各位进来帮我看一下这小段代码,谢了!
主要看是不是病毒。
:00401000 C3 ret
:00401001 00000000000000000000 BYTE 10 DUP(0)
:0040100B 0000000000 BYTE 5 DUP(0)
//******************** Program Entry Point ********
:00401010 90 nop
:00401011 FA cli
:00401012 90 nop
:00401013 0F014C24FA sidt [esp-06]
:00401018 90 nop
:00401019 8B4424FC mov eax, dword ptr [esp-04]
:0040101D 90 nop
:0040101E 83C01C add eax, 0000001C
:00401021 90 nop
:00401022 8B18 mov ebx, dword ptr [eax]
:00401024 90 nop
:00401025 668B58FC mov bx, word ptr [eax-04]
:00401029 90 nop
:0040102A E800000000 call 0040102F
:0040102F 90 nop
:00401030 5E pop esi
:00401031 90 nop
:00401032 83C61A add esi, 0000001A
:00401035 90 nop
:00401036 668970FC mov word ptr [eax-04], si
:0040103A 90 nop
:0040103B C1CE10 ror esi, 10
:0040103E 90 nop
:0040103F 66897002 mov word ptr [eax+02], si
:00401043 90 nop
:00401044 CC int 03
:00401045 90 nop
:00401046 FB sti
:00401047 90 nop
:00401048 C3 ret
:00401049 90 nop
:0040104A 668958FC mov word ptr [eax-04], bx
:0040104E 90 nop
:0040104F C1EB10 shr ebx, 10
:00401052 90 nop
:00401053 66895802 mov word ptr [eax+02], bx
:00401057 90 nop
:00401058 B8FFFFFFFF mov eax, FFFFFFFF
:0040105D 90 nop
:0040105E 0F BYTE 0fh
:0040105F 23C0 and eax, eax
:00401061 90 nop
:00401062 CF iret