00D94F70 55 push ebp
00D94F71 8BEC mov ebp,esp
00D94F73 51 push ecx
00D94F74 53 push ebx
00D94F75 56 push esi
00D94F76 57 push edi
00D94F77 60 pushad
00D94F78 8B15 B834E200 mov edx,dword ptr ds:[0xE234B8] ; USER32.77D2A569
00D94F7E 83C2 64 add edx,0x64 ; 此处是edx=GetWindowTextW
00D94F81 B9 05000000 mov ecx,0x5
00D94F86 803A CC cmp
byte
ptr ds:[edx],0xCC ;这句话作用是GetWindowTextW是否被下了int3断点如果下了就跳过
00D94F89 74 0D je X00D94F98 ;如果有int3断点就跳跳过了
00D94F8B ^ E2 F9 loopd X00D94F86
00D94F8D FF75 10 push dword ptr ss:[ebp+0x10]
00D94F90 FF75 0C push dword ptr ss:[ebp+0xC]
00D94F93 FF75 08 push dword ptr ss:[ebp+0x8]
00D94F96 FFD2 call edx
00D94F98 8945 FC mov dword ptr ss:[ebp-0x4],eax
00D94F9B 61 popad
00D94F9C 8B45 FC mov eax,dword ptr ss:[ebp-0x4]
00D94F9F 5F pop edi
00D94FA0 5E pop esi
00D94FA1 5B pop ebx
00D94FA2 8BE5 mov esp,ebp
00D94FA4 5D pop ebp
00D94FA5 C2 0C00 retn 0xC
