image.png (188.1 KB, 下载次数: 0)
下载附件
2023-2-7 16:58 上传
未注册版使用过程中,顶部右上角的按钮 和 启动后的右下角大广告很是烦人
故此我们要把它去除。
折腾了多次,最终找到以下代码:
底部弹出广告的代码由:
[Asm] 纯文本查看 复制代码00F81172 | 68 BC7A4901 | push 易脑.1497ABC | 1497ABC:"popups"
00F81177 | FFD6 | call esi |
00F81179 | 83C4 08 | add esp,8 |
00F8117C | 8945 18 | mov dword ptr ss:[ebp+18],eax |
00F8117F | 8D45 98 | lea eax,dword ptr ss:[ebp-68] |
00F81182 | C645 FC 24 | mov byte ptr ss:[ebp-4],24 | 24:'$'
00F81186 | 50 | push eax |
00F81187 | 8D4D 58 | lea ecx,dword ptr ss:[ebp+58] |
00F8118A | FF15 A8543F01 | call dword ptr ds:[] |
00F811B5 | 8D8D F8FEFFFF | lea ecx,dword ptr ss:[ebp-108] |
00F811BB | 8945 E8 | mov dword ptr ss:[ebp-18],eax |
00F811BE | FFD7 | call edi |
00F811C0 | 8D4D 98 | lea ecx,dword ptr ss:[ebp-68] |
00F811C3 | FF15 AC543F01 | call dword ptr ds:[] |
00F811C9 | 8D4D 18 | lea ecx,dword ptr ss:[ebp+18] |
00F811CC | C645 FC 0D | mov byte ptr ss:[ebp-4],D | D:'\r'
00F811D0 | FF15 F8513F01 | call dword ptr ds:[] |
00F811D6 | 6A 07 | push 7 |
00F811D8 | 68 C47A4901 | push 易脑.1497AC4 | 1497AC4:&"ed when building internet file signature [%x]"
00F811DD | FFD6 | call esi |
00F811DF | 83C4 08 | add esp,8 |
00F811E2 | 8945 14 | mov dword ptr ss:[ebp+14],eax |
00F811E5 | 8D45 90 | lea eax,dword ptr ss:[ebp-70] |
00F811E8 | C645 FC 27 | mov byte ptr ss:[ebp-4],27 | 27:'''
00F811EC | 50 | push eax |
00F811ED | 8D4D 58 | lea ecx,dword ptr ss:[ebp+58] |
00F811F0 | FF15 A8543F01 | call dword ptr ds:[ |
00F8121D | 8D8D E8FEFFFF | lea ecx,dword ptr ss:[ebp-118] |
00F81223 | FFD7 | call edi |
00F81225 | 8D4D 90 | lea ecx,dword ptr ss:[ebp-70] |
00F81228 | FF15 AC543F01 | call dword ptr ds:[] |
00F8122E | C645 FC 2D | mov byte ptr ss:[ebp-4],2D | 2D:'-'
00F81232 | 8D4D 14 | lea ecx,dword ptr ss:[ebp+14] |
00F81235 | FF15 F8513F01 | call dword ptr ds:[] |
00F8123B | 837D 4C 01 | cmp dword ptr ss:[ebp+4C],1 |
00F8123F | EB 22 | jmp 易脑.F81263 |
00F81241 | 8B35 FC513F01 | mov esi,dword ptr ds:[] |
00F81247 | 8D45 68 | lea eax,dword ptr ss:[ebp+68] |
00F8124A | 50 | push eax |
00F8124B | 8B45 10 | mov eax,dword ptr ss:[ebp+10] |
00F8124E | 8B48 04 | mov ecx,dword ptr ds:[eax+4] |
00F81251 | FFD6 | call esi |
00F81253 | 8D45 48 | lea eax,dword ptr ss:[ebp+48] |
00F81256 | B9 10A63602 | mov ecx,易脑.236A610 |
00F8125B | 50 | push eax |
00F8125C | FFD6 | call esi |
00F8125E | E9 89010000 | jmp |
00F81263 | A1 E8A23F01 | mov eax,dword ptr ds:[] |
00F81278 | 74 42 | je 易脑.F812BC |
00F8127A | 05 38030000 | add eax,338 |
00F8127F | 50 | push eax |
00F81280 | FF15 3C523F01 | call dword ptr ds:[] |
00F81286 | 8B0D 889F3F01 | mov ecx,dword ptr ds:[] |
00F8128C | 83C4 08 | add esp,8 |
00F8128F | 84C0 | test al,al |
00F81291 | 0F94C0 | sete al |
00F81294 | 84C0 | test al,al |
00F81296 | 74 1C | je 易脑.F812B4 |
00F81298 | 8B81 38030000 | mov eax,dword ptr ds:[ecx+338] |
00F8129E | 8378 04 00 | cmp dword ptr ds:[eax+4],0 |
00F812A2 | 74 10 | je 易脑.F812B4 |
00F812A4 | C781 3C030000 000000 | mov dword ptr ds:[ecx+33C],0 |
00F812AE | 8B0D 889F3F01 | mov ecx,dword ptr ds:[] |
00F812B4 | 81C1 38030000 | add ecx,338 |
00F812BA | EB 40 | jmp 易脑.F812FC |
00F812BC | 05 2C030000 | add eax,32C |
00F812C1 | 50 | push eax |
00F812C2 | FF15 3C523F01 | call dword ptr ds:[] |
00F812C8 | 8B0D 889F3F01 | mov ecx,dword ptr ds:[] |
00F812CE | 83C4 08 | add esp,8 |
00F812D1 | 84C0 | test al,al |
00F812D3 | 0F94C0 | sete al |
00F812D6 | 84C0 | test al,al |
00F812D8 | 74 1C | je 易脑.F812F6 |
00F812DA | 8B81 2C030000 | mov eax,dword ptr ds:[ecx+32C] |
00F812E0 | 8378 04 00 | cmp dword ptr ds:[eax+4],0 |
00F812E4 | 74 10 | je 易脑.F812F6 |
00F812E6 | C781 30030000 000000 | mov dword ptr ds:[ecx+330],0 |
00F812F0 | 8B0D 889F3F01 | mov ecx,dword ptr ds:[] |
00F812F6 | 81C1 2C030000 | add ecx,32C |
00F812FC | 8D45 48 | lea eax,dword ptr ss:[ebp+48] |
00F812FF | 50 | push eax |
00F81300 | FF15 FC513F01 | call dword ptr ds:[] |
00F81306 | 8B0D E8A23F01 | mov ecx,dword ptr ds:[] |
00F81311 | 8039 00 | cmp byte ptr ds:[ecx],0 |
00F81314 | 8BB0 30030000 | mov esi,dword ptr ds:[eax+330] |
00F8131A | 8B4D 54 | mov ecx,dword ptr ss:[ebp+54] |
00F8131D | 74 25 | je 易脑.F81344 =======================》NOP去底部广告
00F8131F | 85C9 | test ecx,ecx |
00F81321 | 75 0E | jne 易脑.F81331 |
00F81323 | 8988 3C030000 | mov dword ptr ds:[eax+33C],ecx |
00F81329 | 8B4D 54 | mov ecx,dword ptr ss:[ebp+54] |
00F8132C | A1 889F3F01 | mov eax,dword ptr ds:[] |
00F81331 | 8988 40030000 | mov dword ptr ds:[eax+340],ecx |
00F81337 | A1 889F3F01 | mov eax,dword ptr ds:[] |
00F8133C | 8BB0 3C030000 | mov esi,dword ptr ds:[eax+33C] |
00F81342 | EB 18 | jmp 易脑.F8135C |
00F81344 | 85C9 | test ecx,ecx | 转到这底部广告就出来了。
00F81346 | 75 0E | jne 易脑.F81356 |
00F81348 | 8988 30030000 | mov dword ptr ds:[eax+330],ecx |
00F8134E | 8B4D 54 | mov ecx,dword ptr ss:[ebp+54] |
00F81351 | A1 889F3F01 | mov eax,dword ptr ds:[] |
00F81356 | 8988 34030000 | mov dword ptr ds:[eax+334],ecx |
00F8135C | 837D 54 00 | cmp dword ptr ss:[ebp+54],0 |
00F81360 | 74 3D | je 易脑.F8139F |
00F81362 | 8D45 EC | lea eax,dword ptr ss:[ebp-14] |
00F81365 | 50 | push eax |
00F81366 | FF15 5C603F01 | call dword ptr ds:[] |
接下来再看顶部右上角的按钮的代码:
[Asm] 纯文本查看 复制代码00E21235 | FF15 F8512901 | call dword ptr ds:[] |
00E2123B | 837D 4C 01 | cmp dword ptr ss:[ebp+4C],1 |
00E2123F | 75 22 | jne 易脑E21263 | JMP掉去调右上角的广告按钮
00E21241 | 8B35 FC512901 | mov esi,dword ptr ds:[] |
00E21247 | 8D45 68 | lea eax,dword ptr ss:[ebp+68] |
00E2124A | 50 | push eax |
00E2124B | 8B45 10 | mov eax,dword ptr ss:[ebp+10] |
00E2124E | 8B48 04 | mov ecx,dword ptr ds:[eax+4] |
00E21251 | FFD6 | call esi |
00E21253 | 8D45 48 | lea eax,dword ptr ss:[ebp+48] |
00E21256 | B9 10A62002 | mov ecx,易脑220A610 |
00E2125B | 50 | push eax |
00E2125C | FFD6 | call esi |
00E2125E | E9 89010000 | jmp 易脑E213EC |
00E21263 | A1 E8A22901 | mov eax,dword ptr ds:[] |
image.png (295.4 KB, 下载次数: 0)
下载附件
2023-2-7 10:00 上传
这样就清爽了。也不碍眼了,好了时间宝贵就到这里吧,继续Delphi编程了。
