Quick Modding/Hacking Answers Thread

Or overall just change the 'default' zoom level?

 

I feel like I need to make an autoresponder for this question

 

sorry, same time post. . . :/

 

Every time I edit a tileset and save it changes colors to random colors...

 

Click File>Save as...

And save it as a 24-bit bitmap image.

 

Anyone have a .txt file of the Power critter?

I'm to lazy to copy/paste directly from the executable and erase all the junk/addresses before the actual commands.

And for foresight, how do I copy/paste the coding without taking the addresses?

 

How do I make it so that lots of a type of block fall from the sky? I was looking at running hell and I found that.

 

How do I make it so that lots of a type of block fall from the sky? I was looking at running hell and I found that.

Place entity no. 294

you will need to edit the tileset to accommodate if the wrong sprites show up.


Does anyone still have to power critters code?

 

what do you mean "have its code", it's right there in the executable.

 

what do you mean "have its code", it's right there in the executable.

I mean like this:

PUSH EBP
MOV EBP,ESP
SUB ESP,0C4
MOV DWORD PTR SS:[EBP-60],0
MOV DWORD PTR SS:[EBP-5C],0
MOV DWORD PTR SS:[EBP-58],18
MOV DWORD PTR SS:[EBP-54],18
MOV DWORD PTR SS:[EBP-50],18
MOV DWORD PTR SS:[EBP-4C],0
MOV DWORD PTR SS:[EBP-48],30
MOV DWORD PTR SS:[EBP-44],18
MOV DWORD PTR SS:[EBP-40],30
MOV DWORD PTR SS:[EBP-3C],0
MOV DWORD PTR SS:[EBP-38],48
MOV DWORD PTR SS:[EBP-34],18
MOV DWORD PTR SS:[EBP-30],48
MOV DWORD PTR SS:[EBP-2C],0
MOV DWORD PTR SS:[EBP-28],60
MOV DWORD PTR SS:[EBP-24],18
MOV DWORD PTR SS:[EBP-20],60

But not like this

CPU Disasm
Address Hex dump Command Comments
0040F9B0 /$ 55 PUSH EBP
0040F9B1 |. 8BEC MOV EBP,ESP
0040F9B3 |. 81EC F0010000 SUB ESP,1F0
0040F9B9 |. C745 E0 00000 MOV DWORD PTR SS:[EBP-20],0
0040F9C0 |. C745 E4 00000 MOV DWORD PTR SS:[EBP-1C],0
0040F9C7 |. C745 E8 90000 MOV DWORD PTR SS:[EBP-18],90
0040F9CE |. C745 EC 28000 MOV DWORD PTR SS:[EBP-14],28
0040F9D5 |. C785 ECFEFFFF MOV DWORD PTR SS:[EBP-114],0
0040F9DF |. C785 F0FEFFFF MOV DWORD PTR SS:[EBP-110],0
0040F9E9 |. C785 F4FEFFFF MOV DWORD PTR SS:[EBP-10C],0A0
0040F9F3 |. C785 F8FEFFFF MOV DWORD PTR SS:[EBP-108],10
0040F9FD |. C785 10FFFFFF MOV DWORD PTR SS:[EBP-0F0],90
0040FA07 |. C785 14FFFFFF MOV DWORD PTR SS:[EBP-0EC],0
0040FA11 |. C785 18FFFFFF MOV DWORD PTR SS:[EBP-0E8],0C0
0040FA1B |. C785 1CFFFFFF MOV DWORD PTR SS:[EBP-0E4],20
0040FA25 |. C745 F0 90000 MOV DWORD PTR SS:[EBP-10],90
0040FA2C |. C745 F4 10000 MOV DWORD PTR SS:[EBP-0C],10
0040FA33 |. C745 F8 C0000 MOV DWORD PTR SS:[EBP-8],0C0
0040FA3A |. C745 FC 20000 MOV DWORD PTR SS:[EBP-4],20
0040FA41 |. C745 C8 98000 MOV DWORD PTR SS:[EBP-38],98
0040FA48 |. C745 CC 50000 MOV DWORD PTR SS:[EBP-34],50
0040FA4F |. C745 D0 D0000 MOV DWORD PTR SS:[EBP-30],0D0
0040FA56 |. C745 D4 58000 MOV DWORD PTR SS:[EBP-2C],58
0040FA5D |. C785 68FFFFFF MOV DWORD PTR SS:[EBP-98],98
0040FA67 |. C785 6CFFFFFF MOV DWORD PTR SS:[EBP-94],58
0040FA71 |. C785 70FFFFFF MOV DWORD PTR SS:[EBP-90],0D

I just want the actual commands.

btw, I already have the code, I just want to know how to extract the code without the addresses. :/

 

Try a binary copy it may or may not work I don't actually know what it does if you paste it in like a text document

 

I would probably paste something in hex data, I think

 

Ok, So I went and applied Noxid's famous three save title screen.

The music plays the song that I want it to. . . until I press x over load to select a file and press ESC (because I accidentally pressed load when I wanted to start a new game) and go back to the new/ load screen.

it plays plantation instead of the desired Song. . . here is the code.

CPU Disasm
Address Hex dump Command Comments
0040D832 |. 50 PUSH EAX ; /Arg1 => [LOCAL.12]
0040D833 |. E8 A8360100 CALL 00420EE0 ; \Doukutsu24.00420EE0

CALL 00420EE0 goes to what tune the game is suppose to play. This is the only time that this address is CALLed other then the 4 default calls for the hell times.

I tried to ADD to the EAX at address at 0040D800 but I'm getting nowhere. -_-

Any help would be appreciated. :]

 

Could you link me to the code for the three-save screen?

Also if you have more space then you can replace PUSH EAX with a PUSH # for the desired number of the song. Or just reshack the title screen org to use your own.

 

Could you link me to the code for the three-save screen?

Also if you have more space then you can replace PUSH EAX with a PUSH # for the desired number of the song. Or just reshack the title screen org to use your own.

in Hex or actual assembly?



Oh well







Assembly:

Spoiler

CPU Disasm
Address Hex dump Command Comments
0040F9B0 /$ 55 PUSH EBP
0040F9B1 |. 8BEC MOV EBP,ESP
0040F9B3 |. 81EC F0010000 SUB ESP,1F0
0040F9B9 |. 33C0 XOR EAX,EAX
0040F9BB |. 8945 E0 MOV DWORD PTR SS:[EBP-20],EAX
0040F9BE |. 8945 E4 MOV DWORD PTR SS:[EBP-1C],EAX
0040F9C1 |. 8985 ECFEFFFF MOV DWORD PTR SS:[EBP-114],EAX
0040F9C7 |. 8985 F0FEFFFF MOV DWORD PTR SS:[EBP-110],EAX
0040F9CD |. 8985 14FFFFFF MOV DWORD PTR SS:[EBP-0EC],EAX
0040F9D3 |. 8985 18FEFFFF MOV DWORD PTR SS:[EBP-1E8],EAX
0040F9D9 |. 8985 38FEFFFF MOV DWORD PTR SS:[EBP-1C8],EAX
0040F9DF |. 8985 20FFFFFF MOV DWORD PTR SS:[EBP-0E0],EAX
0040F9E5 |. 8985 40FFFFFF MOV DWORD PTR SS:[EBP-0C0],EAX
0040F9EB |. 8985 58FEFFFF MOV DWORD PTR SS:[EBP-1A8],EAX
0040F9F1 |. 8985 78FEFFFF MOV DWORD PTR SS:[EBP-188],EAX
0040F9F7 |. 83C0 10 ADD EAX,10
0040F9FA |. 8985 F8FEFFFF MOV DWORD PTR SS:[EBP-108],EAX
0040FA00 |. 8985 1CFFFFFF MOV DWORD PTR SS:[EBP-0E4],EAX
0040FA06 |. 8945 F4 MOV DWORD PTR SS:[EBP-0C],EAX
0040FA09 |. 8985 1CFEFFFF MOV DWORD PTR SS:[EBP-1E4],EAX
0040FA0F |. 8985 20FEFFFF MOV DWORD PTR SS:[EBP-1E0],EAX
0040FA15 |. 8985 28FEFFFF MOV DWORD PTR SS:[EBP-1D8],EAX
0040FA1B |. 8985 2CFEFFFF MOV DWORD PTR SS:[EBP-1D4],EAX
0040FA21 |. 8985 3CFEFFFF MOV DWORD PTR SS:[EBP-1C4],EAX
0040FA27 |. 8985 40FEFFFF MOV DWORD PTR SS:[EBP-1C0],EAX
0040FA2D |. 8985 4CFEFFFF MOV DWORD PTR SS:[EBP-1B4],EAX
0040FA33 |. 8985 28FFFFFF MOV DWORD PTR SS:[EBP-0D8],EAX
0040FA39 |. 8985 30FFFFFF MOV DWORD PTR SS:[EBP-0D0],EAX
0040FA3F |. 8985 48FFFFFF MOV DWORD PTR SS:[EBP-0B8],EAX
0040FA45 |. 8985 5CFEFFFF MOV DWORD PTR SS:[EBP-1A4],EAX
0040FA4B |. 8985 60FEFFFF MOV DWORD PTR SS:[EBP-1A0],EAX
0040FA51 |. 8985 6CFEFFFF MOV DWORD PTR SS:[EBP-194],EAX
0040FA57 |. 8985 7CFEFFFF MOV DWORD PTR SS:[EBP-184],EAX
0040FA5D |. 8985 80FEFFFF MOV DWORD PTR SS:[EBP-180],EAX
0040FA63 |. 8985 8CFEFFFF MOV DWORD PTR SS:[EBP-174],EAX
0040FA69 |. 83C0 10 ADD EAX,10
0040FA6C |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
0040FA6F |. 8985 24FEFFFF MOV DWORD PTR SS:[EBP-1DC],EAX
0040FA75 |. 8985 30FEFFFF MOV DWORD PTR SS:[EBP-1D0],EAX
0040FA7B |. 8985 34FEFFFF MOV DWORD PTR SS:[EBP-1CC],EAX
0040FA81 |. 8985 44FEFFFF MOV DWORD PTR SS:[EBP-1BC],EAX
0040FA87 |. 8985 48FEFFFF MOV DWORD PTR SS:[EBP-1B8],EAX
0040FA8D |. 8985 54FEFFFF MOV DWORD PTR SS:[EBP-1AC],EAX
0040FA93 |. 8985 38FFFFFF MOV DWORD PTR SS:[EBP-0C8],EAX
0040FA99 |. 8985 50FFFFFF MOV DWORD PTR SS:[EBP-0B0],EAX
0040FA9F |. 8985 64FEFFFF MOV DWORD PTR SS:[EBP-19C],EAX
0040FAA5 |. 8985 68FEFFFF MOV DWORD PTR SS:[EBP-198],EAX
0040FAAB |. 8985 74FEFFFF MOV DWORD PTR SS:[EBP-18C],EAX
0040FAB1 |. 8985 84FEFFFF MOV DWORD PTR SS:[EBP-17C],EAX
0040FAB7 |. 8985 94FEFFFF MOV DWORD PTR SS:[EBP-16C],EAX
0040FABD |. 83C0 10 ADD EAX,10
0040FAC0 |. 8985 50FEFFFF MOV DWORD PTR SS:[EBP-1B0],EAX
0040FAC6 |. 8985 58FFFFFF MOV DWORD PTR SS:[EBP-0A8],EAX
0040FACC |. 8985 7CFFFFFF MOV DWORD PTR SS:[EBP-84],EAX
0040FAD2 |. 8945 8C MOV DWORD PTR SS:[EBP-74],EAX
0040FAD5 |. 8945 9C MOV DWORD PTR SS:[EBP-64],EAX
0040FAD8 |. 8945 AC MOV DWORD PTR SS:[EBP-54],EAX
0040FADB |. 8985 70FEFFFF MOV DWORD PTR SS:[EBP-190],EAX
0040FAE1 |. 8985 88FEFFFF MOV DWORD PTR SS:[EBP-178],EAX
0040FAE7 |. 83C0 10 ADD EAX,10
0040FAEA |. 8985 A0FEFFFF MOV DWORD PTR SS:[EBP-160],EAX
0040FAF0 |. 8985 C0FEFFFF MOV DWORD PTR SS:[EBP-140],EAX
0040FAF6 |. 8945 84 MOV DWORD PTR SS:[EBP-7C],EAX
0040FAF9 |. 8945 94 MOV DWORD PTR SS:[EBP-6C],EAX
0040FAFC |. 8945 A4 MOV DWORD PTR SS:[EBP-5C],EAX
0040FAFF |. 8945 B4 MOV DWORD PTR SS:[EBP-4C],EAX
0040FB02 |. 8985 90FEFFFF MOV DWORD PTR SS:[EBP-170],EAX
0040FB08 |. 83C0 10 ADD EAX,10
0040FB0B |. 8945 CC MOV DWORD PTR SS:[EBP-34],EAX
0040FB0E |. 8985 A4FEFFFF MOV DWORD PTR SS:[EBP-15C],EAX
0040FB14 |. 8985 A8FEFFFF MOV DWORD PTR SS:[EBP-158],EAX
0040FB1A |. 8985 B0FEFFFF MOV DWORD PTR SS:[EBP-150],EAX
0040FB20 |. 8985 B4FEFFFF MOV DWORD PTR SS:[EBP-14C],EAX
0040FB26 |. 8985 C4FEFFFF MOV DWORD PTR SS:[EBP-13C],EAX
0040FB2C |. 8985 C8FEFFFF MOV DWORD PTR SS:[EBP-138],EAX
0040FB32 |. 8985 D4FEFFFF MOV DWORD PTR SS:[EBP-12C],EAX
0040FB38 |. 83C0 08 ADD EAX,8
0040FB3B |. 8945 D4 MOV DWORD PTR SS:[EBP-2C],EAX
0040FB3E |. 8985 6CFFFFFF MOV DWORD PTR SS:[EBP-94],EAX
0040FB44 |. 83C0 08 ADD EAX,8
0040FB47 |. 8985 74FFFFFF MOV DWORD PTR SS:[EBP-8C],EAX
0040FB4D |. 8985 ACFEFFFF MOV DWORD PTR SS:[EBP-154],EAX
0040FB53 |. 8985 B8FEFFFF MOV DWORD PTR SS:[EBP-148],EAX
0040FB59 |. 8985 BCFEFFFF MOV DWORD PTR SS:[EBP-144],EAX
0040FB5F |. 8985 CCFEFFFF MOV DWORD PTR SS:[EBP-134],EAX
0040FB65 |. 8985 D0FEFFFF MOV DWORD PTR SS:[EBP-130],EAX
0040FB6B |. 8985 DCFEFFFF MOV DWORD PTR SS:[EBP-124],EAX
0040FB71 |. 83C0 10 ADD EAX,10
0040FB74 |. 8985 24FFFFFF MOV DWORD PTR SS:[EBP-0DC],EAX
0040FB7A |. 8985 34FFFFFF MOV DWORD PTR SS:[EBP-0CC],EAX
0040FB80 |. 8985 44FFFFFF MOV DWORD PTR SS:[EBP-0BC],EAX
0040FB86 |. 8985 54FFFFFF MOV DWORD PTR SS:[EBP-0AC],EAX
0040FB8C |. 8985 D8FEFFFF MOV DWORD PTR SS:[EBP-128],EAX
0040FB92 |. 83C0 10 ADD EAX,10
0040FB95 |. 8985 2CFFFFFF MOV DWORD PTR SS:[EBP-0D4],EAX
0040FB9B |. 8985 3CFFFFFF MOV DWORD PTR SS:[EBP-0C4],EAX
0040FBA1 |. 8985 4CFFFFFF MOV DWORD PTR SS:[EBP-0B4],EAX
0040FBA7 |. 8985 5CFFFFFF MOV DWORD PTR SS:[EBP-0A4],EAX
0040FBAD |. 83C0 10 ADD EAX,10
0040FBB0 |. 8945 E8 MOV DWORD PTR SS:[EBP-18],EAX
0040FBB3 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0040FBB6 |. 8985 10FFFFFF MOV DWORD PTR SS:[EBP-0F0],EAX
0040FBBC |. 83C0 08 ADD EAX,8
0040FBBF |. 8945 C8 MOV DWORD PTR SS:[EBP-38],EAX
0040FBC2 |. 8985 68FFFFFF MOV DWORD PTR SS:[EBP-98],EAX
0040FBC8 |. 83C0 08 ADD EAX,8
0040FBCB |. 8985 F4FEFFFF MOV DWORD PTR SS:[EBP-10C],EAX
0040FBD1 |. C745 EC 38000 MOV DWORD PTR SS:[EBP-14],38
0040FBD8 |. C785 18FFFFFF MOV DWORD PTR SS:[EBP-0E8],0C0
0040FBE2 |. C745 F8 C0000 MOV DWORD PTR SS:[EBP-8],0C0
0040FBE9 |. C745 D0 D0000 MOV DWORD PTR SS:[EBP-30],0D0
0040FBF0 |. C785 70FFFFFF MOV DWORD PTR SS:[EBP-90],0D0
0040FBFA |. C785 78FFFFFF MOV DWORD PTR SS:[EBP-88],0E0
0040FC04 |. C745 80 F0000 MOV DWORD PTR SS:[EBP-80],0F0
0040FC0B |. C745 88 20010 MOV DWORD PTR SS:[EBP-78],120
0040FC12 |. C745 90 30010 MOV DWORD PTR SS:[EBP-70],130
0040FC19 |. C745 98 E0000 MOV DWORD PTR SS:[EBP-68],0E0
0040FC20 |. C745 A0 F0000 MOV DWORD PTR SS:[EBP-60],0F0
0040FC27 |. C745 A8 30010 MOV DWORD PTR SS:[EBP-58],130
0040FC2E |. C745 B0 40010 MOV DWORD PTR SS:[EBP-50],140
0040FC35 \. E9 41010000 JMP 0040FD7B
0040FC3A 90 NOP
0040FC3B 90 NOP
0040FC3C 90 NOP
0040FC3D 90 NOP
0040FC3E 90 NOP
0040FC3F 90 NOP
0040FC40 . 90 NOP
0040FC41 . 90 NOP
0040FC42 . 90 NOP
0040FC43 . 90 NOP
0040FC44 . 90 NOP
0040FC45 . 90 NOP
0040FC46 . 90 NOP
0040FC47 . 90 NOP
0040FC48 . 90 NOP
0040FC49 . 90 NOP
0040FC4A . 90 NOP
0040FC4B . 90 NOP
0040FC4C . 90 NOP
0040FC4D . 90 NOP
0040FC4E . 90 NOP
0040FC4F . 90 NOP
0040FC50 . 90 NOP
0040FC51 . 90 NOP
0040FC52 . 90 NOP
0040FC53 . 90 NOP
0040FC54 . 90 NOP
0040FC55 . 90 NOP
0040FC56 . 90 NOP
0040FC57 . 90 NOP
0040FC58 . 90 NOP
0040FC59 . 90 NOP
0040FC5A . 90 NOP
0040FC5B /> E8 80260000 CALL 004122E0
0040FC60 |. E8 B55B0600 CALL 0047581A ; [Doukutsu24.0047581A
0040FC65 |. 85C0 TEST EAX,EAX
0040FC67 |. 0F85 1D070000 JNE 0041038A
0040FC6D |. 33C0 XOR EAX,EAX
0040FC6F |. 8985 E8FEFFFF MOV DWORD PTR SS:[EBP-118],EAX
0040FC75 |. 6A 18 PUSH 18 ; /Arg1 = 18
0040FC77 |. E8 64120100 CALL 00420EE0 ; \Doukutsu24.00420EE0
0040FC7C |. 83C4 04 ADD ESP,4
0040FC7F \. E9 19030000 JMP 0040FF9D
0040FC84 90 NOP
0040FC85 90 NOP
0040FC86 90 NOP
0040FC87 90 NOP
0040FC88 90 NOP
0040FC89 90 NOP
0040FC8A 90 NOP
0040FC8B 90 NOP
0040FC8C 90 NOP
0040FC8D 90 NOP
0040FC8E 90 NOP
0040FC8F 90 NOP
0040FC90 . 90 NOP
0040FC91 . 90 NOP
0040FC92 . 90 NOP
0040FC93 . 90 NOP
0040FC94 . 90 NOP
0040FC95 . 90 NOP
0040FC96 . 90 NOP
0040FC97 . 90 NOP
0040FC98 . 90 NOP
0040FC99 . 90 NOP
0040FC9A . 90 NOP
0040FC9B . 90 NOP
0040FC9C . 90 NOP
0040FC9D . 90 NOP
0040FC9E . 90 NOP
0040FC9F . 90 NOP
0040FCA0 . 90 NOP
0040FCA1 . 90 NOP
0040FCA2 . 90 NOP
0040FCA3 . 90 NOP
0040FCA4 . 90 NOP
0040FCA5 . 90 NOP
0040FCA6 . 90 NOP
0040FCA7 . 90 NOP
0040FCA8 . 90 NOP
0040FCA9 . 90 NOP
0040FCAA . 90 NOP
0040FCAB . 90 NOP
0040FCAC . 90 NOP
0040FCAD . 90 NOP
0040FCAE . 90 NOP
0040FCAF . 90 NOP
0040FCB0 . 90 NOP
0040FCB1 . 90 NOP
0040FCB2 . 90 NOP
0040FCB3 . 90 NOP
0040FCB4 . 90 NOP
0040FCB5 . 90 NOP
0040FCB6 . 90 NOP
0040FCB7 . 90 NOP
0040FCB8 . 90 NOP
0040FCB9 . 90 NOP
0040FCBA . 90 NOP
0040FCBB . 90 NOP
0040FCBC . 90 NOP
0040FCBD . 90 NOP
0040FCBE . 90 NOP
0040FCBF . 90 NOP
0040FCC0 . 90 NOP
0040FCC1 . 90 NOP
0040FCC2 . 90 NOP
0040FCC3 . 90 NOP
0040FCC4 . 90 NOP
0040FCC5 . 90 NOP
0040FCC6 . 90 NOP
0040FCC7 . 90 NOP
0040FCC8 . 90 NOP
0040FCC9 . 90 NOP
0040FCCA . 90 NOP
0040FCCB . 90 NOP
0040FCCC . 90 NOP
0040FCCD . 90 NOP
0040FCCE . 90 NOP
0040FCCF . 90 NOP
0040FCD0 . 90 NOP
0040FCD1 . 90 NOP
0040FCD2 . 90 NOP
0040FCD3 . 90 NOP
0040FCD4 . 90 NOP
0040FCD5 . 90 NOP
0040FCD6 . 90 NOP
0040FCD7 . 90 NOP
0040FCD8 . 90 NOP
0040FCD9 . 90 NOP
0040FCDA . 90 NOP
0040FCDB . 90 NOP
0040FCDC . 90 NOP
0040FCDD . 90 NOP
0040FCDE . 90 NOP
0040FCDF . 90 NOP
0040FCE0 . 90 NOP
0040FCE1 . 90 NOP
0040FCE2 . 90 NOP
0040FCE3 . 90 NOP
0040FCE4 . 90 NOP
0040FCE5 . 90 NOP
0040FCE6 . 90 NOP
0040FCE7 . 90 NOP
0040FCE8 . 90 NOP
0040FCE9 . 90 NOP
0040FCEA . 90 NOP
0040FCEB . 90 NOP
0040FCEC . 90 NOP
0040FCED . 90 NOP
0040FCEE . 90 NOP
0040FCEF . 90 NOP
0040FCF0 . 90 NOP
0040FCF1 . 90 NOP
0040FCF2 . 90 NOP
0040FCF3 . 90 NOP
0040FCF4 . 90 NOP
0040FCF5 . 90 NOP
0040FCF6 . 90 NOP
0040FCF7 . 90 NOP
0040FCF8 . 90 NOP
0040FCF9 . 90 NOP
0040FCFA . 90 NOP
0040FCFB . 90 NOP
0040FCFC . 90 NOP
0040FCFD . 90 NOP
0040FCFE . 90 NOP
0040FCFF . 90 NOP
0040FD00 . 90 NOP
0040FD01 . 90 NOP
0040FD02 . 90 NOP
0040FD03 . 90 NOP
0040FD04 . 90 NOP
0040FD05 . 90 NOP
0040FD06 . 90 NOP
0040FD07 . 90 NOP
0040FD08 . 90 NOP
0040FD09 . 90 NOP
0040FD0A . 90 NOP
0040FD0B . 90 NOP
0040FD0C . 90 NOP
0040FD0D . 90 NOP
0040FD0E . 90 NOP
0040FD0F . 90 NOP
0040FD10 . 90 NOP
0040FD11 . 90 NOP
0040FD12 . 90 NOP
0040FD13 . 90 NOP
0040FD14 . 90 NOP
0040FD15 . 90 NOP
0040FD16 . 90 NOP
0040FD17 . 90 NOP
0040FD18 . 90 NOP
0040FD19 . 90 NOP
0040FD1A . 90 NOP
0040FD1B . 90 NOP
0040FD1C . 90 NOP
0040FD1D . 90 NOP
0040FD1E . 90 NOP
0040FD1F . 90 NOP
0040FD20 . 90 NOP
0040FD21 . 90 NOP
0040FD22 . 90 NOP
0040FD23 . 90 NOP
0040FD24 . 90 NOP
0040FD25 . 90 NOP
0040FD26 . 90 NOP
0040FD27 . 90 NOP
0040FD28 . 90 NOP
0040FD29 . 90 NOP
0040FD2A . 90 NOP
0040FD2B . 90 NOP
0040FD2C . 90 NOP
0040FD2D . 90 NOP
0040FD2E . 90 NOP
0040FD2F . 90 NOP
0040FD30 . 90 NOP
0040FD31 . 90 NOP
0040FD32 . 90 NOP
0040FD33 . 90 NOP
0040FD34 . 90 NOP
0040FD35 . 90 NOP
0040FD36 . 90 NOP
0040FD37 . 90 NOP
0040FD38 . 90 NOP
0040FD39 . 90 NOP
0040FD3A . 90 NOP
0040FD3B . 90 NOP
0040FD3C . 90 NOP
0040FD3D . 90 NOP
0040FD3E . 90 NOP
0040FD3F . 90 NOP
0040FD40 . 90 NOP
0040FD41 . 90 NOP
0040FD42 . 90 NOP
0040FD43 . 90 NOP
0040FD44 . 90 NOP
0040FD45 . 90 NOP
0040FD46 . 90 NOP
0040FD47 . 90 NOP
0040FD48 . 90 NOP
0040FD49 . 90 NOP
0040FD4A . 90 NOP
0040FD4B . 90 NOP
0040FD4C . 90 NOP
0040FD4D . 90 NOP
0040FD4E . 90 NOP
0040FD4F . 90 NOP
0040FD50 . 90 NOP
0040FD51 . 90 NOP
0040FD52 . 90 NOP
0040FD53 . 90 NOP
0040FD54 . 90 NOP
0040FD55 . 90 NOP
0040FD56 . 90 NOP
0040FD57 . 90 NOP
0040FD58 . 90 NOP
0040FD59 . 90 NOP
0040FD5A . 90 NOP
0040FD5B . 90 NOP
0040FD5C . 90 NOP
0040FD5D . 90 NOP
0040FD5E . 90 NOP
0040FD5F . 90 NOP
0040FD60 . 90 NOP
0040FD61 . 90 NOP
0040FD62 . 90 NOP
0040FD63 . 90 NOP
0040FD64 . 90 NOP
0040FD65 . 90 NOP
0040FD66 . 90 NOP
0040FD67 . 90 NOP
0040FD68 . 90 NOP
0040FD69 . 90 NOP
0040FD6A . 90 NOP
0040FD6B . 90 NOP
0040FD6C . 90 NOP
0040FD6D . 90 NOP
0040FD6E . 90 NOP
0040FD6F . 90 NOP
0040FD70 . 90 NOP
0040FD71 . 90 NOP
0040FD72 . 90 NOP
0040FD73 . 90 NOP
0040FD74 . 90 NOP
0040FD75 . 90 NOP
0040FD76 . 90 NOP
0040FD77 . 90 NOP
0040FD78 . 90 NOP
0040FD79 . 90 NOP
0040FD7A . 90 NOP
0040FD7B /> E8 D098FFFF CALL 00409650 ; [Doukutsu24.00409650
0040FD80 |. E8 1B120100 CALL 00420FA0 ; [Doukutsu24.00420FA0
0040FD85 |. E8 B66F0000 CALL 00416D40 ; [Doukutsu24.00416D40
0040FD8A |. C785 64FFFFFF MOV DWORD PTR SS:[EBP-9C],0
0040FD94 |. C785 E4FEFFFF MOV DWORD PTR SS:[EBP-11C],0
0040FD9E |. C785 9CFEFFFF MOV DWORD PTR SS:[EBP-164],0
0040FDA8 |. 68 05050500 PUSH 50505 ; /Arg1 = 50505
0040FDAD |. E8 FECAFFFF CALL 0040C8B0 ; \Doukutsu24.0040C8B0
0040FDB2 |. 83C4 04 ADD ESP,4
0040FDB5 |. 8945 C0 MOV DWORD PTR SS:[EBP-40],EAX
0040FDB8 |. 8D45 BC LEA EAX,[EBP-44]
0040FDBB |. 50 PUSH EAX ; /Arg4
0040FDBC |. 8D4D DC LEA ECX,[EBP-24] ; |
0040FDBF |. 51 PUSH ECX ; |Arg3
0040FDC0 |. 8D55 B8 LEA EDX,[EBP-48] ; |
0040FDC3 |. 52 PUSH EDX ; |Arg2
0040FDC4 |. 8D45 D8 LEA EAX,[EBP-28] ; |
0040FDC7 |. 50 PUSH EAX ; |Arg1
0040FDC8 |. E8 C30B0000 CALL 00410990 ; \Doukutsu24.00410990
0040FDCD |. 83C4 10 ADD ESP,10
0040FDD0 |. E8 EBD10000 CALL 0041CFC0
0040FDD5 |. 85C0 TEST EAX,EAX
0040FDD7 |. 74 0C JE SHORT 0040FDE5
0040FDD9 |. C705 E4E14900 MOV DWORD PTR DS:[49E1E4],1
0040FDE3 |. EB 0A JMP SHORT 0040FDEF
0040FDE5 |> C705 E4E14900 MOV DWORD PTR DS:[49E1E4],0
0040FDEF |> E8 CCA90000 CALL 0041A7C0
0040FDF4 |. 8985 9CFEFFFF MOV DWORD PTR SS:[EBP-164],EAX
0040FDFA |. 83BD 9CFEFFFF CMP DWORD PTR SS:[EBP-164],0
0040FE01 |. 74 16 JE SHORT 0040FE19
0040FE03 |. 81BD 9CFEFFFF CMP DWORD PTR SS:[EBP-164],4650
0040FE0D |. 7D 0A JGE SHORT 0040FE19
0040FE0F |. C785 E4FEFFFF MOV DWORD PTR SS:[EBP-11C],1
0040FE19 |> 83BD 9CFEFFFF CMP DWORD PTR SS:[EBP-164],0
0040FE20 |. 74 16 JE SHORT 0040FE38
0040FE22 |. 81BD 9CFEFFFF CMP DWORD PTR SS:[EBP-164],3A98
0040FE2C |. 7D 0A JGE SHORT 0040FE38
0040FE2E |. C785 E4FEFFFF MOV DWORD PTR SS:[EBP-11C],2
0040FE38 |> 83BD 9CFEFFFF CMP DWORD PTR SS:[EBP-164],0
0040FE3F |. 74 16 JE SHORT 0040FE57
0040FE41 |. 81BD 9CFEFFFF CMP DWORD PTR SS:[EBP-164],2EE0
0040FE4B |. 7D 0A JGE SHORT 0040FE57
0040FE4D |. C785 E4FEFFFF MOV DWORD PTR SS:[EBP-11C],3
0040FE57 |> 83BD 9CFEFFFF CMP DWORD PTR SS:[EBP-164],0
0040FE5E |. 74 16 JE SHORT 0040FE76
0040FE60 |. 81BD 9CFEFFFF CMP DWORD PTR SS:[EBP-164],2328
0040FE6A |. 7D 0A JGE SHORT 0040FE76
0040FE6C |. C785 E4FEFFFF MOV DWORD PTR SS:[EBP-11C],4
0040FE76 |> 83BD E4FEFFFF CMP DWORD PTR SS:[EBP-11C],1
0040FE7D |. 75 0C JNE SHORT 0040FE8B
0040FE7F 6A 24 PUSH 24
0040FE81 |. E8 5A100100 CALL 00420EE0
0040FE86 |. 83C4 04 ADD ESP,4
0040FE89 |. EB 49 JMP SHORT 0040FED4
0040FE8B |> 83BD E4FEFFFF CMP DWORD PTR SS:[EBP-11C],2
0040FE92 |. 75 0C JNE SHORT 0040FEA0
0040FE94 6A 28 PUSH 28
0040FE96 |. E8 45100100 CALL 00420EE0
0040FE9B |. 83C4 04 ADD ESP,4
0040FE9E |. EB 34 JMP SHORT 0040FED4
0040FEA0 |> 83BD E4FEFFFF CMP DWORD PTR SS:[EBP-11C],3
0040FEA7 |. 75 0C JNE SHORT 0040FEB5
0040FEA9 6A 29 PUSH 29
0040FEAB |. E8 30100100 CALL 00420EE0
0040FEB0 |. 83C4 04 ADD ESP,4
0040FEB3 |. EB 1F JMP SHORT 0040FED4
0040FEB5 |> 83BD E4FEFFFF CMP DWORD PTR SS:[EBP-11C],4
0040FEBC |. 75 0C JNE SHORT 0040FECA
0040FEBE 6A 02 PUSH 2
0040FEC0 |. E8 1B100100 CALL 00420EE0
0040FEC5 |. 83C4 04 ADD ESP,4
0040FEC8 |. EB 0A JMP SHORT 0040FED4
0040FECA 6A 19 PUSH 19
0040FECC |. E8 0F100100 CALL 00420EE0
0040FED1 |. 83C4 04 ADD ESP,4
0040FED4 |> C705 1CF94800 MOV DWORD PTR DS:[48F91C],0
0040FEDE |. C705 E8E14900 MOV DWORD PTR DS:[49E1E8],0
0040FEE8 |. 8B0D 50E64900 MOV ECX,DWORD PTR DS:[49E650]
0040FEEE |. 81C9 00010000 OR ECX,00000100
0040FEF4 |. 890D 50E64900 MOV DWORD PTR DS:[49E650],ECX
0040FEFA |. C785 E8FEFFFF MOV DWORD PTR SS:[EBP-118],0
0040FF04 |> BA 01000000 MOV EDX,1
0040FF09 |. 85D2 TEST EDX,EDX
0040FF0B |. 0F84 79040000 JE 0041038A
0040FF11 |. 83BD E8FEFFFF CMP DWORD PTR SS:[EBP-118],0A
0040FF18 |. 73 0F JNB SHORT 0040FF29
0040FF1A |. 8B85 E8FEFFFF MOV EAX,DWORD PTR SS:[EBP-118]
0040FF20 |. 83C0 01 ADD EAX,1
0040FF23 |. 8985 E8FEFFFF MOV DWORD PTR SS:[EBP-118],EAX
0040FF29 |> E8 B2230000 CALL 004122E0
0040FF2E |. 83BD E8FEFFFF CMP DWORD PTR SS:[EBP-118],0A
0040FF35 |. 72 1F JB SHORT 0040FF56
0040FF37 |. 8B0D 14E24900 MOV ECX,DWORD PTR DS:[49E214]
0040FF3D |. 230D 28364900 AND ECX,DWORD PTR DS:[493628]
0040FF43 |. 74 11 JE SHORT 0040FF56
0040FF45 |. 6A 01 PUSH 1 ; /Arg2 = 1
0040FF47 |. 6A 1D PUSH 1D ; |Arg1 = 1D
0040FF49 |. E8 F2060100 CALL 00420640 ; \Doukutsu24.00420640
0040FF4E |. 83C4 08 ADD ESP,8
0040FF51 |.^ E9 05FDFFFF JMP 0040FC5B
0040FF56 |> 8B15 14E24900 MOV EDX,DWORD PTR DS:[49E214]
0040FF5C |. 81E2 00800000 AND EDX,00008000
0040FF62 |. 74 39 JE SHORT 0040FF9D
0040FF64 |. A1 58E44900 MOV EAX,DWORD PTR DS:[49E458]
0040FF69 |. 50 PUSH EAX ; /Arg1 => [49E458] = 0
0040FF6A |. E8 01DEFFFF CALL 0040DD70 ; \Doukutsu24.0040DD70
0040FF6F |. 83C4 04 ADD ESP,4
0040FF72 |. 8985 14FEFFFF MOV DWORD PTR SS:[EBP-1EC],EAX
0040FF78 |. 83BD 14FEFFFF CMP DWORD PTR SS:[EBP-1EC],0
0040FF7F |. 74 0B JE SHORT 0040FF8C
0040FF81 |. 83BD 14FEFFFF CMP DWORD PTR SS:[EBP-1EC],2
0040FF88 |. 74 09 JE SHORT 0040FF93
0040FF8A |. EB 11 JMP SHORT 0040FF9D
0040FF8C |> 33C0 XOR EAX,EAX
0040FF8E |. E9 55040000 JMP 004103E8
0040FF93 |> B8 01000000 MOV EAX,1
0040FF98 |. E9 4B040000 JMP 004103E8
0040FF9D |> 8B0D 34364900 MOV ECX,DWORD PTR DS:[493634]
0040FFA3 |. 0B0D 3C364900 OR ECX,DWORD PTR DS:[49363C]
0040FFA9 |. 230D 14E24900 AND ECX,DWORD PTR DS:[49E214]
0040FFAF |. 74 2B JE SHORT 0040FFDC
0040FFB1 |. 6A 01 PUSH 1 ; /Arg2 = 1
0040FFB3 |. 6A 25 PUSH 25 ; |Arg1 = 25
0040FFB5 |. E8 86060100 CALL 00420640 ; \Doukutsu24.00420640
0040FFBA |. 83C4 08 ADD ESP,8
0040FFBD |. 833D E4E14900 CMP DWORD PTR DS:[49E1E4],0
0040FFC4 |. 74 0C JE SHORT 0040FFD2
0040FFC6 |. C705 E4E14900 MOV DWORD PTR DS:[49E1E4],0
0040FFD0 |. EB 0A JMP SHORT 0040FFDC
0040FFD2 |> C705 E4E14900 MOV DWORD PTR DS:[49E1E4],1
0040FFDC |> E8 6FABFFFF CALL 0040AB50 ; [Doukutsu24.0040AB50
0040FFE1 |. 8B95 64FFFFFF MOV EDX,DWORD PTR SS:[EBP-9C]
0040FFE7 |. 83C2 01 ADD EDX,1
0040FFEA |. 8995 64FFFFFF MOV DWORD PTR SS:[EBP-9C],EDX
0040FFF0 |. 83BD 64FFFFFF CMP DWORD PTR SS:[EBP-9C],28
0040FFF7 |. 7C 0A JL SHORT 00410003
0040FFF9 |. C785 64FFFFFF MOV DWORD PTR SS:[EBP-9C],0
00410003 |> 8B45 C0 MOV EAX,DWORD PTR SS:[EBP-40]
00410006 |. 50 PUSH EAX ; /Arg2
00410007 |. 68 1CF94800 PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
0041000C |. E8 CFC9FFFF CALL 0040C9E0 ; \Doukutsu24.0040C9E0
00410011 |. 83C4 08 ADD ESP,8
00410014 |. 6A 1A PUSH 1A ; /Arg5 = 1A
00410016 |. 8D4D C8 LEA ECX,[EBP-38] ; |
00410019 |. 51 PUSH ECX ; |Arg4
0041001A |. 68 D8000000 PUSH 0D8 ; |Arg3 = 0D8
0041001F |. 6A 64 PUSH 64 ; |Arg2 = 64
00410021 |. 68 1CF94800 PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
00410026 |. E8 95C3FFFF CALL 0040C3C0 ; \Doukutsu24.0040C3C0
0041002B |. 83C4 14 ADD ESP,14
0041002E |. 6A 1A PUSH 1A ; /Arg5 = 1A
00410030 |. 8D95 68FFFFFF LEA EDX,[EBP-98] ; |
00410036 |. 52 PUSH EDX ; |Arg4
00410037 |. 68 D8000000 PUSH 0D8 ; |Arg3 = 0D8
0041003C |. 68 9C000000 PUSH 9C ; |Arg2 = 9C
00410041 |. 68 1CF94800 PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
00410046 |. E8 75C3FFFF CALL 0040C3C0 ; \Doukutsu24.0040C3C0
0041004B |. 83C4 14 ADD ESP,14
0041004E |. 6A 00 PUSH 0 ; /Arg4 = 0
00410050 |. 8B45 D8 MOV EAX,DWORD PTR SS:[EBP-28] ; |
00410053 |. 50 PUSH EAX ; |Arg3
00410054 |. 68 D8000000 PUSH 0D8 ; |Arg2 = 0D8
00410059 |. 68 8C000000 PUSH 8C ; |Arg1 = 8C
0041005E |. E8 1DF3FFFF CALL 0040F380 ; \Doukutsu24.0040F380
00410063 |. 83C4 10 ADD ESP,10
00410066 |. 6A 00 PUSH 0 ; /Arg4 = 0
00410068 |. 8B4D B8 MOV ECX,DWORD PTR SS:[EBP-48] ; |
0041006B |. 51 PUSH ECX ; |Arg3
0041006C |. 68 D8000000 PUSH 0D8 ; |Arg2 = 0D8
00410071 |. 68 9C000000 PUSH 9C ; |Arg1 = 9C
00410076 |. E8 05F3FFFF CALL 0040F380 ; \Doukutsu24.0040F380
0041007B |. 83C4 10 ADD ESP,10
0041007E |. 6A 00 PUSH 0 ; /Arg4 = 0
00410080 |. 8B55 DC MOV EDX,DWORD PTR SS:[EBP-24] ; |
00410083 |. 52 PUSH EDX ; |Arg3
00410084 |. 68 D8000000 PUSH 0D8 ; |Arg2 = 0D8
00410089 |. 68 AC000000 PUSH 0AC ; |Arg1 = 0AC
0041008E |. E8 EDF2FFFF CALL 0040F380 ; \Doukutsu24.0040F380
00410093 |. 83C4 10 ADD ESP,10
00410096 |. 6A 00 PUSH 0 ; /Arg4 = 0
00410098 |. 8B45 BC MOV EAX,DWORD PTR SS:[EBP-44] ; |
0041009B |. 50 PUSH EAX ; |Arg3
0041009C |. 68 D8000000 PUSH 0D8 ; |Arg2 = 0D8
004100A1 |. 68 BC000000 PUSH 0BC ; |Arg1 = 0BC
004100A6 |. E8 D5F2FFFF CALL 0040F380 ; \Doukutsu24.0040F380
004100AB |. 83C4 10 ADD ESP,10
004100AE |. 6A 00 PUSH 0 ; /Arg5 = 0
004100B0 |. 8D4D E0 LEA ECX,[EBP-20] ; |
004100B3 |. 51 PUSH ECX ; |Arg4
004100B4 |. 6A 28 PUSH 28 ; |Arg3 = 28
004100B6 |. 6A 58 PUSH 58 ; |Arg2 = 58
004100B8 |. 68 1CF94800 PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
004100BD |. E8 FEC2FFFF CALL 0040C3C0 ; \Doukutsu24.0040C3C0
004100C2 |. 83C4 14 ADD ESP,14
004100C5 |. 6A 00 PUSH 0 ; /Arg5 = 0
004100C7 |. 8D95 10FFFFFF LEA EDX,[EBP-0F0] ; |
004100CD |. 52 PUSH EDX ; |Arg4
004100CE |. 68 80010000 PUSH 180 ; |Arg3 = 180
004100D3 |. 68 88010000 PUSH 188 ; |Arg2 = 188
004100D8 |. 68 1CF94800 PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
004100DD |. E8 DEC2FFFF CALL 0040C3C0 ; \Doukutsu24.0040C3C0
004100E2 |. 83C4 14 ADD ESP,14
004100E5 |. 6A 00 PUSH 0 ; /Arg5 = 0
004100E7 |. 8D45 F0 LEA EAX,[EBP-10] ; |
004100EA |. 50 PUSH EAX ; |Arg4
004100EB |. 68 94010000 PUSH 194 ; |Arg3 = 194
004100F0 |. 68 88010000 PUSH 188 ; |Arg2 = 188
004100F5 |. 68 1CF94800 PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
004100FA |. E8 C1C2FFFF CALL 0040C3C0 ; \Doukutsu24.0040C3C0
004100FF |. 83C4 14 ADD ESP,14
00410102 |. 6A 01 PUSH 1 ; /Arg5 = 1
00410104 |. 8D8D ECFEFFFF LEA ECX,[EBP-114] ; |
0041010A |. 51 PUSH ECX ; |Arg4
0041010B |. 68 C0000000 PUSH 0C0 ; |Arg3 = 0C0
00410110 |. 6A 50 PUSH 50 ; |Arg2 = 50
00410112 |. 68 1CF94800 PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
00410117 |. E8 A4C2FFFF CALL 0040C3C0 ; \Doukutsu24.0040C3C0
0041011C |. 83C4 14 ADD ESP,14
0041011F |. 8B95 E4FEFFFF MOV EDX,DWORD PTR SS:[EBP-11C]
00410125 |. 8995 10FEFFFF MOV DWORD PTR SS:[EBP-1F0],EDX
0041012B |. 83BD 10FEFFFF CMP DWORD PTR SS:[EBP-1F0],4
00410132 |. 0F87 A4010000 JA 004102DC
00410138 |. 8B85 10FEFFFF MOV EAX,DWORD PTR SS:[EBP-1F0]
0041013E |. FF2485 EC0341 JMP DWORD PTR DS:[EAX*4+4103EC]
00410145 |> 8B85 64FFFFFF MOV EAX,DWORD PTR SS:[EBP-9C]
0041014B |. 99 CDQ
0041014C |. B9 0A000000 MOV ECX,0A
00410151 |. F7F9 IDIV ECX
00410153 |. 25 03000080 AND EAX,80000003
00410158 |. 79 05 JNS SHORT 0041015F
0041015A |. 48 DEC EAX
0041015B |. 83C8 FC OR EAX,FFFFFFFC
0041015E |. 40 INC EAX
0041015F |> C1E0 04 SHL EAX,4
00410162 |. 8D9405 18FEFF LEA EDX,[EAX+EBP-1E8]
00410169 |. 8B02 MOV EAX,DWORD PTR DS:[EDX]
0041016B |. 8985 FCFEFFFF MOV DWORD PTR SS:[EBP-104],EAX
00410171 |. 8B4A 04 MOV ECX,DWORD PTR DS:[EDX+4]
00410174 |. 898D 00FFFFFF MOV DWORD PTR SS:[EBP-100],ECX
0041017A |. 8B42 08 MOV EAX,DWORD PTR DS:[EDX+8]
0041017D |. 8985 04FFFFFF MOV DWORD PTR SS:[EBP-0FC],EAX
00410183 |. 8B4A 0C MOV ECX,DWORD PTR DS:[EDX+0C]
00410186 |. 898D 08FFFFFF MOV DWORD PTR SS:[EBP-0F8],ECX
0041018C |. C745 C4 10000 MOV DWORD PTR SS:[EBP-3C],10
00410193 \. E9 44010000 JMP 004102DC
00410198 /> 8B85 64FFFFFF MOV EAX,DWORD PTR SS:[EBP-9C]
0041019E |. 99 CDQ
0041019F |. B9 0A000000 MOV ECX,0A
004101A4 |. F7F9 IDIV ECX
004101A6 |. 25 03000080 AND EAX,80000003
004101AB |. 79 05 JNS SHORT 004101B2
004101AD |. 48 DEC EAX
004101AE |. 83C8 FC OR EAX,FFFFFFFC
004101B1 |. 40 INC EAX
004101B2 |> C1E0 04 SHL EAX,4
004101B5 |. 8D9405 20FFFF LEA EDX,[EAX+EBP-0E0]
004101BC |. 8B02 MOV EAX,DWORD PTR DS:[EDX]
004101BE |. 8985 FCFEFFFF MOV DWORD PTR SS:[EBP-104],EAX
004101C4 |. 8B4A 04 MOV ECX,DWORD PTR DS:[EDX+4]
004101C7 |. 898D 00FFFFFF MOV DWORD PTR SS:[EBP-100],ECX
004101CD |. 8B42 08 MOV EAX,DWORD PTR DS:[EDX+8]
004101D0 |. 8985 04FFFFFF MOV DWORD PTR SS:[EBP-0FC],EAX
004101D6 |. 8B4A 0C MOV ECX,DWORD PTR DS:[EDX+0C]
004101D9 |. 898D 08FFFFFF MOV DWORD PTR SS:[EBP-0F8],ECX
004101DF |. C745 C4 17000 MOV DWORD PTR SS:[EBP-3C],17
004101E6 \. E9 F1000000 JMP 004102DC
004101EB /> 8B85 64FFFFFF MOV EAX,DWORD PTR SS:[EBP-9C]
004101F1 |. 99 CDQ
004101F2 |. B9 0A000000 MOV ECX,0A
004101F7 |. F7F9 IDIV ECX
004101F9 |. 25 03000080 AND EAX,80000003
004101FE |. 79 05 JNS SHORT 00410205
00410200 |. 48 DEC EAX
00410201 |. 83C8 FC OR EAX,FFFFFFFC
00410204 |. 40 INC EAX
00410205 |> C1E0 04 SHL EAX,4
00410208 |. 8D9405 A0FEFF LEA EDX,[EAX+EBP-160]
0041020F |. 8B02 MOV EAX,DWORD PTR DS:[EDX]
00410211 |. 8985 FCFEFFFF MOV DWORD PTR SS:[EBP-104],EAX
00410217 |. 8B4A 04 MOV ECX,DWORD PTR DS:[EDX+4]
0041021A |. 898D 00FFFFFF MOV DWORD PTR SS:[EBP-100],ECX
00410220 |. 8B42 08 MOV EAX,DWORD PTR DS:[EDX+8]
00410223 |. 8985 04FFFFFF MOV DWORD PTR SS:[EBP-0FC],EAX
00410229 |. 8B4A 0C MOV ECX,DWORD PTR DS:[EDX+0C]
0041022C |. 898D 08FFFFFF MOV DWORD PTR SS:[EBP-0F8],ECX
00410232 |. C745 C4 17000 MOV DWORD PTR SS:[EBP-3C],17
00410239 \. E9 9E000000 JMP 004102DC
0041023E /> 8B85 64FFFFFF MOV EAX,DWORD PTR SS:[EBP-9C]
00410244 |. 99 CDQ
00410245 |. B9 0A000000 MOV ECX,0A
0041024A |. F7F9 IDIV ECX
0041024C |. 25 03000080 AND EAX,80000003
00410251 |. 79 05 JNS SHORT 00410258
00410253 |. 48 DEC EAX
00410254 |. 83C8 FC OR EAX,FFFFFFFC
00410257 |. 40 INC EAX
00410258 |> C1E0 04 SHL EAX,4
0041025B |. 8D9405 78FFFF LEA EDX,[EAX+EBP-88]
00410262 |. 8B02 MOV EAX,DWORD PTR DS:[EDX]
00410264 |. 8985 FCFEFFFF MOV DWORD PTR SS:[EBP-104],EAX
0041026A |. 8B4A 04 MOV ECX,DWORD PTR DS:[EDX+4]
0041026D |. 898D 00FFFFFF MOV DWORD PTR SS:[EBP-100],ECX
00410273 |. 8B42 08 MOV EAX,DWORD PTR DS:[EDX+8]
00410276 |. 8985 04FFFFFF MOV DWORD PTR SS:[EBP-0FC],EAX
0041027C |. 8B4A 0C MOV ECX,DWORD PTR DS:[EDX+0C]
0041027F |. 898D 08FFFFFF MOV DWORD PTR SS:[EBP-0F8],ECX
00410285 |. C745 C4 17000 MOV DWORD PTR SS:[EBP-3C],17
0041028C \. EB 4E JMP SHORT 004102DC
0041028E /> 8B85 64FFFFFF MOV EAX,DWORD PTR SS:[EBP-9C]
00410294 |. 99 CDQ
00410295 |. B9 0A000000 MOV ECX,0A
0041029A |. F7F9 IDIV ECX
0041029C |. 25 03000080 AND EAX,80000003
004102A1 |. 79 05 JNS SHORT 004102A8
004102A3 |. 48 DEC EAX
004102A4 |. 83C8 FC OR EAX,FFFFFFFC
004102A7 |. 40 INC EAX
004102A8 |> C1E0 04 SHL EAX,4
004102AB |. 8D9405 58FEFF LEA EDX,[EAX+EBP-1A8]
004102B2 |. 8B02 MOV EAX,DWORD PTR DS:[EDX]
004102B4 |. 8985 FCFEFFFF MOV DWORD PTR SS:[EBP-104],EAX
004102BA |. 8B4A 04 MOV ECX,DWORD PTR DS:[EDX+4]
004102BD |. 898D 00FFFFFF MOV DWORD PTR SS:[EBP-100],ECX
004102C3 |. 8B42 08 MOV EAX,DWORD PTR DS:[EDX+8]
004102C6 |. 8985 04FFFFFF MOV DWORD PTR SS:[EBP-0FC],EAX
004102CC |. 8B4A 0C MOV ECX,DWORD PTR DS:[EDX+0C]
004102CF |. 898D 08FFFFFF MOV DWORD PTR SS:[EBP-0F8],ECX
004102D5 |. C745 C4 17000 MOV DWORD PTR SS:[EBP-3C],17
004102DC |> 833D E4E14900 CMP DWORD PTR DS:[49E1E4],0
004102E3 |. 75 0C JNE SHORT 004102F1
004102E5 |. C785 0CFFFFFF MOV DWORD PTR SS:[EBP-0F4],7F
004102EF |. EB 0A JMP SHORT 004102FB
004102F1 |> C785 0CFFFFFF MOV DWORD PTR SS:[EBP-0F4],93
004102FB |> 833D E4E14900 CMP DWORD PTR DS:[49E1E4],0
00410302 |. 75 23 JNE SHORT 00410327
00410304 |. 8B55 C4 MOV EDX,DWORD PTR SS:[EBP-3C]
00410307 |. 52 PUSH EDX ; /Arg5
00410308 |. 8D85 FCFEFFFF LEA EAX,[EBP-104] ; |
0041030E |. 50 PUSH EAX ; |Arg4
0041030F |. 8B8D 0CFFFFFF MOV ECX,DWORD PTR SS:[EBP-0F4] ; |
00410315 |. 51 PUSH ECX ; |Arg3
00410316 |. 6A 74 PUSH 74 ; |Arg2 = 74
00410318 |. 68 1CF94800 PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
0041031D |. E8 9EC0FFFF CALL 0040C3C0 ; \Doukutsu24.0040C3C0
00410322 |. 83C4 14 ADD ESP,14
00410325 |. EB 21 JMP SHORT 00410348
00410327 |> 8B55 C4 MOV EDX,DWORD PTR SS:[EBP-3C]
0041032A |. 52 PUSH EDX ; /Arg5
0041032B |. 8D85 FCFEFFFF LEA EAX,[EBP-104] ; |
00410331 |. 50 PUSH EAX ; |Arg4
00410332 |. 8B8D 0CFFFFFF MOV ECX,DWORD PTR SS:[EBP-0F4] ; |
00410338 |. 51 PUSH ECX ; |Arg3
00410339 |. 6A 74 PUSH 74 ; |Arg2 = 74
0041033B |. 68 1CF94800 PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
00410340 |. E8 7BC0FFFF CALL 0040C3C0 ; \Doukutsu24.0040C3C0
00410345 |. 83C4 14 ADD ESP,14
00410348 |> 6A 00 PUSH 0 ; /Arg2 = 0
0041034A |. 6A 00 PUSH 0 ; |Arg1 = 0
0041034C |. E8 6FA8FFFF CALL 0040ABC0 ; \Doukutsu24.0040ABC0
00410351 |. 83C4 08 ADD ESP,8
00410354 |. 83BD 9CFEFFFF CMP DWORD PTR SS:[EBP-164],0
0041035B |. 74 0C JE SHORT 00410369
0041035D |. 6A 08 PUSH 8 ; /Arg2 = 8
0041035F |. 6A 10 PUSH 10 ; |Arg1 = 10
00410361 |. E8 CAA00000 CALL 0041A430 ; \Doukutsu24.0041A430
00410366 |. 83C4 08 ADD ESP,8
00410369 |> E8 02200000 CALL 00412370 ; [Doukutsu24.00412370
0041036E |. 8B15 58E44900 MOV EDX,DWORD PTR DS:[49E458]
00410374 |. 52 PUSH EDX ; /Arg1 => [49E458] = 0
00410375 |. E8 C6AFFFFF CALL 0040B340 ; \Doukutsu24.0040B340
0041037A |. 83C4 04 ADD ESP,4
0041037D |. 85C0 TEST EAX,EAX
0041037F |.^ 75 04 JNE SHORT 00410385
00410381 |. 33C0 XOR EAX,EAX
00410383 |. EB 63 JMP SHORT 004103E8
00410385 |>^ E9 7AFBFFFF JMP 0040FF04
0041038A |> 6A 00 PUSH 0 ; /Arg1 = 0
0041038C |. E8 4F0B0100 CALL 00420EE0 ; \Doukutsu24.00420EE0
00410391 |. 83C4 04 ADD ESP,4
00410394 |. FF15 24C14800 CALL DWORD PTR DS:[<&KERNEL32.GetTickCou ; [KERNEL32.GetTickCount
0041039A |. 8985 E8FEFFFF MOV DWORD PTR SS:[EBP-118],EAX
004103A0 |> FF15 24C14800 /CALL DWORD PTR DS:[<&KERNEL32.GetTickCo ; [KERNEL32.GetTickCount
004103A6 |. 8B8D E8FEFFFF |MOV ECX,DWORD PTR SS:[EBP-118]
004103AC |. 81C1 E8030000 |ADD ECX,3E8
004103B2 |. 3BC1 |CMP EAX,ECX
004103B4 |. 73 2D |JNB SHORT 004103E3
004103B6 |. 6A 00 |PUSH 0 ; /Arg2 = 0
004103B8 |. 68 1CF94800 |PUSH OFFSET 0048F91C ; |Arg1 = Doukutsu24.48F91C
004103BD |. E8 1EC6FFFF |CALL 0040C9E0 ; \Doukutsu24.0040C9E0
004103C2 |. 83C4 08 |ADD ESP,8
004103C5 |. E8 A61F0000 |CALL 00412370 ; [Doukutsu24.00412370
004103CA |. 8B15 58E44900 |MOV EDX,DWORD PTR DS:[49E458]
004103D0 |. 52 |PUSH EDX ; /Arg1 => [49E458] = 0
004103D1 |. E8 6AAFFFFF |CALL 0040B340 ; \Doukutsu24.0040B340
004103D6 |. 83C4 04 |ADD ESP,4
004103D9 |. 85C0 |TEST EAX,EAX
004103DB |.^ 75 04 |JNE SHORT 004103E1
004103DD |. 33C0 |XOR EAX,EAX
004103DF |. EB 07 |JMP SHORT 004103E8
004103E1 |>^ EB BD \JMP SHORT 004103A0
004103E3 |> B8 03000000 MOV EAX,3
004103E8 |> 8BE5 MOV ESP,EBP
004103EA |. 5D POP EBP
004103EB \. C3 RETN

As you can see, a lot of NOP's in the middle, I'm sure that something could be squeezed in there.

 

Hex would be preferred for binary pasting into the code.
Your problem is in an earlier part of the code than this. I was just asking for the three-save code because I could benefit from it in my mod.
The problem with putting a JMP to the empty space in there is I'm guessing you don't know what the code does with that space, so it could cause hidden issues with your game. I would suggest using the space at the end of the executable to add lines of code instead.

 

How do I find the Title screen code in Ollydbg? If there is no way to open it in
ollydbg What should I use to hack the title screen?

 

You use Ollydbg to hack the title screen. Go to address 0040F9B0. Here is the information given by the assembly compendium relevant to hacking the title screen:

Spoiler

Title Screen Frames
Code:
40f9b0		frame[-0x0020] = { 0x00000000, 0x00000000, 0x00000090, 0x00000028 }		//	000 000  144 040: Title Screen		
40f9d5		frame[-0x0114] = { 0x00000000, 0x00000000, 0x000000a0, 0x00000010 }		//	000 000  160 016: Studio Pixel		
40f9fd		frame[-0x00f0] = { 0x00000090, 0x00000000, 0x000000c0, 0x00000010 }		//	144 000  192 016: New				
40fa25		frame[-0x0010] = { 0x00000090, 0x00000010, 0x000000c0, 0x00000020 }		//	144 016  192 032: Continue			
40fa41		frame[-0x0038] = { 0x00000098, 0x00000050, 0x000000d0, 0x00000058 }		//	152 080  208 088: Version			
40fa5d		frame[-0x0098] = { 0x00000098, 0x00000058, 0x000000d0, 0x00000060 }		//	152 088  208 076: Version Dots		
40fa85		frame[-0x01e8] = { 0x00000000, 0x00000010, 0x00000010, 0x00000020 }		//	000 016  016 032: Quote Frame A		
40faad		frame[-0x01d8] = { 0x00000010, 0x00000010, 0x00000020, 0x00000020 }		//	016 016  032 032: Quote Frame B		
40fad5		frame[-0x01c8] = { 0x00000000, 0x00000010, 0x00000010, 0x00000020 }		//	000 016  016 032: Quote Frame C		
40fafd		frame[-0x01b8] = { 0x00000020, 0x00000010, 0x00000030, 0x00000020 }		//	032 016  048 032: Quote Frame D		
40fb25		frame[-0x00e0] = { 0x00000000, 0x00000070, 0x00000010, 0x00000080 }		//	000 112  016 128: Curly Frame A		
40fb4d		frame[-0x00d0] = { 0x00000010, 0x00000070, 0x00000020, 0x00000080 }		//	016 112  032 128: Curly Frame B		
40fb75		frame[-0x00c0] = { 0x00000000, 0x00000070, 0x00000010, 0x00000080 }		//	000 112  016 128: Curly Frame C		
40fb9d		frame[-0x00b0] = { 0x00000020, 0x00000070, 0x00000030, 0x00000080 }		//	032 112  048 128: Curly Frame D		
40fbc5		frame[-0x0160] = { 0x00000040, 0x00000050, 0x00000050, 0x00000060 }		//	064 080  080 096: Toroko Frame A	
40fbed		frame[-0x0150] = { 0x00000050, 0x00000050, 0x00000060, 0x00000060 }		//	080 080  096 096: Toroko Frame B	
40fc15		frame[-0x0140] = { 0x00000040, 0x00000050, 0x00000050, 0x00000060 }		//	064 080  080 096: Toroko Frame C	
40fc3d		frame[-0x0130] = { 0x00000060, 0x00000050, 0x00000070, 0x00000060 }		//	096 080  112 096: Toroko Frame D	
40fc65		frame[-0x0088] = { 0x000000e0, 0x00000030, 0x000000f0, 0x00000040 }
		//	224 048  240 064: King Frame A		
40fc87		frame[-0x0078] = { 0x00000120, 0x00000030, 0x00000130, 0x00000040 }		//	288 048  304 064: King Frame B		
40fca3		frame[-0x0068] = { 0x000000e0, 0x00000030, 0x000000f0, 0x00000040 }
		//	224 048  240 064: King Frame C		
40fcbf		frame[-0x0058] = { 0x00000130, 0x00000030, 0x00000140, 0x00000040 }		//	304 048  320 064: King Frame D		
40fcdb		frame[-0x01a8] = { 0x00000000, 0x00000010, 0x00000010, 0x00000020 }		//	000 016  016 032: Sue Frame A		
40fd03		frame[-0x0198] = { 0x00000020, 0x00000010, 0x00000030, 0x00000020 }		//	032 016  048 032: Sue Frame B		
40fd2b		frame[-0x0188] = { 0x00000000, 0x00000010, 0x00000010, 0x00000020 }		//	000 016  016 032: Sue Frame C		
40fd53		frame[-0x0178] = { 0x00000030, 0x00000010, 0x00000040, 0x00000020 }		//	048 016  064 032: Sue Frame D

This is also the start of the title screen code.

Change the background color
Around 0000FDA8, the game PUSHes a number onto the stack: 0x202020 (20 20 20 00) Immediately afterwards, 
it calls a function which sets the background color. You can change this value to any other RGB number to have a different title screen background color.

Change the version number
This had me strumped for a bit. The game's version number seems quite well-hidden indeed. 
Well, you won't find it anywhere in the code. It's ridiculously simple, it turns out. Just right-click, go into properties, 
and under the version tab... well, you get the picture. Now go ahead and make that mod of yours version 1.0.0.0.

Change the hell times
Code:
			//	Determine which mode the title screen is in, based on the best hell time.									
40fdfa		if(L0164_HellBestTime != 0)
40fe03			if(L0164_HellBestTime <= 18000)
40fe0f				L011C_Mode = 1

40fe19		if(L0164_HellBestTime != 0)
40fe22			if(L0164_HellBestTime <= 15000)
40fe2e				L011C_Mode = 2

40fe38		if(L0164_HellBestTime != 0)
40fe41			if(L0164_HellBestTime <= 12000)
40fe4d				L011C_Mode = 3

40fe57		if(L0164_HellBestTime != 0)
40fe60			if(L0164_HellBestTime <=  9000)
40fe6c				L011C_Mode = 4
Here's what the code looks like. Time /3000 = minutes?

Some sounds...
0000FF47: change the 12 00 00 00 being pushed into something else to change the selection sound.
0000FFB3: change the 01 00 00 00 being pushed into something else to change the movement sound.


For the most up-to-date and complete information, please refer to the pages from which this information was copied.

Offsets List: http://www.miraigamer.net/forums/showthread.php?t=942
NPC Pointer Table: http://spgardebiter.sp.funpic.de/CaveStory/FAQ/NPC.txt
General Guide: http://www.miraigamer.net/forums/showthread.php?t=2590
TSC Guide: http://www.miraigamer.net/forums/showpost.php?p=54276&postcount=36
http://www.miraigamer.net/forums/showpost.php?p=43463&postcount=33
Special effect functions: http://www.miraigamer.net/forums/showthread.php?t=1296
More functions: http://www.miraigamer.net/forums/showpost.php?p=54346&postcount=39
NPC Hacking: http://www.miraigamer.net/forums/showthread.php?t=1290
http://spgardebiter.sp.funpic.de/CaveStory/FAQ/Advanced%20NPC.txt
Title Screen Hacking: http://www.miraigamer.net/forums/showthread.php?t=1314


Random Crap I found and stuck at the back:

416990 – What happens when you drown. Checks left/rightness.

40ee70 = camera code (courtesy of GIRakaCHEEZER)

4937b0 = Old map data.
49a000 = New map data?

41f710 = Firing the Nemesis? contains various datas such as bullet pos. and sound.

417e40 = Tile code

4180f7 - 2nd no NPC tile
417b70

419B0A - Death

420bE0 - Something to do with loading map data?

419030 = Collision Detection algorithm (entity)

40f9b0 - Title Screen

200 (hex) = 1 pixel
2000 (hex) = 1 tile

00410836      6A 01         |PUSH 1     
00410838      E8 93990000   |CALL KingLoad.0041A1D0  
0041083D      83C4 04       |ADD ESP,4
Render Health Bar

00410840      6A 01         |PUSH 1       
00410842      E8 C9940000   |CALL KingLoad.00419D10 
00410847      83C4 04       |ADD ESP,4
Render XP Bar, misc UI

004106F5      E8 76E0FFFF   CALL TimgTest.0040E770
<FAI and <FAO

00410815      6A 00         PUSH 0    
00410817      E8 343A0000   CALL TimgTest.00414250  
0041081C      83C4 04       ADD ESP,4
<MNA


410856 - Render Weapon Icons Call

403eff = Calls 40c3c0 for drawing bullets

40f59f = Calls 40c3c0 for rendering the #s for lvl, HP and ammo

410307 = Calls GFX for mychar, top selection.
41032A = Calls GFX for mychar on title screen

413bFA = Calls GFX for map tileset, "Background layer" tiles.
413d8f = Calls GFX for map tileset, "foreground layer" tiles.
413dde = Calls GFX for the star block sprite.

41405C = Calls GFX for caret.pbm, uncertain use.

V Note, all pushes static for these two V
4142a2 = Calls GFX for <MNA
4142c5 = Calls GFX for <MNA on title screen

 

I got to the picture below and I don't know what next.

 

I got to the picture below and I don't know what next.

step 1 learn assembly
step 2 try again after