找回密码
 加入
搜索
查看: 2278|回复: 9

求助,请教如何加入特征码查杀和保护进程

[复制链接]
发表于 2009-9-12 10:57:50 | 显示全部楼层 |阅读模式
请教如何加入特征码查杀和保护进程如发现有非法进程强制重起,望高手赐教:
服务端:
Dim $Item_C[1]
Dim $Item_C1[1]
Dim $TotalSounds_C1 = 0
Dim $TotalSounds_C2 = 0
Global $inifile_C = @ScriptDir & "\Process.ini"

$MAINGUI = GUICreate("", 600, 400)

$listview1= GUICtrlCreateListView("编号|查杀进程名称", 5, 55, 270, 260)
GUICtrlSendMsg(-1, 0x101E, 0, 40)
GUICtrlSendMsg(-1, 0x101E, 1, 225)
GUICtrlSendMsg($listview1, $LVM_SETEXTENDEDLISTVIEWSTYLE, $LVS_EX_GRIDLINES, $LVS_EX_GRIDLINES)
$radio_C1= GUICtrlCreateCheckbox ("开启查杀进程功能",  165, 320, 120, 20)
GUICtrlSetState(-1, $GUI_CHECKED)
$radio_C2 = GUICtrlCreateLabel("进程名:", 5, 343, 45, 20)
$radio_C3 = GUICtrlCreateInput("", 50, 340, 100, 18)
$radio_C4 = GUICtrlCreateButton("添加", 165, 340, 50, 20)
GUICtrlSetCursor(-1, 0)
GUICtrlSetBkColor(-1, 0xE8E8E8);白色
$radio_C5 = GUICtrlCreateButton("删除", 225, 340, 50, 20)
GUICtrlSetCursor(-1, 0)
GUICtrlSetBkColor(-1, 0xE8E8E8);白色

If FileExists($inifile_C) Then
        Local $List_C1 = IniReadSection($inifile_C, "查杀进程")
        For $i_C1 = 1 To $List_C1[0][0]
                $New_ID = UBound($Item_C) + 1
                ReDim $Item_C[$New_ID]
                $AllSound_ID = $i_C1
                $Item_C[$New_ID - 1] = $List_C1[$i_C1][1]
     $TotalSounds_C1 = $TotalSounds_C1 + 1
        GUICtrlCreateListViewItem($i_C1 & "|" & $List_C1[$i_C1][1] , $ListView1)
   Next
EndIf

$listview2 = GUICtrlCreateListView("编号|查杀窗口名称", 305, 55, 288, 260)
GUICtrlSendMsg(-1, 0x101E, 0, 40)
GUICtrlSendMsg(-1, 0x101E, 1,244)
GUICtrlSendMsg($listview2, $LVM_SETEXTENDEDLISTVIEWSTYLE, $LVS_EX_GRIDLINES, $LVS_EX_GRIDLINES)
$radio_C6= GUICtrlCreateCheckbox ("开启查杀窗口功能",  480, 320, 120, 20)
GUICtrlSetState(-1, $GUI_CHECKED)
$radio_C7 = GUICtrlCreateLabel("窗口名:", 305, 343, 45, 20)
$radio_C8 = GUICtrlCreateInput("", 350, 340, 100, 18)
$radio_C9 = GUICtrlCreateButton("添加", 480, 340, 50, 20)
GUICtrlSetCursor(-1, 0)
GUICtrlSetBkColor(-1, 0xE8E8E8);白色
$radio_C10 = GUICtrlCreateButton("删除", 545, 340, 50, 20)
GUICtrlSetCursor(-1, 0)
GUICtrlSetBkColor(-1, 0xE8E8E8);白色

If FileExists($inifile_C) Then
        Local $List_C2 = IniReadSection($inifile_C, "查杀窗口")
        For $i_C2 = 1 To $List_C2[0][0]
                $New_ID = UBound($Item_C1) + 1
                ReDim $Item_C1[$New_ID]
                $AllSound_ID = $i_C2
                $Item_C1[$New_ID - 1] = $List_C2[$i_C2][1]
     $TotalSounds_C2 = $TotalSounds_C2 + 1
        GUICtrlCreateListViewItem($i_C2 & "|" & $List_C2[$i_C2][1] , $ListView2)
   Next
EndIf
;~

GUISetState(@SW_SHOW)
While 1
        $nMsg = GUIGetMsg()
        Switch $nMsg
                Case $GUI_EVENT_CLOSE
                        Exit
                Case $radio_C4
           Save_()
        Case $radio_C5
                  clv_($ListView4)
                Case $radio_C9
           Savechuanka()
                Case $radio_C10
         clv($ListView5)
        EndSwitch
WEnd


Func Save_()
        If GUICtrlRead($radio_C3) = "" Then
                Return
        EndIf
        GUICtrlCreateListViewItem(_GUICtrlListView_GetItemCount($listview1)+1 & "|" & GUICtrlRead($radio_C3) & "|" & GUICtrlRead($radio_C3), $ListView1)
    IniWrite("Process.ini","查杀进程",_GUICtrlListView_GetItemCount($listview1),GUICtrlRead($radio_C3))
EndFunc   ;==>Save_


Func Savechuanka()
        If GUICtrlRead($radio_C8) = "" Then
                Return
        EndIf
        GUICtrlCreateListViewItem(_GUICtrlListView_GetItemCount($listview2)+1 & "|" & GUICtrlRead($radio_C8) & "|" & GUICtrlRead($radio_C8), $ListView2)
    IniWrite("Process.ini","查杀窗口",_GUICtrlListView_GetItemCount($listview2),GUICtrlRead($radio_C8))
EndFunc   ;==>Save_

Func clv_($my_listview4)
        Local $a_indices
        $items = _GUICtrlListView_GetItemCount($my_listview5)
        If BitAND(_GUICtrlListView_GetExtendedListViewStyle($my_listview5), $LVS_EX_CHECKBOXES) == $LVS_EX_CHECKBOXES Then
                For $i = 0 To $items - 1
                        If _GUICtrlListView_GetItemText($my_listview5, $i) Then
                                $a_indices = _GUICtrlListView_GetItemText($my_listview5, $i,0)
                                IniDelete (@ScriptDir & "\进程查杀.ini", "查杀进程",$a_indices)
                        EndIf
                Next
        Else
                Return -1
        EndIf
        Return $a_indices
EndFunc   ;==>clv




客户端:
If FileExists(@ScriptDir&"\Process.ini") = 0 Then
MsgBox(16,"提示 ","配置文件不存在,程序即将退出!")
Exit
EndIf
$1 = IniRead(@ScriptDir &"\Process.ini","查杀进程","1","")
$2 = IniRead(@ScriptDir &"\Process.ini","查杀进程","2","")
$3 = IniRead(@ScriptDir &"\Process.ini","查杀进程","3","")
$4 = IniRead(@ScriptDir &"\Process.ini","查杀进程","4","")
$5 = IniRead(@ScriptDir &"\Process.ini","查杀进程","5","")
$6 = IniRead(@ScriptDir &"\Process.ini","查杀进程","6","")
$7 = IniRead(@ScriptDir &"\Process.ini","查杀进程","7","")
$8 = IniRead(@ScriptDir &"\Process.ini","查杀进程","8","")
$9 = IniRead(@ScriptDir &"\Process.ini","查杀进程","9","")
$10 = IniRead(@ScriptDir &"\Process.ini","查杀进程","10","")
$11 = IniRead(@ScriptDir &"\Process.ini","查杀进程","11","")
$12 = IniRead(@ScriptDir &"\Process.ini","查杀进程","12","")
$13 = IniRead(@ScriptDir &"\Process.ini","查杀进程","13","")
$14= IniRead(@ScriptDir &"\Process.ini","查杀进程","14","")
$15 = IniRead(@ScriptDir &"\Process.ini","查杀进程","15","")
$16 = IniRead(@ScriptDir &"\Process.ini","查杀进程","16","")
While 1
If ProcessExists ($1) Then
ProcessClose($1)
EndIf
If ProcessExists ($2) Then
ProcessClose($2)
EndIf
If ProcessExists ($3) Then
ProcessClose($3)
EndIf
If ProcessExists ($4) Then
ProcessClose($4)
EndIf
If ProcessExists ($5) Then
ProcessClose($5)
EndIf
If ProcessExists ($6) Then
ProcessClose($6)
EndIf
If ProcessExists ($7) Then
ProcessClose($7)
EndIf
If ProcessExists ($8) Then
ProcessClose($8)
EndIf
If ProcessExists ($9) Then
ProcessClose($9)
EndIf
If ProcessExists ($10) Then
ProcessClose($10)
EndIf
If ProcessExists ($11) Then
ProcessClose($11)
EndIf
If ProcessExists ($12) Then
ProcessClose($12)
EndIf
If ProcessExists ($13) Then
ProcessClose($13)
EndIf
If ProcessExists ($14) Then
ProcessClose($14)
EndIf
If ProcessExists ($15) Then
ProcessClose($15)
EndIf
If ProcessExists ($16) Then
ProcessClose($16)
EndIf
WEnd
发表于 2009-9-12 15:58:22 | 显示全部楼层
说的明白些呀,什么特征码,进程特征码?还是文件特征码?
 楼主| 发表于 2009-9-12 20:39:21 | 显示全部楼层
文件特征码
 楼主| 发表于 2009-9-12 20:42:51 | 显示全部楼层
就像这个图片里的望高手赐教,谢谢

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?加入

×
 楼主| 发表于 2009-9-12 20:43:47 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?加入

×
 楼主| 发表于 2009-9-14 02:21:56 | 显示全部楼层







 楼主| 发表于 2009-9-14 02:22:37 | 显示全部楼层
何时有人能帮帮我呀,问一个问题三天了都没有人帮我
发表于 2009-9-14 02:23:58 | 显示全部楼层
没研究~ 把蛋蛋顶出来,貌似他懂~
发表于 2009-9-14 12:59:04 | 显示全部楼层
8# afan

afan抬举了,我还真不会,只是曾经见过这方面的资料,似乎用asm对路,au3可能不太适合遍历
 楼主| 发表于 2009-9-14 16:53:29 | 显示全部楼层
Air   to   Surface   Missile,   空对地导弹   
  简称:ASM
您需要登录后才可以回帖 登录 | 加入

本版积分规则

QQ|手机版|小黑屋|AUTOIT CN ( 鲁ICP备19019924号-1 )谷歌 百度

GMT+8, 2024-12-24 11:30 , Processed in 0.168503 second(s), 25 queries .

Powered by Discuz! X3.5 Licensed

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表