,dword ptr ds:[eax+0x698]
006F5845 . 8B40 68 mov eax,dword ptr ds:[eax+0x68]
006F5848 . E8 5393D7FF call 0046EBA0
006F584D . 8D95 D4FEFFFF lea edx,dword ptr ss:[ebp-0x12C]
006F5853 . A1 84F97200 mov eax,dword ptr ds:[0x72F984]
006F5858 . 8B00 mov eax,dword ptr ds:[eax]
006F585A . E8 6123DEFF call 004D7BC0
006F585F . 8B85 D4FEFFFF mov eax,dword ptr ss:[ebp-0x12C]
006F5865 . 8D95 D8FEFFFF lea edx,dword ptr ss:[ebp-0x128]
006F586B . E8 3CA7D5FF call 0044FFAC
006F5870 . 8B85 D8FEFFFF mov eax,dword ptr ss:[ebp-0x128]
006F5876 . 8D95 DCFEFFFF lea edx,dword ptr ss:[ebp-0x124]
006F587C . E8 8794D5FF call 0044ED08
006F5881 . 8B85 DCFEFFFF mov eax,dword ptr ss:[ebp-0x124]
006F5887 . BA 88676F00 mov edx,006F6788 ; notebook.exe
006F588C . E8 5FFFD0FF call 004057F0
006F5891 . 74 7E je short 006F5911 ; 应该是跳过了,因为我们没有MAD没有啊,能验证过才怪啊~~
006F5893 . 8D95 CCFEFFFF lea edx,dword ptr ss:[ebp-0x134]
006F5899 . A1 84F97200 mov eax,dword ptr ds:[0x72F984]
006F589E . 8B00 mov eax,dword ptr ds:[eax]
006F58A0 . E8 1B23DEFF call 004D7BC0
006F58A5 . 8B85 CCFEFFFF mov eax,dword ptr ss:[ebp-0x134]
006F58AB . 8D8D D0FEFFFF lea ecx,dword ptr ss:[ebp-0x130]
006F58B1 . BA A0676F00 mov edx,006F67A0 ; .mad
006F58B6 . E8 41A5D5FF call 0044FDFC
006F58BB . 8B85 D0FEFFFF mov eax,dword ptr ss:[ebp-0x130]
006F58C1 . E8 6E2EDFFF call 004E8734
006F58C6 . 84C0 test al,al
006F58C8 . 74 38 je short 006F5902
006F58CA . 8B0D 14F87200 mov ecx,dword ptr ds:[0x72F814] ; pZs
006F58D0 . A1 84F97200 mov eax,dword ptr ds:[0x72F984]
006F58D5 . 8B00 mov eax,dword ptr ds:[eax]
006F58D7 . 8B15 A0E26D00 mov edx,dword ptr ds:[0x6DE2A0] ; 焘m
006F58DD . E8 9E1BDEFF call 004D7480
006F58E2 . A1 14F87200 mov eax,dword ptr ds:[0x72F814] ; pZs
006F58E7 . 8B00 mov eax,dword ptr ds:[eax]
006F58E9 . 8B10 mov edx,dword ptr ds:[eax]
006F58EB . FF92 EC000000 call dword ptr ds:[edx+0xEC]
006F58F1 . A1 14F87200 mov eax,dword ptr ds:[0x72F814] ; pZs
006F58F6 . 8B00 mov eax,dword ptr ds:[eax]
006F58F8 . E8 9FE4DDFF call 004D3D9C
006F58FD . E8 5A0FDFFF call 004E685C
006F5902 > B8 B0676F00 mov eax,006F67B0 ; Filename must be notebook.exe
006F5907 . E8 600FDFFF call 004E686C
006F590C . E8 4B0FDFFF call 004E685C
006F5911 > 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5914 . 8B80 04050000 mov eax,dword ptr ds:[eax+0x504]
006F591A . 33D2 xor edx,edx
006F591C . E8 17DCE4FF call 00543538
006F5921 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5924 . 8B80 D00A0000 mov eax,dword ptr ds:[eax+0xAD0]
006F592A . 33D2 xor edx,edx
006F592C . E8 07DCE4FF call 00543538
006F5931 . E8 BEFAFCFF call 006C53F4
006F5936 . 84C0 test al,al
006F5938 . 74 18 je short 006F5952 ; 也得跳,不然第二个框出现~~
006F593A . E8 8907FDFF call 006C60C8
006F593F . 84C0 test al,al
006F5941 . 75 0F jnz short 006F5952
006F5943 . B8 D8676F00 mov eax,006F67D8 ; At least one installed file seems to be corrupted, please reinstall AM-Notebook
006F5948 . E8 1F0FDFFF call 004E686C
006F594D . E8 0A0FDFFF call 004E685C
006F5952 > E8 91DBD0FF call 004034E8
006F5957 . 68 00080000 push 0x800 ; /Locale = 0x800
006F595C . E8 A729D1FF call <jmp.&kernel32.SetThreadLocale> ; \SetThreadLocale
006F5961 . 8D95 C4FEFFFF lea edx,dword ptr ss:[ebp-0x13C]
006F5967 . A1 84F97200 mov eax,dword ptr ds:[0x72F984]
006F596C . 8B00 mov eax,dword ptr ds:[eax]
006F596E . E8 4D22DEFF call 004D7BC0
006F5973 . 8B85 C4FEFFFF mov eax,dword ptr ss:[ebp-0x13C]
006F5979 . 8D8D C8FEFFFF lea ecx,dword ptr ss:[ebp-0x138]
006F597F . BA 30686F00 mov edx,006F6830 ; .chm
006F5984 . E8 73A4D5FF call 0044FDFC
006F5989 . 8B95 C8FEFFFF mov edx,dword ptr ss:[ebp-0x138]
006F598F . A1 84F97200 mov eax,dword ptr ds:[0x72F984]
006F5994 . 8B00 mov eax,dword ptr ds:[eax]
006F5996 . 83C0 50 add eax,0x50
006F5999 . E8 9AFAD0FF call 00405438
006F599E . E8 A1660100 call 0070C044
006F59A3 . 8D95 C0FEFFFF lea edx,dword ptr ss:[ebp-0x140]
006F59A9 . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F59AE . 8B40 04 mov eax,dword ptr ds:[eax+0x4]
006F59B1 . E8 0627DFFF call 004E80BC
006F59B6 . 8D85 C0FEFFFF lea eax,dword ptr ss:[ebp-0x140]
006F59BC . BA 40686F00 mov edx,006F6840 ; notebook.err
006F59C1 . E8 E6FCD0FF call 004056AC
006F59C6 . 8B85 C0FEFFFF mov eax,dword ptr ss:[ebp-0x140]
006F59CC . 50 push eax
006F59CD . 8D85 BCFEFFFF lea eax,dword ptr ss:[ebp-0x144]
006F59D3 . E8 64FFD3FF call 0043593C
006F59D8 . 8B85 BCFEFFFF mov eax,dword ptr ss:[ebp-0x144]
006F59DE . 5A pop edx
006F59DF . 8B08 mov ecx,dword ptr ds:[eax]
006F59E1 . FF91 A4010000 call dword ptr ds:[ecx+0x1A4]
006F59E7 . 8D85 B8FEFFFF lea eax,dword ptr ss:[ebp-0x148]
006F59ED . E8 4AFFD3FF call 0043593C
006F59F2 . 8B85 B8FEFFFF mov eax,dword ptr ss:[ebp-0x148]
006F59F8 . B2 01 mov dl,0x1
006F59FA . 8B08 mov ecx,dword ptr ds:[eax]
006F59FC . FF51 14 call dword ptr ds:[ecx+0x14]
006F59FF . 8D85 B4FEFFFF lea eax,dword ptr ss:[ebp-0x14C]
006F5A05 . E8 32FFD3FF call 0043593C
006F5A0A . 8B85 B4FEFFFF mov eax,dword ptr ss:[ebp-0x14C]
006F5A10 . B2 01 mov dl,0x1
006F5A12 . 8B08 mov ecx,dword ptr ds:[eax]
006F5A14 . FF51 1C call dword ptr ds:[ecx+0x1C]
006F5A17 . E8 C087FDFF call 006CE1DC
006F5A1C . E8 FB610100 call 0070BC1C
006F5A21 . E8 6220FCFF call 006B7A88
006F5A26 . 8B15 30FB7200 mov edx,dword ptr ds:[0x72FB30] ; 黉s
006F5A2C . 8B52 20 mov edx,dword ptr ds:[edx+0x20]
006F5A2F . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5A34 . 8B00 mov eax,dword ptr ds:[eax]
006F5A36 . E8 6120FCFF call 006B7A9C
006F5A3B . 84C0 test al,al
006F5A3D . 75 05 jnz short 006F5A44 ; 我们第二轮改次试试(一改就完蛋,所以不能改)
006F5A3F . E8 180EDFFF call 004E685C
006F5A44 > A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5A49 . 8078 28 00 cmp byte ptr ds:[eax+0x28],0x0
006F5A4D . 74 0F je short 006F5A5E ; 这个到底改不好呢?
006F5A4F . E8 94DAD0FF call 004034E8
006F5A54 . E8 2782FDFF call 006CDC80
006F5A59 . E8 8ADAD0FF call 004034E8
006F5A5E > 8D95 B0FEFFFF lea edx,dword ptr ss:[ebp-0x150]
006F5A64 . A1 48F97200 mov eax,dword ptr ds:[0x72F948] ; @
006F5A69 . 8B00 mov eax,dword ptr ds:[eax]
006F5A6B . E8 30ADD5FF call 004507A0
006F5A70 . 8B85 B0FEFFFF mov eax,dword ptr ss:[ebp-0x150]
006F5A76 . 8D55 F0 lea edx,dword ptr ss:[ebp-0x10]
006F5A79 . E8 8A92D5FF call 0044ED08
006F5A7E . 8B55 F0 mov edx,dword ptr ss:[ebp-0x10]
006F5A81 . B8 58686F00 mov eax,006F6858 ; /minimize
006F5A86 . E8 5DFFD0FF call 004059E8
006F5A8B . 85C0 test eax,eax
006F5A8D . 0F95C0 setne al ; 条件为假,到底有理不???本次不理会(试验结论不能改
006F5A90 . 8B15 30FB7200 mov edx,dword ptr ds:[0x72FB30] ; 黉s
006F5A96 . 8882 43010000 mov byte ptr ds:[edx+0x143],al
006F5A9C . C605 E55A7300>mov byte ptr ds:[0x735AE5],0x0
006F5AA3 . C605 E45A7300>mov byte ptr ds:[0x735AE4],0x0
006F5AAA . A1 84F97200 mov eax,dword ptr ds:[0x72F984]
006F5AAF . 8B00 mov eax,dword ptr ds:[eax]
006F5AB1 . 8B55 FC mov edx,dword ptr ss:[ebp-0x4]
006F5AB4 . 8990 04010000 mov dword ptr ds:[eax+0x104],edx
006F5ABA . C780 00010000>mov dword ptr ds:[eax+0x100],006F6C0>
006F5AC4 . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5AC9 . C680 44010000>mov byte ptr ds:[eax+0x144],0x0
006F5AD0 . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5AD5 . 8078 29 00 cmp byte ptr ds:[eax+0x29],0x0
006F5AD9 . 0F84 31010000 je 006F5C10 ; 这不能让它走,因为我们看到了ERROR字样
006F5ADF . B8 6C686F00 mov eax,006F686C ; STARTUP
006F5AE4 . E8 83F6FCFF call 006C516C
006F5AE9 . 84C0 test al,al
006F5AEB . 75 0F jnz short 006F5AFC
006F5AED . B8 6C686F00 mov eax,006F686C ; STARTUP
006F5AF2 . BA 58686F00 mov edx,006F6858 ; /minimize
006F5AF7 . E8 F8F6FCFF call 006C51F4
006F5AFC > 8D95 ACFEFFFF lea edx,dword ptr ss:[ebp-0x154]
006F5B02 . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5B07 . 8B40 08 mov eax,dword ptr ds:[eax+0x8]
006F5B0A . E8 AD25DFFF call 004E80BC
006F5B0F . 8D85 ACFEFFFF lea eax,dword ptr ss:[ebp-0x154]
006F5B15 . BA 7C686F00 mov edx,006F687C ; hello.rvf
006F5B1A . E8 8DFBD0FF call 004056AC
006F5B1F . 8B85 ACFEFFFF mov eax,dword ptr ss:[ebp-0x154]
006F5B25 . E8 0A2CDFFF call 004E8734
006F5B2A . 84C0 test al,al
006F5B2C . 75 58 jnz short 006F5B86
006F5B2E . 8D95 A8FEFFFF lea edx,dword ptr ss:[ebp-0x158]
006F5B34 . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5B39 . 8B40 08 mov eax,dword ptr ds:[eax+0x8]
006F5B3C . E8 7B25DFFF call 004E80BC
006F5B41 . 8D85 A8FEFFFF lea eax,dword ptr ss:[ebp-0x158]
006F5B47 . BA 7C686F00 mov edx,006F687C ; hello.rvf
006F5B4C . E8 5BFBD0FF call 004056AC
006F5B51 . 8B85 A8FEFFFF mov eax,dword ptr ss:[ebp-0x158]
006F5B57 . 50 push eax
006F5B58 . 8D95 A4FEFFFF lea edx,dword ptr ss:[ebp-0x15C]
006F5B5E . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5B63 . 8B00 mov eax,dword ptr ds:[eax]
006F5B65 . E8 5225DFFF call 004E80BC
006F5B6A . 8D85 A4FEFFFF lea eax,dword ptr ss:[ebp-0x15C]
006F5B70 . BA 90686F00 mov edx,006F6890 ; templates\examples\hello.rvf
006F5B75 . E8 32FBD0FF call 004056AC
006F5B7A . 8B85 A4FEFFFF mov eax,dword ptr ss:[ebp-0x15C]
006F5B80 . 5A pop edx
006F5B81 . E8 B227DFFF call 004E8338
006F5B86 > 8D95 A0FEFFFF lea edx,dword ptr ss:[ebp-0x160]
006F5B8C . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5B91 . 8B40 08 mov eax,dword ptr ds:[eax+0x8]
006F5B94 . E8 2325DFFF call 004E80BC
006F5B99 . 8D85 A0FEFFFF lea eax,dword ptr ss:[ebp-0x160]
006F5B9F . BA B8686F00 mov edx,006F68B8 ; training.tbl
006F5BA4 . E8 03FBD0FF call 004056AC
006F5BA9 . 8B85 A0FEFFFF mov eax,dword ptr ss:[ebp-0x160]
006F5BAF . E8 802BDFFF call 004E8734
006F5BB4 . 84C0 test al,al
006F5BB6 . 75 58 jnz short 006F5C10 ; 没跳到ERROR,不理你~~
006F5BB8 . 8D95 9CFEFFFF lea edx,dword ptr ss:[ebp-0x164]
006F5BBE . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5BC3 . 8B40 08 mov eax,dword ptr ds:[eax+0x8]
006F5BC6 . E8 F124DFFF call 004E80BC
006F5BCB . 8D85 9CFEFFFF lea eax,dword ptr ss:[ebp-0x164]
006F5BD1 . BA B8686F00 mov edx,006F68B8 ; training.tbl
006F5BD6 . E8 D1FAD0FF call 004056AC
006F5BDB . 8B85 9CFEFFFF mov eax,dword ptr ss:[ebp-0x164]
006F5BE1 . 50 push eax
006F5BE2 . 8D95 98FEFFFF lea edx,dword ptr ss:[ebp-0x168]
006F5BE8 . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F5BED . 8B00 mov eax,dword ptr ds:[eax]
006F5BEF . E8 C824DFFF call 004E80BC
006F5BF4 . 8D85 98FEFFFF lea eax,dword ptr ss:[ebp-0x168]
006F5BFA . BA D0686F00 mov edx,006F68D0 ; templates\examples\training.tbl
006F5BFF . E8 A8FAD0FF call 004056AC
006F5C04 . 8B85 98FEFFFF mov eax,dword ptr ss:[ebp-0x168]
006F5C0A . 5A pop edx
006F5C0B . E8 2827DFFF call 004E8338
006F5C10 > A1 14FA7200 mov eax,dword ptr ds:[0x72FA14] ; L\s
006F5C15 . 8038 00 cmp byte ptr ds:[eax],0x0
006F5C18 . 74 68 je short 006F5C82
006F5C1A . E8 D5F7FCFF call 006C53F4
006F5C1F . 84C0 test al,al
006F5C21 . 74 13 je short 006F5C36
006F5C23 . E8 BCF9FCFF call 006C55E4
006F5C28 . 84C0 test al,al
006F5C2A . 75 0A jnz short 006F5C36
006F5C2C . B8 F8686F00 mov eax,006F68F8 ; Ex#1: ERROR
006F5C31 . E8 5296D8FF call 0047F288
006F5C36 > E8 35F8FCFF call 006C5470
006F5C3B . 84C0 test al,al
006F5C3D . 74 13 je short 006F5C52
006F5C3F . E8 70FAFCFF call 006C56B4
006F5C44 . 84C0 test al,al
006F5C46 . 75 0A jnz short 006F5C52
006F5C48 . B8 0C696F00 mov eax,006F690C ; Ex#2: ERROR
006F5C4D . E8 3696D8FF call 0047F288
006F5C52 > E8 95F8FCFF call 006C54EC
006F5C57 . 84C0 test al,al
006F5C59 . 74 13 je short 006F5C6E
006F5C5B . E8 24FBFCFF call 006C5784
006F5C60 . 84C0 test al,al
006F5C62 . 75 0A jnz short 006F5C6E
006F5C64 . B8 20696F00 mov eax,006F6920 ; Ex#3: ERROR
006F5C69 . E8 1A96D8FF call 0047F288
006F5C6E > A1 98F57200 mov eax,dword ptr ds:[0x72F598]
006F5C73 . 8338 01 cmp dword ptr ds:[eax],0x1
006F5C76 . 74 0A je short 006F5C82
006F5C78 . B8 34696F00 mov eax,006F6934 ; EXE-Size #4: ERROR
006F5C7D . E8 0696D8FF call 0047F288
006F5C82 > 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5C85 . 8B80 F80B0000 mov eax,dword ptr ds:[eax+0xBF8]
006F5C8B . 33D2 xor edx,edx
006F5C8D . E8 6634E6FF call 005590F8
006F5C92 . BB 08000000 mov ebx,0x8
006F5C97 > 8D95 94FEFFFF lea edx,dword ptr ss:[ebp-0x16C]
006F5C9D . 8BC3 mov eax,ebx
006F5C9F . E8 AC97D5FF call 0044F450
006F5CA4 . 8B95 94FEFFFF mov edx,dword ptr ss:[ebp-0x16C]
006F5CAA . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5CAD . 8B80 380A0000 mov eax,dword ptr ds:[eax+0xA38]
006F5CB3 . 8B80 3C020000 mov eax,dword ptr ds:[eax+0x23C]
006F5CB9 . 8B08 mov ecx,dword ptr ds:[eax]
006F5CBB . FF51 38 call dword ptr ds:[ecx+0x38]
006F5CBE . 43 inc ebx
006F5CBF . 83FB 0D cmp ebx,0xD
006F5CC2 .^ 75 D3 jnz short 006F5C97
006F5CC4 . BB 0E000000 mov ebx,0xE
006F5CC9 > 8D95 90FEFFFF lea edx,dword ptr ss:[ebp-0x170]
006F5CCF . 8BC3 mov eax,ebx
006F5CD1 . E8 7A97D5FF call 0044F450
006F5CD6 . 8B95 90FEFFFF mov edx,dword ptr ss:[ebp-0x170]
006F5CDC . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5CDF . 8B80 380A0000 mov eax,dword ptr ds:[eax+0xA38]
006F5CE5 . 8B80 3C020000 mov eax,dword ptr ds:[eax+0x23C]
006F5CEB . 8B08 mov ecx,dword ptr ds:[eax]
006F5CED . FF51 38 call dword ptr ds:[ecx+0x38]
006F5CF0 . 83C3 02 add ebx,0x2
006F5CF3 . 83FB 1C cmp ebx,0x1C
006F5CF6 .^ 7E D1 jle short 006F5CC9
006F5CF8 . 8D95 8CFEFFFF lea edx,dword ptr ss:[ebp-0x174]
006F5CFE . B8 24000000 mov eax,0x24
006F5D03 . E8 4897D5FF call 0044F450
006F5D08 . 8B95 8CFEFFFF mov edx,dword ptr ss:[ebp-0x174]
006F5D0E . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5D11 . 8B80 380A0000 mov eax,dword ptr ds:[eax+0xA38]
006F5D17 . 8B80 3C020000 mov eax,dword ptr ds:[eax+0x23C]
006F5D1D . 8B08 mov ecx,dword ptr ds:[eax]
006F5D1F . FF51 38 call dword ptr ds:[ecx+0x38]
006F5D22 . 8D95 88FEFFFF lea edx,dword ptr ss:[ebp-0x178]
006F5D28 . B8 30000000 mov eax,0x30
006F5D2D . E8 1E97D5FF call 0044F450
006F5D32 . 8B95 88FEFFFF mov edx,dword ptr ss:[ebp-0x178]
006F5D38 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5D3B . 8B80 380A0000 mov eax,dword ptr ds:[eax+0xA38]
006F5D41 . 8B80 3C020000 mov eax,dword ptr ds:[eax+0x23C]
006F5D47 . 8B08 mov ecx,dword ptr ds:[eax]
006F5D49 . FF51 38 call dword ptr ds:[ecx+0x38]
006F5D4C . 8D95 84FEFFFF lea edx,dword ptr ss:[ebp-0x17C]
006F5D52 . B8 48000000 mov eax,0x48
006F5D57 . E8 F496D5FF call 0044F450
006F5D5C . 8B95 84FEFFFF mov edx,dword ptr ss:[ebp-0x17C]
006F5D62 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5D65 . 8B80 380A0000 mov eax,dword ptr ds:[eax+0xA38]
006F5D6B . 8B80 3C020000 mov eax,dword ptr ds:[eax+0x23C]
006F5D71 . 8B08 mov ecx,dword ptr ds:[eax]
006F5D73 . FF51 38 call dword ptr ds:[ecx+0x38]
006F5D76 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5D79 . E8 0A88FFFF call 006EE588
006F5D7E . 8945 EC mov dword ptr ss:[ebp-0x14],eax
006F5D81 . 8B15 30FB7200 mov edx,dword ptr ds:[0x72FB30] ; 黉s
006F5D87 . 8B52 04 mov edx,dword ptr ds:[edx+0x4]
006F5D8A . 8D85 80FEFFFF lea eax,dword ptr ss:[ebp-0x180]
006F5D90 . B9 50696F00 mov ecx,006F6950 ; \notebook.ini
006F5D95 . E8 56F9D0FF call 004056F0
006F5D9A . 8B8D 80FEFFFF mov ecx,dword ptr ss:[ebp-0x180]
006F5DA0 . B2 01 mov dl,0x1
006F5DA2 . A1 3CA44800 mov eax,dword ptr ds:[0x48A43C]
006F5DA7 . E8 4047D9FF call 0048A4EC
006F5DAC . 8945 F8 mov dword ptr ss:[ebp-0x8],eax
006F5DAF . 33C0 xor eax,eax
006F5DB1 . 55 push ebp
006F5DB2 . 68 A2606F00 push 006F60A2
006F5DB7 . 64:FF30 push dword ptr fs:[eax]
006F5DBA . 64:8920 mov dword ptr fs:[eax],esp
006F5DBD . A1 54FC7200 mov eax,dword ptr ds:[0x72FC54]
006F5DC2 . 8B00 mov eax,dword ptr ds:[eax]
006F5DC4 . E8 33F0DDFF call 004D4DFC
006F5DC9 . 3D EE020000 cmp eax,0x2EE
006F5DCE . 0F9CC0 setl al
006F5DD1 . B9 BC020000 mov ecx,0x2BC
006F5DD6 . BA 76020000 mov edx,0x276
006F5DDB . E8 700ADFFF call 004E6850
006F5DE0 . 50 push eax
006F5DE1 . B9 68696F00 mov ecx,006F6968 ; width
006F5DE6 . BA 78696F00 mov edx,006F6978 ; Window
006F5DEB . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5DEE . 8B18 mov ebx,dword ptr ds:[eax]
006F5DF0 . FF53 08 call dword ptr ds:[ebx+0x8]
006F5DF3 . 8BD0 mov edx,eax
006F5DF5 . A1 E05A7300 mov eax,dword ptr ds:[0x735AE0]
006F5DFA . E8 51F8DBFF call 004B5650
006F5DFF . A1 54FC7200 mov eax,dword ptr ds:[0x72FC54]
006F5E04 . 8B00 mov eax,dword ptr ds:[eax]
006F5E06 . E8 F1EFDDFF call 004D4DFC
006F5E0B . 3D EE020000 cmp eax,0x2EE
006F5E10 . 0F9CC0 setl al
006F5E13 . B9 3A020000 mov ecx,0x23A
006F5E18 . BA D6010000 mov edx,0x1D6
006F5E1D . E8 2E0ADFFF call 004E6850
006F5E22 . 50 push eax
006F5E23 . B9 88696F00 mov ecx,006F6988 ; height
006F5E28 . BA 78696F00 mov edx,006F6978 ; Window
006F5E2D . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5E30 . 8B18 mov ebx,dword ptr ds:[eax]
006F5E32 . FF53 08 call dword ptr ds:[ebx+0x8]
006F5E35 . 8BD0 mov edx,eax
006F5E37 . A1 E05A7300 mov eax,dword ptr ds:[0x735AE0]
006F5E3C . E8 33F8DBFF call 004B5674
006F5E41 . A1 54FC7200 mov eax,dword ptr ds:[0x72FC54]
006F5E46 . 8B00 mov eax,dword ptr ds:[eax]
006F5E48 . E8 A3EFDDFF call 004D4DF0
006F5E4D . 8B15 E05A7300 mov edx,dword ptr ds:[0x735AE0]
006F5E53 . 2B42 4C sub eax,dword ptr ds:[edx+0x4C]
006F5E56 . D1F8 sar eax,1
006F5E58 . 79 03 jns short 006F5E5D
006F5E5A . 83D0 00 adc eax,0x0
006F5E5D > 50 push eax
006F5E5E . B9 98696F00 mov ecx,006F6998 ; top
006F5E63 . BA 78696F00 mov edx,006F6978 ; Window
006F5E68 . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5E6B . 8B18 mov ebx,dword ptr ds:[eax]
006F5E6D . FF53 08 call dword ptr ds:[ebx+0x8]
006F5E70 . 8BD0 mov edx,eax
006F5E72 . A1 E05A7300 mov eax,dword ptr ds:[0x735AE0]
006F5E77 . E8 ACF7DBFF call 004B5628
006F5E7C . A1 54FC7200 mov eax,dword ptr ds:[0x72FC54]
006F5E81 . 8B00 mov eax,dword ptr ds:[eax]
006F5E83 . E8 74EFDDFF call 004D4DFC
006F5E88 . 8B15 E05A7300 mov edx,dword ptr ds:[0x735AE0]
006F5E8E . 2B42 48 sub eax,dword ptr ds:[edx+0x48]
006F5E91 . D1F8 sar eax,1
006F5E93 . 79 03 jns short 006F5E98
006F5E95 . 83D0 00 adc eax,0x0
006F5E98 > 50 push eax
006F5E99 . B9 A4696F00 mov ecx,006F69A4 ; left
006F5E9E . BA 78696F00 mov edx,006F6978 ; Window
006F5EA3 . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5EA6 . 8B18 mov ebx,dword ptr ds:[eax]
006F5EA8 . FF53 08 call dword ptr ds:[ebx+0x8]
006F5EAB . 8BD0 mov edx,eax
006F5EAD . A1 E05A7300 mov eax,dword ptr ds:[0x735AE0]
006F5EB2 . E8 4DF7DBFF call 004B5604
006F5EB7 . 6A FF push -0x1
006F5EB9 . B9 B4696F00 mov ecx,006F69B4 ; state
006F5EBE . BA 78696F00 mov edx,006F6978 ; Window
006F5EC3 . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5EC6 . 8B18 mov ebx,dword ptr ds:[eax]
006F5EC8 . FF53 08 call dword ptr ds:[ebx+0x8]
006F5ECB . 83F8 02 cmp eax,0x2
006F5ECE . 75 0C jnz short 006F5EDC
006F5ED0 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5ED3 . C680 380D0000>mov byte ptr ds:[eax+0xD38],0x1
006F5EDA . EB 0A jmp short 006F5EE6
006F5EDC > 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5EDF . C680 380D0000>mov byte ptr ds:[eax+0xD38],0x0
006F5EE6 > 6A 7D push 0x7D
006F5EE8 . B9 C4696F00 mov ecx,006F69C4 ; splitter1
006F5EED . BA 78696F00 mov edx,006F6978 ; Window
006F5EF2 . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5EF5 . 8B18 mov ebx,dword ptr ds:[eax]
006F5EF7 . FF53 08 call dword ptr ds:[ebx+0x8]
006F5EFA . 8BD0 mov edx,eax
006F5EFC . A1 E05A7300 mov eax,dword ptr ds:[0x735AE0]
006F5F01 . 8B80 94030000 mov eax,dword ptr ds:[eax+0x394]
006F5F07 . E8 44F7DBFF call 004B5650
006F5F0C . 6A 00 push 0x0
006F5F0E . B9 D8696F00 mov ecx,006F69D8 ; AlwaysOnTop
006F5F13 . BA EC696F00 mov edx,006F69EC ; General
006F5F18 . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5F1B . 8B18 mov ebx,dword ptr ds:[eax]
006F5F1D . FF53 10 call dword ptr ds:[ebx+0x10]
006F5F20 . 84C0 test al,al
006F5F22 . 74 0A je short 006F5F2E
006F5F24 . 8BD6 mov edx,esi
006F5F26 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5F29 . E8 9E300000 call 006F8FCC
006F5F2E > 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5F31 . 8B80 F80B0000 mov eax,dword ptr ds:[eax+0xBF8]
006F5F37 . 33D2 xor edx,edx
006F5F39 . 8B08 mov ecx,dword ptr ds:[eax]
006F5F3B . FF51 60 call dword ptr ds:[ecx+0x60]
006F5F3E . 6A 00 push 0x0
006F5F40 . B9 FC696F00 mov ecx,006F69FC ; EnableDragAndDrop
006F5F45 . BA EC696F00 mov edx,006F69EC ; General
006F5F4A . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5F4D . 8B18 mov ebx,dword ptr ds:[eax]
006F5F4F . FF53 10 call dword ptr ds:[ebx+0x10]
006F5F52 . 84C0 test al,al
006F5F54 . 74 0A je short 006F5F60
006F5F56 . 8BD6 mov edx,esi
006F5F58 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5F5B . E8 90640000 call 006FC3F0
006F5F60 > 6A 00 push 0x0
006F5F62 . B9 186A6F00 mov ecx,006F6A18 ; LockToolbar
006F5F67 . BA EC696F00 mov edx,006F69EC ; General
006F5F6C . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5F6F . 8B18 mov ebx,dword ptr ds:[eax]
006F5F71 . FF53 10 call dword ptr ds:[ebx+0x10]
006F5F74 . 84C0 test al,al
006F5F76 . 74 0E je short 006F5F86
006F5F78 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5F7B . 8B80 440A0000 mov eax,dword ptr ds:[eax+0xA44]
006F5F81 . 8B10 mov edx,dword ptr ds:[eax]
006F5F83 . FF52 50 call dword ptr ds:[edx+0x50]
006F5F86 > 6A 01 push 0x1
006F5F88 . B9 2C6A6F00 mov ecx,006F6A2C ; ShowRuler
006F5F8D . BA EC696F00 mov edx,006F69EC ; General
006F5F92 . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5F95 . 8B18 mov ebx,dword ptr ds:[eax]
006F5F97 . FF53 10 call dword ptr ds:[ebx+0x10]
006F5F9A . 8BD0 mov edx,eax
006F5F9C . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F5F9F . 8B80 C8090000 mov eax,dword ptr ds:[eax+0x9C8]
006F5FA5 . E8 52D2E4FF call 005431FC
006F5FAA . 6A 01 push 0x1
006F5FAC . B9 406A6F00 mov ecx,006F6A40 ; AutoURLDetection
006F5FB1 . BA EC696F00 mov edx,006F69EC ; General
006F5FB6 . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5FB9 . 8B18 mov ebx,dword ptr ds:[eax]
006F5FBB . FF53 10 call dword ptr ds:[ebx+0x10]
006F5FBE . 8B15 30FB7200 mov edx,dword ptr ds:[0x72FB30] ; 黉s
006F5FC4 . 8882 B4000000 mov byte ptr ds:[edx+0xB4],al
006F5FCA . 33C0 xor eax,eax
006F5FCC . 55 push ebp
006F5FCD . 68 0B606F00 push 006F600B
006F5FD2 . 64:FF30 push dword ptr fs:[eax]
006F5FD5 . 64:8920 mov dword ptr fs:[eax],esp
006F5FD8 . 6A FF push -0x1
006F5FDA . B9 5C6A6F00 mov ecx,006F6A5C ; SpellLanguage
006F5FDF . BA EC696F00 mov edx,006F69EC ; General
006F5FE4 . 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F5FE7 . 8B18 mov ebx,dword ptr ds:[eax]
006F5FE9 . FF53 08 call dword ptr ds:[ebx+0x8]
006F5FEC . 8BD0 mov edx,eax
006F5FEE . A1 E05A7300 mov eax,dword ptr ds:[0x735AE0]
006F5FF3 . 8B80 00070000 mov eax,dword ptr ds:[eax+0x700]
006F5FF9 . 8B08 mov ecx,dword ptr ds:[eax]
006F5FFB . FF91 D0000000 call dword ptr ds:[ecx+0xD0]
006F6001 . 33C0 xor eax,eax
006F6003 . 5A pop edx
006F6004 . 59 pop ecx
006F6005 . 59 pop ecx
006F6006 . 64:8910 mov dword ptr fs:[eax],edx
006F6009 . EB 20 jmp short 006F602B
006F600B .^ E9 98E9D0FF jmp 004049A8
006F6010 . A1 E05A7300 mov eax,dword ptr ds:[0x735AE0]
006F6015 . 8B80 00070000 mov eax,dword ptr ds:[eax+0x700]
006F601B . 83CA FF or edx,0xFFFFFFFF
006F601E . 8B08 mov ecx,dword ptr ds:[eax]
006F6020 . FF91 D0000000 call dword ptr ds:[ecx+0xD0]
006F6026 . E8 A9EDD0FF call 00404DD4
006F602B > 33C0 xor eax,eax
006F602D . 55 push ebp
006F602E . 68 82606F00 push 006F6082
006F6033 . 64:FF30 push dword ptr fs:[eax]
006F6036 . 64:8920 mov dword ptr fs:[eax],esp
006F6039 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F603C . 8B80 00070000 mov eax,dword ptr ds:[eax+0x700]
006F6042 . 8B10 mov edx,dword ptr ds:[eax]
006F6044 . FF92 CC000000 call dword ptr ds:[edx+0xCC]
006F604A . 40 inc eax
006F604B . 75 2B jnz short 006F6078
006F604D . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F6050 . 8B80 00070000 mov eax,dword ptr ds:[eax+0x700]
006F6056 . 8B80 3C020000 mov eax,dword ptr ds:[eax+0x23C]
006F605C . 8B10 mov edx,dword ptr ds:[eax]
006F605E . FF52 14 call dword ptr ds:[edx+0x14]
006F6061 . 85C0 test eax,eax
006F6063 . 7E 13 jle short 006F6078
006F6065 . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F6068 . 8B80 00070000 mov eax,dword ptr ds:[eax+0x700]
006F606E . 33D2 xor edx,edx
006F6070 . 8B08 mov ecx,dword ptr ds:[eax]
006F6072 . FF91 D0000000 call dword ptr ds:[ecx+0xD0]
006F6078 > 33C0 xor eax,eax
006F607A . 5A pop edx
006F607B . 59 pop ecx
006F607C . 59 pop ecx
006F607D . 64:8910 mov dword ptr fs:[eax],edx
006F6080 . EB 0A jmp short 006F608C
006F6082 .^ E9 21E9D0FF jmp 004049A8
006F6087 . E8 48EDD0FF call 00404DD4
006F608C > 33C0 xor eax,eax
006F608E . 5A pop edx
006F608F . 59 pop ecx
006F6090 . 59 pop ecx
006F6091 . 64:8910 mov dword ptr fs:[eax],edx
006F6094 . 68 A9606F00 push 006F60A9
006F6099 > 8B45 F8 mov eax,dword ptr ss:[ebp-0x8]
006F609C . E8 13E4D0FF call 004044B4
006F60A1 . C3 retn
006F60A2 .^ E9 B5EBD0FF jmp 00404C5C
006F60A7 .^ EB F0 jmp short 006F6099
006F60A9 . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F60AE . 8078 28 00 cmp byte ptr ds:[eax+0x28],0x0
006F60B2 . 75 39 jnz short 006F60ED
006F60B4 . 8D95 7CFEFFFF lea edx,dword ptr ss:[ebp-0x184]
006F60BA . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F60BF . 8B40 04 mov eax,dword ptr ds:[eax+0x4]
006F60C2 . E8 F51FDFFF call 004E80BC
006F60C7 . 8D85 7CFEFFFF lea eax,dword ptr ss:[ebp-0x184]
006F60CD . BA 746A6F00 mov edx,006F6A74 ; toolbar_lite.ini
006F60D2 . E8 D5F5D0FF call 004056AC
006F60D7 . 8B85 7CFEFFFF mov eax,dword ptr ss:[ebp-0x184]
006F60DD . 8B55 FC mov edx,dword ptr ss:[ebp-0x4]
006F60E0 . 8B92 A8030000 mov edx,dword ptr ds:[edx+0x3A8]
006F60E6 . E8 DDFDFEFF call 006E5EC8
006F60EB . EB 37 jmp short 006F6124
006F60ED > 8D95 78FEFFFF lea edx,dword ptr ss:[ebp-0x188]
006F60F3 . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F60F8 . 8B40 04 mov eax,dword ptr ds:[eax+0x4]
006F60FB . E8 BC1FDFFF call 004E80BC
006F6100 . 8D85 78FEFFFF lea eax,dword ptr ss:[ebp-0x188]
006F6106 . BA 906A6F00 mov edx,006F6A90 ; toolbar.ini
006F610B . E8 9CF5D0FF call 004056AC
006F6110 . 8B85 78FEFFFF mov eax,dword ptr ss:[ebp-0x188]
006F6116 . 8B55 FC mov edx,dword ptr ss:[ebp-0x4]
006F6119 . 8B92 A8030000 mov edx,dword ptr ds:[edx+0x3A8]
006F611F . E8 A4FDFEFF call 006E5EC8
006F6124 > 8D85 74FEFFFF lea eax,dword ptr ss:[ebp-0x18C]
006F612A . E8 E518DFFF call 004E7A14
006F612F . 8B85 74FEFFFF mov eax,dword ptr ss:[ebp-0x18C]
006F6135 . E8 6AF5D0FF call 004056A4
006F613A . 83F8 05 cmp eax,0x5
006F613D . 7F 0A jg short 006F6149
006F613F . A1 14FA7200 mov eax,dword ptr ds:[0x72FA14] ; L\s
006F6144 . 8038 00 cmp byte ptr ds:[eax],0x0
006F6147 . 74 23 je short 006F616C
006F6149 > E8 22F3FCFF call 006C5470
006F614E . 84C0 test al,al
006F6150 . 74 1A je short 006F616C
006F6152 . E8 5DF5FCFF call 006C56B4
006F6157 . 84C0 test al,al
006F6159 . 75 11 jnz short 006F616C
006F615B . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F615E . 05 F8020000 add eax,0x2F8
006F6163 . 8B55 FC mov edx,dword ptr ss:[ebp-0x4]
006F6166 . 8982 F80B0000 mov dword ptr ds:[edx+0xBF8],eax
006F616C > A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F6171 . 8B80 D4000000 mov eax,dword ptr ds:[eax+0xD4]
006F6177 . 50 push eax
006F6178 . A1 30FB7200 mov eax,dword ptr ds:[0x72FB30] ; 黉s
006F617D . 8B80 D8000000 mov eax,dword ptr ds:[eax+0xD8]
006F6183 . 50 push eax
006F6184 . 8B0D 30FB7200 mov ecx,dword ptr ds:[0x72FB30] ; 黉s
006F618A . 8B89 D0000000 mov ecx,dword ptr ds:[ecx+0xD0]
006F6190 . 8B15 30FB7200 mov edx,dword ptr ds:[0x72FB30] ; 黉s
006F6196 . 8B92 CC000000 mov edx,dword ptr ds:[edx+0xCC]
006F619C . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F619F . 8B80 F80B0000 mov eax,dword ptr ds:[eax+0xBF8]
006F61A5 . E8 522EE6FF call 00558FFC
006F61AA . 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
006F61AD . 8B80 F80B0000 mov eax,dword ptr ds:[eax+0xBF8]
006F61B3 . BA 08000000 mov edx,0x8
006F61B8 . E8 E7B8E2FF call 00521AA4
006F61BD . A1 E05A7300 mov eax,dword ptr ds:[0x735AE0]
006F61C2 . 8B80 F80B0000 mov eax,dword ptr ds:[eax+0xBF8]
006F61C8 . 8B10 mov edx,dword ptr ds:[eax]
006F61CA . FF92 78030000 call dword ptr ds:[edx+0x378] ; 也就是说上面al必须为0,否则到此处时就没了动静
懂了,这些接下来那些AL 的地方,我们全改成 AL=0,就差不多了,只要完成最后那块的循环,程序初始化界面就进入了,我们也就OK了。
发表于 2014-3-13 18:23
|
发表于 2014-3-13 18:25
