转了半天没发现哪检测注册码··CALL也跟遍了
00408D30/$6A FF PUSH -100408D32|.68 82C14100 PUSH setup.0041C182 ;SE 处理程序安装
00408D37|.64:A1 0000000>MOV EAX,DWORD PTR FS:
00408D3D|.50 PUSH EAX
00408D3E|.64:8925 00000>MOV DWORD PTR FS:,ESP
00408D45|.81EC 1C010000 SUB ESP,11C
00408D4B|.53 PUSH EBX
00408D4C|.55 PUSH EBP
00408D4D|.56 PUSH ESI
00408D4E|.8BB424 400100>MOV ESI,DWORD PTR SS:
00408D55|.33DB XOR EBX,EBX
00408D57|.33C0 XOR EAX,EAX
00408D59|.3BF3 CMP ESI,EBX
00408D5B|.894424 10 MOV DWORD PTR SS:,EAX
00408D5F 74 13 JE SHORT setup.00408D74 ;
00408D61 8B06 MOV EAX,DWORD PTR DS:
00408D63 8D4C24 10 LEA ECX,DWORD PTR SS:
00408D67|.51 PUSH ECX
00408D68|.68 10074200 PUSH setup.00420710
00408D6D|.56 PUSH ESI
00408D6E|.FF10 CALL DWORD PTR DS:
00408D70|.8B4424 10 MOV EAX,DWORD PTR SS:
00408D74|>3BC3 CMP EAX,EBX
00408D76|.899C24 300100>MOV DWORD PTR SS:,EBX
00408D7D 0F85 95000000 JNZ setup.00408E18
00408D83|.33C0 XOR EAX,EAX
00408D85|.3BF3 CMP ESI,EBX
00408D87|.894424 14 MOV DWORD PTR SS:,EAX
00408D8B 74 13 JE SHORT setup.00408DA0
00408D8D|.8B16 MOV EDX,DWORD PTR DS:
00408D8F|.8D4424 14 LEA EAX,DWORD PTR SS:
00408D93|.50 PUSH EAX
00408D94|.68 00074200 PUSH setup.00420700
00408D99|.56 PUSH ESI
00408D9A|.FF12 CALL DWORD PTR DS:
00408D9C|.8B4424 14 MOV EAX,DWORD PTR SS:
00408DA0|>3BC3 CMP EAX,EBX
00408DA2|.C68424 300100>MOV BYTE PTR SS:,1
00408DAA 75 2B JNZ SHORT setup.00408DD7 ;
00408DAC|.8D4C24 14 LEA ECX,DWORD PTR SS:
00408DB0|.889C24 300100>MOV BYTE PTR SS:,BL
00408DB7|.E8 747C0000 CALL setup.00410A30
00408DBC|.8D4C24 10 LEA ECX,DWORD PTR SS:
00408DC0|.C78424 300100>MOV DWORD PTR SS:,-1
00408DCB|.E8 607C0000 CALL setup.00410A30
00408DD0|.33ED XOR EBP,EBP
00408DD2|.E9 E3000000 JMP setup.00408EBA
00408DD7|>8B08 MOV ECX,DWORD PTR DS:
00408DD9|.8D5424 10 LEA EDX,DWORD PTR SS:
00408DDD|.52 PUSH EDX
00408DDE|.50 PUSH EAX
00408DDF|.FF91 D0000000 CALL DWORD PTR DS:
00408DE5|.8D4C24 14 LEA ECX,DWORD PTR SS:
00408DE9|.889C24 300100>MOV BYTE PTR SS:,BL
00408DF0|.E8 3B7C0000 CALL setup.00410A30
00408DF5|.8B4424 10 MOV EAX,DWORD PTR SS:
00408DF9|.3BC3 CMP EAX,EBX
00408DFB|.75 1B JNZ SHORT setup.00408E18
00408DFD|.8D4C24 10 LEA ECX,DWORD PTR SS:
00408E01|.C78424 300100>MOV DWORD PTR SS:,-1
00408E0C|.E8 1F7C0000 CALL setup.00410A30
00408E11|.33ED XOR EBP,EBP
00408E13|.E9 A2000000 JMP setup.00408EBA
00408E18|>895C24 18 MOV DWORD PTR SS:,EBX
00408E1C|.50 PUSH EAX
00408E1D|.8D4C24 24 LEA ECX,DWORD PTR SS:
00408E21|.C68424 340100>MOV BYTE PTR SS:,2
00408E29|.E8 127C0000 CALL setup.00410A40
00408E2E|.8B4424 20 MOV EAX,DWORD PTR SS:
00408E32|.8D5424 18 LEA EDX,DWORD PTR SS:
00408E36|.52 PUSH EDX
00408E37|.50 PUSH EAX
00408E38|.8B08 MOV ECX,DWORD PTR DS:
00408E3A|.C68424 380100>MOV BYTE PTR SS:,3
00408E42|.FF51 10 CALL DWORD PTR DS:
00408E45|.8B4424 18 MOV EAX,DWORD PTR SS:
00408E49|.8D4C24 1C LEA ECX,DWORD PTR SS:
00408E4D|.50 PUSH EAX
00408E4E|.E8 1D7C0000 CALL setup.00410A70
00408E53|.8B4424 1C MOV EAX,DWORD PTR SS:
00408E57|.8D5424 24 LEA EDX,DWORD PTR SS:
00408E5B|.895C24 24 MOV DWORD PTR SS:,EBX
00408E5F|.52 PUSH EDX
00408E60|.8B08 MOV ECX,DWORD PTR DS:
00408E62|.50 PUSH EAX
00408E63|.C68424 380100>MOV BYTE PTR SS:,4
00408E6B|.FF51 0C CALL DWORD PTR DS:
00408E6E|.8B7424 24 MOV ESI,DWORD PTR SS:
00408E72|.8D4C24 1C LEA ECX,DWORD PTR SS:
00408E76|.C68424 300100>MOV BYTE PTR SS:,3
00408E7E|.E8 AD7B0000 CALL setup.00410A30
00408E83|.8D4C24 20 LEA ECX,DWORD PTR SS:
00408E87|.C68424 300100>MOV BYTE PTR SS:,2
00408E8F|.E8 9C7B0000 CALL setup.00410A30
00408E94|.8D4C24 18 LEA ECX,DWORD PTR SS:
00408E98|.889C24 300100>MOV BYTE PTR SS:,BL
00408E9F|.E8 8C7B0000 CALL setup.00410A30
00408EA4|.8D4C24 10 LEA ECX,DWORD PTR SS:
00408EA8|.C78424 300100>MOV DWORD PTR SS:,-1
00408EB3|.E8 787B0000 CALL setup.00410A30
00408EB8|.8BEE MOV EBP,ESI
00408EBA|>A1 F8034200 MOV EAX,DWORD PTR DS:
00408EBF|.57 PUSH EDI
00408EC0|.894424 10 MOV DWORD PTR SS:,EAX
00408EC4|.8BBC24 540100>MOV EDI,DWORD PTR SS:
00408ECB|.A1 18244200 MOV EAX,DWORD PTR DS:
00408ED0|.8D4C24 2C LEA ECX,DWORD PTR SS:
00408ED4|.68 00010000 PUSH 100 ; /Count = 100 (256.)
00408ED9|.51 PUSH ECX ; |Buffer
00408EDA|.57 PUSH EDI ; |RsrcID
00408EDB|.50 PUSH EAX ; |hInst => 00400000
00408EDC|.C78424 440100>MOV DWORD PTR SS:,5 ; |
00408EE7|.FF15 A8D14100 CALL DWORD PTR DS:[<&USER32.LoadStringA>>; \LoadStringA 《--堆栈出现注册码不正确
00408EED|.3BC3 CMP EAX,EBX
00408EEF|.75 04 JNZ SHORT setup.00408EF5
00408EF1|.885C24 2C MOV BYTE PTR SS:,BL
00408EF5|>BA 00010000 MOV EDX,100
00408EFA|.2BD0 SUB EDX,EAX
00408EFC|.83FA 02 CMP EDX,2
00408EFF 7E 24 JLE SHORT setup.00408F25
00408F01|.8D4424 2C LEA EAX,DWORD PTR SS:
00408F05|.85C0 TEST EAX,EAX
00408F07|.74 0B JE SHORT setup.00408F14
00408F09|.8D4C24 2C LEA ECX,DWORD PTR SS:
00408F0D|.51 PUSH ECX ; /String
00408F0E|.FF15 2CD04100 CALL DWORD PTR DS:[<&KERNEL32.lstrlenA>] ; \lstrlenA
00408F14|>8D5424 2C LEA EDX,DWORD PTR SS:
00408F18|.8D4C24 10 LEA ECX,DWORD PTR SS:
00408F1C|.52 PUSH EDX
00408F1D|.50 PUSH EAX
00408F1E|.E8 2D010000 CALL setup.00409050
00408F23|.EB 4A JMP SHORT setup.00408F6F
00408F25|>68 FF010000 PUSH 1FF
00408F2A|.8D4C24 14 LEA ECX,DWORD PTR SS:
00408F2E|.BE 00020000 MOV ESI,200
00408F33|.E8 C8010000 CALL setup.00409100
00408F38|.3BC3 CMP EAX,EBX
00408F3A|.74 28 JE SHORT setup.00408F64
00408F3C|>56 /PUSH ESI
00408F3D|.50 |PUSH EAX
00408F3E|.57 |PUSH EDI
00408F3F|.E8 AC000000 |CALL setup.00408FF0
00408F44|.8BCE |MOV ECX,ESI
00408F46|.2BC8 |SUB ECX,EAX
00408F48|.83F9 02 |CMP ECX,2
00408F4B 7F 17 |JG SHORT setup.00408F64
00408F4D|.81C6 00010000 |ADD ESI,100
00408F53|.8D4C24 10 |LEA ECX,DWORD PTR SS:
00408F57|.8D56 FF |LEA EDX,DWORD PTR DS:
00408F5A|.52 |PUSH EDX
00408F5B|.E8 A0010000 |CALL setup.00409100
00408F60|.3BC3 |CMP EAX,EBX
00408F62|.^ 75 D8 \JNZ SHORT setup.00408F3C
00408F64|>6A FF PUSH -1
00408F66|.8D4C24 14 LEA ECX,DWORD PTR SS:
00408F6A|.E8 41020000 CALL setup.004091B0
00408F6F|>8B8424 640100>MOV EAX,DWORD PTR SS:
00408F76|.5F POP EDI
00408F77|.48 DEC EAX ;Switch (cases 1..2)
00408F78 74 0A JE SHORT setup.00408F84
00408F7A|.48 DEC EAX
00408F7B|.75 0C JNZ SHORT setup.00408F89
00408F7D|.BB 40000000 MOV EBX,40 ;Case 2 of switch 00408F77
00408F82|.EB 05 JMP SHORT setup.00408F89
00408F84|>BB 10000000 MOV EBX,10 ;Case 1 of switch 00408F77
00408F89|>8B4424 0C MOV EAX,DWORD PTR SS: ;Default case of switch 00408F77
00408F8D|.53 PUSH EBX ; /Style
00408F8E|.68 34064200 PUSH setup.00420634 ; |Title = "安装程序"
00408F93|.50 PUSH EAX ; |Text
00408F94|.55 PUSH EBP ; |hOwner
00408F95|.FF15 B8D14100 CALL DWORD PTR DS:[<&USER32.MessageBoxA>>; \MessageBoxA 《--注册码不正确的提示
00408F9B|.8B4424 0C MOV EAX,DWORD PTR SS:
00408F9F|.8B15 FC034200 MOV EDX,DWORD PTR DS: ;setup.00420400
00408FA5|.5E POP ESI
00408FA6|.5D POP EBP
00408FA7|.8D48 F4 LEA ECX,DWORD PTR DS:
00408FAA|.5B POP EBX
00408FAB|.3BCA CMP ECX,EDX
00408FAD|.74 1E JE SHORT setup.00408FCD
00408FAF|.83C0 F4 ADD EAX,-0C
00408FB2|.50 PUSH EAX ; /pVar
00408FB3|.FF15 78D04100 CALL DWORD PTR DS:[<&KERNEL32.Interlocke>; \InterlockedDecrement
00408FB9|.85C0 TEST EAX,EAX
00408FBB|.7F 10 JG SHORT setup.00408FCD
00408FBD|.8B5424 00 MOV EDX,DWORD PTR SS:
00408FC1|.83C2 F4 ADD EDX,-0C
00408FC4|.52 PUSH EDX
00408FC5|.E8 A5A30000 CALL setup.0041336F
00408FCA|.83C4 04 ADD ESP,4
00408FCD|>8B8C24 1C0100>MOV ECX,DWORD PTR SS:
00408FD4|.33C0 XOR EAX,EAX
00408FD6|.64:890D 00000>MOV DWORD PTR FS:,ECX
00408FDD|.81C4 28010000 ADD ESP,128
00408FE3\.C2 3000 RETN 30
[ 本帖最后由 km159 于 2008-10-19 10:01 编辑 ] 感觉像是VB编的嘛 是C大哥!!!/:L :loveliness: VB如果能够有这么简洁了 大家都喜欢玩VB鸟!!! 最讨厌VB和E/:010 /:010
页:
[1]