91
特征码1:
81 EC 2C 09 00 00
00403F07 . 68 A8C45C00 push 91KBOX.005CC4A8 ; \ADNotify.ini
字符串的断首,retn可去除广告
advinfo.ini
[setting2]
AdvOnOff=1
advName=test5.1
advLink=http://91pai.net/cesi/index.htm
startTime=2015-2-12 00:00:00
endTime=2015-2-28 00:00:00
fromLink=http://vvstat.9158.com/ad/adv5.1.htm //主界面左下角广告
advNum=1
advFenMu=3
advId=9
Defaultbrowser=false
Active.ini
NOTIFYINIURL=http://n1.9158.com/PopAdConfig.ini //下载ADNotify文件
SHOWADTCURL=http://91kbox.com/tc.html//显示ADNotify右下角广告
MINIPAGEURL=http://minisite.9158.com/2010/index.htm//桌面中央的mini弹窗
ScrollLinkURL=http://vvktv.9158.com/mikeadv.aspx //主窗口左下角的滚动字体广告
SinaWebURL=http://www.91kbox.com/weixin.html//主窗口右下角的微信广告
00403E30,558BEC6AFF68F1BF5A0064A100000000505181EC2C090000A17C48630033C58945A8,c38BEC6AFF68F1BF5A0064A100000000505181EC2C090000A17C48630033C58945A8
00411967,5068F30100008D9504FCFFFF5268ACBF5C0068F0E85C0068D0C15C00FF154CA25C00,eB42909090908D9504FCFFFF5268ACBF5C0068F0E85C0068D0C15C00FF154CA25C00
00411CC1,5068F30100008D8504FCFFFF506808E45C0068F0E35C0068D0C15C00FF154CA25C00,e90B010000908D9504FCFFFF5268ACBF5C0068F0E85C0068D0C15C00FF154CA25C00
00411A33,5068F30100008D9504FCFFFF5268F0E75C0068D0E75C0068D0C15C00FF154CA25C00,E9C7000000908D9504FCFFFF5268F0E75C0068D0E75C0068D0C15C00FF154CA25C00
0
---恢复内容结束---
修改
InviteURL=http://91kbox.com/comment/comment.aspx //意见反馈广告
00411A77 |. 50 push eax ; /IniFileName
00411A78 |. 68 F3010000 push 0x1F3 ; |BufSize = 1F3 (499.)
00411A7D |. 8D8D 04FCFFFF lea ecx,[local.255] ; |
00411A83 |. 51 push ecx ; |ReturnBuffer
00411A84 |. 68 ACCF5C00 push 91KBOX.005CCFAC ; |Default = ""
00411A89 |. 68 BCF75C00 push 91KBOX.005CF7BC ; |InviteURL
00411A8E |. 68 D0D15C00 push 91KBOX.005CD1D0 ; |Main
00411A93 |. FF15 4CB25C00 call dword ptr ds:[<&KERNEL32.GetPrivate>; \GetPrivateProfileStringW
ScrollLinkURL=http://vvktv.9158.com/mikeadv.aspx //滚动链接广告
00411A33 |. 50 push eax ; /IniFileName
00411A34 |. 68 F3010000 push 0x1F3 ; |BufSize = 1F3 (499.)
00411A39 |. 8D95 04FCFFFF lea edx,[local.255] ; |
00411A3F |. 52 push edx ; |ReturnBuffer
00411A40 |. 68 F0F75C00 push 91KBOX.005CF7F0 ; |http://vvktv.9158.com/mikeadv.aspx
00411A45 |. 68 D0F75C00 push 91KBOX.005CF7D0 ; |ScrollLinkURL
00411A4A |. 68 D0D15C00 push 91KBOX.005CD1D0 ; |Main
00411A4F |. FF15 4CB25C00 call dword ptr ds:[<&KERNEL32.GetPrivate>; \GetPrivateProfileStringW
BannerURL=http://vvstat.9158.com/ad/adv6.1.htm //主面板广告
00411967 |. 50 push eax ; /IniFileName
00411968 |. 68 F3010000 push 0x1F3 ; |BufSize = 1F3 (499.)
0041196D |. 8D95 04FCFFFF lea edx,[local.255] ; |
00411973 |. 52 push edx ; |ReturnBuffer
00411974 |. 68 ACCF5C00 push 91KBOX.005CCFAC ; |Default = ""
00411979 |. 68 F0F85C00 push 91KBOX.005CF8F0 ; |BannerURL
0041197E |. 68 D0D15C00 push 91KBOX.005CD1D0 ; |Main
00411983 |. FF15 4CB25C00 call dword ptr ds:[<&KERNEL32.GetPrivate>; \GetPrivateProfileStringW
MINIPAGEURL=http://minisite.9158.com/2010/index.htm //迷你弹窗广告
00411CC1 |. 50 push eax ; /IniFileName
00411CC2 |. 68 F3010000 push 0x1F3 ; |BufSize = 1F3 (499.)
00411CC7 |. 8D85 04FCFFFF lea eax,[local.255] ; |
00411CCD |. 50 push eax ; |ReturnBuffer
00411CCE |. 68 08F45C00 push 91KBOX.005CF408 ; |http://minisite.9158.com/2010/index.htm
00411CD3 |. 68 F0F35C00 push 91KBOX.005CF3F0 ; |MINIPAGEURL
00411CD8 |. 68 D0D15C00 push 91KBOX.005CD1D0 ; |Main
00411CDD |. FF15 4CB25C00 call dword ptr ds:[<&KERNEL32.GetPrivate>; \GetPrivateProfileStringW
NOTIFYINIURL=http://n1.9158.com/PopAdConfig.ini //右下角广告配置文件
00411D05 |. 50 push eax ; /IniFileName
00411D06 |. 68 F3010000 push 0x1F3 ; |BufSize = 1F3 (499.)
00411D0B |. 8D95 04FCFFFF lea edx,[local.255] ; |
00411D11 |. 52 push edx ; |ReturnBuffer
00411D12 |. 68 A8F35C00 push 91KBOX.005CF3A8 ; |http://n1.9158.com/PopAdConfig.ini
00411D17 |. 68 88F35C00 push 91KBOX.005CF388 ; |NOTIFYINIURL
00411D1C |. 68 D0D15C00 push 91KBOX.005CD1D0 ; |Main
00411D21 |. FF15 4CB25C00 call dword ptr ds:[<&KERNEL32.GetPrivate>; \GetPrivateProfileStringW
SHOWADTCURL=http://91kbox.com/tc.html //广告
00411D49 |. 50 push eax ; /IniFileName
00411D4A |. 68 F3010000 push 0x1F3 ; |BufSize = 1F3 (499.)
00411D4F |. 8D8D 04FCFFFF lea ecx,[local.255] ; |
00411D55 |. 51 push ecx ; |ReturnBuffer
00411D56 |. 68 54F35C00 push 91KBOX.005CF354 ; |http://91kbox.com/tc.html
00411D5B |. 68 3CF35C00 push 91KBOX.005CF33C ; |SHOWADTCURL
00411D60 |. 68 D0D15C00 push 91KBOX.005CD1D0 ; |Main
00411D65 |. FF15 4CB25C00 call dword ptr ds:[<&KERNEL32.GetPrivate>; \GetPrivateProfileStringW
TuiguangViptip=http://kk.91kbox.com/client/vipgift.htm //推广VIP
00412320 |. 50 push eax ; /IniFileName
00412321 |. 68 F3010000 push 0x1F3 ; |BufSize = 1F3 (499.)
00412326 |. 8D95 04FCFFFF lea edx,[local.255] ; |
0041232C |. 52 push edx ; |ReturnBuffer
0041232D |. 68 70E95C00 push 91KBOX.005CE970 ; |http://kk.91kbox.com/client/vipgift.htm
00412332 |. 68 50E95C00 push 91KBOX.005CE950 ; |TuiguangViptip
00412337 |. 68 D0D15C00 push 91KBOX.005CD1D0 ; |Main
0041233C |. FF15 4CB25C00 call dword ptr ds:[<&KERNEL32.GetPrivate>; \GetPrivateProfileStringW
SinaWebURL=http://www.91kbox.com/weixin.html //微信广告
00411ABB |. 50 push eax ; /IniFileName
00411ABC |. 68 F3010000 push 0x1F3 ; |BufSize = 1F3 (499.)
00411AC1 |. 8D85 04FCFFFF lea eax,[local.255] ; |
00411AC7 |. 50 push eax ; |ReturnBuffer
00411AC8 |. 68 ACCF5C00 push 91KBOX.005CCFAC ; |Default = ""
00411ACD |. 68 A4F75C00 push 91KBOX.005CF7A4 ; |SinaWebURL
00411AD2 |. 68 D0D15C00 push 91KBOX.005CD1D0 ; |Main
00411AD7 |. FF15 4CB25C00 call dword ptr ds:[<&KERNEL32.GetPrivate>; \GetPrivateProfileStringW
posted on 2015-02-22 19:59 coffeesoft 阅读(618) 评论(0) 收藏 举报
浙公网安备 33010602011771号