006CB059 . E8 F63CD4FF call <jmp.&user32.MessageBoxW> ; \MessageBoxW
008F51C4 . E8 275EDDFF call 006CAFF0
008F51C9 . A1 70FABF00 mov eax, dword ptr [0xBFFA70]
008F51CE . 8B00 mov eax, dword ptr [eax]
008F51D0 . 8B80 AC030000 mov eax, dword ptr [eax+0x3AC]
008F51D6 . 33D2 xor edx, edx
008F51D8 . 8B08 mov ecx, dword ptr [eax]
008F51DA . FF51 68 call dword ptr [ecx+0x68]
008F51DD . 33C0 xor eax, eax
008F51DF . E8 205DDDFF call 006CAF04
008F51E4 . EB 0A jmp short 008F51F0
008F51E6 > B8 24538F00 mov eax, 008F5324 ; UNICODE "Sorry, but the entered License is not valid!"
008F51EB . E8 005EDDFF call 006CAFF0
008F5150 . E8 13D8DDFF call 006D2968
008F5155 . 837D F0 00 cmp dword ptr [ebp-0x10], 0x0
008F5159 . 0F84 87000000 je 008F51E6 ; 这一句感觉 超级重要
008F515F . 8D55 E8 lea edx, dword ptr [ebp-0x18]
008F5162 . A1 FCFEBF00 mov eax, dword ptr [0xBFFEFC]
008F5167 . 8B40 04 mov eax, dword ptr [eax+0x4]
008F516A . E8 1598DDFF call 006CE984
008F516F . FF75 E8 push dword ptr [ebp-0x18]
008F5172 . 68 40528F00 push 008F5240 ; UNICODE "notekey"
008F5177 . 68 5C528F00 push 008F525C
008F517C . 68 6C528F00 push 008F526C ; UNICODE ".bin"
008F5181 . 8D45 EC lea eax, dword ptr [ebp-0x14]
008F5184 . BA 04000000 mov edx, 0x4
008F5189 . E8 7E38B1FF call 00408A0C
008F518E . 8B45 EC mov eax, dword ptr [ebp-0x14]
008F5191 . 8B55 FC mov edx, dword ptr [ebp-0x4]
008F5194 . E8 FBB8DDFF call 006D0A94
008F5199 . 68 84528F00 push 008F5284 ; UNICODE "Registration complete."
008F519E . A1 3CFABF00 mov eax, dword ptr [0xBFFA3C]
008F51A3 . FF30 push dword ptr [eax]
008F51A5 . 68 C0528F00 push 008F52C0 ; UNICODE "Please restart "
008F51AA . 68 EC528F00 push 008F52EC ; UNICODE "AM-Notebook"
008F51AF . 68 10538F00 push 008F5310 ; UNICODE " !"
008F51B4 . 8D45 E4 lea eax, dword ptr [ebp-0x1C]
008F51B7 . BA 05000000 mov edx, 0x5
008F51BC . E8 4B38B1FF call 00408A0C
008F51C1 . 8B45 E4 mov eax, dword ptr [ebp-0x1C]
008F51C4 . E8 275EDDFF call 006CAFF0
008F51C9 . A1 70FABF00 mov eax, dword ptr [0xBFFA70]
008F51CE . 8B00 mov eax, dword ptr [eax]
008F51D0 . 8B80 AC030000 mov eax, dword ptr [eax+0x3AC]
008F51D6 . 33D2 xor edx, edx
008F51D8 . 8B08 mov ecx, dword ptr [eax]
008F51DA . FF51 68 call dword ptr [ecx+0x68]
008F51DD . 33C0 xor eax, eax
008F51DF . E8 205DDDFF call 006CAF04
008F51E4 . EB 0A jmp short 008F51F0
008F51E6 > B8 24538F00 mov eax, 008F5324 ; UNICODE "Sorry, but the entered License is not valid!"
008F51EB . E8 005EDDFF call 006CAFF0
008F51EB . E8 005EDDFF call 006CAFF0 断在了这里 ,所以得F7
006CB059 . E8 F63CD4FF call <jmp.&user32.MessageBoxW> ; \MessageBoxW F8一路到达这里就出错框了
=============
008F4E58 /$ 55 push ebp
008F4E59 |. 8BEC mov ebp, esp
008F4E5B |. 33C9 xor ecx, ecx
008F4E5D |. 51 push ecx
008F4E5E |. 51 push ecx
008F4E5F |. 51 push ecx
008F4E60 |. 51 push ecx
008F4E61 |. 51 push ecx
008F4E62 |. 51 push ecx
008F4E63 |. 51 push ecx
008F4E64 |. 51 push ecx
008F4E65 |. 53 push ebx
008F4E66 |. 56 push esi
008F4E67 |. 57 push edi
008F4E68 |. 8955 F4 mov dword ptr [ebp-0xC], edx
008F4E6B |. 8945 FC mov dword ptr [ebp-0x4], eax
008F4E6E |. 8B45 FC mov eax, dword ptr [ebp-0x4]
008F4E71 |. E8 3E29B1FF call 004077B4
008F4E76 |. 33C0 xor eax, eax
008F4E78 |. 55 push ebp
008F4E79 |. 68 EE4F8F00 push 008F4FEE
008F4E7E |. 64:FF30 push dword ptr fs:[eax]
008F4E81 |. 64:8920 mov dword ptr fs:[eax], esp
008F4E84 |. 8B55 FC mov edx, dword ptr [ebp-0x4]
008F4E87 |. B8 08508F00 mov eax, 008F5008 ; UNICODE "-----KEY BEGIN KEY-----"
008F4E8C |. E8 2F3EB1FF call 00408CC0
008F4E91 |. 85C0 test eax, eax
008F4E93 |. 7E 10 jle short 008F4EA5
008F4E95 |. 8D48 17 lea ecx, dword ptr [eax+0x17]
008F4E98 |. 8D45 FC lea eax, dword ptr [ebp-0x4]
008F4E9B |. BA 01000000 mov edx, 0x1
008F4EA0 |. E8 F73CB1FF call 00408B9C
008F4EA5 |> 8B55 FC mov edx, dword ptr [ebp-0x4]
008F4EA8 |. B8 44508F00 mov eax, 008F5044 ; UNICODE "-----KEY END KEY-----"
008F4EAD |. E8 0E3EB1FF call 00408CC0
008F4EB2 |. 85C0 test eax, eax
008F4EB4 |. 7E 0E jle short 008F4EC4
008F4EB6 |. 8D55 FC lea edx, dword ptr [ebp-0x4]
008F4EB9 |. B9 FFFFFF7F mov ecx, 0x7FFFFFFF
008F4EBE |. 92 xchg eax, edx
008F4EBF |. E8 D83CB1FF call 00408B9C
008F4EC4 |> 8B55 FC mov edx, dword ptr [ebp-0x4]
008F4EC7 |. B8 7C508F00 mov eax, 008F507C ; UNICODE "REGEDIT4"
008F4ECC |. E8 EF3DB1FF call 00408CC0
008F4ED1 |. 85C0 test eax, eax
008F4ED3 |. 7E 10 jle short 008F4EE5
008F4ED5 |. 8D48 08 lea ecx, dword ptr [eax+0x8]
008F4ED8 |. 8D45 FC lea eax, dword ptr [ebp-0x4]
008F4EDB |. BA 01000000 mov edx, 0x1
008F4EE0 |. E8 B73CB1FF call 00408B9C
008F4EE5 |> 8D55 EC lea edx, dword ptr [ebp-0x14]
008F4EE8 |. 8B45 FC mov eax, dword ptr [ebp-0x4]
008F4EEB |. E8 806EDDFF call 006CBD70
008F4EF0 |. 8B55 EC mov edx, dword ptr [ebp-0x14]
008F4EF3 |. 8D45 FC lea eax, dword ptr [ebp-0x4]
008F4EF6 |. E8 FD2BB1FF call 00407AF8
008F4EFB |. 6A 01 push 0x1
008F4EFD |. 8D45 E8 lea eax, dword ptr [ebp-0x18]
008F4F00 |. 50 push eax
008F4F01 |. 33C9 xor ecx, ecx
008F4F03 |. BA 9C508F00 mov edx, 008F509C
008F4F08 |. 8B45 FC mov eax, dword ptr [ebp-0x4]
008F4F0B |. E8 6080DDFF call 006CCF70
008F4F10 |. 8B55 E8 mov edx, dword ptr [ebp-0x18]
008F4F13 |. 8D45 FC lea eax, dword ptr [ebp-0x4]
008F4F16 |. E8 DD2BB1FF call 00407AF8
008F4F1B |. 8B55 F4 mov edx, dword ptr [ebp-0xC]
008F4F1E |. 8B45 FC mov eax, dword ptr [ebp-0x4]
008F4F21 |. E8 AA2BB8FF call 00477AD0
008F4F26 |. 8B45 F4 mov eax, dword ptr [ebp-0xC]
008F4F29 |. E8 A227B1FF call 004076D0
008F4F2E |. 8B45 FC mov eax, dword ptr [ebp-0x4]
008F4F31 |. 85C0 test eax, eax
008F4F33 |. 74 05 je short 008F4F3A
008F4F35 |. 83E8 04 sub eax, 0x4
008F4F38 |. 8B00 mov eax, dword ptr [eax]
008F4F3A |> 85C0 test eax, eax
008F4F3C |. 7E 7D jle short 008F4FBB
008F4F3E |. 8945 F0 mov dword ptr [ebp-0x10], eax
008F4F41 |. BB 01000000 mov ebx, 0x1
008F4F46 |> 8BD3 /mov edx, ebx
008F4F48 |. 8B45 FC |mov eax, dword ptr [ebp-0x4]
008F4F4B |. 85C0 |test eax, eax
008F4F4D |. 74 05 |je short 008F4F54
008F4F4F |. 83E8 04 |sub eax, 0x4
008F4F52 |. 8B00 |mov eax, dword ptr [eax]
008F4F54 |> 8BF2 |mov esi, edx
008F4F56 |. 8BF8 |mov edi, eax
008F4F58 |. 2BFE |sub edi, esi
008F4F5A |. 7C 59 |jl short 008F4FB5
008F4F5C |. 47 |inc edi
008F4F5D |> 8D45 E4 |/lea eax, dword ptr [ebp-0x1C]
008F4F60 |. 50 ||push eax
008F4F61 |. 8BCE ||mov ecx, esi
008F4F63 |. 2BCB ||sub ecx, ebx
008F4F65 |. 41 ||inc ecx
008F4F66 |. 8BD3 ||mov edx, ebx
008F4F68 |. 8B45 FC ||mov eax, dword ptr [ebp-0x4]
008F4F6B |. E8 E43BB1FF ||call 00408B54
008F4F70 |. 8B55 E4 ||mov edx, dword ptr [ebp-0x1C]
008F4F73 |. 8D45 F8 ||lea eax, dword ptr [ebp-0x8]
008F4F76 |. B9 00000000 ||mov ecx, 0x0
008F4F7B |. E8 0C33B1FF ||call 0040828C
008F4F80 |. 8D55 E0 ||lea edx, dword ptr [ebp-0x20]
008F4F83 |. 8B45 F8 ||mov eax, dword ptr [ebp-0x8]
008F4F86 |. E8 DDD9DDFF ||call 006D2968
008F4F8B |. 8B55 E0 ||mov edx, dword ptr [ebp-0x20]
008F4F8E |. 8D45 F8 ||lea eax, dword ptr [ebp-0x8]
008F4F91 |. E8 062CB1FF ||call 00407B9C
008F4F96 |. 837D F8 00 ||cmp dword ptr [ebp-0x8], 0x0
008F4F9A |. 74 15 ||je short 008F4FB1
008F4F9C |. 8B45 F4 ||mov eax, dword ptr [ebp-0xC]
008F4F9F |. 50 ||push eax
008F4FA0 |. 8BCE ||mov ecx, esi
008F4FA2 |. 2BCB ||sub ecx, ebx
008F4FA4 |. 41 ||inc ecx
008F4FA5 |. 8BD3 ||mov edx, ebx
008F4FA7 |. 8B45 FC ||mov eax, dword ptr [ebp-0x4]
008F4FAA |. E8 A53BB1FF ||call 00408B54
008F4FAF |. EB 0A ||jmp short 008F4FBB
008F4FB1 |> 46 ||inc esi
008F4FB2 |. 4F ||dec edi
008F4FB3 |.^ 75 A8 |\jnz short 008F4F5D
008F4FB5 |> 43 |inc ebx
008F4FB6 |. FF4D F0 |dec dword ptr [ebp-0x10]
008F4FB9 |.^ 75 8B \jnz short 008F4F46
008F4FBB |> 33C0 xor eax, eax
008F4FBD |. 5A pop edx
008F4FBE |. 59 pop ecx
008F4FBF |. 59 pop ecx
008F4FC0 |. 64:8910