关于管易通进销存 5.96 软件 授权名字显示的爆破思路
本帖最后由 ljjdpyg 于 2011-6-17 15:21 编辑今天又个朋友说那个管易通5.96最新版的虽然注册了,但是标题还没显示,我就跟了下,其实主要的关键还是eax是否等于0,有兴趣的大家可以跟下
00538460 55 push ebp
00538461 .8BEC mov ebp,esp
00538463 .83EC 08 sub esp,0x8
00538466 .68 86284100 push <jmp.&MSVBVM60.__vbaExceptHandler>;SE 处理程序安装
0053846B .64:A1 0000000>mov eax,dword ptr fs:
00538471 .50 push eax
00538472 .64:8925 00000>mov dword ptr fs:,esp
00538479 .81EC B8010000 sub esp,0x1B8
0053847F .53 push ebx
00538480 .56 push esi
00538481 .57 push edi
00538482 .8965 F8 mov dword ptr ss:,esp
00538485 .C745 FC E0204>mov dword ptr ss:,GuitoJxc.0040>
0053848C .6A 08 push 0x8 ; /varType = String
0053848E .8D45 A0 lea eax,dword ptr ss: ; |
00538491 .33F6 xor esi,esi ; |
00538493 .68 D08A4400 push GuitoJxc.00448AD0 ; |ArraySturctdes = GuitoJxc.00448AD0
00538498 .50 push eax ; |ArrayVar
00538499 .8975 D4 mov dword ptr ss:,esi ; |
0053849C .8975 C0 mov dword ptr ss:,esi ; |
0053849F .8975 BC mov dword ptr ss:,esi ; |
005384A2 .8975 B8 mov dword ptr ss:,esi ; |
005384A5 .8975 98 mov dword ptr ss:,esi ; |
005384A8 .8975 94 mov dword ptr ss:,esi ; |
005384AB .8975 84 mov dword ptr ss:,esi ; |
005384AE .89B5 74FFFFFF mov dword ptr ss:,esi ; |
005384B4 .89B5 64FFFFFF mov dword ptr ss:,esi ; |
005384BA .89B5 54FFFFFF mov dword ptr ss:,esi ; |
005384C0 .89B5 44FFFFFF mov dword ptr ss:,esi ; |
005384C6 .89B5 34FFFFFF mov dword ptr ss:,esi ; |
005384CC .89B5 24FFFFFF mov dword ptr ss:,esi ; |
005384D2 .89B5 14FFFFFF mov dword ptr ss:,esi ; |
005384D8 .89B5 04FFFFFF mov dword ptr ss:,esi ; |
005384DE .89B5 F4FEFFFF mov dword ptr ss:,esi ; |
005384E4 .89B5 E4FEFFFF mov dword ptr ss:,esi ; |
005384EA .89B5 C4FEFFFF mov dword ptr ss:,esi ; |
005384F0 .89B5 B4FEFFFF mov dword ptr ss:,esi ; |
005384F6 .89B5 ACFEFFFF mov dword ptr ss:,esi ; |
005384FC .FF15 6C114000 call dword ptr ds:[<&MSVBVM60.__vbaAryCo>; \__vbaAryConstruct2
00538502 .8B0D E8408F00 mov ecx,dword ptr ds:
00538508 .51 push ecx
00538509 .68 98484400 push GuitoJxc.00444898
0053850E .FF15 68114000 call dword ptr ds:[<&MSVBVM60.__vbaStrCm>;MSVBVM60.__vbaStrCmp
00538514 .85C0 test eax,eax 其实这个思路很简单,归根在eax必须等于0,源头就不跟了,在这个堆栈我只改跳转
00538516 EB 0E jmp XGuitoJxc.00538526 ;这里必须跳我们改jmp
00538518 .8975 E0 mov dword ptr ss:,esi
0053851B .68 55925300 push GuitoJxc.00539255
00538520 .9B wait
00538521 .E9 FC0C0000 jmp GuitoJxc.00539222
00538526 >8B55 08 mov edx,dword ptr ss:
00538529 .8B4D AC mov ecx,dword ptr ss:
0053852C .8B35 80124000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaSt>;MSVBVM60.__vbaStrCopy
00538532 .8B12 mov edx,dword ptr ds:
00538534 .FFD6 call esi ;<&MSVBVM60.__vbaStrCopy>
00538536 .8B7D 0C mov edi,dword ptr ss:
00538539 .8B45 AC mov eax,dword ptr ss:
0053853C .8B17 mov edx,dword ptr ds:
0053853E .8D48 04 lea ecx,dword ptr ds:
00538541 .FFD6 call esi
00538543 .8B4D 10 mov ecx,dword ptr ss:
00538546 .8B45 AC mov eax,dword ptr ss:
00538549 .8B11 mov edx,dword ptr ds:
0053854B .8D48 08 lea ecx,dword ptr ds:
0053854E .FFD6 call esi
00538550 .8B5D 14 mov ebx,dword ptr ss:
00538553 .8B4D AC mov ecx,dword ptr ss:
00538556 .83C1 0C add ecx,0xC
00538559 .8B13 mov edx,dword ptr ds:
0053855B .FFD6 call esi
0053855D .8B17 mov edx,dword ptr ds:
0053855F .8B35 30104000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaLe>;MSVBVM60.__vbaLenBstr
00538565 .52 push edx ; /String
00538566 .FFD6 call esi ; \__vbaLenBstr
00538568 .33D2 xor edx,edx
0053856A .83F8 04 cmp eax,0x4
0053856D .8B45 10 mov eax,dword ptr ss:
00538570 .0F9DC2 setge dl
00538573 .8B08 mov ecx,dword ptr ds:
00538575 .8995 6CFEFFFF mov dword ptr ss:,edx
0053857B .51 push ecx ; /String
0053857C .FFD6 call esi ; \__vbaLenBstr
0053857E .8B95 6CFEFFFF mov edx,dword ptr ss:
00538584 .33C9 xor ecx,ecx
00538586 .83F8 04 cmp eax,0x4
00538589 .8B45 08 mov eax,dword ptr ss:
0053858C .0F9DC1 setge cl
0053858F .23D1 and edx,ecx
00538591 .8B08 mov ecx,dword ptr ds: ;假名房ecx
00538593 .F7DA neg edx
00538595 .1BD2 sbb edx,edx
00538597 .51 push ecx ; /String
00538598 .F7DA neg edx ; |
0053859A .8995 68FEFFFF mov dword ptr ss:,edx ; |
005385A0 .FFD6 call esi ; \__vbaLenBstr
005385A2 .8B95 68FEFFFF mov edx,dword ptr ss:
005385A8 .33C9 xor ecx,ecx
005385AA .83F8 02 cmp eax,0x2
005385AD .8B03 mov eax,dword ptr ds:
005385AF 0F9DC1 setge cl
005385B2 .23D1 and edx,ecx
005385B4 .50 push eax ; /String
005385B5 .F7DA neg edx ; |
005385B7 .1BD2 sbb edx,edx ; |
005385B9 .F7DA neg edx ; |
005385BB .8995 64FEFFFF mov dword ptr ss:,edx ; |
005385C1 .FFD6 call esi ; \__vbaLenBstr
005385C3 .8B95 64FEFFFF mov edx,dword ptr ss:
005385C9 .33C9 xor ecx,ecx
005385CB .83F8 0C cmp eax,0xC
005385CE .0F9DC1 setge cl
005385D1 .85D1 test ecx,edx
005385D3 90 nop ;不让跳,这个是跳到失败
005385D4 90 nop
005385D5 90 nop
005385D6 90 nop
005385D7 90 nop
005385D8 90 nop
005385D9 .8D85 04FFFFFF lea eax,dword ptr ss:
005385DF .8D4D 84 lea ecx,dword ptr ss:
005385E2 .50 push eax
005385E3 .51 push ecx
005385E4 .899D 0CFFFFFF mov dword ptr ss:,ebx
005385EA .C785 04FFFFFF>mov dword ptr ss:,0x4008
005385F4 .FF15 0C114000 call dword ptr ds:[<&MSVBVM60.#520>] ;MSVBVM60.rtcTrimVar
005385FA .6A 00 push 0x0
005385FC .6A FF push -0x1
005385FE .6A 01 push 0x1
00538600 .68 98484400 push GuitoJxc.00444898
00538605 .8D55 84 lea edx,dword ptr ss:
00538608 .68 C08A4400 push GuitoJxc.00448AC0
0053860D .8D45 98 lea eax,dword ptr ss:
00538610 .52 push edx ; /String8
00538611 .50 push eax ; |ARG2
00538612 .FF15 34124000 call dword ptr ds:[<&MSVBVM60.__vbaStrVa>; \__vbaStrVarVal
00538618 .50 push eax
00538619 .FF15 F8114000 call dword ptr ds:[<&MSVBVM60.#712>] ;MSVBVM60.rtcReplace
0053861F .8B35 08134000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaSt>;MSVBVM60.__vbaStrMove
00538625 .8BD0 mov edx,eax
00538627 .8BCB mov ecx,ebx
00538629 .FFD6 call esi ;<&MSVBVM60.__vbaStrMove>
0053862B .8D4D 98 lea ecx,dword ptr ss:
0053862E .FF15 60134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;MSVBVM60.__vbaFreeStr
00538634 .8B3D 28104000 mov edi,dword ptr ds:[<&MSVBVM60.__vbaFr>;MSVBVM60.__vbaFreeVar
0053863A .8D4D 84 lea ecx,dword ptr ss:
0053863D .FFD7 call edi ;<&MSVBVM60.__vbaFreeVar>
0053863F .8B0B mov ecx,dword ptr ds:
00538641 .6A 00 push 0x0
00538643 .6A FF push -0x1
00538645 .6A 01 push 0x1
00538647 .68 98484400 push GuitoJxc.00444898
0053864C .68 C88A4400 push GuitoJxc.00448AC8
00538651 .51 push ecx
00538652 .FF15 F8114000 call dword ptr ds:[<&MSVBVM60.#712>] ;MSVBVM60.rtcReplace
00538658 .8BD0 mov edx,eax
0053865A .8BCB mov ecx,ebx
0053865C .FFD6 call esi
0053865E .8B13 mov edx,dword ptr ds:
00538660 .52 push edx ; /String
00538661 .FF15 30104000 call dword ptr ds:[<&MSVBVM60.__vbaLenBs>; \__vbaLenBstr
00538667 .83F8 09 cmp eax,0x9
0053866A 0F8C 74010000 jl GuitoJxc.005387E4
00538670 .8B03 mov eax,dword ptr ds:
00538672 .899D 0CFFFFFF mov dword ptr ss:,ebx
00538678 .50 push eax ; /String
00538679 .C785 04FFFFFF>mov dword ptr ss:,0x4008 ; |
00538683 .FF15 30104000 call dword ptr ds:[<&MSVBVM60.__vbaLenBs>; \__vbaLenBstr
00538689 .83E8 04 sub eax,0x4
0053868C .8D8D 04FFFFFF lea ecx,dword ptr ss:
00538692 0F80 D90B0000 jo GuitoJxc.00539271
00538698 .50 push eax
00538699 .8D55 84 lea edx,dword ptr ss:
0053869C .51 push ecx
0053869D .52 push edx
0053869E .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
005386A4 .8D85 F4FEFFFF lea eax,dword ptr ss:
005386AA .6A 01 push 0x1
005386AC .8D8D 74FFFFFF lea ecx,dword ptr ss:
005386B2 .50 push eax
005386B3 .51 push ecx
005386B4 .899D FCFEFFFF mov dword ptr ss:,ebx
005386BA .C785 F4FEFFFF>mov dword ptr ss:,0x4008
005386C4 .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
005386CA .8D55 84 lea edx,dword ptr ss:
005386CD .8D85 74FFFFFF lea eax,dword ptr ss:
005386D3 .52 push edx ; /var18
005386D4 .8D8D 64FFFFFF lea ecx,dword ptr ss: ; |
005386DA .50 push eax ; |var28
005386DB .51 push ecx ; |saveto8
005386DC .FF15 CC124000 call dword ptr ds:[<&MSVBVM60.__vbaVarAd>; \__vbaVarAdd
005386E2 .50 push eax
005386E3 .FF15 38104000 call dword ptr ds:[<&MSVBVM60.__vbaStrVa>;MSVBVM60.__vbaStrVarMove
005386E9 .8BD0 mov edx,eax
005386EB .8BCB mov ecx,ebx
005386ED .FFD6 call esi
005386EF .8D95 64FFFFFF lea edx,dword ptr ss:
005386F5 .8D85 74FFFFFF lea eax,dword ptr ss:
005386FB .52 push edx
005386FC .8D4D 84 lea ecx,dword ptr ss:
005386FF .50 push eax
00538700 .51 push ecx
00538701 .6A 03 push 0x3
00538703 .FF15 40104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;MSVBVM60.__vbaFreeVarList
00538709 .8B13 mov edx,dword ptr ds:
0053870B .83C4 10 add esp,0x10
0053870E .8D4D B8 lea ecx,dword ptr ss:
00538711 .FF15 80124000 call dword ptr ds:[<&MSVBVM60.__vbaStrCo>;MSVBVM60.__vbaStrCopy
00538717 .8B13 mov edx,dword ptr ds:
00538719 .899D 0CFFFFFF mov dword ptr ss:,ebx
0053871F .52 push edx ; /String
00538720 .C785 04FFFFFF>mov dword ptr ss:,0x4008 ; |
0053872A .FF15 30104000 call dword ptr ds:[<&MSVBVM60.__vbaLenBs>; \__vbaLenBstr
00538730 .83E8 01 sub eax,0x1
00538733 .8D4D 84 lea ecx,dword ptr ss:
00538736 0F80 350B0000 jo GuitoJxc.00539271
0053873C .50 push eax
0053873D .8D85 04FFFFFF lea eax,dword ptr ss:
00538743 .50 push eax
00538744 .51 push ecx
00538745 .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
0053874B .8D55 84 lea edx,dword ptr ss:
0053874E .52 push edx
0053874F .FF15 38104000 call dword ptr ds:[<&MSVBVM60.__vbaStrVa>;MSVBVM60.__vbaStrVarMove
00538755 .8BD0 mov edx,eax
00538757 .8D4D C0 lea ecx,dword ptr ss:
0053875A .FFD6 call esi
0053875C .8D4D 84 lea ecx,dword ptr ss:
0053875F .FFD7 call edi
00538761 .8D8D 04FFFFFF lea ecx,dword ptr ss:
00538767 .6A 03 push 0x3
00538769 .8D55 84 lea edx,dword ptr ss:
0053876C .8D45 C0 lea eax,dword ptr ss:
0053876F .51 push ecx
00538770 .52 push edx
00538771 .8985 0CFFFFFF mov dword ptr ss:,eax
00538777 .C785 04FFFFFF>mov dword ptr ss:,0x4008
00538781 .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
00538787 .8D45 84 lea eax,dword ptr ss:
0053878A .50 push eax
0053878B .FF15 38104000 call dword ptr ds:[<&MSVBVM60.__vbaStrVa>;MSVBVM60.__vbaStrVarMove
00538791 .8BD0 mov edx,eax
00538793 .8D4D C0 lea ecx,dword ptr ss:
00538796 .FFD6 call esi
00538798 .8D4D 84 lea ecx,dword ptr ss:
0053879B .FFD7 call edi
0053879D .8B45 C0 mov eax,dword ptr ss:
005387A0 .50 push eax
005387A1 .50 push eax
005387A2 .FF15 64134000 call dword ptr ds:[<&MSVBVM60.#581>] ;MSVBVM60.rtcR8ValFromBstr
005387A8 .83EC 08 sub esp,0x8
005387AB .DD1C24 fstp qword ptr ss:
005387AE .FF15 B4114000 call dword ptr ds:[<&MSVBVM60.__vbaStrR8>;MSVBVM60.__vbaStrR8
005387B4 .8BD0 mov edx,eax
005387B6 .8D4D 98 lea ecx,dword ptr ss:
005387B9 .FFD6 call esi
005387BB .50 push eax
005387BC .FF15 68114000 call dword ptr ds:[<&MSVBVM60.__vbaStrCm>;MSVBVM60.__vbaStrCmp
005387C2 .F7D8 neg eax
005387C4 .1BC0 sbb eax,eax
005387C6 .8D4D 98 lea ecx,dword ptr ss:
005387C9 .F7D8 neg eax
005387CB .F7D8 neg eax
005387CD .66:8985 98FEF>mov word ptr ss:,ax
005387D4 .FF15 60134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;MSVBVM60.__vbaFreeStr
005387DA .66:83BD 98FEF>cmp word ptr ss:,0x0
005387E2 74 12 je XGuitoJxc.005387F6 ;这里跳过去了,很开始计算授权
005387E4 >C745 E0 00000>mov dword ptr ss:,0x0
005387EB .68 55925300 push GuitoJxc.00539255
005387F0 .9B wait
005387F1 .E9 2C0A0000 jmp GuitoJxc.00539222
005387F6 >8B4D C0 mov ecx,dword ptr ss:
005387F9 .8B13 mov edx,dword ptr ds:
005387FB .6A 00 push 0x0
005387FD .6A FF push -0x1
005387FF .6A 01 push 0x1
00538801 .68 98484400 push GuitoJxc.00444898
00538806 .51 push ecx
00538807 .52 push edx
00538808 .FF15 F8114000 call dword ptr ds:[<&MSVBVM60.#712>] ;MSVBVM60.rtcReplace
0053880E .8BD0 mov edx,eax
00538810 .8BCB mov ecx,ebx
00538812 .FFD6 call esi
00538814 .8B45 10 mov eax,dword ptr ss:
00538817 .8D8D 04FFFFFF lea ecx,dword ptr ss:
0053881D .6A 04 push 0x4
0053881F .8D55 84 lea edx,dword ptr ss:
00538822 .51 push ecx
00538823 .52 push edx
00538824 .8985 0CFFFFFF mov dword ptr ss:,eax
0053882A .C785 04FFFFFF>mov dword ptr ss:,0x4008
00538834 .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
0053883A .8B1D 38104000 mov ebx,dword ptr ds:[<&MSVBVM60.__vbaSt>;MSVBVM60.__vbaStrVarMove
00538840 .8D45 84 lea eax,dword ptr ss:
00538843 .50 push eax
00538844 .FFD3 call ebx ;<&MSVBVM60.__vbaStrVarMove>
00538846 .8BD0 mov edx,eax
00538848 .8D4D BC lea ecx,dword ptr ss:
0053884B .FFD6 call esi
0053884D .8D4D 84 lea ecx,dword ptr ss:
00538850 .FFD7 call edi
00538852 .33C0 xor eax,eax
00538854 .C745 EC 01000>mov dword ptr ss:,0x1
0053885B .8945 D8 mov dword ptr ss:,eax
0053885E .8945 DC mov dword ptr ss:,eax
00538861 B8 03000000 mov eax,0x3
00538866 .66:3945 EC cmp word ptr ss:,ax
0053886A E9 DC000000 jmp GuitoJxc.0053894B ;假如这里不跳,授权回变更
0053886F 90 nop
00538870 .8D95 04FFFFFF lea edx,dword ptr ss:
00538876 .6A 01 push 0x1
00538878 .8D45 84 lea eax,dword ptr ss:
0053887B .8D4D BC lea ecx,dword ptr ss:
0053887E .52 push edx
0053887F .50 push eax
00538880 .898D 0CFFFFFF mov dword ptr ss:,ecx
00538886 .C785 04FFFFFF>mov dword ptr ss:,0x4008
00538890 .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
00538896 .8D4D 84 lea ecx,dword ptr ss:
00538899 .8D55 98 lea edx,dword ptr ss:
0053889C .51 push ecx ; /String8
0053889D .52 push edx ; |ARG2
0053889E .FF15 34124000 call dword ptr ds:[<&MSVBVM60.__vbaStrVa>; \__vbaStrVarVal
005388A4 .50 push eax ; /String
005388A5 .FF15 4C104000 call dword ptr ds:[<&MSVBVM60.#516>] ; \rtcAnsiValueBstr
005388AB .8BC8 mov ecx,eax
005388AD .FF15 5C104000 call dword ptr ds:[<&MSVBVM60.__vbaI2Abs>;MSVBVM60.__vbaI2Abs
005388B3 .0FBFC0 movsx eax,ax
005388B6 .8985 60FEFFFF mov dword ptr ss:,eax
005388BC .8D4D 98 lea ecx,dword ptr ss:
005388BF .DB85 60FEFFFF fild dword ptr ss:
005388C5 .DD9D 58FEFFFF fstp qword ptr ss:
005388CB .DD85 58FEFFFF fld qword ptr ss:
005388D1 .DC45 D8 fadd qword ptr ss:
005388D4 .DD5D D8 fstp qword ptr ss:
005388D7 .DFE0 fstsw ax
005388D9 .A8 0D test al,0xD
005388DB .0F85 8B090000 jnz GuitoJxc.0053926C
005388E1 .FF15 60134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;MSVBVM60.__vbaFreeStr
005388E7 .8D4D 84 lea ecx,dword ptr ss:
005388EA .FFD7 call edi
005388EC .66:BA 0300 mov dx,0x3
005388F0 .8D4D BC lea ecx,dword ptr ss:
005388F3 .66:2B55 EC sub dx,word ptr ss:
005388F7 .898D 0CFFFFFF mov dword ptr ss:,ecx
005388FD .8D8D 04FFFFFF lea ecx,dword ptr ss:
00538903 .C785 04FFFFFF>mov dword ptr ss:,0x4008
0053890D .0F80 5E090000 jo GuitoJxc.00539271
00538913 .0FBFC2 movsx eax,dx
00538916 .50 push eax
00538917 .8D55 84 lea edx,dword ptr ss:
0053891A .51 push ecx
0053891B .52 push edx
0053891C .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
00538922 .8D45 84 lea eax,dword ptr ss:
00538925 .50 push eax
00538926 .FFD3 call ebx
00538928 .8BD0 mov edx,eax
0053892A .8D4D BC lea ecx,dword ptr ss:
0053892D .FFD6 call esi
0053892F .8D4D 84 lea ecx,dword ptr ss:
00538932 .FFD7 call edi
00538934 .B8 01000000 mov eax,0x1
00538939 .66:0345 EC add ax,word ptr ss:
0053893D .0F80 2E090000 jo GuitoJxc.00539271
00538943 .8945 EC mov dword ptr ss:,eax
00538946 .^ E9 16FFFFFF jmp GuitoJxc.00538861
0053894B >8B4D 0C mov ecx,dword ptr ss:
0053894E .8D95 04FFFFFF lea edx,dword ptr ss:
00538954 .6A 04 push 0x4
00538956 .8D45 84 lea eax,dword ptr ss:
00538959 .52 push edx
0053895A .50 push eax
0053895B .898D 0CFFFFFF mov dword ptr ss:,ecx
00538961 .C785 04FFFFFF>mov dword ptr ss:,0x4008
0053896B .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
00538971 .8D4D 84 lea ecx,dword ptr ss:
00538974 .51 push ecx
00538975 .FFD3 call ebx
00538977 .8BD0 mov edx,eax
00538979 .8D4D BC lea ecx,dword ptr ss:
0053897C .FFD6 call esi
0053897E .8D4D 84 lea ecx,dword ptr ss:
00538981 .FFD7 call edi
00538983 .33C9 xor ecx,ecx
00538985 .C745 EC 01000>mov dword ptr ss:,0x1
0053898C .894D CC mov dword ptr ss:,ecx
0053898F .894D D0 mov dword ptr ss:,ecx
00538992 B8 03000000 mov eax,0x3
00538997 66:3945 EC cmp word ptr ss:,ax
0053899B E9 DE000000 jmp GuitoJxc.00538A7E ;这里也要跳
005389A0 90 nop
005389A1 .8D85 04FFFFFF lea eax,dword ptr ss:
005389A7 .6A 01 push 0x1
005389A9 .8D4D 84 lea ecx,dword ptr ss:
005389AC .8D55 BC lea edx,dword ptr ss:
005389AF .50 push eax
005389B0 .51 push ecx
005389B1 .8995 0CFFFFFF mov dword ptr ss:,edx
005389B7 .C785 04FFFFFF>mov dword ptr ss:,0x4008
005389C1 .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
005389C7 .8D55 84 lea edx,dword ptr ss:
005389CA .8D45 98 lea eax,dword ptr ss:
005389CD .52 push edx ; /String8
005389CE .50 push eax ; |ARG2
005389CF .FF15 34124000 call dword ptr ds:[<&MSVBVM60.__vbaStrVa>; \__vbaStrVarVal
005389D5 .50 push eax ; /String
005389D6 .FF15 4C104000 call dword ptr ds:[<&MSVBVM60.#516>] ; \rtcAnsiValueBstr
005389DC .8BC8 mov ecx,eax
005389DE .FF15 5C104000 call dword ptr ds:[<&MSVBVM60.__vbaI2Abs>;MSVBVM60.__vbaI2Abs
005389E4 .0FBFC8 movsx ecx,ax
005389E7 .898D 54FEFFFF mov dword ptr ss:,ecx
005389ED .8D4D 98 lea ecx,dword ptr ss:
005389F0 .DB85 54FEFFFF fild dword ptr ss:
005389F6 .DD9D 4CFEFFFF fstp qword ptr ss:
005389FC .DD85 4CFEFFFF fld qword ptr ss:
00538A02 .DC45 CC fadd qword ptr ss:
00538A05 .DD5D CC fstp qword ptr ss:
00538A08 .DFE0 fstsw ax
00538A0A .A8 0D test al,0xD
00538A0C .0F85 5A080000 jnz GuitoJxc.0053926C
00538A12 .FF15 60134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;MSVBVM60.__vbaFreeStr
00538A18 .8D4D 84 lea ecx,dword ptr ss:
00538A1B .FFD7 call edi
00538A1D .66:B8 0300 mov ax,0x3
00538A21 .8D55 BC lea edx,dword ptr ss:
00538A24 .66:2B45 EC sub ax,word ptr ss:
00538A28 .8995 0CFFFFFF mov dword ptr ss:,edx
00538A2E .8D95 04FFFFFF lea edx,dword ptr ss:
00538A34 .C785 04FFFFFF>mov dword ptr ss:,0x4008
00538A3E .0F80 2D080000 jo GuitoJxc.00539271
00538A44 .0FBFC8 movsx ecx,ax
00538A47 .51 push ecx
00538A48 .8D45 84 lea eax,dword ptr ss:
00538A4B .52 push edx
00538A4C .50 push eax
00538A4D .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
00538A53 .8D4D 84 lea ecx,dword ptr ss:
00538A56 .51 push ecx
00538A57 .FFD3 call ebx
00538A59 .8BD0 mov edx,eax
00538A5B .8D4D BC lea ecx,dword ptr ss:
00538A5E .FFD6 call esi
00538A60 .8D4D 84 lea ecx,dword ptr ss:
00538A63 .FFD7 call edi
00538A65 .B8 01000000 mov eax,0x1
00538A6A .66:0345 EC add ax,word ptr ss:
00538A6E .0F80 FD070000 jo GuitoJxc.00539271
00538A74 .8945 EC mov dword ptr ss:,eax
00538A77 .33C9 xor ecx,ecx
00538A79 .^ E9 14FFFFFF jmp GuitoJxc.00538992
00538A7E >DD45 CC fld qword ptr ss:
00538A81 .DC0D D8204000 fmul qword ptr ds:
00538A87 .8B55 08 mov edx,dword ptr ss:
00538A8A .894D C4 mov dword ptr ss:,ecx
00538A8D .894D C8 mov dword ptr ss:,ecx
00538A90 .DD5D CC fstp qword ptr ss:
00538A93 .DFE0 fstsw ax
00538A95 .A8 0D test al,0xD
00538A97 .0F85 CF070000 jnz GuitoJxc.0053926C
00538A9D .8B02 mov eax,dword ptr ds:
00538A9F .50 push eax
00538AA0 .68 E06D4400 push GuitoJxc.00446DE0 ; /String = "0"
00538AA5 .FF15 60104000 call dword ptr ds:[<&MSVBVM60.__vbaStrCa>; \__vbaStrCat
00538AAB .8BD0 mov edx,eax
00538AAD .8D4D BC lea ecx,dword ptr ss:
00538AB0 .FFD6 call esi
00538AB2 .8B4D 08 mov ecx,dword ptr ss:
00538AB5 .8B11 mov edx,dword ptr ds:
00538AB7 .52 push edx ; /String
00538AB8 .FF15 30104000 call dword ptr ds:[<&MSVBVM60.__vbaLenBs>; \__vbaLenBstr
00538ABE .8BC8 mov ecx,eax
00538AC0 .FF15 88114000 call dword ptr ds:[<&MSVBVM60.__vbaI2I4>>;MSVBVM60.__vbaI2I4
00538AC6 .8985 74FEFFFF mov dword ptr ss:,eax
00538ACC C745 EC 01000>mov dword ptr ss:,0x1
00538AD3 >66:8B85 74FEF>mov ax,word ptr ss:
00538ADA .66:3945 EC cmp word ptr ss:,ax
00538ADE 0F8F E2000000 jg GuitoJxc.00538BC6
00538AE4 .8D95 04FFFFFF lea edx,dword ptr ss:
00538AEA .6A 01 push 0x1
00538AEC .8D45 84 lea eax,dword ptr ss:
00538AEF .8D4D BC lea ecx,dword ptr ss:
00538AF2 .52 push edx
00538AF3 .50 push eax
00538AF4 .898D 0CFFFFFF mov dword ptr ss:,ecx
00538AFA .C785 04FFFFFF>mov dword ptr ss:,0x4008
00538B04 .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
00538B0A .8D4D 84 lea ecx,dword ptr ss:
00538B0D .8D55 98 lea edx,dword ptr ss:
00538B10 .51 push ecx ; /String8
00538B11 .52 push edx ; |ARG2
00538B12 .FF15 34124000 call dword ptr ds:[<&MSVBVM60.__vbaStrVa>; \__vbaStrVarVal
00538B18 .50 push eax ; /String
00538B19 .FF15 4C104000 call dword ptr ds:[<&MSVBVM60.#516>] ; \rtcAnsiValueBstr
00538B1F .8BC8 mov ecx,eax
00538B21 .FF15 5C104000 call dword ptr ds:[<&MSVBVM60.__vbaI2Abs>;MSVBVM60.__vbaI2Abs
00538B27 .0FBFC0 movsx eax,ax
00538B2A .8985 48FEFFFF mov dword ptr ss:,eax
00538B30 .8D4D 98 lea ecx,dword ptr ss:
00538B33 .DB85 48FEFFFF fild dword ptr ss:
00538B39 .DD9D 40FEFFFF fstp qword ptr ss:
00538B3F .DD85 40FEFFFF fld qword ptr ss:
00538B45 .DC45 C4 fadd qword ptr ss:
00538B48 .DD5D C4 fstp qword ptr ss:
00538B4B .DFE0 fstsw ax
00538B4D .A8 0D test al,0xD
00538B4F .0F85 17070000 jnz GuitoJxc.0053926C
00538B55 .FF15 60134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;MSVBVM60.__vbaFreeStr
00538B5B .8D4D 84 lea ecx,dword ptr ss:
00538B5E .FFD7 call edi
00538B60 .8B55 08 mov edx,dword ptr ss:
00538B63 .8D4D BC lea ecx,dword ptr ss:
00538B66 .898D 0CFFFFFF mov dword ptr ss:,ecx
00538B6C .C785 04FFFFFF>mov dword ptr ss:,0x4008
00538B76 .8B02 mov eax,dword ptr ds:
00538B78 .50 push eax ; /String
00538B79 .FF15 30104000 call dword ptr ds:[<&MSVBVM60.__vbaLenBs>; \__vbaLenBstr
00538B7F .0FBF4D EC movsx ecx,word ptr ss:
00538B83 .2BC1 sub eax,ecx
00538B85 .8D95 04FFFFFF lea edx,dword ptr ss:
00538B8B .0F80 E0060000 jo GuitoJxc.00539271
00538B91 .50 push eax
00538B92 .8D45 84 lea eax,dword ptr ss:
00538B95 .52 push edx
00538B96 .50 push eax
00538B97 .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
00538B9D .8D4D 84 lea ecx,dword ptr ss:
00538BA0 .51 push ecx
00538BA1 .FFD3 call ebx
00538BA3 .8BD0 mov edx,eax
00538BA5 .8D4D BC lea ecx,dword ptr ss:
00538BA8 .FFD6 call esi
00538BAA .8D4D 84 lea ecx,dword ptr ss:
00538BAD .FFD7 call edi
00538BAF .B8 01000000 mov eax,0x1
00538BB4 .66:0345 EC add ax,word ptr ss:
00538BB8 .0F80 B3060000 jo GuitoJxc.00539271
00538BBE .8945 EC mov dword ptr ss:,eax
00538BC1 .^ E9 0DFFFFFF jmp GuitoJxc.00538AD3
00538BC6 >DD45 CC fld qword ptr ss:
00538BC9 .DC45 D8 fadd qword ptr ss:
00538BCC .DC45 C4 fadd qword ptr ss:
00538BCF .DC25 D0204000 fsub qword ptr ds:
00538BD5 .833D 00408F00>cmp dword ptr ds:,0x0
00538BDC .75 08 jnz XGuitoJxc.00538BE6
00538BDE .DC35 C8204000 fdiv qword ptr ds:
00538BE4 .EB 11 jmp XGuitoJxc.00538BF7
00538BE6 >FF35 CC204000 push dword ptr ds:
00538BEC .FF35 C8204000 push dword ptr ds:
00538BF2 .E8 AD9CEDFF call <jmp.&MSVBVM60._adj_fdiv_m64>
00538BF7 >DFE0 fstsw ax
00538BF9 .A8 0D test al,0xD
00538BFB .0F85 6B060000 jnz GuitoJxc.0053926C
00538C01 .FF15 1C114000 call dword ptr ds:[<&MSVBVM60.__vbaFPFix>;MSVBVM60.__vbaFPFix
00538C07 .DD9D 38FEFFFF fstp qword ptr ss:
00538C0D .DD45 C4 fld qword ptr ss:
00538C10 .DC65 CC fsub qword ptr ss:
00538C13 .833D 00408F00>cmp dword ptr ds:,0x0
00538C1A .75 08 jnz XGuitoJxc.00538C24
00538C1C .DC35 C0204000 fdiv qword ptr ds:
00538C22 .EB 11 jmp XGuitoJxc.00538C35
00538C24 >FF35 C4204000 push dword ptr ds:
00538C2A .FF35 C0204000 push dword ptr ds:
00538C30 .E8 6F9CEDFF call <jmp.&MSVBVM60._adj_fdiv_m64>
00538C35 >DFE0 fstsw ax
00538C37 .A8 0D test al,0xD
00538C39 .0F85 2D060000 jnz GuitoJxc.0053926C
00538C3F .FF15 1C114000 call dword ptr ds:[<&MSVBVM60.__vbaFPFix>;MSVBVM60.__vbaFPFix
00538C45 .DC85 38FEFFFF fadd qword ptr ss:
00538C4B >DD5D E4 fstp qword ptr ss:
00538C4E .DFE0 fstsw ax
00538C50 .A8 0D test al,0xD
00538C52 .0F85 14060000 jnz GuitoJxc.0053926C
00538C58 .8B55 E8 mov edx,dword ptr ss:
00538C5B .8B45 E4 mov eax,dword ptr ss:
00538C5E .52 push edx
00538C5F .50 push eax
00538C60 .FF15 B4114000 call dword ptr ds:[<&MSVBVM60.__vbaStrR8>;MSVBVM60.__vbaStrR8
00538C66 .8BD0 mov edx,eax
00538C68 .8D4D BC lea ecx,dword ptr ss:
00538C6B .FFD6 call esi
00538C6D .8B4D BC mov ecx,dword ptr ss:
00538C70 .51 push ecx ; /String
00538C71 .FF15 30104000 call dword ptr ds:[<&MSVBVM60.__vbaLenBs>; \__vbaLenBstr
00538C77 .83F8 04 cmp eax,0x4
00538C7A .7D 0E jge XGuitoJxc.00538C8A
00538C7C .DD45 D8 fld qword ptr ss:
00538C7F .DC45 E4 fadd qword ptr ss:
00538C82 .DC05 B8204000 fadd qword ptr ds:
00538C88 .^ EB C1 jmp XGuitoJxc.00538C4B
00538C8A >8B4D BC mov ecx,dword ptr ss:
00538C8D .51 push ecx ; /String
00538C8E .FF15 30104000 call dword ptr ds:[<&MSVBVM60.__vbaLenBs>; \__vbaLenBstr
00538C94 .83F8 05 cmp eax,0x5
00538C97 7E 38 jle XGuitoJxc.00538CD1
00538C99 .8D85 04FFFFFF lea eax,dword ptr ss:
00538C9F .6A 05 push 0x5
00538CA1 .8D4D 84 lea ecx,dword ptr ss:
00538CA4 .8D55 BC lea edx,dword ptr ss:
00538CA7 .50 push eax
00538CA8 .51 push ecx
00538CA9 .8995 0CFFFFFF mov dword ptr ss:,edx
00538CAF .C785 04FFFFFF>mov dword ptr ss:,0x4008
00538CB9 .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
00538CBF .8D55 84 lea edx,dword ptr ss:
00538CC2 .52 push edx
00538CC3 .FFD3 call ebx
00538CC5 .8BD0 mov edx,eax
00538CC7 .8D4D BC lea ecx,dword ptr ss:
00538CCA .FFD6 call esi
00538CCC .8D4D 84 lea ecx,dword ptr ss:
00538CCF .FFD7 call edi
00538CD1 >8D8D 04FFFFFF lea ecx,dword ptr ss:
00538CD7 .6A 03 push 0x3
00538CD9 .8D55 84 lea edx,dword ptr ss:
00538CDC .8D45 BC lea eax,dword ptr ss:
00538CDF .51 push ecx
00538CE0 .52 push edx
00538CE1 .8985 0CFFFFFF mov dword ptr ss:,eax
00538CE7 .C785 04FFFFFF>mov dword ptr ss:,0x4008
00538CF1 .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
00538CF7 .8D45 84 lea eax,dword ptr ss:
00538CFA .50 push eax
00538CFB .FFD3 call ebx
00538CFD .8BD0 mov edx,eax
00538CFF .8D4D D4 lea ecx,dword ptr ss:
00538D02 .FFD6 call esi
00538D04 .8D4D 84 lea ecx,dword ptr ss:
00538D07 .FFD7 call edi
00538D09 .8B4D D4 mov ecx,dword ptr ss:
00538D0C .6A 00 push 0x0
00538D0E .6A FF push -0x1
00538D10 .6A 01 push 0x1
00538D12 .68 DC884400 push GuitoJxc.004488DC
00538D17 .68 E06D4400 push GuitoJxc.00446DE0
00538D1C .51 push ecx
00538D1D .FF15 F8114000 call dword ptr ds:[<&MSVBVM60.#712>] ;MSVBVM60.rtcReplace
00538D23 .8BD0 mov edx,eax
00538D25 .8D4D D4 lea ecx,dword ptr ss:
00538D28 .FFD6 call esi
00538D2A >DD45 C4 fld qword ptr ss:
00538D2D .DC1D B0204000 fcomp qword ptr ds:
00538D33 .DFE0 fstsw ax
00538D35 .F6C4 41 test ah,0x41
00538D38 .75 3A jnz XGuitoJxc.00538D74
00538D3A .DD45 C4 fld qword ptr ss:
00538D3D .833D 00408F00>cmp dword ptr ds:,0x0
00538D44 .75 08 jnz XGuitoJxc.00538D4E
00538D46 .DC35 D8204000 fdiv qword ptr ds:
00538D4C .EB 11 jmp XGuitoJxc.00538D5F
00538D4E >FF35 DC204000 push dword ptr ds:
00538D54 .FF35 D8204000 push dword ptr ds:
00538D5A .E8 459BEDFF call <jmp.&MSVBVM60._adj_fdiv_m64>
00538D5F >DFE0 fstsw ax
00538D61 .A8 0D test al,0xD
00538D63 .0F85 03050000 jnz GuitoJxc.0053926C
00538D69 .FF15 1C114000 call dword ptr ds:[<&MSVBVM60.__vbaFPFix>;MSVBVM60.__vbaFPFix
00538D6F .DD5D C4 fstp qword ptr ss:
00538D72 .^ EB B6 jmp XGuitoJxc.00538D2A
00538D74 >DD45 CC fld qword ptr ss:
00538D77 .DC1D A8204000 fcomp qword ptr ds:
00538D7D .DFE0 fstsw ax
00538D7F .F6C4 41 test ah,0x41
00538D82 75 3A jnz XGuitoJxc.00538DBE
00538D84 .DD45 CC fld qword ptr ss:
00538D87 .833D 00408F00>cmp dword ptr ds:,0x0
00538D8E .75 08 jnz XGuitoJxc.00538D98
00538D90 .DC35 A0204000 fdiv qword ptr ds:
00538D96 .EB 11 jmp XGuitoJxc.00538DA9
00538D98 >FF35 A4204000 push dword ptr ds:
00538D9E .FF35 A0204000 push dword ptr ds:
00538DA4 .E8 FB9AEDFF call <jmp.&MSVBVM60._adj_fdiv_m64>
00538DA9 >DFE0 fstsw ax
00538DAB .A8 0D test al,0xD
00538DAD .0F85 B9040000 jnz GuitoJxc.0053926C
00538DB3 .FF15 1C114000 call dword ptr ds:[<&MSVBVM60.__vbaFPFix>;MSVBVM60.__vbaFPFix
00538DB9 .DD5D CC fstp qword ptr ss:
00538DBC .^ EB B6 jmp XGuitoJxc.00538D74
00538DBE >DD45 C4 fld qword ptr ss:
00538DC1 .DC4D CC fmul qword ptr ss:
00538DC4 >DD5D E4 fstp qword ptr ss:
00538DC7 .DFE0 fstsw ax
00538DC9 .A8 0D test al,0xD
00538DCB .0F85 9B040000 jnz GuitoJxc.0053926C
00538DD1 .DD45 E4 fld qword ptr ss:
00538DD4 .DC1D A8204000 fcomp qword ptr ds:
00538DDA .DFE0 fstsw ax
00538DDC .F6C4 01 test ah,0x1
00538DDF 74 0D je XGuitoJxc.00538DEE
00538DE1 .DD45 E4 fld qword ptr ss:
00538DE4 .DC05 98204000 fadd qword ptr ds:
00538DEA .DCC0 fadd st,st
00538DEC .^ EB D6 jmp XGuitoJxc.00538DC4
00538DEE >8B7D E8 mov edi,dword ptr ss:
00538DF1 .8B55 E4 mov edx,dword ptr ss:
00538DF4 .57 push edi
00538DF5 .52 push edx
00538DF6 .FF15 B4114000 call dword ptr ds:[<&MSVBVM60.__vbaStrR8>;MSVBVM60.__vbaStrR8
00538DFC .8945 8C mov dword ptr ss:,eax
00538DFF .8D45 84 lea eax,dword ptr ss:
00538E02 .6A 02 push 0x2
00538E04 .8D8D 74FFFFFF lea ecx,dword ptr ss:
00538E0A .50 push eax
00538E0B .51 push ecx
00538E0C .C745 84 08000>mov dword ptr ss:,0x8
00538E13 .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
00538E19 .8B45 E4 mov eax,dword ptr ss:
00538E1C .8B55 BC mov edx,dword ptr ss:
00538E1F .57 push edi
00538E20 .50 push eax
00538E21 .8995 0CFFFFFF mov dword ptr ss:,edx
00538E27 .C785 04FFFFFF>mov dword ptr ss:,0x8
00538E31 .FF15 B4114000 call dword ptr ds:[<&MSVBVM60.__vbaStrR8>;MSVBVM60.__vbaStrR8
00538E37 .8D8D 54FFFFFF lea ecx,dword ptr ss:
00538E3D .6A 02 push 0x2
00538E3F .8D95 44FFFFFF lea edx,dword ptr ss:
00538E45 .51 push ecx
00538E46 .52 push edx
00538E47 .8985 5CFFFFFF mov dword ptr ss:,eax
00538E4D .C785 54FFFFFF>mov dword ptr ss:,0x8
00538E57 .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
00538E5D .8B3D CC124000 mov edi,dword ptr ds:[<&MSVBVM60.__vbaVa>;MSVBVM60.__vbaVarAdd
00538E63 .8D85 74FFFFFF lea eax,dword ptr ss:
00538E69 .8D8D 04FFFFFF lea ecx,dword ptr ss:
00538E6F .50 push eax ; /var18
00538E70 .8D95 64FFFFFF lea edx,dword ptr ss: ; |
00538E76 .51 push ecx ; |var28
00538E77 .52 push edx ; |saveto8
00538E78 .FFD7 call edi ; \__vbaVarAdd
00538E7A .50 push eax ; /var18
00538E7B .8D85 44FFFFFF lea eax,dword ptr ss: ; |
00538E81 .8D8D 34FFFFFF lea ecx,dword ptr ss: ; |
00538E87 .50 push eax ; |var28
00538E88 .51 push ecx ; |saveto8
00538E89 .FFD7 call edi ; \__vbaVarAdd
00538E8B .50 push eax
00538E8C .FFD3 call ebx
00538E8E .8BD0 mov edx,eax
00538E90 .8D4D BC lea ecx,dword ptr ss:
00538E93 .FFD6 call esi
00538E95 .8D95 34FFFFFF lea edx,dword ptr ss:
00538E9B .8D85 44FFFFFF lea eax,dword ptr ss:
00538EA1 .52 push edx
00538EA2 .8D8D 64FFFFFF lea ecx,dword ptr ss:
00538EA8 .50 push eax
00538EA9 .8D95 54FFFFFF lea edx,dword ptr ss:
00538EAF .51 push ecx
00538EB0 .8D85 74FFFFFF lea eax,dword ptr ss:
00538EB6 .52 push edx
00538EB7 .8D4D 84 lea ecx,dword ptr ss:
00538EBA .50 push eax
00538EBB .51 push ecx
00538EBC .6A 06 push 0x6
00538EBE .FF15 40104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;MSVBVM60.__vbaFreeVarList
00538EC4 .83C4 1C add esp,0x1C
00538EC7 .8D85 04FFFFFF lea eax,dword ptr ss:
00538ECD .8D4D 84 lea ecx,dword ptr ss:
00538ED0 .8D55 BC lea edx,dword ptr ss:
00538ED3 .6A 01 push 0x1
00538ED5 .50 push eax
00538ED6 .51 push ecx
00538ED7 .8995 0CFFFFFF mov dword ptr ss:,edx
00538EDD .C785 04FFFFFF>mov dword ptr ss:,0x4008
00538EE7 .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
00538EED .8D55 84 lea edx,dword ptr ss:
00538EF0 .8D45 98 lea eax,dword ptr ss:
00538EF3 .52 push edx ; /String8
00538EF4 .50 push eax ; |ARG2
00538EF5 .FF15 34124000 call dword ptr ds:[<&MSVBVM60.__vbaStrVa>; \__vbaStrVarVal
00538EFB .50 push eax
00538EFC .FF15 64134000 call dword ptr ds:[<&MSVBVM60.#581>] ;MSVBVM60.rtcR8ValFromBstr
00538F02 .DD9D A4FEFFFF fstp qword ptr ss:
00538F08 .8D4D BC lea ecx,dword ptr ss:
00538F0B .898D FCFEFFFF mov dword ptr ss:,ecx
00538F11 .8D95 F4FEFFFF lea edx,dword ptr ss:
00538F17 .6A 01 push 0x1
00538F19 .8D85 74FFFFFF lea eax,dword ptr ss:
00538F1F .52 push edx
00538F20 .50 push eax
00538F21 .C785 F4FEFFFF>mov dword ptr ss:,0x4008
00538F2B .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
00538F31 .8D8D 74FFFFFF lea ecx,dword ptr ss:
00538F37 .8D55 94 lea edx,dword ptr ss:
00538F3A .51 push ecx ; /String8
00538F3B .52 push edx ; |ARG2
00538F3C .FF15 34124000 call dword ptr ds:[<&MSVBVM60.__vbaStrVa>; \__vbaStrVarVal
00538F42 .50 push eax
00538F43 .FF15 64134000 call dword ptr ds:[<&MSVBVM60.#581>] ;MSVBVM60.rtcR8ValFromBstr
00538F49 .DD9D 9CFEFFFF fstp qword ptr ss:
00538F4F .DD85 9CFEFFFF fld qword ptr ss:
00538F55 .DC05 90204000 fadd qword ptr ds:
00538F5B .83EC 08 sub esp,0x8
00538F5E .C785 5CFFFFFF>mov dword ptr ss:,0x8
00538F68 .C785 54FFFFFF>mov dword ptr ss:,0x2
00538F72 .DFE0 fstsw ax
00538F74 .A8 0D test al,0xD
00538F76 .0F85 F0020000 jnz GuitoJxc.0053926C
00538F7C .DD1C24 fstp qword ptr ss:
00538F7F .FF15 B4114000 call dword ptr ds:[<&MSVBVM60.__vbaStrR8>;MSVBVM60.__vbaStrR8
00538F85 .DD85 A4FEFFFF fld qword ptr ss:
00538F8B .8985 6CFFFFFF mov dword ptr ss:,eax
00538F91 .C785 64FFFFFF>mov dword ptr ss:,0x8
00538F9B .FF15 28114000 call dword ptr ds:[<&MSVBVM60.__vbaFpR8>>;MSVBVM60.__vbaFpR8
00538FA1 .DC1D 88204000 fcomp qword ptr ds:
00538FA7 .DFE0 fstsw ax
00538FA9 .F6C4 01 test ah,0x1
00538FAC 74 07 je XGuitoJxc.00538FB5
00538FAE .B8 01000000 mov eax,0x1
00538FB3 EB 02 jmp XGuitoJxc.00538FB7 ;1
00538FB5 >33C0 xor eax,eax
00538FB7 >F7D8 neg eax
00538FB9 .66:8985 ECFEF>mov word ptr ss:,ax
00538FC0 .8D85 54FFFFFF lea eax,dword ptr ss:
00538FC6 .8D8D 64FFFFFF lea ecx,dword ptr ss:
00538FCC .50 push eax
00538FCD .8D95 E4FEFFFF lea edx,dword ptr ss:
00538FD3 .51 push ecx
00538FD4 .8D85 44FFFFFF lea eax,dword ptr ss:
00538FDA .52 push edx
00538FDB .50 push eax
00538FDC .C785 E4FEFFFF>mov dword ptr ss:,0xB
00538FE6 .FF15 88124000 call dword ptr ds:[<&MSVBVM60.#681>] ;MSVBVM60.rtcImmediateIf
00538FEC .8B45 BC mov eax,dword ptr ss:
00538FEF .8B4D D4 mov ecx,dword ptr ss:
00538FF2 .8D55 BC lea edx,dword ptr ss:
00538FF5 .50 push eax ; /String
00538FF6 .898D CCFEFFFF mov dword ptr ss:,ecx ; |
00538FFC .C785 C4FEFFFF>mov dword ptr ss:,0x8 ; |
00539006 .8995 BCFEFFFF mov dword ptr ss:,edx ; |
0053900C .C785 B4FEFFFF>mov dword ptr ss:,0x4008 ; |
00539016 .FF15 30104000 call dword ptr ds:[<&MSVBVM60.__vbaLenBs>; \__vbaLenBstr
0053901C .83E8 01 sub eax,0x1
0053901F .8D8D B4FEFFFF lea ecx,dword ptr ss:
00539025 .0F80 46020000 jo GuitoJxc.00539271
0053902B .50 push eax
0053902C .8D95 24FFFFFF lea edx,dword ptr ss:
00539032 .51 push ecx
00539033 .52 push edx
00539034 .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
0053903A .8D85 44FFFFFF lea eax,dword ptr ss:
00539040 .8D8D C4FEFFFF lea ecx,dword ptr ss:
00539046 .50 push eax
00539047 .8D95 34FFFFFF lea edx,dword ptr ss:
0053904D .51 push ecx
0053904E .52 push edx
0053904F .FFD7 call edi
00539051 .50 push eax
00539052 .8D85 24FFFFFF lea eax,dword ptr ss:
00539058 .8D8D 14FFFFFF lea ecx,dword ptr ss:
0053905E .50 push eax
0053905F .51 push ecx
00539060 .FFD7 call edi
00539062 .50 push eax
00539063 .FFD3 call ebx
00539065 .8BD0 mov edx,eax
00539067 .8D4D BC lea ecx,dword ptr ss:
0053906A .FFD6 call esi
0053906C .8D55 94 lea edx,dword ptr ss:
0053906F .8D45 98 lea eax,dword ptr ss:
00539072 .52 push edx
00539073 .50 push eax
00539074 .6A 02 push 0x2
00539076 .FF15 90124000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;MSVBVM60.__vbaFreeStrList
0053907C .8D8D 14FFFFFF lea ecx,dword ptr ss:
00539082 .8D95 24FFFFFF lea edx,dword ptr ss:
00539088 .51 push ecx
00539089 .8D85 34FFFFFF lea eax,dword ptr ss:
0053908F .52 push edx
00539090 .8D8D 44FFFFFF lea ecx,dword ptr ss:
00539096 .50 push eax
00539097 .8D95 54FFFFFF lea edx,dword ptr ss:
0053909D .51 push ecx
0053909E .8D85 64FFFFFF lea eax,dword ptr ss:
005390A4 .52 push edx
005390A5 .8D8D E4FEFFFF lea ecx,dword ptr ss:
005390AB .50 push eax
005390AC .8D95 74FFFFFF lea edx,dword ptr ss:
005390B2 .51 push ecx
005390B3 .8D45 84 lea eax,dword ptr ss:
005390B6 .52 push edx
005390B7 .50 push eax
005390B8 .6A 09 push 0x9
005390BA .FF15 40104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;MSVBVM60.__vbaFreeVarList
005390C0 .83C4 34 add esp,0x34
005390C3 .8D4D B8 lea ecx,dword ptr ss:
005390C6 .8D95 04FFFFFF lea edx,dword ptr ss:
005390CC .898D 0CFFFFFF mov dword ptr ss:,ecx
005390D2 .6A 01 push 0x1
005390D4 .C785 04FFFFFF>mov dword ptr ss:,0x4008
005390DE .52 push edx
005390DF .8D45 84 lea eax,dword ptr ss:
005390E2 .50 push eax
005390E3 .FF15 F0124000 call dword ptr ds:[<&MSVBVM60.#617>] ;MSVBVM60.rtcLeftCharVar
005390E9 .8B45 B8 mov eax,dword ptr ss:
005390EC .8B4D D4 mov ecx,dword ptr ss:
005390EF .8D55 B8 lea edx,dword ptr ss:
005390F2 .50 push eax ; /String
005390F3 .898D FCFEFFFF mov dword ptr ss:,ecx ; |
005390F9 .C785 F4FEFFFF>mov dword ptr ss:,0x8 ; |
00539103 .8995 ECFEFFFF mov dword ptr ss:,edx ; |
00539109 .C785 E4FEFFFF>mov dword ptr ss:,0x4008 ; |
00539113 .FF15 30104000 call dword ptr ds:[<&MSVBVM60.__vbaLenBs>; \__vbaLenBstr
00539119 .83E8 04 sub eax,0x4
0053911C .8D8D E4FEFFFF lea ecx,dword ptr ss:
00539122 .0F80 49010000 jo GuitoJxc.00539271
00539128 .50 push eax
00539129 .8D95 64FFFFFF lea edx,dword ptr ss:
0053912F .51 push ecx
00539130 .52 push edx
00539131 .FF15 14134000 call dword ptr ds:[<&MSVBVM60.#619>] ;MSVBVM60.rtcRightCharVar
00539137 .8D45 84 lea eax,dword ptr ss:
0053913A .8D8D F4FEFFFF lea ecx,dword ptr ss:
00539140 .50 push eax
00539141 .8D95 74FFFFFF lea edx,dword ptr ss:
00539147 .51 push ecx
00539148 .52 push edx
00539149 .FFD7 call edi
0053914B .50 push eax
0053914C .8D85 64FFFFFF lea eax,dword ptr ss:
00539152 .8D8D 54FFFFFF lea ecx,dword ptr ss:
00539158 .50 push eax
00539159 .51 push ecx
0053915A .FFD7 call edi
0053915C .50 push eax
0053915D .FFD3 call ebx
0053915F .8BD0 mov edx,eax
00539161 .8D4D B8 lea ecx,dword ptr ss:
00539164 .FFD6 call esi
00539166 .8D95 54FFFFFF lea edx,dword ptr ss:
0053916C .8D85 64FFFFFF lea eax,dword ptr ss:
00539172 .52 push edx
00539173 .8D8D 74FFFFFF lea ecx,dword ptr ss:
00539179 .50 push eax
0053917A .8D55 84 lea edx,dword ptr ss:
0053917D .51 push ecx
0053917E .52 push edx
0053917F .6A 04 push 0x4
00539181 .FF15 40104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;MSVBVM60.__vbaFreeVarList
00539187 .8B45 BC mov eax,dword ptr ss:
0053918A .8B4D B8 mov ecx,dword ptr ss:
0053918D .83C4 14 add esp,0x14
00539190 .50 push eax
00539191 .51 push ecx
00539192 .FF15 68114000 call dword ptr ds:[<&MSVBVM60.__vbaStrCm>;判断是否要显示名字
00539198 .85C0 test eax,eax ;eax必须等于0
0053919A 75 15 jnz XGuitoJxc.005391B1 ;不等既跳
0053919C .C745 E0 FFFFF>mov dword ptr ss:,-0x1
005391A3 .66:A3 8C408F0>mov word ptr ds:,ax
005391A9 .9B wait
005391AA .68 55925300 push GuitoJxc.00539255
005391AF .EB 71 jmp XGuitoJxc.00539222
005391B1 >8B45 AC mov eax,dword ptr ss:
005391B4 .8D50 0C lea edx,dword ptr ds:
005391B7 .8D48 08 lea ecx,dword ptr ds:
005391BA .52 push edx
005391BB .8D50 04 lea edx,dword ptr ds:
005391BE .51 push ecx
005391BF .52 push edx
005391C0 .50 push eax
005391C1 .E8 BA000000 call GuitoJxc.00539280
005391C6 .8945 E0 mov dword ptr ss:,eax
005391C9 .68 55925300 push GuitoJxc.00539255
005391CE .9B wait
005391CF .EB 51 jmp XGuitoJxc.00539222
005391D1 .8D45 94 lea eax,dword ptr ss:
005391D4 .8D4D 98 lea ecx,dword ptr ss:
005391D7 .50 push eax
005391D8 .51 push ecx
005391D9 .6A 02 push 0x2
005391DB .FF15 90124000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;MSVBVM60.__vbaFreeStrList
005391E1 .8D95 14FFFFFF lea edx,dword ptr ss:
005391E7 .8D85 24FFFFFF lea eax,dword ptr ss:
005391ED .52 push edx
005391EE .8D8D 34FFFFFF lea ecx,dword ptr ss:
005391F4 .50 push eax
005391F5 .8D95 44FFFFFF lea edx,dword ptr ss:
005391FB .51 push ecx
005391FC .8D85 54FFFFFF lea eax,dword ptr ss:
00539202 .52 push edx
00539203 .8D8D 64FFFFFF lea ecx,dword ptr ss:
00539209 .50 push eax
0053920A .8D95 74FFFFFF lea edx,dword ptr ss:
00539210 .51 push ecx
00539211 .8D45 84 lea eax,dword ptr ss:
00539214 .52 push edx
00539215 .50 push eax
00539216 .6A 08 push 0x8
00539218 .FF15 40104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;MSVBVM60.__vbaFreeVarList
0053921E .83C4 30 add esp,0x30
00539221 .C3 ret
00539222 >8B35 60134000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaFr>;MSVBVM60.__vbaFreeStr
00539228 .8D4D D4 lea ecx,dword ptr ss:
0053922B .FFD6 call esi ;<&MSVBVM60.__vbaFreeStr>
0053922D .8D4D C0 lea ecx,dword ptr ss:
00539230 .FFD6 call esi
00539232 .8D4D BC lea ecx,dword ptr ss:
00539235 .FFD6 call esi
00539237 .8D4D B8 lea ecx,dword ptr ss:
0053923A .FFD6 call esi
0053923C .8D95 ACFEFFFF lea edx,dword ptr ss:
00539242 .8D4D A0 lea ecx,dword ptr ss:
00539245 .52 push edx
00539246 .6A 00 push 0x0
00539248 .898D ACFEFFFF mov dword ptr ss:,ecx
0053924E .FF15 A4104000 call dword ptr ds:[<&MSVBVM60.__vbaAryDe>;MSVBVM60.__vbaAryDestruct
00539254 .C3 ret
00539255 .8B4D F0 mov ecx,dword ptr ss:
00539258 .66:8B45 E0 mov ax,word ptr ss:
0053925C .5F pop edi
0053925D .5E pop esi
0053925E .64:890D 00000>mov dword ptr fs:,ecx
00539265 .5B pop ebx
00539266 .8BE5 mov esp,ebp
00539268 .5D pop ebp
00539269 .C2 1000 ret 0x10
0053926C >^ E9 1B96EDFF jmp <jmp.&MSVBVM60.__vbaFPException>
00539271 >FF15 58124000 call dword ptr ds:[<&MSVBVM60.__vbaError>;MSVBVM60.__vbaErrorOverflow 感谢分享~~ 不错,看问题很准!! 呵呵,非常感谢. 这个软件有注册机么?
页:
[1]