[求助]某游戏辅助工具的问题-付费问答-看雪-安全社区|安全招聘|kanxue.com

最新回复 (12)
zpcsa 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 47 粉丝 0 关注私信	zpcsa 2 楼 004AACB8 /. 55 push ebp ; 004AACB9 \|. 8BEC mov ebp, esp 004AACBB \|. 33C9 xor ecx, ecx 004AACBD \|. 51 push ecx 004AACBE \|. 51 push ecx 004AACBF \|. 51 push ecx 004AACC0 \|. 51 push ecx 004AACC1 \|. 51 push ecx 004AACC2 \|. 53 push ebx 004AACC3 \|. 56 push esi 004AACC4 \|. 57 push edi 004AACC5 \|. 8BD8 mov ebx, eax 004AACC7 \|. 33C0 xor eax, eax 004AACC9 \|. 55 push ebp 004AACCA \|. 68 03AF4A00 push 004AAF03 004AACCF \|. 64:FF30 push dword ptr fs:[eax] 004AACD2 \|. 64:8920 mov dword ptr fs:[eax], esp 004AACD5 \|. E8 3EECFFFF call 004A9918 004AACDA \|. A1 3C224D00 mov eax, dword ptr [4D223C] 004AACDF \|. E8 ECE3F5FF call 004090D0 004AACE4 \|. 84C0 test al, al 004AACE6 \|. 74 10 je short 004AACF8 004AACE8 \|. A1 3C224D00 mov eax, dword ptr [4D223C] 004AACED \|. E8 8A9AF5FF call 0040477C 004AACF2 \|. 50 push eax ; /FileName 004AACF3 \|. E8 34BCF5FF call <jmp.&kernel32.DeleteFileA> ; \DeleteFileA 004AACF8 \|> E8 6B7EF5FF call 00402B68 004AACFD \|. E8 5281F5FF call 00402E54 004AAD02 \|. D80D 14AF4A00 fmul dword ptr [4AAF14] 004AAD08 \|. 83C4 F4 add esp, -0C 004AAD0B \|. DB3C24 fstp tbyte ptr [esp] ; \| 004AAD0E \|. 9B wait ; \| 004AAD0F \|. 8D45 F4 lea eax, dword ptr [ebp-C] ; \| 004AAD12 \|. E8 A9F6F5FF call 0040A3C0 ; \zxpj.0040A3C0 004AAD17 \|. 8B55 F4 mov edx, dword ptr [ebp-C] 004AAD1A \|. 8BC3 mov eax, ebx 004AAD1C \|. E8 7F45FAFF call 0044F2A0 004AAD21 \|. 8D45 FC lea eax, dword ptr [ebp-4] 004AAD24 \|. BA 20AF4A00 mov edx, 004AAF20 ; ASCII "ABCDEFGHIJKLMNPQRSTUVWXY123456789" 004AAD29 \|. E8 0A96F5FF call 00404338 004AAD2E \|. BE 04000000 mov esi, 4 004AAD33 \|> 8B45 FC /mov eax, dword ptr [ebp-4] 004AAD36 \|. E8 4198F5FF \|call 0040457C 004AAD3B \|. 48 \|dec eax 004AAD3C \|. E8 F780F5FF \|call 00402E38 004AAD41 \|. 8B55 FC \|mov edx, dword ptr [ebp-4] 004AAD44 \|. 8A1402 \|mov dl, byte ptr [edx+eax] 004AAD47 \|. 8D45 F0 \|lea eax, dword ptr [ebp-10] 004AAD4A \|. E8 3997F5FF \|call 00404488 004AAD4F \|. 8B55 F0 \|mov edx, dword ptr [ebp-10] 004AAD52 \|. 8D45 F8 \|lea eax, dword ptr [ebp-8] 004AAD55 \|. E8 2A98F5FF \|call 00404584 004AAD5A \|. 4E \|dec esi 004AAD5B \|.^ 75 D6 \jnz short 004AAD33 004AAD5D \|. 8D45 EC lea eax, dword ptr [ebp-14] 004AAD60 \|. B9 4CAF4A00 mov ecx, 004AAF4C ; ASCII ".dll" 004AAD65 \|. 8B55 F8 mov edx, dword ptr [ebp-8] 004AAD68 \|. E8 5B98F5FF call 004045C8 004AAD6D \|. 8B45 EC mov eax, dword ptr [ebp-14] 004AAD70 \|. E8 079AF5FF call 0040477C 004AAD75 \|. 8BD0 mov edx, eax 004AAD77 \|. B8 3C224D00 mov eax, 004D223C 004AAD7C \|. E8 1797F5FF call 00404498 004AAD81 \|. B8 54AF4A00 mov eax, 004AAF54 ; ASCII "Element Client" 004AAD86 \|. E8 2DEBFFFF call 004A98B8 004AAD8B \|. E8 C8D5FFFF call 004A8358 004AAD90 \|. C683 0C050000>mov byte ptr [ebx+50C], 0 004AAD97 \|. A1 20FA4C00 mov eax, dword ptr [4CFA20] 004AAD9C \|. 83B8 09030000>cmp dword ptr [eax+309], 0 004AADA3 \|. 0F84 3F010000 je 004AAEE8 004AADA9 \|. A1 6C004D00 mov eax, dword ptr [4D006C] 004AADAE \|. 8338 00 cmp dword ptr [eax], 0 004AADB1 \|. 0F84 31010000 je 004AAEE8 004AADB7 \|. 8B15 20FA4C00 mov edx, dword ptr [4CFA20] ; zxpj.004D1D88 004AADBD \|. 8B92 09030000 mov edx, dword ptr [edx+309] 004AADC3 \|. 8B83 24030000 mov eax, dword ptr [ebx+324] 004AADC9 \|. E8 D244FAFF call 0044F2A0 004AADCE \|. 8B83 58030000 mov eax, dword ptr [ebx+358] 004AADD4 \|. 8B10 mov edx, dword ptr [eax] 004AADD6 \|. FF52 50 call dword ptr [edx+50] 004AADD9 \|. 84C0 test al, al 004AADDB \|. 75 49 jnz short 004AAE26 004AADDD \|. 8B0D 3C224D00 mov ecx, dword ptr [4D223C] 004AADE3 \|. BA 6CAF4A00 mov edx, 004AAF6C ; ASCII "DLLTYPE" 004AADE8 \|. B8 7CAF4A00 mov eax, 004AAF7C ; ASCII "id1" 004AADED \|. E8 DA190000 call 004AC7CC 004AADF2 \|. A1 3C224D00 mov eax, dword ptr [4D223C] 004AADF7 \|. E8 8099F5FF call 0040477C 004AADFC \|. 50 push eax ; /FileName 004AADFD \|. E8 E2BCF5FF call <jmp.&kernel32.LoadLibraryA> ; \LoadLibraryA 004AAE02 \|. 8BF0 mov esi, eax 004AAE04 \|. 68 80AF4A00 push 004AAF80 ; /ProcNameOrOrdinal = "qwe1" 004AAE09 \|. 56 push esi ; \|hModule 004AAE0A \|. E8 0DBCF5FF call <jmp.&kernel32.GetProcAddress> ; \GetProcAddress 004AAE0F \|. 89C7 mov edi, eax 004AAE11 \|. A1 6C004D00 mov eax, dword ptr [4D006C] 004AAE16 \|. 8B00 mov eax, dword ptr [eax] 004AAE18 \|. 50 push eax 004AAE19 \|. FFD7 call edi 004AAE1B \|. 56 push esi ; /hLibModule 004AAE1C \|. E8 53BBF5FF call <jmp.&kernel32.FreeLibrary> ; \FreeLibrary 004AAE21 \|. E8 4AEFFFFF call 004A9D70 004AAE26 \|> B2 01 mov dl, 1 004AAE28 \|. 8B83 28030000 mov eax, dword ptr [ebx+328] 004AAE2E \|. E8 01A3F8FF call 00435134 004AAE33 \|. B2 01 mov dl, 1 004AAE35 \|. 8B83 38030000 mov eax, dword ptr [ebx+338] 004AAE3B \|. 8B08 mov ecx, dword ptr [eax] 004AAE3D \|. FF51 64 call dword ptr [ecx+64] 004AAE40 \|. B2 01 mov dl, 1 004AAE42 \|. 8B83 58030000 mov eax, dword ptr [ebx+358] 004AAE48 \|. 8B08 mov ecx, dword ptr [eax] 004AAE4A \|. FF51 64 call dword ptr [ecx+64] 004AAE4D \|. B2 01 mov dl, 1 004AAE4F \|. 8B83 F8030000 mov eax, dword ptr [ebx+3F8] 004AAE55 \|. 8B08 mov ecx, dword ptr [eax] 004AAE57 \|. FF51 64 call dword ptr [ecx+64] 004AAE5A \|. 68 88AF4A00 push 004AAF88 ; /AtomName = "UserDefineHotKey" 004AAE5F \|. E8 20BCF5FF call <jmp.&kernel32.GlobalAddAtomA> ; \GlobalAddAtomA 004AAE64 \|. 66:2D 00C0 sub ax, 0C000 004AAE68 \|. 66:A3 32224D0>mov word ptr [4D2232], ax 004AAE6E \|. 8B83 44040000 mov eax, dword ptr [ebx+444] 004AAE74 \|. E8 33E4F8FF call 004392AC 004AAE79 \|. 0FB7C0 movzx eax, ax 004AAE7C \|. 50 push eax 004AAE7D \|. 6A 01 push 1 004AAE7F \|. 0FB705 32224D>movzx eax, word ptr [4D2232] 004AAE86 \|. 50 push eax 004AAE87 \|. 8BC3 mov eax, ebx 004AAE89 \|. E8 02ACFAFF call 00455A90 004AAE8E \|. 50 push eax ; \|hWnd 004AAE8F \|. E8 D0C3F5FF call <jmp.&user32.RegisterHotKey> ; \RegisterHotKey 004AAE94 \|. 68 9CAF4A00 push 004AAF9C ; /AtomName = "UserDefineHot" 004AAE99 \|. E8 E6BBF5FF call <jmp.&kernel32.GlobalAddAtomA> ; \GlobalAddAtomA 004AAE9E \|. 66:2D 00C0 sub ax, 0C000 004AAEA2 \|. 66:A3 34224D0>mov word ptr [4D2234], ax 004AAEA8 \|. 8B83 48040000 mov eax, dword ptr [ebx+448] 004AAEAE \|. E8 F9E3F8FF call 004392AC 004AAEB3 \|. 0FB7C0 movzx eax, ax 004AAEB6 \|. 50 push eax 004AAEB7 \|. 6A 01 push 1 004AAEB9 \|. 0FB705 34224D>movzx eax, word ptr [4D2234] 004AAEC0 \|. 50 push eax 004AAEC1 \|. 8BC3 mov eax, ebx 004AAEC3 \|. E8 C8ABFAFF call 00455A90 004AAEC8 \|. 50 push eax ; \|hWnd 004AAEC9 \|. E8 96C3F5FF call <jmp.&user32.RegisterHotKey> ; \RegisterHotKey 004AAECE \|. 33D2 xor edx, edx 004AAED0 \|. 8B83 44040000 mov eax, dword ptr [ebx+444] 004AAED6 \|. 8B08 mov ecx, dword ptr [eax] 004AAED8 \|. FF51 64 call dword ptr [ecx+64] 004AAEDB \|. 33D2 xor edx, edx 004AAEDD \|. 8B83 48040000 mov eax, dword ptr [ebx+448] 004AAEE3 \|. 8B08 mov ecx, dword ptr [eax] 004AAEE5 \|. FF51 64 call dword ptr [ecx+64] 004AAEE8 \|> 33C0 xor eax, eax 004AAEEA \|. 5A pop edx 004AAEEB \|. 59 pop ecx 004AAEEC \|. 59 pop ecx 004AAEED \|. 64:8910 mov dword ptr fs:[eax], edx 004AAEF0 \|. 68 0AAF4A00 push 004AAF0A 004AAEF5 \|> 8D45 EC lea eax, dword ptr [ebp-14] 004AAEF8 \|. BA 05000000 mov edx, 5 004AAEFD \|. E8 C293F5FF call 004042C4 004AAF02 \. C3 retn 004AAF03 .^ E9 F88CF5FF jmp 00403C00 004AAF08 .^ EB EB jmp short 004AAEF5 004AAF0A . 5F pop edi 004AAF0B . 5E pop esi 004AAF0C . 5B pop ebx 004AAF0D . 8BE5 mov esp, ebp 004AAF0F . 5D pop ebp 004AAF10 . C3 retn 2007-7-15 21:28 0
zpcsa 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 47 粉丝 0 关注私信	zpcsa 3 楼是检测　　按下后的情况 2007-7-15 21:32 0
jackxx 雪币： 201 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 77 粉丝 0 关注私信	jackxx 4 楼诛仙外挂吧？用得着这么神秘吗，说出来就是了。 2007-7-15 21:40 0
zpcsa 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 47 粉丝 0 关注私信	zpcsa 5 楼．．．没神秘啊 2007-7-15 21:45 0
zpcsa 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 47 粉丝 0 关注私信	zpcsa 6 楼我不能传　要不就传上来了 2007-7-15 21:46 0
zpcsa 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 47 粉丝 0 关注私信	zpcsa 7 楼个人兴趣，想研究下，没想传播哦．．．．．． 2007-7-15 21:48 0
jackxx 雪币： 201 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 77 粉丝 0 关注私信	jackxx 8 楼这外挂叫什么名？ 2007-7-15 22:02 0
zpcsa 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 47 粉丝 0 关注私信	zpcsa 9 楼猪仙助手．．．． 2007-7-15 22:06 0
choatrue 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 1 粉丝 0 关注私信	choatrue 10 楼貌似这个外挂不好用。。。建议你换一个叫鑫金的外挂。。。 2007-7-15 22:29 0
liuxinwudi 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 6 粉丝 0 关注私信	liuxinwudi 11 楼网络验证怎么饶过的？？？那有资料想学习下 2007-7-15 22:33 0
zpcsa 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 47 粉丝 0 关注私信	zpcsa 12 楼我没玩游戏，只是想研究下。。。。。 2007-7-15 23:09 0
zpcsa 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 47 粉丝 0 关注私信	zpcsa 13 楼我只是查找网络验证的部分，然后跳过而已，我也是刚学破解的。。。 2007-7-15 23:10 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

zpcsa

雪币： 200

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

9

回帖

47

粉丝

0

关注

私信

zpcsa: 2 楼

004AACB8  /.  55          push ebp                            ;  004AACB9  |.  8BEC       mov    ebp, esp
004AACBB  |.  33C9       xor    ecx, ecx
004AACBD  |.  51          push ecx
004AACBE  |.  51          push ecx
004AACBF  |.  51          push ecx
004AACC0  |.  51          push ecx
004AACC1  |.  51          push ecx
004AACC2  |.  53          push ebx
004AACC3  |.  56          push esi
004AACC4  |.  57          push edi
004AACC5  |.  8BD8       mov    ebx, eax
004AACC7  |.  33C0       xor    eax, eax
004AACC9  |.  55          push ebp
004AACCA  |.  68 03AF4A00 push 004AAF03
004AACCF  |.  64:FF30    push dword ptr fs:[eax]
004AACD2  |.  64:8920    mov    dword ptr fs:[eax], esp
004AACD5  |.  E8 3EECFFFF call 004A9918
004AACDA  |.  A1 3C224D00 mov    eax, dword ptr [4D223C]
004AACDF  |.  E8 ECE3F5FF call 004090D0
004AACE4  |.  84C0       test al, al
004AACE6  |.  74 10       je    short 004AACF8
004AACE8  |.  A1 3C224D00 mov    eax, dword ptr [4D223C]
004AACED  |.  E8 8A9AF5FF call 0040477C
004AACF2  |.  50          push eax                            ; /FileName
004AACF3  |.  E8 34BCF5FF call <jmp.&kernel32.DeleteFileA>    ; \DeleteFileA
004AACF8  |>  E8 6B7EF5FF call 00402B68
004AACFD  |.  E8 5281F5FF call 00402E54
004AAD02  |.  D80D 14AF4A00 fmul dword ptr [4AAF14]
004AAD08  |.  83C4 F4    add    esp, -0C
004AAD0B  |.  DB3C24       fstp tbyte ptr [esp]                ; |
004AAD0E  |.  9B          wait                                  ; |
004AAD0F  |.  8D45 F4    lea    eax, dword ptr [ebp-C]          ; |
004AAD12  |.  E8 A9F6F5FF call 0040A3C0                      ; \zxpj.0040A3C0
004AAD17  |.  8B55 F4    mov    edx, dword ptr [ebp-C]
004AAD1A  |.  8BC3       mov    eax, ebx
004AAD1C  |.  E8 7F45FAFF call 0044F2A0
004AAD21  |.  8D45 FC    lea    eax, dword ptr [ebp-4]
004AAD24  |.  BA 20AF4A00 mov    edx, 004AAF20                   ;  ASCII "ABCDEFGHIJKLMNPQRSTUVWXY123456789"
004AAD29  |.  E8 0A96F5FF call 00404338
004AAD2E  |.  BE 04000000 mov    esi, 4
004AAD33  |>  8B45 FC    /mov    eax, dword ptr [ebp-4]
004AAD36  |.  E8 4198F5FF |call 0040457C
004AAD3B  |.  48          |dec    eax
004AAD3C  |.  E8 F780F5FF |call 00402E38
004AAD41  |.  8B55 FC    |mov    edx, dword ptr [ebp-4]
004AAD44  |.  8A1402       |mov    dl, byte ptr [edx+eax]
004AAD47  |.  8D45 F0    |lea    eax, dword ptr [ebp-10]
004AAD4A  |.  E8 3997F5FF |call 00404488
004AAD4F  |.  8B55 F0    |mov    edx, dword ptr [ebp-10]
004AAD52  |.  8D45 F8    |lea    eax, dword ptr [ebp-8]
004AAD55  |.  E8 2A98F5FF |call 00404584
004AAD5A  |.  4E          |dec    esi
004AAD5B  |.^ 75 D6       \jnz    short 004AAD33
004AAD5D  |.  8D45 EC    lea    eax, dword ptr [ebp-14]
004AAD60  |.  B9 4CAF4A00 mov    ecx, 004AAF4C                   ;  ASCII ".dll"
004AAD65  |.  8B55 F8    mov    edx, dword ptr [ebp-8]
004AAD68  |.  E8 5B98F5FF call 004045C8
004AAD6D  |.  8B45 EC    mov    eax, dword ptr [ebp-14]
004AAD70  |.  E8 079AF5FF call 0040477C
004AAD75  |.  8BD0       mov    edx, eax
004AAD77  |.  B8 3C224D00 mov    eax, 004D223C
004AAD7C  |.  E8 1797F5FF call 00404498
004AAD81  |.  B8 54AF4A00 mov    eax, 004AAF54                   ;  ASCII "Element Client"
004AAD86  |.  E8 2DEBFFFF call 004A98B8
004AAD8B  |.  E8 C8D5FFFF call 004A8358
004AAD90  |.  C683 0C050000>mov    byte ptr [ebx+50C], 0
004AAD97  |.  A1 20FA4C00 mov    eax, dword ptr [4CFA20]
004AAD9C  |.  83B8 09030000>cmp    dword ptr [eax+309], 0
004AADA3  |.  0F84 3F010000 je    004AAEE8
004AADA9  |.  A1 6C004D00 mov    eax, dword ptr [4D006C]
004AADAE  |.  8338 00    cmp    dword ptr [eax], 0
004AADB1  |.  0F84 31010000 je    004AAEE8
004AADB7  |.  8B15 20FA4C00 mov    edx, dword ptr [4CFA20]       ;  zxpj.004D1D88
004AADBD  |.  8B92 09030000 mov    edx, dword ptr [edx+309]
004AADC3  |.  8B83 24030000 mov    eax, dword ptr [ebx+324]
004AADC9  |.  E8 D244FAFF call 0044F2A0
004AADCE  |.  8B83 58030000 mov    eax, dword ptr [ebx+358]
004AADD4  |.  8B10       mov    edx, dword ptr [eax]
004AADD6  |.  FF52 50    call dword ptr [edx+50]
004AADD9  |.  84C0       test al, al
004AADDB  |.  75 49       jnz    short 004AAE26
004AADDD  |.  8B0D 3C224D00 mov    ecx, dword ptr [4D223C]
004AADE3  |.  BA 6CAF4A00 mov    edx, 004AAF6C                   ;  ASCII "DLLTYPE"
004AADE8  |.  B8 7CAF4A00 mov    eax, 004AAF7C                   ;  ASCII "id1"
004AADED  |.  E8 DA190000 call 004AC7CC
004AADF2  |.  A1 3C224D00 mov    eax, dword ptr [4D223C]
004AADF7  |.  E8 8099F5FF call 0040477C
004AADFC  |.  50          push eax                            ; /FileName
004AADFD  |.  E8 E2BCF5FF call <jmp.&kernel32.LoadLibraryA>    ; \LoadLibraryA
004AAE02  |.  8BF0       mov    esi, eax
004AAE04  |.  68 80AF4A00 push 004AAF80                      ; /ProcNameOrOrdinal = "qwe1"
004AAE09  |.  56          push esi                            ; |hModule
004AAE0A  |.  E8 0DBCF5FF call <jmp.&kernel32.GetProcAddress> ; \GetProcAddress
004AAE0F  |.  89C7       mov    edi, eax
004AAE11  |.  A1 6C004D00 mov    eax, dword ptr [4D006C]
004AAE16  |.  8B00       mov    eax, dword ptr [eax]
004AAE18  |.  50          push eax
004AAE19  |.  FFD7       call edi
004AAE1B  |.  56          push esi                            ; /hLibModule
004AAE1C  |.  E8 53BBF5FF call <jmp.&kernel32.FreeLibrary>    ; \FreeLibrary
004AAE21  |.  E8 4AEFFFFF call 004A9D70
004AAE26  |>  B2 01       mov    dl, 1
004AAE28  |.  8B83 28030000 mov    eax, dword ptr [ebx+328]
004AAE2E  |.  E8 01A3F8FF call 00435134
004AAE33  |.  B2 01       mov    dl, 1
004AAE35  |.  8B83 38030000 mov    eax, dword ptr [ebx+338]
004AAE3B  |.  8B08       mov    ecx, dword ptr [eax]
004AAE3D  |.  FF51 64    call dword ptr [ecx+64]
004AAE40  |.  B2 01       mov    dl, 1
004AAE42  |.  8B83 58030000 mov    eax, dword ptr [ebx+358]
004AAE48  |.  8B08       mov    ecx, dword ptr [eax]
004AAE4A  |.  FF51 64    call dword ptr [ecx+64]
004AAE4D  |.  B2 01       mov    dl, 1
004AAE4F  |.  8B83 F8030000 mov    eax, dword ptr [ebx+3F8]
004AAE55  |.  8B08       mov    ecx, dword ptr [eax]
004AAE57  |.  FF51 64    call dword ptr [ecx+64]
004AAE5A  |.  68 88AF4A00 push 004AAF88                      ; /AtomName = "UserDefineHotKey"
004AAE5F  |.  E8 20BCF5FF call <jmp.&kernel32.GlobalAddAtomA> ; \GlobalAddAtomA
004AAE64  |.  66:2D 00C0 sub    ax, 0C000
004AAE68  |.  66:A3 32224D0>mov    word ptr [4D2232], ax
004AAE6E  |.  8B83 44040000 mov    eax, dword ptr [ebx+444]
004AAE74  |.  E8 33E4F8FF call 004392AC
004AAE79  |.  0FB7C0       movzx eax, ax
004AAE7C  |.  50          push eax
004AAE7D  |.  6A 01       push 1
004AAE7F  |.  0FB705 32224D>movzx eax, word ptr [4D2232]
004AAE86  |.  50          push eax
004AAE87  |.  8BC3       mov    eax, ebx
004AAE89  |.  E8 02ACFAFF call 00455A90
004AAE8E  |.  50          push eax                            ; |hWnd
004AAE8F  |.  E8 D0C3F5FF call <jmp.&user32.RegisterHotKey>    ; \RegisterHotKey
004AAE94  |.  68 9CAF4A00 push 004AAF9C                      ; /AtomName = "UserDefineHot"
004AAE99  |.  E8 E6BBF5FF call <jmp.&kernel32.GlobalAddAtomA> ; \GlobalAddAtomA
004AAE9E  |.  66:2D 00C0 sub    ax, 0C000
004AAEA2  |.  66:A3 34224D0>mov    word ptr [4D2234], ax
004AAEA8  |.  8B83 48040000 mov    eax, dword ptr [ebx+448]
004AAEAE  |.  E8 F9E3F8FF call 004392AC
004AAEB3  |.  0FB7C0       movzx eax, ax
004AAEB6  |.  50          push eax
004AAEB7  |.  6A 01       push 1
004AAEB9  |.  0FB705 34224D>movzx eax, word ptr [4D2234]
004AAEC0  |.  50          push eax
004AAEC1  |.  8BC3       mov    eax, ebx
004AAEC3  |.  E8 C8ABFAFF call 00455A90
004AAEC8  |.  50          push eax                            ; |hWnd
004AAEC9  |.  E8 96C3F5FF call <jmp.&user32.RegisterHotKey>    ; \RegisterHotKey
004AAECE  |.  33D2       xor    edx, edx
004AAED0  |.  8B83 44040000 mov    eax, dword ptr [ebx+444]
004AAED6  |.  8B08       mov    ecx, dword ptr [eax]
004AAED8  |.  FF51 64    call dword ptr [ecx+64]
004AAEDB  |.  33D2       xor    edx, edx
004AAEDD  |.  8B83 48040000 mov    eax, dword ptr [ebx+448]
004AAEE3  |.  8B08       mov    ecx, dword ptr [eax]
004AAEE5  |.  FF51 64    call dword ptr [ecx+64]
004AAEE8  |>  33C0       xor    eax, eax
004AAEEA  |.  5A          pop    edx
004AAEEB  |.  59          pop    ecx
004AAEEC  |.  59          pop    ecx
004AAEED  |.  64:8910    mov    dword ptr fs:[eax], edx
004AAEF0  |.  68 0AAF4A00 push 004AAF0A
004AAEF5  |>  8D45 EC    lea    eax, dword ptr [ebp-14]
004AAEF8  |.  BA 05000000 mov    edx, 5
004AAEFD  |.  E8 C293F5FF call 004042C4
004AAF02  \.  C3          retn
004AAF03 .^ E9 F88CF5FF jmp    00403C00
004AAF08 .^ EB EB       jmp    short 004AAEF5
004AAF0A .  5F          pop    edi
004AAF0B .  5E          pop    esi
004AAF0C .  5B          pop    ebx
004AAF0D .  8BE5       mov    esp, ebp
004AAF0F .  5D          pop    ebp
004AAF10 .  C3          retn

2007-7-15 21:28

0