地址 反汇编 文本字串
00402F68 PUSH huanhuan.00402FE8 software\borland\delphi\rtl
00402F9C PUSH huanhuan.00403004 fpumaskvalue
00403C0B MOV ESI,huanhuan.0044D06C runtime error at 00000000
00403CC6 PUSH huanhuan.0044D06C runtime error at 00000000
00403CE1 PUSH huanhuan.00403D1C \n\n
00403D00 PUSH huanhuan.0044D064 error
00403D05 PUSH huanhuan.0044D06C runtime error at 00000000
00404ED0 PUSH huanhuan.0040504C kernel32.dll
00404EE0 PUSH huanhuan.0040505C getlongpathnamea
004050A0 PUSH huanhuan.004052A0 software\borland\locales
004050BE PUSH huanhuan.004052A0 software\borland\locales
004050DC PUSH huanhuan.004052BC software\borland\delphi\locales
0040679E PUSH huanhuan.0040682C magellan mswheel
004067A3 PUSH huanhuan.00406840 mousez
004067AF PUSH huanhuan.00406848 mswheel_rollmsg
004067BE PUSH huanhuan.00406858 msh_wheelsupport_msg
004067CA PUSH huanhuan.00406870 msh_scroll_lines_msg
00407D2D MOV EDX,huanhuan.00407D78 true
00407D64 MOV EDX,huanhuan.00407D88 false
00408059 MOV EAX,huanhuan.00408084 \:
0040957F MOV EDX,huanhuan.00409690 gg
004096E6 MOV EDX,huanhuan.00409788 yy
004096F5 MOV EDX,huanhuan.00409794 yyyy
00409B14 MOV EDX,huanhuan.00409F2C am/pm
00409B29 MOV EDX,huanhuan.00409F34 a/p
00409B3E MOV EDX,huanhuan.00409F38 ampm
00409C80 MOV EDX,huanhuan.00409F2C am/pm
00409CBD MOV EDX,huanhuan.00409F34 a/p
00409CFA MOV EDX,huanhuan.00409F38 ampm
00409D43 MOV EDX,huanhuan.00409F40 aaaa
00409D8A MOV EDX,huanhuan.00409F48 aaa
00409E22 MOV EAX,huanhuan.00409F4C
00409F7F MOV EAX,huanhuan.00409FA8 c
0040A321 MOV EAX,huanhuan.0040A5B4 e
0040A4BD MOV EAX,huanhuan.0040A5C0 ddd
0040A5EC MOV ECX,huanhuan.0040A7A8 am
0040A615 MOV ECX,huanhuan.0040A7B4 pm
0040A706 MOV ECX,huanhuan.0040A7A8 am
0040A72F MOV ECX,huanhuan.0040A7B4 pm
0040AA1D MOV ECX,huanhuan.0044D1E8 `k@
0040AB69 MOV ECX,huanhuan.0040ABF8 1
0040AC30 MOV ECX,huanhuan.0040ADDC 1
0040ACF7 MOV EDX,huanhuan.0040ADE0 gg
0040AD10 MOV EDX,huanhuan.0040ADEC ggg
0040AD1D MOV EDX,huanhuan.0040ADF0 yyyy
0040AD36 MOV EDX,huanhuan.0040AE00 eeee
0040AD45 MOV EDX,huanhuan.0040AE08 yy
0040AD5E MOV EDX,huanhuan.0040AE14 ee
0040AD79 MOV EDX,huanhuan.0040AE20 e
0040AEFD MOV EDI,huanhuan.0040AFB4 .
0040B020 PUSH huanhuan.0040B07C \n\n
0040B958 PUSH huanhuan.0040B9B8 \
0040C0E4 MOV ECX,huanhuan.0040C364 0
0040C108 MOV ECX,huanhuan.0040C364 0
0040C152 MOV ECX,huanhuan.0040C364 0
0040C189 MOV ECX,huanhuan.0040C370 m/d/yy
0040C1B6 MOV ECX,huanhuan.0040C380 mmmm d, yyyy
0040C1F6 MOV ECX,huanhuan.0040C398 am
0040C218 MOV ECX,huanhuan.0040C3A4 pm
0040C24A MOV ECX,huanhuan.0040C364 0
0040C26C MOV EDX,huanhuan.0040C3B0 h
0040C27B MOV EDX,huanhuan.0040C3BC hh
0040C289 MOV ECX,huanhuan.0040C364 0
0040C2AC MOV ECX,huanhuan.0040C364 0
0040C2CE MOV EDX,huanhuan.0040C3C8 ampm
0040C2DD MOV EDX,huanhuan.0040C3D8 ampm
0040C2ED PUSH huanhuan.0040C3E8 :mm
0040C30A PUSH huanhuan.0040C3F4 :mm:ss
0040C4ED PUSH huanhuan.0040C524 kernel32.dll
0040C4FD PUSH huanhuan.0040C534 getdiskfreespaceexa
0040CDDB MOV EAX,huanhuan.0044D138 x~@
0040CDF0 MOV EAX,huanhuan.0044D12C pv@
0040CF24 MOV EAX,huanhuan.0040CB9C (
0040CF37 MOV EAX,huanhuan.0044D12C pv@
0040CF3C MOV EDX,huanhuan.0040CF7C 0x
0040D434 PUSH huanhuan.0040D628 oleaut32.dll
0040D447 MOV EAX,huanhuan.0040D638 variantchangetypeex
0040D45D MOV EAX,huanhuan.0040D64C varneg
0040D473 MOV EAX,huanhuan.0040D654 varnot
0040D489 MOV EAX,huanhuan.0040D65C varadd
0040D49F MOV EAX,huanhuan.0040D664 varsub
0040D4B5 MOV EAX,huanhuan.0040D66C varmul
0040D4CB MOV EAX,huanhuan.0040D674 vardiv
0040D4E1 MOV EAX,huanhuan.0040D67C varidiv
0040D4F7 MOV EAX,huanhuan.0040D684 varmod
0040D50D MOV EAX,huanhuan.0040D68C varand
0040D523 MOV EAX,huanhuan.0040D694 varor
0040D539 MOV EAX,huanhuan.0040D69C varxor
0040D54F MOV EAX,huanhuan.0040D6A4 varcmp
0040D565 MOV EAX,huanhuan.0040D6AC vari4fromstr
0040D57B MOV EAX,huanhuan.0040D6BC varr4fromstr
0040D591 MOV EAX,huanhuan.0040D6CC varr8fromstr
0040D5A7 MOV EAX,huanhuan.0040D6DC vardatefromstr
0040D5BD MOV EAX,huanhuan.0040D6EC varcyfromstr
0040D5D3 MOV EAX,huanhuan.0040D6FC varboolfromstr
0040D5E9 MOV EAX,huanhuan.0040D70C varbstrfromcy
0040D5FF MOV EAX,huanhuan.0040D71C varbstrfromdate
0040D615 MOV EAX,huanhuan.0040D72C varbstrfrombool
0040E7F0 MOV ECX,huanhuan.0040E77C 璇
0040FAEA MOV EDX,huanhuan.0040FBD4 string
0040FB02 MOV EDX,huanhuan.0040FBE4 any
0040FB88 MOV EDX,huanhuan.0040FBF0 array
0040FB9B MOV EDX,huanhuan.0040FC00 byref
00413B32 MOV EDX,huanhuan.00413BB8 nil
00413C34 PUSH huanhuan.00413C74 .
0041401C MOV EDX,huanhuan.00414038 strings
00414310 MOV EDX,huanhuan.004143FC \n\n
00415E65 MOV EDX,huanhuan.00415EC8 owner
00417236 MOV EDX,huanhuan.00417280 false
00417244 MOV EDX,huanhuan.00417290 true
00417252 MOV EDX,huanhuan.004172A0 nil
00417260 MOV EDX,huanhuan.004172AC null
00417B8E MOV EAX,huanhuan.00417BB4 %s_%d
00419280 MOV EDX,huanhuan.004192C0 left
004192A3 MOV EDX,huanhuan.004192D0 top
0041BFF0 MOV EDX,huanhuan.0041C0C4 default
0041C001 MOV EDX,huanhuan.0044D423 \nms sans serif
0041E38E MOV EDX,huanhuan.0041E3A8 data
0042120E MOV EDI,huanhuan.0044D423 \nms sans serif
00421B91 MOV ECX,huanhuan.00421C20 getmonitorinfoa
00421C40 MOV ECX,huanhuan.00421CA4 getsystemmetrics
00421CCD MOV ECX,huanhuan.00421D38 monitorfromrect
00421D5F MOV ECX,huanhuan.00421DCC monitorfromwindow
00421DF2 MOV ECX,huanhuan.00421E64 monitorfrompoint
00421E90 MOV ECX,huanhuan.00421F34 getmonitorinfo
00421F11 PUSH huanhuan.00421F44 display
00421F64 MOV ECX,huanhuan.00422008 getmonitorinfoa
00421FE5 PUSH huanhuan.00422018 display
00422038 MOV ECX,huanhuan.004220DC getmonitorinfow
004220B9 PUSH huanhuan.004220EC display
0042210C MOV ECX,huanhuan.00422210 enumdisplaymonitors
004233DA PUSH huanhuan.0042353C comctl32.dll
004233EE PUSH huanhuan.0042354C initializeflatsb
004233FE PUSH huanhuan.00423560 uninitializeflatsb
0042340E PUSH huanhuan.00423574 flatsb_getscrollprop
0042341E PUSH huanhuan.0042358C flatsb_setscrollprop
0042342E PUSH huanhuan.004235A4 flatsb_enablescrollbar
0042344F PUSH huanhuan.004235BC flatsb_showscrollbar
00423470 PUSH huanhuan.004235D4 flatsb_getscrollrange
00423491 PUSH huanhuan.004235EC flatsb_getscrollinfo
004234B2 PUSH huanhuan.00423604 flatsb_getscrollpos
004234D3 PUSH huanhuan.00423618 flatsb_setscrollpos
004234F4 PUSH huanhuan.0042362C flatsb_setscrollinfo
00423515 PUSH huanhuan.00423644 flatsb_setscrollrange
00423A31 PUSH huanhuan.00423DC4 uxtheme.dll
00423A46 PUSH huanhuan.00423DD0 openthemedata
00423A58 PUSH huanhuan.00423DE0 closethemedata
00423A6A PUSH huanhuan.00423DF0 drawthemebackground
00423A7C PUSH huanhuan.00423E04 drawthemetext
00423A8E PUSH huanhuan.00423E14 getthemebackgroundcontentrect
00423AA0 PUSH huanhuan.00423E14 getthemebackgroundcontentrect
00423AB2 PUSH huanhuan.00423E34 getthemepartsize
00423AC4 PUSH huanhuan.00423E48 getthemetextextent
00423AD6 PUSH huanhuan.00423E5C getthemetextmetrics
00423AE8 PUSH huanhuan.00423E70 getthemebackgroundregion
00423AFA PUSH huanhuan.00423E8C hittestthemebackground
00423B0C PUSH huanhuan.00423EA4 drawthemeedge
00423B1E PUSH huanhuan.00423EB4 drawthemeicon
00423B30 PUSH huanhuan.00423EC4 isthemepartdefined
00423B42 PUSH huanhuan.00423ED8 isthemebackgroundpartiallytransparent
00423B54 PUSH huanhuan.00423F00 getthemecolor
00423B66 PUSH huanhuan.00423F10 getthememetric
00423B78 PUSH huanhuan.00423F20 getthemestring
00423B8A PUSH huanhuan.00423F30 getthemebool
00423B9C PUSH huanhuan.00423F40 getthemeint
00423BAE PUSH huanhuan.00423F4C getthemeenumvalue
00423BC0 PUSH huanhuan.00423F60 getthemeposition
00423BD2 PUSH huanhuan.00423F74 getthemefont
00423BE4 PUSH huanhuan.00423F84 getthemerect
00423BF6 PUSH huanhuan.00423F94 getthememargins
00423C08 PUSH huanhuan.00423FA4 getthemeintlist
00423C1A PUSH huanhuan.00423FB4 getthemepropertyorigin
00423C2C PUSH huanhuan.00423FCC setwindowtheme
00423C3E PUSH huanhuan.00423FDC getthemefilename
00423C50 PUSH huanhuan.00423FF0 getthemesyscolor
00423C62 PUSH huanhuan.00424004 getthemesyscolorbrush
00423C74 PUSH huanhuan.0042401C getthemesysbool
00423C86 PUSH huanhuan.0042402C getthemesyssize
00423C98 PUSH huanhuan.0042403C getthemesysfont
00423CAA PUSH huanhuan.0042404C getthemesysstring
00423CBC PUSH huanhuan.00424060 getthemesysint
00423CCE PUSH huanhuan.00424070 isthemeactive
00423CE0 PUSH huanhuan.00424080 isappthemed
00423CF2 PUSH huanhuan.0042408C getwindowtheme
00423D04 PUSH huanhuan.0042409C enablethemedialogtexture
00423D16 PUSH huanhuan.004240B8 isthemedialogtextureenabled
00423D28 PUSH huanhuan.004240D4 getthemeappproperties
00423D3A PUSH huanhuan.004240EC setthemeappproperties
00423D4C PUSH huanhuan.00424104 getcurrentthemename
00423D5E PUSH huanhuan.00424118 getthemedocumentationproperty
00423D70 PUSH huanhuan.00424138 drawthemeparentbackground
00423D82 PUSH huanhuan.00424154 enabletheming
00424886 PUSH huanhuan.004248E8 commdlg_findreplace
004248B7 MOV EDX,huanhuan.004248FC wndprocptr%.8x%.8x
00425091 MOV EAX,huanhuan.00424EC4 /
00425135 PUSH huanhuan.00425160 delphi picture
00425145 PUSH huanhuan.00425170 delphi component
00425295 MOV EAX,huanhuan.004251D8 \n
00425385 MOV EAX,huanhuan.0044D940 \sb
00425561 MOV EAX,huanhuan.00425580 comctl32.dll
0042640B PUSH huanhuan.0042645C \
00426564 PUSH huanhuan.004265B4 :
004266AC MOV EAX,huanhuan.00426754 ie(al("%s",4),"al(\"%0:s\",3)","jk(\"%1:s\",\"%0:s\")")
00426882 MOV ECX,huanhuan.00426948 jumpid("","%s")
00426B7F MOV EDX,huanhuan.00426BAC ms_winhelp
00426BDB MOV EDX,huanhuan.00426C08 #32770
00429029 MOV EAX,huanhuan.00429060 |
0042906D MOV EAX,huanhuan.004290A4 |
0042ACFB MOV EAX,huanhuan.0042AD48 %s (%s)
0042D3CC MOV EDX,huanhuan.0042D3E8 iscontrol
0042F927 MOV EDX,huanhuan.0042F944 designsize
00436CE4 PUSH huanhuan.00436E20 user32
00436CF0 PUSH huanhuan.00436E28 winnlsenableime
00436D0D PUSH huanhuan.00436E38 imm32.dll
00436D29 PUSH huanhuan.00436E44 immgetcontext
00436D3E PUSH huanhuan.00436E54 immreleasecontext
00436D53 PUSH huanhuan.00436E68 immgetconversionstatus
00436D68 PUSH huanhuan.00436E80 immsetconversionstatus
00436D7D PUSH huanhuan.00436E98 immsetopenstatus
00436D92 PUSH huanhuan.00436EAC immsetcompositionwindow
00436DA7 PUSH huanhuan.00436EC4 immsetcompositionfonta
00436DBC PUSH huanhuan.00436EDC immgetcompositionstringa
00436DD1 PUSH huanhuan.00436EF8 immisime
00436DE6 PUSH huanhuan.00436F04 immnotifyime
004370DA MOV EAX,huanhuan.00437234 delphi%.8x
0043712B MOV EAX,huanhuan.00437248 controlofs%.8x%.8x
004371E2 PUSH huanhuan.0043725C user32
004371F2 PUSH huanhuan.00437264 animatewindow
004395ED MOV EDX,huanhuan.00439608 bitmap
00439B0C MOV EAX,huanhuan.00439C08 comctl32.dll
00439B27 PUSH huanhuan.00439C18 comctl32.dll
00439B37 PUSH huanhuan.00439C28 imagelist_writeex
0043AE55 MOV EDX,huanhuan.0043AEF8 f
0043AF9F MOV EDX,huanhuan.0043B04C ^
0043B70F PUSH huanhuan.0043B908 \t
0043B78E MOV EDX,huanhuan.0043B914 -
0043B84D MOV EDX,huanhuan.0043B914 -
0043BC0B MOV EDX,huanhuan.0043BC24 shortcuttext
0043BCC0 MOV EDX,huanhuan.0043BE30
0043BCCD MOV EDX,huanhuan.0043BE3C -
0043BF7E MOV EDX,huanhuan.0043C784 -
0043C892 MOV EDX,huanhuan.0043D0AC -
0043D2C8 MOV EDX,huanhuan.0043D460 -
0043E0F0 MOV EDX,huanhuan.0043E1A8 ...
0043E11B PUSH huanhuan.0043E1B4 (
0043E120 PUSH huanhuan.0043E1C0 &
0043E128 PUSH huanhuan.0043E1CC )
0043E12D PUSH huanhuan.0043E1A8 ...
0043E142 PUSH huanhuan.0043E1B4 (
0043E147 PUSH huanhuan.0043E1C0 &
0043E14F PUSH huanhuan.0043E1CC )
0043E16D MOV EAX,huanhuan.0043E1C0 &
0043E2D2 MOV EDX,huanhuan.0043E688 -
0043E47E MOV EAX,huanhuan.0043E694 &
0043E57F MOV EAX,huanhuan.0043E694 &
0043E596 MOV EAX,huanhuan.0043E694 &
0043E6AE MOV EDX,huanhuan.0043E6C8 -
00440274 MOV EAX,huanhuan.0044DB2C 飓c
004442E8 MOV EDX,huanhuan.00444338 pixelsperinch
00444306 MOV EDX,huanhuan.00444350 textheight
0044431E MOV EDX,huanhuan.00444364 ignorefontproperty
004443F2 MOV EDX,huanhuan.00444408 0
00445F61 MOV EDX,huanhuan.00445FD4 mdiclient
00449080 MOV EDX,huanhuan.00449194 system\currentcontrolset\control\keyboard layouts\%.8x
004490C7 PUSH huanhuan.004491CC layout text
00449CF8 PUSH huanhuan.00449E00 mainicon
0044A88B MOV EAX,huanhuan.0044AB88 vcltest3.dll
0044A8AC PUSH huanhuan.0044AB98 registerautomation
0044B553 MOV EDX,huanhuan.0044B5C4 .
0044C5D5 PUSH huanhuan.0044C5F8 user32.dll
0044C5E5 PUSH huanhuan.0044C604 setlayeredwindowattributes
0044C639 MOV DWORD PTR DS:[EDX],huanhuan.0044C620 j
0044C6D4 PUSH huanhuan.0044C6F0 taskbarcreated
0044C8D8 MOV EDX,huanhuan.0044C948 \
0044C8E5 MOV ECX,huanhuan.0044C954 drivers\360antiarp.sys
0044C9B8 MOV EDX,huanhuan.0044CA30 \
0044C9C5 MOV ECX,huanhuan.0044CA3C drivers\etc\hosts
0044CC96 MOV EAX,huanhuan.0044CAB0 ;
脱壳后被红伞查杀
|
发表于 2008-8-10 19:33:55
