;>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;此程序應該命名為22222222.exe
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.386
.model flat, stdcall
option casemap:none
include windows.inc
include kernel32.inc
include user32.inc
includelib kernel32.lib
includelib user32.lib
DLG_MAIN equ 1
.data
szFileName db '111111111.exe',0 ;定義要守護的進程名
.data?
Pid dd ?
hSnapShot dd ?
stProcess PROCESSENTRY32 <?>
stStartUp STARTUPINFO <?>
stProcInfo PROCESS_INFORMATION <?>
hInstance dd ?
.code
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;獲取快照
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_Snapshot proc
@@:
invoke RtlZeroMemory,addr stProcess,sizeof stProcess;有必要清空,不然進程會重復
mov stProcess.dwSize,sizeof stProcess
invoke CreateToolhelp32Snapshot,TH32CS_SNAPPROCESS,addr stProcess;開始獲取快照
mov hSnapShot,eax ;保存到句柄
invoke Process32First,hSnapShot,addr stProcess;列舉進程
.while eax
invoke lstrcmp,addr szFileName,addr stProcess.szExeFile;對比是否有111111111.exe
.if eax == NULL ;有則返回
ret
.endif
invoke Process32Next,hSnapShot,addr stProcess ;繼續列舉
.endw
call _Process ;如果沒發現111111111.exe進程,就執行程序創建
loop @B
ret
_Snapshot endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_Process proc
invoke GetStartupInfo,addr stStartUp
invoke CreateProcess,addr szFileName,NULL,NULL,NULL,NULL,\
NORMAL_PRIORITY_CLASS,NULL,NULL,addr stStartUp,addr stProcInfo
ret
_Process endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_ProcDlgMain proc uses ebx edi esi hWnd,wMsg,wParam,lParam
mov eax,wMsg
.if eax == WM_CLOSE ;關閉窗口的消息列隊
invoke EndDialog,hWnd,NULL
.elseif eax == WM_INITDIALOG ;初始化各個消息
invoke SendMessage,hWnd,WM_SETICON,ICON_BIG,eax
call _Snapshot
.elseif eax == WM_COMMAND
mov eax,wParam
.else
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
_ProcDlgMain endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
start:
@@:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke DialogBoxParam,hInstance,DLG_MAIN,NULL,offset _ProcDlgMain,NULL
loop @B
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
end start
[Copy to clipboard]
CODE:
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;此程序應該命名為111111111.exe
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.386
.model flat, stdcall
option casemap:none
include windows.inc
include kernel32.inc
include user32.inc
includelib kernel32.lib
includelib user32.lib
DLG_MAIN equ 1
.data
szFileName db '22222222.exe',0
.data?
Pid dd ?
hSnapShot dd ?
stProcess PROCESSENTRY32 <?>
stStartUp STARTUPINFO <?>
stProcInfo PROCESS_INFORMATION <?>
hInstance dd ?
.code
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_Snapshot proc
@@:
invoke RtlZeroMemory,addr stProcess,sizeof stProcess
mov stProcess.dwSize,sizeof stProcess
invoke CreateToolhelp32Snapshot,TH32CS_SNAPPROCESS,addr stProcess
mov hSnapShot,eax
invoke Process32First,hSnapShot,addr stProcess
.while eax
invoke lstrcmp,addr szFileName,addr stProcess.szExeFile;對比是否有22222222.exe
.if eax == NULL ;有則返回
ret
.endif
invoke Process32Next,hSnapShot,addr stProcess
.endw
call _Process ;如果沒有,就執行程序創建
loop @B
ret
_Snapshot endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_Process proc
invoke GetStartupInfo,addr stStartUp
invoke CreateProcess,addr szFileName,NULL,NULL,NULL,NULL,\
NORMAL_PRIORITY_CLASS,NULL,NULL,addr stStartUp,addr stProcInfo
ret
_Process endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_ProcDlgMain proc uses ebx edi esi hWnd,wMsg,wParam,lParam
mov eax,wMsg
.if eax == WM_CLOSE
invoke EndDialog,hWnd,NULL
.elseif eax == WM_INITDIALOG
invoke SendMessage,hWnd,WM_SETICON,ICON_BIG,eax
call _Snapshot
.elseif eax == WM_COMMAND
mov eax,wParam
.else
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
_ProcDlgMain endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
start:
@@:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke DialogBoxParam,hInstance,DLG_MAIN,NULL,offset _ProcDlgMain,NULL
ret
loop @B
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
end start |
收藏
