-
-
[求助]请问这样的软件保护怎么解决?
-
发表于: 2008-5-31 22:52
-
无论我修改哪一处代码都提示:软件或所在目录可能被木马或病毒感染。\n\n\n\n请检查您的系统,要我点退出。。
我通过字串符查找得到以下代码。我应该怎么把这个给处理掉?
004108BA 90 NOP
004108BB 90 NOP
004108BC 90 NOP
004108BD 90 NOP
004108BE 90 NOP
004108BF 90 NOP
004108C0 . 56 PUSH ESI
004108C1 . 57 PUSH EDI
004108C2 . 8BF1 MOV ESI,ECX
004108C4 . E8 EBA70400 CALL <JMP.&MFC42.#4710_?OnInitDialog@CDialog@@UAEHXZ>
004108C9 . 8B3D 9C644800 MOV EDI,DWORD PTR DS:[48649C]
004108CF B8 68E74700 MOV EAX,123.0047E768 ; the document(s) or directory may have been infected by trojan horse or virus. \n\n\n\nplease examine your system.
004108D4 . 85FF TEST EDI,EDI
004108D6 75 05 JNZ SHORT 123.004108DD
004108D8 . B8 2CE74700 MOV EAX,123.0047E72C ; 软件或所在目录可能被木马或病毒感染。\n\n\n\n请检查您的系统。
004108DD > 50 PUSH EAX
004108DE . 8D8E A0000000 LEA ECX,DWORD PTR DS:[ESI+A0]
004108E4 . E8 C5A70400 CALL <JMP.&MFC42.#6199_?SetWindowTextA@CWnd@@QAEXPBD@Z>
004108E9 . 85FF TEST EDI,EDI
004108EB B8 24E74700 MOV EAX,123.0047E724 ; exit
004108F0 75 05 JNZ SHORT 123.004108F7
004108F2 . B8 1CE74700 MOV EAX,123.0047E71C ; 退出
004108F7 > 50 PUSH EAX
004108F8 . 8D4E 60 LEA ECX,DWORD PTR DS:[ESI+60]
004108FB . E8 AEA70400 CALL <JMP.&MFC42.#6199_?SetWindowTextA@CWnd@@QAEXPBD@Z>
00410900 . 5F POP EDI
00410901 . B8 01000000 MOV EAX,1
00410906 . 5E POP ESI
00410907 . C3 RETN
00410908 90 NOP
00410909 90 NOP
0041090A 90 NOP
0041090B 90 NOP
0041090C 90 NOP
这软件是(长角牛网络监控),天空可以下载到。我就不提供地址了
麻烦高手帮帮忙。。最好能教我怎么把注册码追出来。这个没错误提示。不知道从哪里入手
我通过字串符查找得到以下代码。我应该怎么把这个给处理掉?
004108BA 90 NOP
004108BB 90 NOP
004108BC 90 NOP
004108BD 90 NOP
004108BE 90 NOP
004108BF 90 NOP
004108C0 . 56 PUSH ESI
004108C1 . 57 PUSH EDI
004108C2 . 8BF1 MOV ESI,ECX
004108C4 . E8 EBA70400 CALL <JMP.&MFC42.#4710_?OnInitDialog@CDialog@@UAEHXZ>
004108C9 . 8B3D 9C644800 MOV EDI,DWORD PTR DS:[48649C]
004108CF B8 68E74700 MOV EAX,123.0047E768 ; the document(s) or directory may have been infected by trojan horse or virus. \n\n\n\nplease examine your system.
004108D4 . 85FF TEST EDI,EDI
004108D6 75 05 JNZ SHORT 123.004108DD
004108D8 . B8 2CE74700 MOV EAX,123.0047E72C ; 软件或所在目录可能被木马或病毒感染。\n\n\n\n请检查您的系统。
004108DD > 50 PUSH EAX
004108DE . 8D8E A0000000 LEA ECX,DWORD PTR DS:[ESI+A0]
004108E4 . E8 C5A70400 CALL <JMP.&MFC42.#6199_?SetWindowTextA@CWnd@@QAEXPBD@Z>
004108E9 . 85FF TEST EDI,EDI
004108EB B8 24E74700 MOV EAX,123.0047E724 ; exit
004108F0 75 05 JNZ SHORT 123.004108F7
004108F2 . B8 1CE74700 MOV EAX,123.0047E71C ; 退出
004108F7 > 50 PUSH EAX
004108F8 . 8D4E 60 LEA ECX,DWORD PTR DS:[ESI+60]
004108FB . E8 AEA70400 CALL <JMP.&MFC42.#6199_?SetWindowTextA@CWnd@@QAEXPBD@Z>
00410900 . 5F POP EDI
00410901 . B8 01000000 MOV EAX,1
00410906 . 5E POP ESI
00410907 . C3 RETN
00410908 90 NOP
00410909 90 NOP
0041090A 90 NOP
0041090B 90 NOP
0041090C 90 NOP
这软件是(长角牛网络监控),天空可以下载到。我就不提供地址了
麻烦高手帮帮忙。。最好能教我怎么把注册码追出来。这个没错误提示。不知道从哪里入手
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
