本來(lái)想昨晚做的 結(jié)果太困了就睡覺(jué)去了 今天下午沒(méi)事我就做個(gè)教程 雖然用軟件更快 但是我個(gè)人還是喜歡自己手動(dòng)搞定
 
教程就是干掉這些 http://pan.baidu.com/share/link?shareid=166985&uk=1395155119
飄零處理特征碼
未處理的飄零金盾1.5
push ebp
mov ebp,esp
sub esp,0x3C
mov dword ptr ss:[ebp-0x4],0x0
mov dword ptr ss:[ebp-0x8],0x0
mov dword ptr ss:[ebp-0xC],0x0
mov dword ptr ss:[ebp-0x10],0x0
特征碼 55 8B EC 81 EC 3C 00 00 00 C7
45 FC 00 00 00 00 C7 45 F8 00
00 00 00 C7 45 F4 00 00 00 00
C7 45 F0 00 00 00 00
已經(jīng)處理的飄零金盾1.5
mov eax,0x1
retn
add byte ptr ds:[eax],al
add bh,al
inc ebp
cld
add byte ptr ds:[eax],al
add byte ptr ds:[eax],al
mov dword ptr ss:[ebp-0x8],0x0
mov dword ptr ss:[ebp-0xC],0x0
mov dword ptr ss:[ebp-0x10],0x0
特征碼 B8 01 00 00 00 C3 00 00 00 C7
45 FC 00 00 00 00 C7 45 F8 00
00 00 00 C7 45 F4 00 00 00 00
C7 45 F0 00 00 00 00
飄零3.3以下版本未處理
push ebp
mov ebp,esp
sub esp,0x28
mov dword ptr ss:[ebp-0x4],0x0
mov dword ptr ss:[ebp-0x8],0x0
mov dword ptr ss:[ebp-0xC],0x0
mov dword ptr ss:[ebp-0x10],0x0
特征碼 55 8B EC 81 EC 28 00 00 00 C7
45 FC 00 00 00 00 C7 45 F8 00
00 00 00 C7 45 F4 00 00 00 00
C7 45 F0 00 00 00 00
飄零3.3以下版本已處理
push 0x1
pop eax
retn
in al,dx
sub byte ptr ds:[eax],al
add byte ptr ds:[eax],al
mov dword ptr ss:[ebp-0x4],0x0
mov dword ptr ss:[ebp-0x8],0x0
mov dword ptr ss:[ebp-0xC],0x0
mov dword ptr ss:[ebp-0x10],0x0
特征碼 6A 01 58 C3 EC 28 00 00 00 C7
45 FC 00 00 00 00 C7 45 F8 00
00 00 00 C7 45 F4 00 00 00 00
C7 45 F0 00 00 00 00
| 
