能力值:
( LV2,RANK:10 )
|
-
-
2 楼
|
能力值:
( LV2,RANK:10 )
|
-
-
3 楼
我等回复这个帖子一天了 论坛里的帖子也不多 也不是看不过来
大虾们都懒得说句话吗 也不是非得让你们帮着分析 你们就是这样对待初学者的吗 寒~
|
能力值:
( LV2,RANK:10 )
|
-
-
4 楼
最初由 aiww 发布
我等回复这个帖子一天了 论坛里的帖子也不多 也不是看不过来
大虾们都懒得说句话吗 也不是非得让你们帮着分析 你们就是这样对待初学者的吗 寒~
其实用不着“寒”。你为啥非要问“外挂”的壳呢?如果是学习,可以从记事本开始的。
这个软体的壳不止一层,最外面是asprotect,虽然多层也比较容易对付,但是里面的壳来自一位斑竹,所以,嘿嘿;)
|
能力值:
( LV2,RANK:10 )
|
-
-
5 楼
FLY 说过 peid 查看 ASProtect 1.22 - 1.23 Beta 21 -> Alexey Solodovnikov 只能做为参照。你试试用 ASProtect 1.23 脱脱第一层壳看看
呵呵我也是初学者。
|
能力值:
( LV2,RANK:10 )
|
-
-
6 楼
to StudentII:
这个外挂已经很老了 而且是被别人破解过了后又加了壳
基本上没什么价值,拿它练脱壳有什么不方便的吗 是不是斑竹的壳有什么关系吗
另外能说说多层壳是怎么看出的吗?
|
能力值:
( LV9,RANK:3410 )
|
-
-
7 楼
最初由 aiww 发布
我等回复这个帖子一天了 论坛里的帖子也不多 也不是看不过来
大虾们都懒得说句话吗 也不是非得让你们帮着分析 你们就是这样对待初学者的吗 寒~
http://bbs.pediy.com/showthread.php?s=&threadid=769
我们欢迎这样的帖子:
当你遇到问题,并难以解答时,把遇到的详细情况写出来,我们大家集体解答。
当你小有成绩,并对自己的成果深有感触时,把你的心情写出来,我们大家一起分享快乐
当你完成一篇pj笔记(特别是第一篇)时,请你公布出来,我们大家共同进步
当你已经成为大虾,回顾菜鸟时代,酸甜苦辣,请你写一写,鼓舞一下还不能展翅翱翔的菜鸟的士气。
其中好的帖子我们还会列入精品。
我们不欢迎这样的帖子:
一上来就问**软件如何pj?**外挂的注册码是多少?这种人好*懒*,只会享用他人果实。
一上来就问怎么盗password,怎么盗QQ,怎么用Trojan。这种人品德不好,说严重点是道*败*。
一上来就用攻击他人的言语,这里严禁漫骂!!严禁相互攻击!!
这类帖子的命运将是――删。
|
能力值:
( LV2,RANK:10 )
|
-
-
8 楼
我虽然没有把遇到的情况详细的写出来
但也不是你说的 一上来就问**软件如何破解
|
能力值:
( LV9,RANK:3410 )
|
-
-
9 楼
只是建议发贴前看看 FAQ
使你的帖子能够有兄弟来看
上面帖子是引用FAQ中的内容
|
能力值:
( LV2,RANK:10 )
|
-
-
10 楼
最初由 aiww 发布
to StudentII:
这个外挂已经很老了 而且是被别人破解过了后又加了壳
基本上没什么价值,拿它练脱壳有什么不方便的吗 是不是斑竹的壳有什么关系吗
另外能说说多层壳是怎么看出的吗?
OD加载,15 次 shift+f9 后按alt+m,在484000段下f2,再shift+f9,asprotectj就走完了,来到第二层了:
|
能力值:
( LV9,RANK:2130 )
|
-
-
11 楼
最初由 StudentII 发布
其实用不着“寒”。你为啥非要问“外挂”的壳呢?如果是学习,可以从记事本开始的。
这个软体的壳不止一层,最外面是asprotect,虽然多层也比较容易对付,但是里面的壳来自一位斑竹,所以,嘿嘿;)
浪费一个ASPR,里面好像不是某斑竹的,只能说是一个吓唬我都阿菜的东东。哈哈!
|
能力值:
( LV2,RANK:10 )
|
-
-
12 楼
非常感谢 StudentII 大侠出手相助,其实我的本意能指点几句就够了,没想到你能脱掉一层
原来我都准备放弃这个壳 由于不得要领跟踪了近2天没什么收获
现在可以说又燃起来了我的信心,再有时间时候一定在你研究的基础上把它彻底脱了 再次感谢。最后对那些为人自以为是,技术上瞻前顾后的人我也想说一句你也只能风光一时而已。
|
能力值:
( LV2,RANK:10 )
|
-
-
13 楼
最初由 aiww 发布
非常感谢 StudentII 大侠出手相助,其实我的本意能指点几句就够了,没想到你能脱掉一层
原来我都准备放弃这个壳 由于不得要领跟踪了近2天没什么收获
现在可以说又燃起来了我的信心,再有时间时候一定在你研究的基础上把它彻底脱了 再次感谢。最后对那些为人自以为是,技术上瞻前顾后的人我也想说一句你也只能风光一时而已。
首先申明一下我是菜鸟,loveboom他们才是大侠一类。
感谢你的感谢,不过还请你注意提问的方式,人们没有义务马上回答你的问题,fly 版主是位热心人,大家多加理解。:)
最后纠正一下,里面那一层是D.Boy的幻影,用 fly的方法容易搞定。
|
能力值:
( LV9,RANK:3410 )
|
-
-
14 楼
最初由 aiww 发布
非常感谢 StudentII 大侠出手相助,其实我的本意能指点几句就够了,没想到你能脱掉一层
原来我都准备放弃这个壳 由于不得要领跟踪了近2天没什么收获
现在可以说又燃起来了我的信心,再有时间时候一定在你研究的基础上把它彻底脱了 再次感谢。最后对那些为人自以为是,技术上瞻前顾后的人我也想说一句你也只能风光一时而已。 算了,我也不想多说了
兄弟好自为之吧
|
能力值:
( LV9,RANK:2130 )
|
-
-
15 楼
晕了,看来我又可以找机会灌上一贴了:),自己没有多少墨水的话,就回去多喝点,不要说别人怎么怎么样。有道是:不教你是本份,教你是情份,不要得了便宜又卖乖:(.如你认为有什么不对,就当我是酒后醉话。我自己是要天天灌墨水,才勉强跟上大侠们,冲一下大菜鸟,要不连菜鸟都没我的份。
|
能力值:
![]()
(RANK:1060 )
|
-
-
16 楼
虽然不喜欢干这种事情,但是用F4断到VirtualProtect对你有好处.
|
能力值:
![]()
(RANK:1060 )
|
-
-
17 楼
0041D332 > $ 6A 60 PUSH 60
0041D334 . 68 60144400 PUSH 00441460
0041D339 . E8 36430000 CALL 00421674
0041D33E . BF 94000000 MOV EDI, 94
0041D343 . 8BC7 MOV EAX, EDI
0041D345 . E8 46FFFFFF CALL 0041D290
0041D34A . 8965 E8 MOV [EBP-18], ESP
0041D34D . 8BF4 MOV ESI, ESP
0041D34F . 893E MOV [ESI], EDI
0041D351 . 56 PUSH ESI
0041D352 FF DB FF
0041D353 . 15 C0A24380 ADC EAX, 8043A2C0
0041D358 . 8B4E 10 MOV ECX, [ESI+10]
0041D35B . 890D F0854600 MOV [4685F0], ECX
0041D361 . 8B46 04 MOV EAX, [ESI+4]
0041D364 . A3 FC854600 MOV [4685FC], EAX
0041D369 . 8B56 08 MOV EDX, [ESI+8]
OEP: 0001D332 IATRVA: 0003A000 IATSize: 000005BC
FThunk: 0003A000 NbFunc: 0000000A
1 0003A000 advapi32.dll 01E1 RegOpenKeyA
1 0003A004 advapi32.dll 01EC RegQueryValueExA
1 0003A008 advapi32.dll 01E2 RegOpenKeyExA
1 0003A00C advapi32.dll 01D0 RegDeleteKeyA
1 0003A010 advapi32.dll 01D5 RegEnumKeyA
1 0003A014 advapi32.dll 01EB RegQueryValueA
1 0003A018 advapi32.dll 01CD RegCreateKeyExA
1 0003A01C advapi32.dll 01F9 RegSetValueExA
1 0003A020 advapi32.dll 01D2 RegDeleteValueA
1 0003A024 advapi32.dll 01C9 RegCloseKey
FThunk: 0003A02C NbFunc: 00000002
1 0003A02C comctl32.dll 0011 InitCommonControls
1 0003A030 comctl32.dll 002D ImageList_Destroy
FThunk: 0003A038 NbFunc: 00000024
1 0003A038 gdi32.dll 01C0 GetViewportExtEx
1 0003A03C gdi32.dll 01C3 GetWindowExtEx
1 0003A040 gdi32.dll 01F2 PtVisible
1 0003A044 gdi32.dll 01F6 RectVisible
1 0003A048 gdi32.dll 024F TextOutA
1 0003A04C gdi32.dll 00DE ExtTextOutA
1 0003A050 gdi32.dll 00D5 Escape
1 0003A054 gdi32.dll 0240 SetViewportOrgEx
1 0003A058 gdi32.dll 01D6 OffsetViewportOrgEx
1 0003A05C gdi32.dll 023F SetViewportExtEx
1 0003A060 gdi32.dll 0209 ScaleViewportExtEx
1 0003A064 gdi32.dll 0243 SetWindowExtEx
1 0003A068 gdi32.dll 020A ScaleWindowExtEx
1 0003A06C gdi32.dll 00DD ExtSelectClipRgn
1 0003A070 gdi32.dll 01A6 GetStockObject
1 0003A074 gdi32.dll 0051 CreateSolidBrush
1 0003A078 gdi32.dll 018E GetMapMode
1 0003A07C gdi32.dll 014D GetBkColor
1 0003A080 gdi32.dll 01B0 GetTextColor
1 0003A084 gdi32.dll 01A5 GetRgnBox
1 0003A088 gdi32.dll 022C SetMapMode
1 0003A08C gdi32.dll 0201 RestoreDC
1 0003A090 gdi32.dll 0208 SaveDC
1 0003A094 gdi32.dll 020F SelectObject
1 0003A098 gdi32.dll 0090 DeleteObject
1 0003A09C gdi32.dll 01BD GetTextMetricsA
1 0003A0A0 gdi32.dll 0013 BitBlt
1 0003A0A4 gdi32.dll 002E CreateCompatibleDC
1 0003A0A8 gdi32.dll 0028 CreateBitmap
1 0003A0AC gdi32.dll 004D CreateRectRgnIndirect
1 0003A0B0 gdi32.dll 0196 GetObjectA
1 0003A0B4 gdi32.dll 0216 SetBkColor
1 0003A0B8 gdi32.dll 023D SetTextColor
1 0003A0BC gdi32.dll 008D DeleteDC
1 0003A0C0 gdi32.dll 016C GetDeviceCaps
1 0003A0C4 gdi32.dll 0161 GetClipBox
FThunk: 0003A0CC NbFunc: 00000083
1 0003A0CC kernel32.dll 01B7 GetSystemTimeAsFileTime
1 0003A0D0 kernel32.dll 01FC HeapAlloc
1 0003A0D4 kernel32.dll 01A6 GetStartupInfoA
1 0003A0D8 kernel32.dll 0103 GetCommandLineA
1 0003A0DC kernel32.dll 00B0 ExitProcess
1 0003A0E0 kernel32.dll 0290 RaiseException
1 0003A0E4 kernel32.dll 0206 HeapReAlloc
1 0003A0E8 kernel32.dll 0340 TerminateProcess
1 0003A0EC kernel32.dll 031B SetStdHandle
1 0003A0F0 kernel32.dll 0158 GetFileType
1 0003A0F4 kernel32.dll 0208 HeapSize
1 0003A0F8 kernel32.dll 01A9 GetStringTypeA
1 0003A0FC kernel32.dll 01AC GetStringTypeW
1 0003A100 kernel32.dll 0200 HeapDestroy
1 0003A104 kernel32.dll 01FE HeapCreate
1 0003A108 kernel32.dll 0367 VirtualFree
1 0003A10C kernel32.dll 0364 VirtualAlloc
1 0003A110 kernel32.dll 0221 IsBadWritePtr
1 0003A114 kernel32.dll 01CE GetTimeZoneInformation
1 0003A118 kernel32.dll 022D LCMapStringA
1 0003A11C kernel32.dll 022E LCMapStringW
1 0003A120 kernel32.dll 0202 HeapFree
1 0003A124 kernel32.dll 0351 UnhandledExceptionFilter
1 0003A128 kernel32.dll 00E8 FreeEnvironmentStringsA
1 0003A12C kernel32.dll 0147 GetEnvironmentStrings
1 0003A130 kernel32.dll 00E9 FreeEnvironmentStringsW
1 0003A134 kernel32.dll 0149 GetEnvironmentStringsW
1 0003A138 kernel32.dll 024E LockResource
1 0003A13C kernel32.dll 028B QueryPerformanceCounter
1 0003A140 kernel32.dll 0136 GetCurrentProcessId
1 0003A144 kernel32.dll 032C SetUnhandledExceptionFilter
1 0003A148 kernel32.dll 021E IsBadReadPtr
1 0003A14C kernel32.dll 021B IsBadCodePtr
1 0003A150 kernel32.dll 036A VirtualProtect
1 0003A154 kernel32.dll 01B2 GetSystemInfo
1 0003A158 kernel32.dll 036C VirtualQuery
1 0003A15C kernel32.dll 02F8 SetEnvironmentVariableA
1 0003A160 kernel32.dll 02BE RtlUnwind
1 0003A164 kernel32.dll 0157 GetFileTime
1 0003A168 kernel32.dll 0150 GetFileAttributesA
1 0003A16C kernel32.dll 00BC FileTimeToLocalFileTime
1 0003A170 kernel32.dll 02FA SetErrorMode
1 0003A174 kernel32.dll 00BD FileTimeToSystemTime
1 0003A178 kernel32.dll 0184 GetOEMCP
1 0003A17C kernel32.dll 00F7 GetCPInfo
1 0003A180 kernel32.dll 0346 TlsFree
1 0003A184 kernel32.dll 007B DeleteCriticalSection
1 0003A188 kernel32.dll 0248 LocalReAlloc
1 0003A18C kernel32.dll 0348 TlsSetValue
1 0003A190 kernel32.dll 0345 TlsAlloc
1 0003A194 kernel32.dll 020F InitializeCriticalSection
1 0003A198 kernel32.dll 0347 TlsGetValue
1 0003A19C kernel32.dll 0090 EnterCriticalSection
1 0003A1A0 kernel32.dll 01EE GlobalHandle
1 0003A1A4 kernel32.dll 01F2 GlobalReAlloc
1 0003A1A8 kernel32.dll 023A LeaveCriticalSection
1 0003A1AC kernel32.dll 0241 LocalAlloc
1 0003A1B0 kernel32.dll 0217 InterlockedIncrement
1 0003A1B4 kernel32.dll 01EA GlobalFlags
1 0003A1B8 kernel32.dll 018D GetPrivateProfileStringA
1 0003A1BC kernel32.dll 038A WritePrivateProfileStringA
1 0003A1C0 kernel32.dll 0213 InterlockedDecrement
1 0003A1C4 kernel32.dll 004E CreateFileA
1 0003A1C8 kernel32.dll 015B GetFullPathNameA
1 0003A1CC kernel32.dll 01D7 GetVolumeInformationA
1 0003A1D0 kernel32.dll 00CA FindFirstFileA
1 0003A1D4 kernel32.dll 00C6 FindClose
1 0003A1D8 kernel32.dll 0135 GetCurrentProcess
1 0003A1DC kernel32.dll 008D DuplicateHandle
1 0003A1E0 kernel32.dll 0155 GetFileSize
1 0003A1E4 kernel32.dll 02F7 SetEndOfFile
1 0003A1E8 kernel32.dll 0352 UnlockFile
1 0003A1EC kernel32.dll 024C LockFile
1 0003A1F0 kernel32.dll 00E0 FlushFileBuffers
1 0003A1F4 kernel32.dll 0300 SetFilePointer
1 0003A1F8 kernel32.dll 0385 WriteFile
1 0003A1FC kernel32.dll 029D ReadFile
1 0003A200 kernel32.dll 0137 GetCurrentThread
1 0003A204 kernel32.dll 016D GetModuleFileNameA
1 0003A208 kernel32.dll 003B ConvertDefaultLocale
1 0003A20C kernel32.dll 009B EnumResourceLanguagesA
1 0003A210 kernel32.dll 0138 GetCurrentThreadId
1 0003A214 kernel32.dll 01EC GlobalGetAtomNameA
1 0003A218 kernel32.dll 01E2 GlobalAddAtomA
1 0003A21C kernel32.dll 01E7 GlobalFindAtomA
1 0003A220 kernel32.dll 01E6 GlobalDeleteAtom
1 0003A224 kernel32.dll 039D lstrcat
1 0003A228 kernel32.dll 03A2 lstrcmpW
1 0003A22C kernel32.dll 016F GetModuleHandleA
1 0003A230 kernel32.dll 0162 GetLastError
1 0003A234 kernel32.dll 02B8 RestoreLastError
1 0003A238 kernel32.dll 025D MulDiv
1 0003A23C kernel32.dll 01E4 GlobalAlloc
1 0003A240 kernel32.dll 00E5 FormatMessageA
1 0003A244 kernel32.dll 03A9 lstrcpyn
1 0003A248 kernel32.dll 0245 LocalFree
1 0003A24C kernel32.dll 01EF GlobalLock
1 0003A250 kernel32.dll 01F6 GlobalUnlock
1 0003A254 kernel32.dll 01EB GlobalFree
1 0003A258 kernel32.dll 00EC FreeResource
1 0003A25C kernel32.dll 03A3 lstrcmpi
1 0003A260 kernel32.dll 0037 CompareStringW
1 0003A264 kernel32.dll 0036 CompareStringA
1 0003A268 kernel32.dll 01D4 GetVersion
1 0003A26C kernel32.dll 025E MultiByteToWideChar
1 0003A270 kernel32.dll 026E OpenProcess
1 0003A274 kernel32.dll 023B LoadLibraryA
1 0003A278 kernel32.dll 0191 GetProcAddress
1 0003A27C kernel32.dll 00EA FreeLibrary
1 0003A280 kernel32.dll 0187 GetPrivateProfileIntA
1 0003A284 kernel32.dll 03A0 lstrcmp
1 0003A288 kernel32.dll 01CB GetTickCount
1 0003A28C kernel32.dll 036B VirtualProtectEx
1 0003A290 kernel32.dll 038E WriteProcessMemory
1 0003A294 kernel32.dll 02A0 ReadProcessMemory
1 0003A298 kernel32.dll 03A6 lstrcpy
1 0003A29C kernel32.dll 03AC lstrlen
1 0003A2A0 kernel32.dll 0030 CloseHandle
1 0003A2A4 kernel32.dll 001B Beep
1 0003A2A8 kernel32.dll 0338 Sleep
1 0003A2AC kernel32.dll 0378 WideCharToMultiByte
1 0003A2B0 kernel32.dll 00D9 FindResourceA
1 0003A2B4 kernel32.dll 0240 LoadResource
1 0003A2B8 kernel32.dll 024E LockResource
1 0003A2BC kernel32.dll 0337 SizeofResource
1 0003A2C0 kernel32.dll 01D5 GetVersionExA
1 0003A2C4 kernel32.dll 01C6 GetThreadLocale
1 0003A2C8 kernel32.dll 0165 GetLocaleInfoA
1 0003A2CC kernel32.dll 00F0 GetACP
1 0003A2D0 kernel32.dll 01A8 GetStdHandle
1 0003A2D4 kernel32.dll 0214 InterlockedExchange
FThunk: 0003A2DC NbFunc: 00000002
1 0003A2DC oleacc.dll 0014 LresultFromObject
1 0003A2E0 oleacc.dll 0007 CreateStdAccessibleObject
FThunk: 0003A2E8 NbFunc: 0000000C
1 0003A2E8 oleaut32.dll 0009 VariantClear
1 0003A2EC oleaut32.dll 0008 VariantInit
1 0003A2F0 oleaut32.dll 0004 SysAllocStringLen
1 0003A2F4 oleaut32.dll 0006 SysFreeString
1 0003A2F8 oleaut32.dll 0007 SysStringLen
1 0003A2FC oleaut32.dll 0096 SysAllocStringByteLen
1 0003A300 oleaut32.dll 000A VariantCopy
1 0003A304 oleaut32.dll 0010 SafeArrayDestroy
1 0003A308 oleaut32.dll 00B8 SystemTimeToVariantTime
1 0003A30C oleaut32.dll 0002 SysAllocString
1 0003A310 oleaut32.dll 01A4 OleCreateFontIndirect
1 0003A314 oleaut32.dll 000C VariantChangeType
FThunk: 0003A31C NbFunc: 00000004
1 0003A31C shlwapi.dll 024D PathFindFileNameA
1 0003A320 shlwapi.dll 0299 PathStripToRootA
1 0003A324 shlwapi.dll 024B PathFindExtensionA
1 0003A328 shlwapi.dll 0271 PathIsUNCA
FThunk: 0003A330 NbFunc: 00000083
1 0003A330 user32.dll 021B RegisterClipboardFormatA
1 0003A334 user32.dll 0203 PostThreadMessageA
1 0003A338 user32.dll 0293 ShowWindow
1 0003A33C user32.dll 01EA MoveWindow
1 0003A340 user32.dll 0287 SetWindowTextA
1 0003A344 user32.dll 01A1 IsDialogMessage
1 0003A348 user32.dll 022B ReleaseDC
1 0003A34C user32.dll 010D GetDC
1 0003A350 user32.dll 021B RegisterClipboardFormatA
1 0003A354 user32.dll 02D3 WinHelpA
1 0003A358 user32.dll 00F4 GetCapture
1 0003A35C user32.dll 0061 CreateWindowExA
1 0003A360 user32.dll 028B SetWindowsHookExA
1 0003A364 user32.dll 001B CallNextHookEx
1 0003A368 user32.dll 00FB GetClassLongA
1 0003A36C user32.dll 00F8 GetClassInfoExA
1 0003A370 user32.dll 00FD GetClassNameA
1 0003A374 user32.dll 026B SetPropA
1 0003A378 user32.dll 014B GetPropA
1 0003A37C user32.dll 022D RemovePropA
1 0003A380 user32.dll 0237 SendDlgItemMessageA
1 0003A384 user32.dll 0117 GetFocus
1 0003A388 user32.dll 019F IsChild
1 0003A38C user32.dll 0179 GetWindowTextLengthA
1 0003A390 user32.dll 0178 GetWindowTextA
1 0003A394 user32.dll 0129 GetLastActivePopup
1 0003A398 user32.dll 00A2 DispatchMessageA
1 0003A39C user32.dll 0164 GetTopWindow
1 0003A3A0 user32.dll 02AF UnhookWindowsHookEx
1 0003A3A4 user32.dll 013E GetMessageTime
1 0003A3A8 user32.dll 013D GetMessagePos
1 0003A3AC user32.dll 01BC LoadIconA
1 0003A3B0 user32.dll 01FE PeekMessageA
1 0003A3B4 user32.dll 01D8 MapWindowPoints
1 0003A3B8 user32.dll 0122 GetKeyState
1 0003A3BC user32.dll 0258 SetForegroundWindow
1 0003A3C0 user32.dll 01B0 IsWindowVisible
1 0003A3C4 user32.dll 02BC UpdateWindow
1 0003A3C8 user32.dll 0195 InvalidateRgn
1 0003A3CC user32.dll 0200 PostMessageA
1 0003A3D0 user32.dll 015B GetSysColor
1 0003A3D4 user32.dll 0003 AdjustWindowRectEx
1 0003A3D8 user32.dll 0232 ScreenToClient
1 0003A3DC user32.dll 00F7 GetClassInfoA
1 0003A3E0 user32.dll 0217 RegisterClassA
1 0003A3E4 user32.dll 02B4 UnregisterClassA
1 0003A3E8 user32.dll 0111 GetDlgCtrlID
1 0003A3EC user32.dll 008F DefWindowProcA
1 0003A3F0 user32.dll 001C CallWindowProcA
1 0003A3F4 user32.dll 01F3 OffsetRect
1 0003A3F8 user32.dll 0193 IntersectRect
1 0003A3FC user32.dll 029A SystemParametersInfoA
1 0003A400 user32.dll 0174 GetWindowPlacement
1 0003A404 user32.dll 004B CopyRect
1 0003A408 user32.dll 020C PtInRect
1 0003A40C user32.dll 016B GetWindow
1 0003A410 user32.dll 0138 GetMenuState
1 0003A414 user32.dll 0134 GetMenuItemID
1 0003A418 user32.dll 0133 GetMenuItemCount
1 0003A41C user32.dll 015A GetSubMenu
1 0003A420 user32.dll 010F GetDesktopWindow
1 0003A424 user32.dll 00EC GetActiveWindow
1 0003A428 user32.dll 0244 SetActiveWindow
1 0003A42C user32.dll 0053 CreateDialogIndirectParamA
1 0003A430 user32.dll 009A DestroyWindow
1 0003A434 user32.dll 0112 GetDlgItem
1 0003A438 user32.dll 00C5 EnableWindow
1 0003A43C user32.dll 023C SendMessageA
1 0003A440 user32.dll 0257 SetFocus
1 0003A444 user32.dll 0047 CopyAcceleratorTableA
1 0003A448 user32.dll 026D SetRect
1 0003A44C user32.dll 01A9 IsRectEmpty
1 0003A450 user32.dll 002B CharNextA
1 0003A454 user32.dll 022A ReleaseCapture
1 0003A458 user32.dll 0245 SetCapture
1 0003A45C user32.dll 0098 DestroyMenu
1 0003A460 user32.dll 01AD IsWindowEnabled
1 0003A464 user32.dll 0144 GetNextDlgTabItem
1 0003A468 user32.dll 00C7 EndDialog
1 0003A46C user32.dll 0035 CharUpperA
1 0003A470 user32.dll 015E GetSystemMetrics
1 0003A474 user32.dll 01A7 IsIconic
1 0003A478 user32.dll 00B7 DrawIcon
1 0003A47C user32.dll 01B6 LoadBitmapA
1 0003A480 user32.dll 017C GetWindowThreadProcessId
1 0003A484 user32.dll 01DD MessageBoxA
1 0003A488 user32.dll 00E4 FindWindowA
1 0003A48C user32.dll 0202 PostQuitMessage
1 0003A490 user32.dll 0118 GetForegroundWindow
1 0003A494 user32.dll 01AC IsWindow
1 0003A498 user32.dll 01B3 KillTimer
1 0003A49C user32.dll 027B SetTimer
1 0003A4A0 user32.dll 0216 RedrawWindow
1 0003A4A4 user32.dll 0100 GetClientRect
1 0003A4A8 user32.dll 0175 GetWindowRect
1 0003A4AC user32.dll 016F GetWindowLongA
1 0003A4B0 user32.dll 0146 GetParent
1 0003A4B4 user32.dll 0281 SetWindowLongA
1 0003A4B8 user32.dll 0267 SetParent
1 0003A4BC user32.dll 0284 SetWindowPos
1 0003A4C0 user32.dll 01DC MessageBeep
1 0003A4C4 user32.dll 00E0 EqualRect
1 0003A4C8 user32.dll 0143 GetNextDlgGroupItem
1 0003A4CC user32.dll 01B8 LoadCursorA
1 0003A4D0 user32.dll 015C GetSysColorBrush
1 0003A4D4 user32.dll 00C9 EndPaint
1 0003A4D8 user32.dll 000E BeginPaint
1 0003A4DC user32.dll 016D GetWindowDC
1 0003A4E0 user32.dll 0041 ClientToScreen
1 0003A4E4 user32.dll 017E GrayStringA
1 0003A4E8 user32.dll 00BE DrawTextExA
1 0003A4EC user32.dll 00BD DrawTextA
1 0003A4F0 user32.dll 029C TabbedTextOutA
1 0003A4F4 user32.dll 02D6 WindowFromPoint
1 0003A4F8 user32.dll 0280 SetWindowContextHelpId
1 0003A4FC user32.dll 01D3 MapDialogRect
1 0003A500 user32.dll 013B GetMessageA
1 0003A504 user32.dll 02AB TranslateMessage
1 0003A508 user32.dll 010C GetCursorPos
1 0003A50C user32.dll 02C6 ValidateRect
1 0003A510 user32.dll 024E SetCursor
1 0003A514 user32.dll 0194 InvalidateRect
1 0003A518 user32.dll 00B4 DrawFocusRect
1 0003A51C user32.dll 00E3 FillRect
1 0003A520 user32.dll 02D9 wsprintfA
1 0003A524 user32.dll 0262 SetMenuItemBitmaps
1 0003A528 user32.dll 01E5 ModifyMenuA
1 0003A52C user32.dll 00C3 EnableMenuItem
1 0003A530 user32.dll 012D GetMenu
1 0003A534 user32.dll 012F GetMenuCheckMarkDimensions
1 0003A538 user32.dll 003A CheckMenuItem
FThunk: 0003A540 NbFunc: 00000003
1 0003A540 winspool.drv 0103 OpenPrinterA
1 0003A544 winspool.drv 00B1 DocumentPropertiesA
1 0003A548 winspool.drv 0086 ClosePrinter
FThunk: 0003A550 NbFunc: 00000001
1 0003A550 comdlg32.dll 006C GetFileTitleA
FThunk: 0003A558 NbFunc: 00000005
1 0003A558 hook.dll 0005 ?UnInit@@YGHXZ
1 0003A55C hook.dll 0002 AddHotkey
1 0003A560 hook.dll 0004 ?InitHotkey@@YGHK@Z
1 0003A564 hook.dll 0001 ?AddGoodFilter@@YGKPBDI@Z
1 0003A568 hook.dll 0003 DeleteHotkey
FThunk: 0003A570 NbFunc: 0000000F
1 0003A570 ole32.dll 0064 CoTaskMemAlloc
1 0003A574 ole32.dll 013F StgOpenStorageOnILockBytes
1 0003A578 ole32.dll 0008 CLSIDFromProgID
1 0003A57C ole32.dll 0132 StgCreateDocfileOnILockBytes
1 0003A580 ole32.dll 008C CreateILockBytesOnHGlobal
1 0003A584 ole32.dll 0114 OleUninitialize
1 0003A588 ole32.dll 001E CoFreeUnusedLibraries
1 0003A58C ole32.dll 00FD OleInitialize
1 0003A590 ole32.dll 005C CoRevokeClassObject
1 0003A594 ole32.dll 0053 CoRegisterMessageFilter
1 0003A598 ole32.dll 00F8 OleFlushClipboard
1 0003A59C ole32.dll 00FF OleIsCurrentClipboard
1 0003A5A0 ole32.dll 000A CLSIDFromString
1 0003A5A4 ole32.dll 0065 CoTaskMemFree
1 0003A5A8 ole32.dll 0024 CoGetClassObject
FThunk: 0003A5B0 NbFunc: 00000001
1 0003A5B0 oledlg.dll 0008 OleUIBusyA
:D 好人做到底.
|
能力值:
( LV2,RANK:10 )
|
-
-
18 楼
fogot是好人,写的够详细,谢谢,暂时没时间研究了,先收藏了
StudentII兄太谦虚了,不过一些话,我认真看了也赞同,
loveboom的话虽然有点逆耳不过也不是恶意,
还有fly大虾,可能是对这个帖子有些误会了,在此说声抱歉
以后有机会还望众大侠不吝赐教,这里对所有关注过本帖的大虾都说声谢谢了!
|
能力值:
![]()
(RANK:1060 )
|
-
-
19 楼
forgot虽然是好人,也不至于让我半路改名为fogot吧:D
|
能力值:
( LV2,RANK:10 )
|
-
-
20 楼
:o 不好意思 笔误了 应该是forgot大侠,失敬失敬,大侠什么时候有空我赔杯茶喝 :D
|
|
|
|
