二、自己脱壳与破解情况:
1.使用PEiD_ch0.94查询,得知该文件是使用ASProtect 1.33 - 2.1加壳,于是使用OLLYICE和Aspr2.XX_unpacker_v1.0SC.osc给该文件脱壳(脱壳方法严格按照论坛置顶帖子http://bbs.pediy.com/showthread.php?t=20366&page=1要求进行操作).
2.操作过程中出现:"有偷窃代码,请查看记录窗口内的IAT数据"字样出现,点击确定后返回操作界面.
3.在记录窗口按ALT+L出现下列信息:
点阵字体 'MS Sans Serif' 已被替换为 '宋体'
Asm2Clipboard PlugIn v0.1
Written by FaTmiKE 2oo4
I used code snippets from ExtraCopy PlugIn v1.0 by Regon
...so thanks to Regon for his great job!
Bookmarks sample plugin v1.06 (plugin demo)
Copyright (C) 2001, 2002 Oleh Yuschuk
CleanupEx v1.12.108 by Gigapede
CommandBar v3.00.108
Originary Written by Oleh Yuschuk Modified by Gigapede Contributors:TBD Wayne psyCK0 mfn
GODUP ver 1.2 by godfather+ - Delphi edition
Hide Caption v1.00 by Gigapede
HideOD, www.pediy.com
ODbgScript v1.51
by hnhuqiong@126.com from OllyScript 1.47 by Epsylon3
OllyDump v3.00.110 by Gigapede
OllyMachine v0.20
Written by Luo Cong
Compiled on Dec 7 2004 14:32:15
OllyScript v0.92
Written by SHaG
Ultra String Reference v0.11
Written by Luo Cong
Compiled on Sep 20 2005 15:33:30
WatchMan v1.00 by Gigapede
数据格式转换 plugin v1.1
该插件可以将内存里的二进制数据转换为相应的编译语言数据格式
Copyright (C) 2006 by zhanshen[DFCG][RCT]
正在扫描导入库 '.\LIB\MFC42.Lib'
已解析出 6384 个序号
正在扫描导入库 '.\LIB\mfc71.Lib'
已解析出 6442 个序号
