新官上任~送大家点东西(之一,删除自己的代码)
//98,2000下通过
//nt/2000下面的删除代码方法来自陆麟(lu0)的文章,再此表示感谢
#pragma optimize( "", off )
/*NOTE fun_AfterDelSelf MUST BE memory allocate by HeapAlloc or VirtualAlloc,and you should free it your self.
,can't use normal callback function(which data on diskdrive,and can't access it after we delete ourself
*/
int DeleteSelf(void * fun_AfterDelSelf)//
{
typedef int (WINAPI *PFClose)(LPVOID);
OSVERSIONINFO os_info;
os_info.dwOSVersionInfoSize=sizeof(os_info);
LPVOID pBuffer=NULL;
PFClose pClose;
PFClose pDelete;
char fn[4096];
HINSTANCE hins=GetModuleHandle(NULL);
GetModuleFileName(NULL,fn,4096);
if(!GetVersionEx(&os_info))
return false;
switch(os_info.dwPlatformId)
{
case VER_PLATFORM_WIN32_NT:
__try{
while(CloseHandle((HANDLE)4));
}__except(1){
}
CloseHandle((HANDLE)4);
pClose=PFClose(UnmapViewOfFile);
break;
case VER_PLATFORM_WIN32_WINDOWS:
pClose=PFClose(FreeLibrary);
break;
default:
return false;
}
pDelete=PFClose(DeleteFile);
pBuffer=VirtualAlloc(NULL,4096,MEM_COMMIT,PAGE_EXECUTE_READWRITE);
__asm{
call _delete_end
}
__asm{
_test_close:
push hins
call [pClose]
or eax,eax
jz _test_close
lea eax,fn
push eax
call [pDelete]
mov eax,fun_AfterDelSelf
or eax,eax
jz _Exit_Process
call eax
_Exit_Process:
push 0
push MEM_RELEASE
push 0
push pBuffer
push ExitProcess
push VirtualFree
ret
}
_delete_end:
__asm{
pop ebx
push 128
push ebx
push [pBuffer]
call memcpy
jmp pBuffer
}
return 0;
}
#pragma optimize( "", on )