作者:佚名 来源:www.hack58.com 发布时间:2006-7-15 0:37:00 发布人:noangel
减小字体 
增大字体
;MASM 病毒:禁止打开文件夹选项,运行后请用任务管理器结束
.486
.model flat,stdcall
option casemap:none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Include 数据
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include
windows.inc
include kernel32.inc
includelib kernel32.lib
include user32.inc
includelib user32.lib
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Equ 数据
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 数据段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data
sbar db "文件夹选项",0
sbar2 db "另存为"
.data?
slen dd ?
fwin HINSTANCE ?
hInstance HINSTANCE ?
CommandLine LPSTR ?
Timerid UINT ?
lpString byte 127 dup(?)
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 代码段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.code
TimerProc PROC hWnd:DWORD,uMsg:DWORD,wParam:DWORD,lParam:DWORD
invoke GetForegroundWindow ;取前台窗口句柄
mov fwin,eax
invoke GetWindowText, fwin,addr lpString,100 ;取窗口标题
.if eax==0
ret
.endif
invoke lstrlen, offset lpString ;获得长度
mov slen,eax
invoke CharUpperBuff,offset lpString,slen ;转为大写
invoke lstrcmp,addr lpString, addr sbar ;比较文本
.if eax==0
invoke SendMessage,fwin,WM_CLOSE,NULL,NULL
.endif
ret
TimerProc endp
;************************************************************
whileStar PROC
LOCAL @stMsg:MSG
.while TRUE
invoke GetMessage,addr @stMsg,NULL,0,0
.break .if (!eax)
invoke TranslateMessage,addr @stMsg
invoke DispatchMessage,addr @stMsg
.endw
ret
whileStar endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 程序开始
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke GetCommandLine
mov CommandLine,eax
invoke SetTimer,NULL,NULL,100, addr TimerProc ;定时器:100ms
mov Timerid,eax
invoke whileStar ;进入消息循环,直到收到退出消息
invoke KillTimer,NULL,Timerid
invoke ExitProcess,NULL
;********************************************************************
end start
=================================
实际上也不算病毒,网吧里可能用得着
如果加一个配置文件,就可以结束指定窗口名的程序
等等