本来想昨晚做的 结果太困了就睡觉去了 今天下午没事我就做个教程 虽然用软件更快 但是我个人还是喜欢自己手动搞定
教程就是干掉这些 http://pan.baidu.com/share/link?shareid=166985&uk=1395155119
飘零处理特征码
未处理的飘零金盾1.5
push ebp
mov ebp,esp
sub esp,0x3C
mov dword ptr ss:[ebp-0x4],0x0
mov dword ptr ss:[ebp-0x8],0x0
mov dword ptr ss:[ebp-0xC],0x0
mov dword ptr ss:[ebp-0x10],0x0
特征码 55 8B EC 81 EC 3C 00 00 00 C7
45 FC 00 00 00 00 C7 45 F8 00
00 00 00 C7 45 F4 00 00 00 00
C7 45 F0 00 00 00 00
已经处理的飘零金盾1.5
mov eax,0x1
retn
add byte ptr ds:[eax],al
add bh,al
inc ebp
cld
add byte ptr ds:[eax],al
add byte ptr ds:[eax],al
mov dword ptr ss:[ebp-0x8],0x0
mov dword ptr ss:[ebp-0xC],0x0
mov dword ptr ss:[ebp-0x10],0x0
特征码 B8 01 00 00 00 C3 00 00 00 C7
45 FC 00 00 00 00 C7 45 F8 00
00 00 00 C7 45 F4 00 00 00 00
C7 45 F0 00 00 00 00
飘零3.3以下版本未处理
push ebp
mov ebp,esp
sub esp,0x28
mov dword ptr ss:[ebp-0x4],0x0
mov dword ptr ss:[ebp-0x8],0x0
mov dword ptr ss:[ebp-0xC],0x0
mov dword ptr ss:[ebp-0x10],0x0
特征码 55 8B EC 81 EC 28 00 00 00 C7
45 FC 00 00 00 00 C7 45 F8 00
00 00 00 C7 45 F4 00 00 00 00
C7 45 F0 00 00 00 00
飘零3.3以下版本已处理
push 0x1
pop eax
retn
in al,dx
sub byte ptr ds:[eax],al
add byte ptr ds:[eax],al
mov dword ptr ss:[ebp-0x4],0x0
mov dword ptr ss:[ebp-0x8],0x0
mov dword ptr ss:[ebp-0xC],0x0
mov dword ptr ss:[ebp-0x10],0x0
特征码 6A 01 58 C3 EC 28 00 00 00 C7
45 FC 00 00 00 00 C7 45 F8 00
00 00 00 C7 45 F4 00 00 00 00
C7 45 F0 00 00 00 00
|