一个雨滴屏幕保护程序简单破解[原创]-软件逆向-看雪-安全社区|安全招聘|kanxue.com

最新回复 (4)
fly 雪币： 898 活跃值： (4039) 能力值： ( LV9，RANK：3410 ) 在线值：发帖 294 回帖 7686 粉丝 32 关注私信	fly 85 2 楼可以试试爆破，直接去掉其启动时的注册验证 .text:004029F0 ; =============== S U B R O U T I N E ?===================================== .text:004029F0 .text:004029F0 .text:004029F0 ; int __stdcall sub_4029F0(char ) .text:004029F0 sub_4029F0 proc near ; CODE XREF: sub_402460+1B0p .text:004029F0 .text:004029F0 var_18 = dword ptr -18h .text:004029F0 var_14 = dword ptr -14h .text:004029F0 var_10 = dword ptr -10h .text:004029F0 var_C = dword ptr -0Ch .text:004029F0 var_4 = dword ptr -4 .text:004029F0 arg_0 = dword ptr 4 .text:004029F0 .text:004029F0 push 0FFFFFFFFh .text:004029F2 push offset loc_417F78 .text:004029F7 mov eax, large fs:0 .text:004029FD push eax .text:004029FE mov large fs:0, esp .text:00402A05 sub esp, 0Ch .text:00402A08 push ebx .text:00402A09 push ebp .text:00402A0A push esi .text:00402A0B push edi .text:00402A0C mov eax, [esp+28h+arg_0] .text:00402A10 push eax ; char .text:00402A11 call _atol .text:00402A11 .text:00402A16 mov ecx, eax .text:00402A18 mov eax, 66666667h .text:00402A1D imul ecx .text:00402A1F sar edx, 2 .text:00402A22 mov eax, edx .text:00402A24 add esp, 4 .text:00402A27 shr eax, 1Fh .text:00402A2A add edx, eax .text:00402A2C lea eax, [edx+edx4] .text:00402A2F shl eax, 1 .text:00402A31 sub ecx, eax .text:00402A33 mov eax, 66666667h .text:00402A38 mov [esp+28h+var_10], ecx .text:00402A3C mov ecx, edx .text:00402A3E imul ecx .text:00402A40 sar edx, 2 .text:00402A43 mov eax, edx .text:00402A45 shr eax, 1Fh .text:00402A48 add edx, eax .text:00402A4A lea eax, [edx+edx4] .text:00402A4D shl eax, 1 .text:00402A4F sub ecx, eax .text:00402A51 mov eax, 66666667h .text:00402A56 mov [esp+28h+var_14], ecx .text:00402A5A mov ecx, edx .text:00402A5C imul ecx .text:00402A5E sar edx, 2 .text:00402A61 mov eax, edx .text:00402A63 shr eax, 1Fh .text:00402A66 add edx, eax .text:00402A68 lea eax, [edx+edx4] .text:00402A6B shl eax, 1 .text:00402A6D sub ecx, eax .text:00402A6F mov eax, 66666667h .text:00402A74 mov ebp, ecx .text:00402A76 mov ecx, edx .text:00402A78 imul ecx .text:00402A7A sar edx, 2 .text:00402A7D mov eax, edx .text:00402A7F shr eax, 1Fh .text:00402A82 add edx, eax .text:00402A84 lea eax, [edx+edx4] .text:00402A87 shl eax, 1 .text:00402A89 sub ecx, eax .text:00402A8B mov eax, 66666667h .text:00402A90 mov [esp+28h+var_18], ecx .text:00402A94 mov ecx, edx .text:00402A96 imul ecx .text:00402A98 sar edx, 2 .text:00402A9B mov eax, edx .text:00402A9D shr eax, 1Fh .text:00402AA0 add edx, eax .text:00402AA2 lea eax, [edx+edx4] .text:00402AA5 shl eax, 1 .text:00402AA7 sub ecx, eax .text:00402AA9 mov eax, 66666667h .text:00402AAE mov edi, ecx .text:00402AB0 mov ecx, edx .text:00402AB2 imul ecx .text:00402AB4 sar edx, 2 .text:00402AB7 mov eax, edx .text:00402AB9 shr eax, 1Fh .text:00402ABC add edx, eax .text:00402ABE mov esi, edx .text:00402AC0 lea eax, [edx+edx4] .text:00402AC3 shl eax, 1 .text:00402AC5 sub ecx, eax .text:00402AC7 mov eax, 66666667h .text:00402ACC imul esi .text:00402ACE sar edx, 2 .text:00402AD1 mov ebx, ecx .text:00402AD3 mov ecx, edx .text:00402AD5 shr ecx, 1Fh .text:00402AD8 add edx, ecx .text:00402ADA mov eax, 66666667h .text:00402ADF mov ecx, edx .text:00402AE1 lea edx, [ecx+ecx4] .text:00402AE4 shl edx, 1 .text:00402AE6 sub esi, edx .text:00402AE8 imul ecx .text:00402AEA sar edx, 2 .text:00402AED mov eax, edx .text:00402AEF shr eax, 1Fh .text:00402AF2 add edx, eax .text:00402AF4 lea edx, [edx+edx4] .text:00402AF7 shl edx, 1 .text:00402AF9 sub ecx, edx .text:00402AFB lea eax, [ecx+esi] .text:00402AFE cmp eax, 5 .text:00402B01 jz short loc_402B23 .text:00402B01 .text:00402B03 add eax, 0FFFFFFF6h .text:00402B06 cmp eax, 5 .text:00402B09 jz short loc_402B23 .text:00402B09 .text:00402B0B lea ecx, [esp+28h+arg_0] .text:00402B0F mov [esp+28h+var_4], 0FFFFFFFFh .text:00402B17 call sub_41206A .text:00402B17 .text:00402B1C xor al, al .text:00402B1E jmp loc_402BB0 .text:00402B1E .text:00402B23 ; --------------------------------------------------------------------------- .text:00402B23 .text:00402B23 loc_402B23: ; CODE XREF: sub_4029F0+111j .text:00402B23 ; sub_4029F0+119j .text:00402B23 lea eax, [ebx+edi] .text:00402B26 cmp eax, 7 .text:00402B29 jz short loc_402B48 .text:00402B29 .text:00402B2B add eax, 0FFFFFFF6h .text:00402B2E cmp eax, 7 .text:00402B31 jz short loc_402B48 .text:00402B31 .text:00402B33 lea ecx, [esp+28h+arg_0] .text:00402B37 mov [esp+28h+var_4], 0FFFFFFFFh .text:00402B3F call sub_41206A .text:00402B3F .text:00402B44 xor al, al .text:00402B46 jmp short loc_402BB0 .text:00402B46 .text:00402B48 ; --------------------------------------------------------------------------- .text:00402B48 .text:00402B48 loc_402B48: ; CODE XREF: sub_4029F0+139j .text:00402B48 ; sub_4029F0+141j .text:00402B48 mov eax, [esp+28h+var_18] .text:00402B4C add eax, ebp .text:00402B4E cmp eax, 4 .text:00402B51 jz short loc_402B70 .text:00402B51 .text:00402B53 add eax, 0FFFFFFF6h .text:00402B56 cmp eax, 4 .text:00402B59 jz short loc_402B70 .text:00402B59 .text:00402B5B lea ecx, [esp+28h+arg_0] .text:00402B5F mov [esp+28h+var_4], 0FFFFFFFFh .text:00402B67 call sub_41206A .text:00402B67 .text:00402B6C xor al, al .text:00402B6E jmp short loc_402BB0 .text:00402B6E .text:00402B70 ; --------------------------------------------------------------------------- .text:00402B70 .text:00402B70 loc_402B70: ; CODE XREF: sub_4029F0+161j .text:00402B70 ; sub_4029F0+169j .text:00402B70 mov ecx, [esp+28h+var_14] .text:00402B74 mov edx, [esp+28h+var_10] .text:00402B78 lea eax, [ecx+edx] .text:00402B7B cmp eax, 9 .text:00402B7E jz short loc_402B9D .text:00402B7E .text:00402B80 add eax, 0FFFFFFF6h .text:00402B83 cmp eax, 9 .text:00402B86 jz short loc_402B9D .text:00402B86 .text:00402B88 lea ecx, [esp+28h+arg_0] .text:00402B8C mov [esp+28h+var_4], 0FFFFFFFFh .text:00402B94 call sub_41206A .text:00402B94 .text:00402B99 xor al, al .text:00402B9B jmp short loc_402BB0 .text:00402B9B .text:00402B9D ; --------------------------------------------------------------------------- .text:00402B9D .text:00402B9D loc_402B9D: ; CODE XREF: sub_4029F0+18Ej .text:00402B9D ; sub_4029F0+196j .text:00402B9D lea ecx, [esp+28h+arg_0] .text:00402BA1 mov [esp+28h+var_4], 0FFFFFFFFh .text:00402BA9 call sub_41206A .text:00402BA9 .text:00402BAE mov al, 1 .text:00402BB0 .text:00402BB0 loc_402BB0: ; CODE XREF: sub_4029F0+12Ej .text:00402BB0 ; sub_4029F0+156j .text:00402BB0 ; sub_4029F0+17Ej .text:00402BB0 ; sub_4029F0+1ABj .text:00402BB0 mov ecx, [esp+28h+var_C] .text:00402BB4 pop edi .text:00402BB5 pop esi .text:00402BB6 pop ebp .text:00402BB7 pop ebx .text:00402BB8 mov large fs:0, ecx .text:00402BBF add esp, 18h .text:00402BC2 retn 4 .text:00402BC2 .text:00402BC2 sub_4029F0 endp 修改： 00402B01 E9 97000000 jmp 00402B9D 2005-7-30 14:38 0
萝卜雪币： 260 活跃值： (81) 能力值： ( LV4，RANK：50 ) 在线值：发帖 48 回帖 833 粉丝 2 关注私信	萝卜 1 3 楼 fly 真是快呀！ 2005-7-30 17:16 0
ljy3282393 雪币： 214 活跃值： (15) 能力值： ( LV4，RANK：50 ) 在线值：发帖 2 回帖 426 粉丝 1 关注私信	ljy3282393 1 4 楼我也下来看看 2005-7-30 22:33 0
jfaumt 雪币： 33 活跃值： (25) 能力值： ( LV2，RANK：10 ) 在线值：发帖 23 回帖 137 粉丝 0 关注私信	jfaumt 5 楼先把文件的扩展名由scr改为exe然后用W32Dasm反汇款，查找"Only $9.95 to buy" :00401B8A 52 push edx :00401B8B 896C247C mov dword ptr [esp+7C], ebp * Reference To: GDI32.BitBlt, Ord:0011h \| :00401B8F FF15C4904100 Call dword ptr [004190C4] :00401B95 E8394A0100 call 004165D3 :00401B9A 8B4004 mov eax, dword ptr [eax+04] :00401B9D 3898CC000000 cmp byte ptr [eax+000000CC], bl :00401BA3 0F8430010000 je 00401CD9--------------------->此处改为jne 00401CD9 (对应的机器码为:0F8530010000) :00401BA9 68C8000000 push 000000C8 :00401BAE 8D4C2420 lea ecx, dword ptr [esp+20] :00401BB2 E8E2310100 call 00414D99 :00401BB7 6A06 push 00000006 :00401BB9 8D4C2420 lea ecx, dword ptr [esp+20] :00401BBD E824340100 call 00414FE6 * Possible Reference to String Resource ID=00001: "3D Raindrop ScreenSaver" \| :00401BC2 6A01 push 00000001 :00401BC4 8D4C2420 lea ecx, dword ptr [esp+20] :00401BC8 E89E310100 call 00414D6B :00401BCD 895C2430 mov dword ptr [esp+30], ebx :00401BD1 C744242CDC954100 mov [esp+2C], 004195DC * Possible StringData Ref from Data Obj ->"Arial" \| :00401BD9 685CF24100 push 0041F25C :00401BDE 53 push ebx :00401BDF 53 push ebx * Possible Reference to String Resource ID=00001: "3D Raindrop ScreenSaver" \| :00401BE0 6A01 push 00000001 :00401BE2 6A02 push 00000002 * Possible Reference to String Resource ID=00001: "3D Raindrop ScreenSaver" \| :00401BE4 6A01 push 00000001 :00401BE6 53 push ebx :00401BE7 53 push ebx :00401BE8 53 push ebx :00401BE9 53 push ebx :00401BEA 53 push ebx :00401BEB 53 push ebx :00401BEC 6A19 push 00000019 :00401BEE 6A19 push 00000019 :00401BF0 C68424F000000004 mov byte ptr [esp+000000F0], 04 * Reference To: GDI32.CreateFontA, Ord:0036h \| :00401BF8 FF15BC904100 Call dword ptr [004190BC] :00401BFE 50 push eax :00401BFF 8D4C2430 lea ecx, dword ptr [esp+30] :00401C03 E8BB360100 call 004152C3 :00401C08 8D44242C lea eax, dword ptr [esp+2C] :00401C0C 8D4C241C lea ecx, dword ptr [esp+1C] :00401C10 50 push eax :00401C11 E8BE300100 call 00414CD4 * Possible StringData Ref from Data Obj ->"Only $9.95 to buy"----＞找到这里，向上看能不能跳过 \| :00401C16 6848F24100 push 0041F248 :00401C1B 8D4C2414 lea ecx, dword ptr [esp+14] :00401C1F 8BE8 mov ebp, eax :00401C21 E8B2040100 call 004120D8 :00401C26 8BC6 mov eax, esi :00401C28 8B4C2410 mov ecx, dword ptr [esp+10] :00401C2C 99 cdq :00401C2D 2BC2 sub eax, edx 总结:修改（00401BA3 je 00401CD9　为 00401BA3 jne 00401CD9）然后再改扩展名exe为scr，运行后讨厌的红字没有了。 2005-7-31 14:21 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (4)
fly 雪币： 898 活跃值： (4039) 能力值： ( LV9，RANK：3410 ) 在线值：发帖 294 回帖 7686 粉丝 32 关注私信	fly 85 2 楼可以试试爆破，直接去掉其启动时的注册验证 .text:004029F0 ; =============== S U B R O U T I N E ?===================================== .text:004029F0 .text:004029F0 .text:004029F0 ; int __stdcall sub_4029F0(char ) .text:004029F0 sub_4029F0 proc near ; CODE XREF: sub_402460+1B0p .text:004029F0 .text:004029F0 var_18 = dword ptr -18h .text:004029F0 var_14 = dword ptr -14h .text:004029F0 var_10 = dword ptr -10h .text:004029F0 var_C = dword ptr -0Ch .text:004029F0 var_4 = dword ptr -4 .text:004029F0 arg_0 = dword ptr 4 .text:004029F0 .text:004029F0 push 0FFFFFFFFh .text:004029F2 push offset loc_417F78 .text:004029F7 mov eax, large fs:0 .text:004029FD push eax .text:004029FE mov large fs:0, esp .text:00402A05 sub esp, 0Ch .text:00402A08 push ebx .text:00402A09 push ebp .text:00402A0A push esi .text:00402A0B push edi .text:00402A0C mov eax, [esp+28h+arg_0] .text:00402A10 push eax ; char .text:00402A11 call _atol .text:00402A11 .text:00402A16 mov ecx, eax .text:00402A18 mov eax, 66666667h .text:00402A1D imul ecx .text:00402A1F sar edx, 2 .text:00402A22 mov eax, edx .text:00402A24 add esp, 4 .text:00402A27 shr eax, 1Fh .text:00402A2A add edx, eax .text:00402A2C lea eax, [edx+edx4] .text:00402A2F shl eax, 1 .text:00402A31 sub ecx, eax .text:00402A33 mov eax, 66666667h .text:00402A38 mov [esp+28h+var_10], ecx .text:00402A3C mov ecx, edx .text:00402A3E imul ecx .text:00402A40 sar edx, 2 .text:00402A43 mov eax, edx .text:00402A45 shr eax, 1Fh .text:00402A48 add edx, eax .text:00402A4A lea eax, [edx+edx4] .text:00402A4D shl eax, 1 .text:00402A4F sub ecx, eax .text:00402A51 mov eax, 66666667h .text:00402A56 mov [esp+28h+var_14], ecx .text:00402A5A mov ecx, edx .text:00402A5C imul ecx .text:00402A5E sar edx, 2 .text:00402A61 mov eax, edx .text:00402A63 shr eax, 1Fh .text:00402A66 add edx, eax .text:00402A68 lea eax, [edx+edx4] .text:00402A6B shl eax, 1 .text:00402A6D sub ecx, eax .text:00402A6F mov eax, 66666667h .text:00402A74 mov ebp, ecx .text:00402A76 mov ecx, edx .text:00402A78 imul ecx .text:00402A7A sar edx, 2 .text:00402A7D mov eax, edx .text:00402A7F shr eax, 1Fh .text:00402A82 add edx, eax .text:00402A84 lea eax, [edx+edx4] .text:00402A87 shl eax, 1 .text:00402A89 sub ecx, eax .text:00402A8B mov eax, 66666667h .text:00402A90 mov [esp+28h+var_18], ecx .text:00402A94 mov ecx, edx .text:00402A96 imul ecx .text:00402A98 sar edx, 2 .text:00402A9B mov eax, edx .text:00402A9D shr eax, 1Fh .text:00402AA0 add edx, eax .text:00402AA2 lea eax, [edx+edx4] .text:00402AA5 shl eax, 1 .text:00402AA7 sub ecx, eax .text:00402AA9 mov eax, 66666667h .text:00402AAE mov edi, ecx .text:00402AB0 mov ecx, edx .text:00402AB2 imul ecx .text:00402AB4 sar edx, 2 .text:00402AB7 mov eax, edx .text:00402AB9 shr eax, 1Fh .text:00402ABC add edx, eax .text:00402ABE mov esi, edx .text:00402AC0 lea eax, [edx+edx4] .text:00402AC3 shl eax, 1 .text:00402AC5 sub ecx, eax .text:00402AC7 mov eax, 66666667h .text:00402ACC imul esi .text:00402ACE sar edx, 2 .text:00402AD1 mov ebx, ecx .text:00402AD3 mov ecx, edx .text:00402AD5 shr ecx, 1Fh .text:00402AD8 add edx, ecx .text:00402ADA mov eax, 66666667h .text:00402ADF mov ecx, edx .text:00402AE1 lea edx, [ecx+ecx4] .text:00402AE4 shl edx, 1 .text:00402AE6 sub esi, edx .text:00402AE8 imul ecx .text:00402AEA sar edx, 2 .text:00402AED mov eax, edx .text:00402AEF shr eax, 1Fh .text:00402AF2 add edx, eax .text:00402AF4 lea edx, [edx+edx4] .text:00402AF7 shl edx, 1 .text:00402AF9 sub ecx, edx .text:00402AFB lea eax, [ecx+esi] .text:00402AFE cmp eax, 5 .text:00402B01 jz short loc_402B23 .text:00402B01 .text:00402B03 add eax, 0FFFFFFF6h .text:00402B06 cmp eax, 5 .text:00402B09 jz short loc_402B23 .text:00402B09 .text:00402B0B lea ecx, [esp+28h+arg_0] .text:00402B0F mov [esp+28h+var_4], 0FFFFFFFFh .text:00402B17 call sub_41206A .text:00402B17 .text:00402B1C xor al, al .text:00402B1E jmp loc_402BB0 .text:00402B1E .text:00402B23 ; --------------------------------------------------------------------------- .text:00402B23 .text:00402B23 loc_402B23: ; CODE XREF: sub_4029F0+111j .text:00402B23 ; sub_4029F0+119j .text:00402B23 lea eax, [ebx+edi] .text:00402B26 cmp eax, 7 .text:00402B29 jz short loc_402B48 .text:00402B29 .text:00402B2B add eax, 0FFFFFFF6h .text:00402B2E cmp eax, 7 .text:00402B31 jz short loc_402B48 .text:00402B31 .text:00402B33 lea ecx, [esp+28h+arg_0] .text:00402B37 mov [esp+28h+var_4], 0FFFFFFFFh .text:00402B3F call sub_41206A .text:00402B3F .text:00402B44 xor al, al .text:00402B46 jmp short loc_402BB0 .text:00402B46 .text:00402B48 ; --------------------------------------------------------------------------- .text:00402B48 .text:00402B48 loc_402B48: ; CODE XREF: sub_4029F0+139j .text:00402B48 ; sub_4029F0+141j .text:00402B48 mov eax, [esp+28h+var_18] .text:00402B4C add eax, ebp .text:00402B4E cmp eax, 4 .text:00402B51 jz short loc_402B70 .text:00402B51 .text:00402B53 add eax, 0FFFFFFF6h .text:00402B56 cmp eax, 4 .text:00402B59 jz short loc_402B70 .text:00402B59 .text:00402B5B lea ecx, [esp+28h+arg_0] .text:00402B5F mov [esp+28h+var_4], 0FFFFFFFFh .text:00402B67 call sub_41206A .text:00402B67 .text:00402B6C xor al, al .text:00402B6E jmp short loc_402BB0 .text:00402B6E .text:00402B70 ; --------------------------------------------------------------------------- .text:00402B70 .text:00402B70 loc_402B70: ; CODE XREF: sub_4029F0+161j .text:00402B70 ; sub_4029F0+169j .text:00402B70 mov ecx, [esp+28h+var_14] .text:00402B74 mov edx, [esp+28h+var_10] .text:00402B78 lea eax, [ecx+edx] .text:00402B7B cmp eax, 9 .text:00402B7E jz short loc_402B9D .text:00402B7E .text:00402B80 add eax, 0FFFFFFF6h .text:00402B83 cmp eax, 9 .text:00402B86 jz short loc_402B9D .text:00402B86 .text:00402B88 lea ecx, [esp+28h+arg_0] .text:00402B8C mov [esp+28h+var_4], 0FFFFFFFFh .text:00402B94 call sub_41206A .text:00402B94 .text:00402B99 xor al, al .text:00402B9B jmp short loc_402BB0 .text:00402B9B .text:00402B9D ; --------------------------------------------------------------------------- .text:00402B9D .text:00402B9D loc_402B9D: ; CODE XREF: sub_4029F0+18Ej .text:00402B9D ; sub_4029F0+196j .text:00402B9D lea ecx, [esp+28h+arg_0] .text:00402BA1 mov [esp+28h+var_4], 0FFFFFFFFh .text:00402BA9 call sub_41206A .text:00402BA9 .text:00402BAE mov al, 1 .text:00402BB0 .text:00402BB0 loc_402BB0: ; CODE XREF: sub_4029F0+12Ej .text:00402BB0 ; sub_4029F0+156j .text:00402BB0 ; sub_4029F0+17Ej .text:00402BB0 ; sub_4029F0+1ABj .text:00402BB0 mov ecx, [esp+28h+var_C] .text:00402BB4 pop edi .text:00402BB5 pop esi .text:00402BB6 pop ebp .text:00402BB7 pop ebx .text:00402BB8 mov large fs:0, ecx .text:00402BBF add esp, 18h .text:00402BC2 retn 4 .text:00402BC2 .text:00402BC2 sub_4029F0 endp 修改： 00402B01 E9 97000000 jmp 00402B9D 2005-7-30 14:38 0
萝卜雪币： 260 活跃值： (81) 能力值： ( LV4，RANK：50 ) 在线值：发帖 48 回帖 833 粉丝 2 关注私信	萝卜 1 3 楼 fly 真是快呀！ 2005-7-30 17:16 0
ljy3282393 雪币： 214 活跃值： (15) 能力值： ( LV4，RANK：50 ) 在线值：发帖 2 回帖 426 粉丝 1 关注私信	ljy3282393 1 4 楼我也下来看看 2005-7-30 22:33 0
jfaumt 雪币： 33 活跃值： (25) 能力值： ( LV2，RANK：10 ) 在线值：发帖 23 回帖 137 粉丝 0 关注私信	jfaumt 5 楼先把文件的扩展名由scr改为exe然后用W32Dasm反汇款，查找"Only $9.95 to buy" :00401B8A 52 push edx :00401B8B 896C247C mov dword ptr [esp+7C], ebp * Reference To: GDI32.BitBlt, Ord:0011h \| :00401B8F FF15C4904100 Call dword ptr [004190C4] :00401B95 E8394A0100 call 004165D3 :00401B9A 8B4004 mov eax, dword ptr [eax+04] :00401B9D 3898CC000000 cmp byte ptr [eax+000000CC], bl :00401BA3 0F8430010000 je 00401CD9--------------------->此处改为jne 00401CD9 (对应的机器码为:0F8530010000) :00401BA9 68C8000000 push 000000C8 :00401BAE 8D4C2420 lea ecx, dword ptr [esp+20] :00401BB2 E8E2310100 call 00414D99 :00401BB7 6A06 push 00000006 :00401BB9 8D4C2420 lea ecx, dword ptr [esp+20] :00401BBD E824340100 call 00414FE6 * Possible Reference to String Resource ID=00001: "3D Raindrop ScreenSaver" \| :00401BC2 6A01 push 00000001 :00401BC4 8D4C2420 lea ecx, dword ptr [esp+20] :00401BC8 E89E310100 call 00414D6B :00401BCD 895C2430 mov dword ptr [esp+30], ebx :00401BD1 C744242CDC954100 mov [esp+2C], 004195DC * Possible StringData Ref from Data Obj ->"Arial" \| :00401BD9 685CF24100 push 0041F25C :00401BDE 53 push ebx :00401BDF 53 push ebx * Possible Reference to String Resource ID=00001: "3D Raindrop ScreenSaver" \| :00401BE0 6A01 push 00000001 :00401BE2 6A02 push 00000002 * Possible Reference to String Resource ID=00001: "3D Raindrop ScreenSaver" \| :00401BE4 6A01 push 00000001 :00401BE6 53 push ebx :00401BE7 53 push ebx :00401BE8 53 push ebx :00401BE9 53 push ebx :00401BEA 53 push ebx :00401BEB 53 push ebx :00401BEC 6A19 push 00000019 :00401BEE 6A19 push 00000019 :00401BF0 C68424F000000004 mov byte ptr [esp+000000F0], 04 * Reference To: GDI32.CreateFontA, Ord:0036h \| :00401BF8 FF15BC904100 Call dword ptr [004190BC] :00401BFE 50 push eax :00401BFF 8D4C2430 lea ecx, dword ptr [esp+30] :00401C03 E8BB360100 call 004152C3 :00401C08 8D44242C lea eax, dword ptr [esp+2C] :00401C0C 8D4C241C lea ecx, dword ptr [esp+1C] :00401C10 50 push eax :00401C11 E8BE300100 call 00414CD4 * Possible StringData Ref from Data Obj ->"Only $9.95 to buy"----＞找到这里，向上看能不能跳过 \| :00401C16 6848F24100 push 0041F248 :00401C1B 8D4C2414 lea ecx, dword ptr [esp+14] :00401C1F 8BE8 mov ebp, eax :00401C21 E8B2040100 call 004120D8 :00401C26 8BC6 mov eax, esi :00401C28 8B4C2410 mov ecx, dword ptr [esp+10] :00401C2C 99 cdq :00401C2D 2BC2 sub eax, edx 总结:修改（00401BA3 je 00401CD9　为 00401BA3 jne 00401CD9）然后再改扩展名exe为scr，运行后讨厌的红字没有了。 2005-7-31 14:21 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复