006C1948 55 push ebp
006C1949 8BEC mov ebp,esp
006C194B B9 49020000 mov ecx,249
006C1950 6A 00 push 0
006C1952 6A 00 push 0
006C1954 49 dec ecx
006C1955 ^ 75 F9 jnz short ofdde.006C1950
006C1957 51 push ecx
006C1958 53 push ebx
006C1959 56 push esi
006C195A 57 push edi
006C195B 8955 F8 mov dword ptr ss:[ebp-8],edx
006C195E 8945 FC mov dword ptr ss:[ebp-4],eax
006C1961 33C0 xor eax,eax
006C1963 55 push ebp
006C1964 68 BF236C00 push ofdde.006C23BF
006C1969 64:FF30 push dword ptr fs:[eax]
006C196C 64:8920 mov dword ptr fs:[eax],esp
006C196F A1 E0086E00 mov eax,dword ptr ds:[6E08E0]
006C1974 8B00 mov eax,dword ptr ds:[eax]
006C1976 E8 C9F6DCFF call ofdde.00491044
006C197B 8BD0 mov edx,eax
006C197D D1FA sar edx,1
006C197F 79 03 jns short ofdde.006C1984
006C1981 83D2 00 adc edx,0
006C1984 A1 2CFB7600 mov eax,dword ptr ds:[76FB2C]
006C1989 8B40 48 mov eax,dword ptr ds:[eax+48]
006C198C D1F8 sar eax,1
006C198E 79 03 jns short ofdde.006C1993
006C1990 83D0 00 adc eax,0
006C1993 2BD0 sub edx,eax
006C1995 A1 2CFB7600 mov eax,dword ptr ds:[76FB2C]
006C199A E8 710DDBFF call ofdde.00472710
006C199F A1 E0086E00 mov eax,dword ptr ds:[6E08E0]
006C19A4 8B00 mov eax,dword ptr ds:[eax]
006C19A6 E8 8DF6DCFF call ofdde.00491038
006C19AB 8BD0 mov edx,eax
006C19AD D1FA sar edx,1
006C19AF 79 03 jns short ofdde.006C19B4
006C19B1 83D2 00 adc edx,0
006C19B4 A1 2CFB7600 mov eax,dword ptr ds:[76FB2C]
006C19B9 8B40 4C mov eax,dword ptr ds:[eax+4C]
006C19BC D1F8 sar eax,1
006C19BE 79 03 jns short ofdde.006C19C3
006C19C0 83D0 00 adc eax,0
006C19C3 2BD0 sub edx,eax
006C19C5 A1 2CFB7600 mov eax,dword ptr ds:[76FB2C]
006C19CA E8 650DDBFF call ofdde.00472734
006C19CF 803D F0FB7600 00 cmp byte ptr ds:[76FBF0],0
006C19D6 0F85 A0090000 jnz ofdde.006C237C
006C19DC C605 F0FB7600 01 mov byte ptr ds:[76FBF0],1
006C19E3 C745 BC 00010000 mov dword ptr ss:[ebp-44],100
006C19EA 33DB xor ebx,ebx
006C19EC 8DB5 00F3FFFF lea esi,dword ptr ss:[ebp-D00]
006C19F2 899D FCEDFFFF mov dword ptr ss:[ebp-1204],ebx
006C19F8 DB85 FCEDFFFF fild dword ptr ss:[ebp-1204]
006C19FE E8 E116D4FF call ofdde.004030E4
006C1A03 DD1E fstp qword ptr ds:[esi]
006C1A05 9B wait
006C1A06 43 inc ebx
006C1A07 83C6 08 add esi,8
006C1A0A 81FB 91010000 cmp ebx,191
006C1A10 ^ 75 E0 jnz short ofdde.006C19F2
006C1A12 33C0 xor eax,eax
006C1A14 8945 B8 mov dword ptr ss:[ebp-48],eax
006C1A17 8D45 B0 lea eax,dword ptr ss:[ebp-50]
006C1A1A E8 E935D4FF call ofdde.00405008
006C1A1F 33D2 xor edx,edx
006C1A21 55 push ebp
006C1A22 68 771D6C00 push ofdde.006C1D77
006C1A27 64:FF32 push dword ptr fs:[edx]
006C1A2A 64:8922 mov dword ptr fs:[edx],esp
006C1A2D 8D45 A0 lea eax,dword ptr ss:[ebp-60]
006C1A30 8B15 68FC7600 mov edx,dword ptr ds:[76FC68]
006C1A36 E8 6536D4FF call ofdde.004050A0
006C1A3B 8D85 F8EDFFFF lea eax,dword ptr ss:[ebp-1208]
006C1A41 B9 D8236C00 mov ecx,ofdde.006C23D8 ; ASCII "Setup.ini"
006C1A46 8B55 A0 mov edx,dword ptr ss:[ebp-60]
006C1A49 E8 C638D4FF call ofdde.00405314
006C1A4E 8B8D F8EDFFFF mov ecx,dword ptr ss:[ebp-1208]
006C1A54 B2 01 mov dl,1
006C1A56 A1 54344400 mov eax,dword ptr ds:[443454]
006C1A5B E8 A41AD8FF call ofdde.00443504
006C1A60 8945 9C mov dword ptr ss:[ebp-64],eax
006C1A63 6A 00 push 0
006C1A65 8D45 CC lea eax,dword ptr ss:[ebp-34]
006C1A68 50 push eax
006C1A69 B9 EC236C00 mov ecx,ofdde.006C23EC ; ASCII "UserName"
006C1A6E BA 00246C00 mov edx,ofdde.006C2400 ; ASCII "Reg"
006C1A73 8B45 9C mov eax,dword ptr ss:[ebp-64]
006C1A76 8B18 mov ebx,dword ptr ds:[eax]
006C1A78 FF13 call dword ptr ds:[ebx]
006C1A7A 8D45 CC lea eax,dword ptr ss:[ebp-34]
006C1A7D BA 0C246C00 mov edx,ofdde.006C240C
006C1A82 E8 4938D4FF call ofdde.004052D0
006C1A87 8D45 CC lea eax,dword ptr ss:[ebp-34]
006C1A8A BA 18246C00 mov edx,ofdde.006C2418
006C1A8F E8 0C36D4FF call ofdde.004050A0
006C1A94 8D45 C8 lea eax,dword ptr ss:[ebp-38]
006C1A97 8B55 CC mov edx,dword ptr ss:[ebp-34]
006C1A9A E8 0136D4FF call ofdde.004050A0
006C1A9F C605 6CFC7600 00 mov byte ptr ds:[76FC6C],0
006C1AA6 8B45 C8 mov eax,dword ptr ss:[ebp-38]
006C1AA9 E8 1A38D4FF call ofdde.004052C8
006C1AAE 8945 C0 mov dword ptr ss:[ebp-40],eax
006C1AB1 8B45 C8 mov eax,dword ptr ss:[ebp-38]
006C1AB4 E8 0F3AD4FF call ofdde.004054C8
006C1AB9 8BD0 mov edx,eax
006C1ABB 8D85 00F2FFFF lea eax,dword ptr ss:[ebp-E00]
006C1AC1 E8 9697D4FF call ofdde.0040B25C
006C1AC6 B2 01 mov dl,1
006C1AC8 A1 B0AC4100 mov eax,dword ptr ds:[41ACB0]
006C1ACD E8 7A26D4FF call ofdde.0040414C
006C1AD2 8BD8 mov ebx,eax
006C1AD4 B2 01 mov dl,1
006C1AD6 A1 B0AC4100 mov eax,dword ptr ds:[41ACB0]
006C1ADB E8 6C26D4FF call ofdde.0040414C
006C1AE0 8945 F0 mov dword ptr ss:[ebp-10],eax
006C1AE3 8D95 00F2FFFF lea edx,dword ptr ss:[ebp-E00]
006C1AE9 8B4D C0 mov ecx,dword ptr ss:[ebp-40]
006C1AEC 8B45 F0 mov eax,dword ptr ss:[ebp-10]
006C1AEF E8 CCDFD5FF call ofdde.0041FAC0
006C1AF4 53 push ebx
006C1AF5 B1 02 mov cl,2
006C1AF7 B2 01 mov dl,1
006C1AF9 A1 14855100 mov eax,dword ptr ds:[518514]
006C1AFE E8 4D6CE5FF call ofdde.00518750
006C1B03 8945 F4 mov dword ptr ss:[ebp-C],eax
006C1B06 8B55 F4 mov edx,dword ptr ss:[ebp-C]
006C1B09 8B45 F0 mov eax,dword ptr ss:[ebp-10]
006C1B0C E8 93E4D5FF call ofdde.0041FFA4
006C1B11 8B45 BC mov eax,dword ptr ss:[ebp-44]
006C1B14 48 dec eax
006C1B15 85C0 test eax,eax
006C1B17 7C 13 jl short ofdde.006C1B2C
006C1B19 40 inc eax
006C1B1A 8945 8C mov dword ptr ss:[ebp-74],eax
006C1B1D 8DB5 00F2FFFF lea esi,dword ptr ss:[ebp-E00]
006C1B23 C606 00 mov byte ptr ds:[esi],0
006C1B26 46 inc esi
006C1B27 FF4D 8C dec dword ptr ss:[ebp-74]
006C1B2A ^ 75 F7 jnz short ofdde.006C1B23
006C1B2C 8B45 F0 mov eax,dword ptr ss:[ebp-10]
006C1B2F E8 4826D4FF call ofdde.0040417C
006C1B34 8B45 F4 mov eax,dword ptr ss:[ebp-C]
006C1B37 E8 4026D4FF call ofdde.0040417C
006C1B3C 6A 00 push 0
006C1B3E 6A 00 push 0
006C1B40 8BC3 mov eax,ebx
006C1B42 E8 35DDD5FF call ofdde.0041F87C
006C1B47 8BC3 mov eax,ebx
006C1B49 8B10 mov edx,dword ptr ds:[eax]
006C1B4B FF12 call dword ptr ds:[edx]
006C1B4D 8945 C0 mov dword ptr ss:[ebp-40],eax
006C1B50 8D95 00F2FFFF lea edx,dword ptr ss:[ebp-E00]
006C1B56 8B4D C0 mov ecx,dword ptr ss:[ebp-40]
006C1B59 8BC3 mov eax,ebx
006C1B5B E8 28DFD5FF call ofdde.0041FA88
006C1B60 8BC3 mov eax,ebx
006C1B62 E8 1526D4FF call ofdde.0040417C
006C1B67 E8 2C15D4FF call ofdde.00403098
006C1B6C 8B45 BC mov eax,dword ptr ss:[ebp-44]
006C1B6F 48 dec eax
006C1B70 E8 8B1BD4FF call ofdde.00403700
006C1B75 8945 C4 mov dword ptr ss:[ebp-3C],eax
006C1B78 B2 01 mov dl,1
006C1B7A A1 74854200 mov eax,dword ptr ds:[428574]
006C1B7F E8 4CE3D6FF call ofdde.0042FED0
006C1B84 8B55 C4 mov edx,dword ptr ss:[ebp-3C]
006C1B87 898495 00EEFFFF mov dword ptr ss:[ebp+edx*4-1200],e>
006C1B8E 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1B91 8B8485 00EEFFFF mov eax,dword ptr ss:[ebp+eax*4-120>
006C1B98 8B55 BC mov edx,dword ptr ss:[ebp-44]
006C1B9B 8B08 mov ecx,dword ptr ds:[eax]
006C1B9D FF51 40 call dword ptr ds:[ecx+40]
006C1BA0 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1BA3 8B8485 00EEFFFF mov eax,dword ptr ss:[ebp+eax*4-120>
006C1BAA 8B55 BC mov edx,dword ptr ss:[ebp-44]
006C1BAD 8B08 mov ecx,dword ptr ds:[eax]
006C1BAF FF51 34 call dword ptr ds:[ecx+34]
006C1BB2 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1BB5 8B8485 00EEFFFF mov eax,dword ptr ss:[ebp+eax*4-120>
006C1BBC B2 07 mov dl,7
006C1BBE E8 99FED6FF call ofdde.00431A5C
006C1BC3 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1BC6 8B8485 00EEFFFF mov eax,dword ptr ss:[ebp+eax*4-120>
006C1BCD E8 12EAD6FF call ofdde.004305E4
006C1BD2 8B40 14 mov eax,dword ptr ds:[eax+14]
006C1BD5 33D2 xor edx,edx
006C1BD7 E8 0C85D6FF call ofdde.0042A0E8
006C1BDC 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1BDF 8B8485 00EEFFFF mov eax,dword ptr ss:[ebp+eax*4-120>
006C1BE6 E8 F9E9D6FF call ofdde.004305E4
006C1BEB 8D95 E8EDFFFF lea edx,dword ptr ss:[ebp-1218]
006C1BF1 E8 A691D6FF call ofdde.0042AD9C
006C1BF6 8D85 E8EDFFFF lea eax,dword ptr ss:[ebp-1218]
006C1BFC 50 push eax
006C1BFD 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1C00 8B8485 00EEFFFF mov eax,dword ptr ss:[ebp+eax*4-120>
006C1C07 E8 D8E9D6FF call ofdde.004305E4
006C1C0C 5A pop edx
006C1C0D E8 528AD6FF call ofdde.0042A664
006C1C12 8B45 C0 mov eax,dword ptr ss:[ebp-40]
006C1C15 48 dec eax
006C1C16 85C0 test eax,eax
006C1C18 0F8C BC000000 jl ofdde.006C1CDA
006C1C1E 40 inc eax
006C1C1F 8945 8C mov dword ptr ss:[ebp-74],eax
006C1C22 8DB5 00F2FFFF lea esi,dword ptr ss:[ebp-E00]
006C1C28 8A06 mov al,byte ptr ds:[esi]
006C1C2A 33DB xor ebx,ebx
006C1C2C 8AD8 mov bl,al
006C1C2E 8BD0 mov edx,eax
006C1C30 80E2 F0 and dl,0F0
006C1C33 81E2 FF000000 and edx,0FF
006C1C39 C1EA 04 shr edx,4
006C1C3C 24 0F and al,0F
006C1C3E C1E0 04 shl eax,4
006C1C41 0AD0 or dl,al
006C1C43 33C0 xor eax,eax
006C1C45 8AC2 mov al,dl
006C1C47 8945 EC mov dword ptr ss:[ebp-14],eax
006C1C4A 33FF xor edi,edi
006C1C4C 8D85 00F3FFFF lea eax,dword ptr ss:[ebp-D00]
006C1C52 8945 88 mov dword ptr ss:[ebp-78],eax
006C1C55 89BD FCEDFFFF mov dword ptr ss:[ebp-1204],edi
006C1C5B DB85 FCEDFFFF fild dword ptr ss:[ebp-1204]
006C1C61 E8 C614D4FF call ofdde.0040312C
006C1C66 899D E4EDFFFF mov dword ptr ss:[ebp-121C],ebx
006C1C6C DB85 E4EDFFFF fild dword ptr ss:[ebp-121C]
006C1C72 DEC9 fmulp st(1),st
006C1C74 899D E0EDFFFF mov dword ptr ss:[ebp-1220],ebx
006C1C7A DB85 E0EDFFFF fild dword ptr ss:[ebp-1220]
006C1C80 DEC1 faddp st(1),st
006C1C82 E8 D914D4FF call ofdde.00403160
006C1C87 8945 E8 mov dword ptr ss:[ebp-18],eax
006C1C8A DB45 EC fild dword ptr ss:[ebp-14]
006C1C8D 8B45 88 mov eax,dword ptr ss:[ebp-78]
006C1C90 DC08 fmul qword ptr ds:[eax]
006C1C92 899D FCEDFFFF mov dword ptr ss:[ebp-1204],ebx
006C1C98 DB85 FCEDFFFF fild dword ptr ss:[ebp-1204]
006C1C9E DEC1 faddp st(1),st
006C1CA0 E8 BB14D4FF call ofdde.00403160
006C1CA5 53 push ebx
006C1CA6 8B55 EC mov edx,dword ptr ss:[ebp-14]
006C1CA9 52 push edx
006C1CAA 8B55 E8 mov edx,dword ptr ss:[ebp-18]
006C1CAD 52 push edx
006C1CAE 8B55 C4 mov edx,dword ptr ss:[ebp-3C]
006C1CB1 8D9495 00EEFFFF lea edx,dword ptr ss:[ebp+edx*4-120>
006C1CB8 8BC8 mov ecx,eax
006C1CBA 8B45 E8 mov eax,dword ptr ss:[ebp-18]
006C1CBD 92 xchg eax,edx
006C1CBE E8 F919FFFF call ofdde.006B36BC
006C1CC3 47 inc edi
006C1CC4 8345 88 08 add dword ptr ss:[ebp-78],8
006C1CC8 81FF 91010000 cmp edi,191
006C1CCE ^ 75 85 jnz short ofdde.006C1C55
006C1CD0 46 inc esi
006C1CD1 FF4D 8C dec dword ptr ss:[ebp-74]
006C1CD4 ^ 0F85 4EFFFFFF jnz ofdde.006C1C28
006C1CDA 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1CDD 8D8485 00EEFFFF lea eax,dword ptr ss:[ebp+eax*4-120>
006C1CE4 E8 9F1AFFFF call ofdde.006B3788
006C1CE9 8D55 AC lea edx,dword ptr ss:[ebp-54]
006C1CEC 8B45 B8 mov eax,dword ptr ss:[ebp-48]
006C1CEF E8 A087D4FF call ofdde.0040A494
006C1CF4 6A 00 push 0
006C1CF6 8D85 DCEDFFFF lea eax,dword ptr ss:[ebp-1224]
006C1CFC 50 push eax
006C1CFD B9 EC236C00 mov ecx,ofdde.006C23EC ; ASCII "UserName"
006C1D02 BA 00246C00 mov edx,ofdde.006C2400 ; ASCII "Reg"
006C1D07 8B45 9C mov eax,dword ptr ss:[ebp-64]
006C1D0A 8B18 mov ebx,dword ptr ds:[eax]
006C1D0C FF13 call dword ptr ds:[ebx]
006C1D0E 83BD DCEDFFFF 00 cmp dword ptr ss:[ebp-1224],0
006C1D15 75 28 jnz short ofdde.006C1D3F
006C1D17 6A 00 push 0
006C1D19 B9 54246C00 mov ecx,ofdde.006C2454 ; ASCII "KeyCode"
006C1D1E BA 00246C00 mov edx,ofdde.006C2400 ; ASCII "Reg"
006C1D23 8B45 9C mov eax,dword ptr ss:[ebp-64]
006C1D26 8B18 mov ebx,dword ptr ds:[eax]
006C1D28 FF53 04 call dword ptr ds:[ebx+4]
006C1D2B 6A 00 push 0
006C1D2D B9 EC236C00 mov ecx,ofdde.006C23EC ; ASCII "UserName"
006C1D32 BA 00246C00 mov edx,ofdde.006C2400 ; ASCII "Reg"
006C1D37 8B45 9C mov eax,dword ptr ss:[ebp-64]
006C1D3A 8B18 mov ebx,dword ptr ds:[eax]
006C1D3C FF53 04 call dword ptr ds:[ebx+4]
006C1D3F 6A 00 push 0
006C1D41 8D45 A8 lea eax,dword ptr ss:[ebp-58]
006C1D44 50 push eax
006C1D45 B9 54246C00 mov ecx,ofdde.006C2454 ; ASCII "KeyCode"
006C1D4A BA 00246C00 mov edx,ofdde.006C2400 ; ASCII "Reg"
006C1D4F 8B45 9C mov eax,dword ptr ss:[ebp-64]
006C1D52 8B18 mov ebx,dword ptr ds:[eax]
006C1D54 FF13 call dword ptr ds:[ebx]
006C1D56 6A 00 push 0
006C1D58 8D45 A4 lea eax,dword ptr ss:[ebp-5C]
006C1D5B 50 push eax
006C1D5C B9 EC236C00 mov ecx,ofdde.006C23EC ; ASCII "UserName"
006C1D61 BA 00246C00 mov edx,ofdde.006C2400 ; ASCII "Reg"
006C1D66 8B45 9C mov eax,dword ptr ss:[ebp-64]
006C1D69 8B18 mov ebx,dword ptr ds:[eax]
006C1D6B FF13 call dword ptr ds:[ebx]
006C1D6D 33C0 xor eax,eax
006C1D6F 5A pop edx
006C1D70 59 pop ecx
006C1D71 59 pop ecx
006C1D72 64:8910 mov dword ptr fs:[eax],edx
006C1D75 EB 0F jmp short ofdde.006C1D86
006C1D77 ^ E9 F428D4FF jmp ofdde.00404670
006C1D7C E8 A3E2D4FF call ofdde.00410024
006C1D81 E8 522CD4FF call ofdde.004049D8
006C1D86 6A 00 push 0
006C1D88 6A 00 push 0
006C1D8A 6A 00 push 0
006C1D8C 8B45 A8 mov eax,dword ptr ss:[ebp-58]
006C1D8F E8 B0ACD4FF call ofdde.0040CA44
006C1D94 DD5D 90 fstp qword ptr ss:[ebp-70]
006C1D97 9B wait
006C1D98 DD45 90 fld qword ptr ss:[ebp-70]
006C1D9B E8 C013D4FF call ofdde.00403160
006C1DA0 8945 B4 mov dword ptr ss:[ebp-4C],eax
006C1DA3 8D45 C8 lea eax,dword ptr ss:[ebp-38]
006C1DA6 E8 5D32D4FF call ofdde.00405008
006C1DAB 837D A8 00 cmp dword ptr ss:[ebp-58],0
006C1DAF 75 0D jnz short ofdde.006C1DBE
006C1DB1 8D45 A8 lea eax,dword ptr ss:[ebp-58]
006C1DB4 BA 64246C00 mov edx,ofdde.006C2464
006C1DB9 E8 E232D4FF call ofdde.004050A0
006C1DBE 8B45 A8 mov eax,dword ptr ss:[ebp-58]
006C1DC1 E8 0235D4FF call ofdde.004052C8
006C1DC6 8BF8 mov edi,eax
006C1DC8 8D45 C8 lea eax,dword ptr ss:[ebp-38]
006C1DCB E8 3832D4FF call ofdde.00405008
006C1DD0 8BC7 mov eax,edi
006C1DD2 B9 05000000 mov ecx,5
006C1DD7 99 cdq
006C1DD8 F7F9 idiv ecx
006C1DDA 85D2 test edx,edx
006C1DDC 0F85 CB010000 jnz ofdde.006C1FAD
006C1DE2 BF 01000000 mov edi,1
006C1DE7 8D45 C8 lea eax,dword ptr ss:[ebp-38]
006C1DEA E8 1932D4FF call ofdde.00405008
006C1DEF 8B45 A8 mov eax,dword ptr ss:[ebp-58]
006C1DF2 E8 D134D4FF call ofdde.004052C8
006C1DF7 B9 0A000000 mov ecx,0A
006C1DFC 99 cdq
006C1DFD F7F9 idiv ecx
006C1DFF 85C0 test eax,eax
006C1E01 0F8C A6010000 jl ofdde.006C1FAD
006C1E07 40 inc eax
006C1E08 8945 8C mov dword ptr ss:[ebp-74],eax
006C1E0B 8D45 AC lea eax,dword ptr ss:[ebp-54]
006C1E0E 50 push eax
006C1E0F B9 02000000 mov ecx,2
006C1E14 8BD7 mov edx,edi
006C1E16 8B45 A8 mov eax,dword ptr ss:[ebp-58]
006C1E19 E8 0A37D4FF call ofdde.00405528
006C1E1E 8D95 D8EDFFFF lea edx,dword ptr ss:[ebp-1228]
006C1E24 8B45 AC mov eax,dword ptr ss:[ebp-54]
006C1E27 E8 101BFFFF call ofdde.006B393C
006C1E2C 8B85 D8EDFFFF mov eax,dword ptr ss:[ebp-1228]
006C1E32 E8 7D88D4FF call ofdde.0040A6B4
006C1E37 8BD8 mov ebx,eax
006C1E39 83C7 02 add edi,2
006C1E3C 8D45 AC lea eax,dword ptr ss:[ebp-54]
006C1E3F 50 push eax
006C1E40 B9 02000000 mov ecx,2
006C1E45 8BD7 mov edx,edi
006C1E47 8B45 A8 mov eax,dword ptr ss:[ebp-58]
006C1E4A E8 D936D4FF call ofdde.00405528
006C1E4F 8D95 D4EDFFFF lea edx,dword ptr ss:[ebp-122C]
006C1E55 8B45 AC mov eax,dword ptr ss:[ebp-54]
006C1E58 E8 DF1AFFFF call ofdde.006B393C
006C1E5D 8B85 D4EDFFFF mov eax,dword ptr ss:[ebp-122C]
006C1E63 E8 4C88D4FF call ofdde.0040A6B4
006C1E68 8945 EC mov dword ptr ss:[ebp-14],eax
006C1E6B 83C7 02 add edi,2
006C1E6E 8D45 AC lea eax,dword ptr ss:[ebp-54]
006C1E71 50 push eax
006C1E72 B9 02000000 mov ecx,2
006C1E77 8BD7 mov edx,edi
006C1E79 8B45 A8 mov eax,dword ptr ss:[ebp-58]
006C1E7C E8 A736D4FF call ofdde.00405528
006C1E81 8D95 D0EDFFFF lea edx,dword ptr ss:[ebp-1230]
006C1E87 8B45 AC mov eax,dword ptr ss:[ebp-54]
006C1E8A E8 AD1AFFFF call ofdde.006B393C
006C1E8F 8B85 D0EDFFFF mov eax,dword ptr ss:[ebp-1230]
006C1E95 E8 1A88D4FF call ofdde.0040A6B4
006C1E9A 8BF0 mov esi,eax
006C1E9C 83C7 02 add edi,2
006C1E9F 8D45 AC lea eax,dword ptr ss:[ebp-54]
006C1EA2 50 push eax
006C1EA3 B9 02000000 mov ecx,2
006C1EA8 8BD7 mov edx,edi
006C1EAA 8B45 A8 mov eax,dword ptr ss:[ebp-58]
006C1EAD E8 7636D4FF call ofdde.00405528
006C1EB2 8D95 CCEDFFFF lea edx,dword ptr ss:[ebp-1234]
006C1EB8 8B45 AC mov eax,dword ptr ss:[ebp-54]
006C1EBB E8 7C1AFFFF call ofdde.006B393C
006C1EC0 8B85 CCEDFFFF mov eax,dword ptr ss:[ebp-1234]
006C1EC6 E8 E987D4FF call ofdde.0040A6B4
006C1ECB 8945 E4 mov dword ptr ss:[ebp-1C],eax
006C1ECE 83C7 02 add edi,2
006C1ED1 8D45 AC lea eax,dword ptr ss:[ebp-54]
006C1ED4 50 push eax
006C1ED5 B9 02000000 mov ecx,2
006C1EDA 8BD7 mov edx,edi
006C1EDC 8B45 A8 mov eax,dword ptr ss:[ebp-58]
006C1EDF E8 4436D4FF call ofdde.00405528
006C1EE4 8D95 C8EDFFFF lea edx,dword ptr ss:[ebp-1238]
006C1EEA 8B45 AC mov eax,dword ptr ss:[ebp-54]
006C1EED E8 4A1AFFFF call ofdde.006B393C
006C1EF2 8B85 C8EDFFFF mov eax,dword ptr ss:[ebp-1238]
006C1EF8 E8 B787D4FF call ofdde.0040A6B4
006C1EFD 8945 E0 mov dword ptr ss:[ebp-20],eax
006C1F00 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1F03 8D8485 00EEFFFF lea eax,dword ptr ss:[ebp+eax*4-120>
006C1F0A 8B4D EC mov ecx,dword ptr ss:[ebp-14]
006C1F0D 8BD3 mov edx,ebx
006C1F0F E8 0C18FFFF call ofdde.006B3720
006C1F14 8945 D0 mov dword ptr ss:[ebp-30],eax
006C1F17 83C7 02 add edi,2
006C1F1A 837D D0 00 cmp dword ptr ss:[ebp-30],0
006C1F1E 0F84 80000000 je ofdde.006C1FA4
006C1F24 8B45 D0 mov eax,dword ptr ss:[ebp-30]
006C1F27 E8 C469D4FF call ofdde.004088F0
006C1F2C 25 FF000000 and eax,0FF
006C1F31 8945 DC mov dword ptr ss:[ebp-24],eax
006C1F34 8B45 D0 mov eax,dword ptr ss:[ebp-30]
006C1F37 E8 B869D4FF call ofdde.004088F4
006C1F3C 25 FF000000 and eax,0FF
006C1F41 8945 D8 mov dword ptr ss:[ebp-28],eax
006C1F44 8B45 D0 mov eax,dword ptr ss:[ebp-30]
006C1F47 E8 AC69D4FF call ofdde.004088F8
006C1F4C 25 FF000000 and eax,0FF
006C1F51 8945 D4 mov dword ptr ss:[ebp-2C],eax
006C1F54 8B45 DC mov eax,dword ptr ss:[ebp-24]
006C1F57 03C6 add eax,esi
006C1F59 50 push eax
006C1F5A 8B45 E4 mov eax,dword ptr ss:[ebp-1C]
006C1F5D 0345 D8 add eax,dword ptr ss:[ebp-28]
006C1F60 50 push eax
006C1F61 8B45 E0 mov eax,dword ptr ss:[ebp-20]
006C1F64 0345 D4 add eax,dword ptr ss:[ebp-2C]
006C1F67 50 push eax
006C1F68 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1F6B 8D8485 00EEFFFF lea eax,dword ptr ss:[ebp+eax*4-120>
006C1F72 8B4D EC mov ecx,dword ptr ss:[ebp-14]
006C1F75 8BD3 mov edx,ebx
006C1F77 E8 4017FFFF call ofdde.006B36BC
006C1F7C 0375 DC add esi,dword ptr ss:[ebp-24]
006C1F7F 8B45 E0 mov eax,dword ptr ss:[ebp-20]
006C1F82 0345 D4 add eax,dword ptr ss:[ebp-2C]
006C1F85 23F0 and esi,eax
006C1F87 8B45 E4 mov eax,dword ptr ss:[ebp-1C]
006C1F8A 0345 D8 add eax,dword ptr ss:[ebp-28]
006C1F8D 23F0 and esi,eax
006C1F8F 8B45 BC mov eax,dword ptr ss:[ebp-44]
006C1F92 48 dec eax
006C1F93 3BF0 cmp esi,eax
006C1F95 75 0D jnz short ofdde.006C1FA4
006C1F97 8D45 C8 lea eax,dword ptr ss:[ebp-38]
006C1F9A BA 70246C00 mov edx,ofdde.006C2470
006C1F9F E8 2C33D4FF call ofdde.004052D0
006C1FA4 FF4D 8C dec dword ptr ss:[ebp-74]
006C1FA7 ^ 0F85 5EFEFFFF jnz ofdde.006C1E0B
006C1FAD 8B45 BC mov eax,dword ptr ss:[ebp-44]
006C1FB0 48 dec eax
006C1FB1 85C0 test eax,eax
006C1FB3 7C 51 jl short ofdde.006C2006
006C1FB5 40 inc eax
006C1FB6 8945 8C mov dword ptr ss:[ebp-74],eax
006C1FB9 C745 EC 00000000 mov dword ptr ss:[ebp-14],0
006C1FC0 8B75 BC mov esi,dword ptr ss:[ebp-44]
006C1FC3 4E dec esi
006C1FC4 85F6 test esi,esi
006C1FC6 7C 3E jl short ofdde.006C2006
006C1FC8 46 inc esi
006C1FC9 33DB xor ebx,ebx
006C1FCB 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C1FCE 8D8485 00EEFFFF lea eax,dword ptr ss:[ebp+eax*4-120>
006C1FD5 8B4D EC mov ecx,dword ptr ss:[ebp-14]
006C1FD8 8BD3 mov edx,ebx
006C1FDA E8 4117FFFF call ofdde.006B3720
006C1FDF 8945 D0 mov dword ptr ss:[ebp-30],eax
006C1FE2 817D D0 02000100 cmp dword ptr ss:[ebp-30],10002 ; UNICODE "LLUSERSPROFILE=C:\Documents and Settings\All Users"
006C1FE9 75 0D jnz short ofdde.006C1FF8
006C1FEB 8D45 C8 lea eax,dword ptr ss:[ebp-38]
006C1FEE BA 7C246C00 mov edx,ofdde.006C247C
006C1FF3 E8 D832D4FF call ofdde.004052D0
006C1FF8 43 inc ebx
006C1FF9 4E dec esi
006C1FFA ^ 75 CF jnz short ofdde.006C1FCB
006C1FFC EB 08 jmp short ofdde.006C2006
006C1FFE FF45 EC inc dword ptr ss:[ebp-14]
006C2001 FF4D 8C dec dword ptr ss:[ebp-74]
006C2004 ^ 75 BA jnz short ofdde.006C1FC0
006C2006 8B45 C4 mov eax,dword ptr ss:[ebp-3C]
006C2009 8B8485 00EEFFFF mov eax,dword ptr ss:[ebp+eax*4-120>
006C2010 E8 6721D4FF call ofdde.0040417C
006C2015 837D A4 00 cmp dword ptr ss:[ebp-5C],0
006C2019 74 1A je short ofdde.006C2035
006C201B FF75 A4 push dword ptr ss:[ebp-5C]
006C201E 68 0C246C00 push ofdde.006C240C
006C2023 68 0C246C00 push ofdde.006C240C
006C2028 8D45 A4 lea eax,dword ptr ss:[ebp-5C]
006C202B BA 03000000 mov edx,3
006C2030 E8 5333D4FF call ofdde.00405388
006C2035 837D A4 00 cmp dword ptr ss:[ebp-5C],0
006C2039 75 08 jnz short ofdde.006C2043
006C203B 8D45 C8 lea eax,dword ptr ss:[ebp-38]
006C203E E8 C52FD4FF call ofdde.00405008
006C2043 8B55 C8 mov edx,dword ptr ss:[ebp-38]
006C2046 B8 88246C00 mov eax,ofdde.006C2488 ; ASCII "yyyy"
006C204B E8 BC35D4FF call ofdde.0040560C
006C2050 85C0 test eax,eax
006C2052 0F8E 59010000 jle ofdde.006C21B1
006C2058 8B45 C8 mov eax,dword ptr ss:[ebp-38]
006C205B E8 6832D4FF call ofdde.004052C8
006C2060 83F8 04 cmp eax,4
006C2063 0F85 48010000 jnz ofdde.006C21B1
006C2069 C605 F1FB7600 00 mov byte ptr ds:[76FBF1],0
006C2070 B8 F4010000 mov eax,1F4
006C2075 E8 8616D4FF call ofdde.00403700
006C207A 8BD0 mov edx,eax
006C207C 8B45 FC mov eax,dword ptr ss:[ebp-4]
006C207F 8B80 C0030000 mov eax,dword ptr ds:[eax+3C0]
006C2085 E8 C6C4D7FF call ofdde.0043E550
006C208A 8B45 FC mov eax,dword ptr ss:[ebp-4]
006C208D 8B80 C0030000 mov eax,dword ptr ds:[eax+3C0]
006C2093 B2 01 mov dl,1
006C2095 E8 A6C4D7FF call ofdde.0043E540
006C209A 8D85 C4EDFFFF lea eax,dword ptr ss:[ebp-123C]
006C20A0 8B4D A4 mov ecx,dword ptr ss:[ebp-5C]
006C20A3 BA 98246C00 mov edx,ofdde.006C2498 ; ASCII "Registered to "
006C20A8 E8 6732D4FF call ofdde.00405314
006C20AD 8B95 C4EDFFFF mov edx,dword ptr ss:[ebp-123C]
006C20B3 A1 34086E00 mov eax,dword ptr ds:[6E0834]
006C20B8 8B00 mov eax,dword ptr ds:[eax]
006C20BA 8B80 14030000 mov eax,dword ptr ds:[eax+314]
006C20C0 E8 0B0FDBFF call ofdde.00472FD0
006C20C5 A1 34086E00 mov eax,dword ptr ds:[6E0834]
006C20CA 8B00 mov eax,dword ptr ds:[eax]
006C20CC 8B80 14030000 mov eax,dword ptr ds:[eax+314]
006C20D2 B2 01 mov dl,1
006C20D4 E8 7B4ADAFF call ofdde.00466B54
006C20D9 C605 6CFC7600 01 mov byte ptr ds:[76FC6C],1
006C20E0 837D A4 00 cmp dword ptr ss:[ebp-5C],0
006C20E4 74 53 je short ofdde.006C2139
006C20E6 B8 08FC7600 mov eax,ofdde.0076FC08
006C20EB BA B0246C00 mov edx,ofdde.006C24B0
最顶上那句,改成mov eax,1
第二句是不是ret 或是NOP 呢。
因为报错往上一句跳往了该处,应该是个总路口,
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
