看了下,任何标题带以下的全被干掉。
Kaspersky,Safe,Eset,Antivirus,Mcafee,一键还原,Trojan,Security,Malware,管家,火绒,360,安全卫士,杀毒,Avast,mbr,急救箱,Rootkit,,Avg,卡巴斯基,诺顿,重装系统,挖矿,木马,xuetr,powertool,kaspersky,eset,antivirus,mcafee,security,malware,avg ,avast,safe
BOOL __stdcall EnumFunc(HWND hWnd, LPARAM a2)
{
int v2; // edi
HANDLE v4; // eax
DWORD dwProcessId; // [esp+8h] [ebp-604h]
char Str1; // [esp+Ch] [ebp-600h]
char v7; // [esp+Dh] [ebp-5FFh]
__int16 v8; // [esp+209h] [ebp-403h]
char v9; // [esp+20Bh] [ebp-401h]
CHAR String; // [esp+20Ch] [ebp-400h]
char v11; // [esp+20Dh] [ebp-3FFh]
__int16 v12; // [esp+609h] [ebp-3h]
char v13; // [esp+60Bh] [ebp-1h]
String = String2;
Str1 = String2;
memset(&v11, 0, 0x3FCu);
v12 = 0;
v13 = 0;
memset(&v7, 0, 0x1FCu);
v8 = 0;
v9 = 0;
v2 = GetWindowTextLengthA(hWnd);
if ( IsWindowVisible(hWnd) )
{
if ( v2 )
{
if ( v2 <= 1024 )
{
GetWindowTextA(hWnd, &String, 1024);
if ( CheckShouldTerminateWindowText(&String) )
{
dwProcessId = 0;
GetWindowThreadProcessId(hWnd, &dwProcessId);
if ( dwProcessId )
{
if ( GetProcessImageFileNam(dwProcessId, &Str1, 0x200u) )
{
if ( !stricmp(&Str1, Str2) )
{
PostMessageA(hWnd, 0x10u, 0, 0);
return 1;
}
v4 = OpenProcess(1u, 0, dwProcessId);
if ( v4 )
TerminateProcess(v4, 0);
}
}
}
}
}
}
return 1;
} |