禁止程式啟動並執行方式有很多種,第一種方法是寫一個單獨的程式並且能夠在開機的時候自動運行,而這個程式的作用就是監視進程資訊,如果發現目標進程則立即把它幹掉,從而達到禁止程式啟動並執行目的。第二種方法是寫一個服務,這種方法個人覺得比較隱蔽。下面我就拿第二種方法作一下講解。
寫服務的方法也有很多,而筆者比較喜歡的是用c來寫,用c寫服務比較直觀,也比較隨心所欲。如果有的讀者不知道該如何寫windows下的服務程式,請自行查閱相關資料。下面就給出程式的原始碼。
#include <windows.h>
#include <stdio.h>
#include<tlhelp32.h>
#include<stdlib.h>
#include<string.h>
#define SLEEP_TIME 5000
#define LOGFILE "C://MemoryStatus//memstatus.txt"
////////////////////////////////////////////////////////////
// Declare several global variables to share
// their values across multiple functions of your program.
////////////////////////////////////////////////////////////
SERVICE_STATUS ServiceStatus;
SERVICE_STATUS_HANDLE hStatus;
////////////////////////////////////////////////////////////
// Make the forward definitions of functions prototypes.
//
////////////////////////////////////////////////////////////
void ServiceMain(int argc, char** argv);
void ControlHandler(DWORD request);
int InitService();
int ScanProcess();
int WriteToLog(char* str)
{
FILE* log;
log = fopen(LOGFILE, "a+");
if (log == NULL){
OutputDebugString("Log file open failed.");
return -1;
}
fprintf(log, "%s/n", str);
fclose(log);
return 0;
}
// Service initialization
int InitService()
{
OutputDebugString("Monitoring started.");
int result;
result = WriteToLog("Monitoring started.");
return(result);
}
// Control Handler
void ControlHandler(DWORD request)
{
switch(request)
{
case SERVICE_CONTROL_STOP:
OutputDebugString("Monitoring stopped.");
WriteToLog("Monitoring stopped.");
ServiceStatus.dwWin32ExitCode = 0;
ServiceStatus.dwCurrentState = SERVICE_STOPPED;
SetServiceStatus (hStatus, &ServiceStatus);
return;
case SERVICE_CONTROL_SHUTDOWN:
OutputDebugString("Monitoring stopped.");
WriteToLog("Monitoring stopped.");
ServiceStatus.dwWin32ExitCode = 0;
ServiceStatus.dwCurrentState = SERVICE_STOPPED;
SetServiceStatus (hStatus, &ServiceStatus);
return;
default:
break;
}
// Report current status
SetServiceStatus (hStatus, &ServiceStatus);
return;
}
void ServiceMain(int argc, char** argv)
{
int error;
ServiceStatus.dwServiceType =
SERVICE_WIN32;
ServiceStatus.dwCurrentState =
SERVICE_START_PENDING;
ServiceStatus.dwControlsAccepted =
SERVICE_ACCEPT_STOP |
SERVICE_ACCEPT_SHUTDOWN;
ServiceStatus.dwWin32ExitCode = 0;
ServiceStatus.dwServiceSpecificExitCode = 0;
ServiceStatus.dwCheckPoint = 0;
ServiceStatus.dwWaitHint = 0;
hStatus = RegisterServiceCtrlHandler(
"MemoryStatus",
(LPHANDLER_FUNCTION)ControlHandler);
if (hStatus == (SERVICE_STATUS_HANDLE)0)
{
// Registering Control Handler failed
return;
}
// Initialize Service
error = InitService();
if (error)
{
// Initialization failed
ServiceStatus.dwCurrentState =
SERVICE_STOPPED;
ServiceStatus.dwWin32ExitCode = -1;
SetServiceStatus(hStatus, &ServiceStatus);
return;
}
// We report the running status to SCM.
ServiceStatus.dwCurrentState =
SERVICE_RUNNING;
SetServiceStatus (hStatus, &ServiceStatus);
// MEMORYSTATUS memory;
// The worker loop of a service
while (ServiceStatus.dwCurrentState ==
SERVICE_RUNNING)
{
int flag;
if(ScanProcess())
flag=1;
else
flag=0;
if (flag==0)
{
ServiceStatus.dwCurrentState = SERVICE_STOPPED;
ServiceStatus.dwWin32ExitCode = -1;
SetServiceStatus(hStatus, &ServiceStatus);
return;
}
Sleep(SLEEP_TIME);
}
return;
}
int ScanProcess()
{
PROCESSENTRY32 pe;
char *name=(char *)malloc(sizeof(char)*128);
if(name==NULL)
{
WriteToLog("無法分配記憶體!");
return 0;
}
FILE *fp;
HANDLE process;
fp=fopen("C://MemoryStatus//ScrutinyProcess.txt","rb");
if(!fp)
{
WriteToLog("無法開啟檔案");
return 0;
}
fgets(name,128,fp);
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
Process32First(hSnapshot,&pe);
do{
if(!strcmp(name,pe.szExeFile))
{
process=OpenProcess(PROCESS_TERMINATE,FALSE,pe.th32ProcessID);
if(process)
{
TerminateProcess(process,0);
WriteToLog(name);
}
}
}while(Process32Next(hSnapshot,&pe));
free(name);
CloseHandle(hSnapshot);
fclose(fp);
return 1;
}
void main(int argc, char* argv[])
{
SERVICE_TABLE_ENTRY ServiceTable[2];
ServiceTable[0].lpServiceName = "MemoryStatus";
ServiceTable[0].lpServiceProc = (LPSERVICE_MAIN_FUNCTION)ServiceMain;
ServiceTable[1].lpServiceName = NULL;
ServiceTable[1].lpServiceProc = NULL;
// Start the control dispatcher thread for our service
StartServiceCtrlDispatcher(ServiceTable);
}
把想要禁止啟動並執行進程名字寫在記錄檔裡就可以達到目的,如果不知道如何安裝服務那你可要好好學習了。
by:yyjw
轉載請註明出處。