:004dbc73 6803000080 push 80000003 ;hkey_users :004dbc78 ff1520c04d00 call dword ptr [004dc020] ;regcreatekeyex :004dbc7e 6800be4d00 push 004dbe00 ;前面得到的系统日期 * possible stringdata ref from data obj ->"d:\downloads\" | :004dbc83 68c7805000 push 005080c7 ;要保存的文件夹,事先写好 :004dbc88 ff1570c34d00 call dword ptr [004dc370] ;lstrcat,组合起来 :004dbc8e 6a30 push 00000030 ;缓冲区长度 * possible stringdata ref from data obj ->"d:\downloads\" | :004dbc90 68c7805000 push 005080c7 ;组合后的完整目录 :004dbc95 6a01 push 00000001 ;reg_sz :004dbc97 6a00 push 00000000 * possible stringdata ref from data obj ->"path" | :004dbc99 6891805000 push 00508091 ;键值,事先写好 :004dbc9e ff3510be4d00 push dword ptr [004dbe10] ;hkey :004dbca4 ff1540c04d00 call dword ptr [004dc040] ;regsetvalueex :004dbcaa ff3510be4d00 push dword ptr [004dbe10] ;hkey :004dbcb0 ff1528c04d00 call dword ptr [004dc028] ;regclosekey :004dbcb6 55 push ebp :004dbcb7 8bec mov ebp, esp :004dbcb9 6aff push ffffffff ;原来的开头部分 :004dbcbb e93621fcff jmp 0049ddf6 ;返回喽 :004dbcc0 00000000000000000000 byte 10 dup(0) :004dbcca 00000000000000000000 byte 10 dup(0)
本站最佳浏览方式为 分辨率 1024x768 IE 6.0(或更高版本的 IE浏览器)
