::Insert Codes Into Mspaint	{s11ss@www.cn-dos.net 2008-3-24}

@echo off&setlocal&set m="%systemroot%\system32\mspaint.exe"

if not exist %m% echo Error occurs!&exit/b

for /f "usebackq" %%a in (%m%) do if %%~za neq 332288 echo Error occurs!&exit/b



pushd %tmp%&set m2="%systemdrive%\m.exe"&set t=%random%^>nul

copy %m% %t%



(echo e2e8 00 be&echo e210 64 cc&echo w&echo q)|debug %t%



(echo a100&echo mov ax,ds&echo add ax,3000&echo.&echo g105&echo q)|debug|find "AX">ds&set/p ds=<ds

set ds=%ds:~3,4%

(echo e%ds%:c164 EB 04 63 6D 64 00 6A 01 6A 00 6A 00 68 66 CC 03&echo e%ds%:c174 01 6A 00 6A 00 E8 62 42 5D 7C E9 3C 7F FF FF&echo w&echo q)|debug %t%



erase ds&move %t% %m2%&popd&echo %m2% has been created!

set/p r=Run it?(Y/N)

if /i "%r%" neq "N" start "" %m2%

Originally posted by HAT at 2008-3-24 03:40 PM:
问个菜鸟问题：
这跟在注册表中进行映象劫持有什么区别？