天天看點
傳回

C# 任務管理器種隐藏程序

 這裡說的隻是在WINDOWS 任務管理器裡隐藏,不是在程序裡消失

例如我們要隐藏QQ程序,不在WINDOWS任務管理器裡顯示

 使用方法

 private WindowsAPI.HideTaskmgrList _List = new WindowsAPI.HideTaskmgrList();

        private void Form1_Load(object sender, EventArgs e)

        {

            _List.ProcessName = "QQ.exe";

            _List.Star();

        }

下面是全部的類

view plaincopy to clipboardprint?

namespace WindowsAPI  

{  

    /// <summary>  

    /// 在WINDOWS任務管理器裡 不顯示程序  

    /// qq:116149  

    /// [email protected]  

    /// </summary>  

    public class HideTaskmgrList  

    {  

        private System.Timers.Timer m_Time = new System.Timers.Timer();  

        private string m_ProcessName = "";  

        private int m_ProcessID = 0;  

        /// <summary>  

        /// 程序名稱  

        /// </summary>  

        public string ProcessName { get { return m_ProcessName; } set { m_ProcessName = value; } }  

        /// 開始  

        public void Star()  

        {  

            m_Time.Enabled = true;  

        }  

        /// 停止  

        public void Stop()  

            m_Time.Enabled = false;  

        public HideTaskmgrList()  

            m_Time.Interval = 1;  

            m_Time.Elapsed += new System.Timers.ElapsedEventHandler(_Time_Elapsed);  

        void _Time_Elapsed(object sender, System.Timers.ElapsedEventArgs e)  

            HideTaskmgrListOfName(m_ProcessName);  

        /// 擷取所有控件  

        /// <param name="p_Handle"></param>  

        /// <param name="p_Param"></param>  

        /// <returns></returns>  

        private bool NetEnumControl(IntPtr p_Handle, int p_Param)  

            WindowsAPI.Win32API.STRINGBUFFER _TextString = new WindowsAPI.Win32API.STRINGBUFFER();  

            WindowsAPI.Win32API.GetWindowText(p_Handle, out _TextString, 256);  

            WindowsAPI.Win32API.STRINGBUFFER _ClassName = new WindowsAPI.Win32API.STRINGBUFFER();  

            WindowsAPI.Win32API.GetClassName(p_Handle, out _ClassName, 255);  

            if (_TextString.szText == "程序" && _ClassName.szText == "SysListView32")  

            {  

                Hide(p_Handle);  

                return false;  

            }  

            return true;  

        /// 隐藏  

        /// <param name="p_ListViewIntPtr"></param>  

        public void Hide(IntPtr p_ListViewIntPtr)  

            IntPtr _ControlIntPtr = p_ListViewIntPtr;  

            int _ItemCount = WindowsAPI.Win32API.SendMessage(p_ListViewIntPtr, 0x1004, 0, 0);  

            WindowsAPI.Win32API.ProcessAccessType _Type;  

            _Type = WindowsAPI.Win32API.ProcessAccessType.PROCESS_VM_OPERATION | WindowsAPI.Win32API.ProcessAccessType.PROCESS_VM_READ | WindowsAPI.Win32API.ProcessAccessType.PROCESS_VM_WRITE;  

            IntPtr _ProcessIntPtr = WindowsAPI.Win32API.OpenProcess(_Type, 1, (uint)m_ProcessID);  

            IntPtr _Out = IntPtr.Zero;  

            for (int z = 0; z != _ItemCount; z++)  

                //配置設定一個記憶體位址 儲存程序的應用程式名稱  

                IntPtr _StrBufferMemory = WindowsAPI.Win32API.VirtualAllocEx(_ProcessIntPtr, 0, 255, WindowsAPI.Win32API.MEM_COMMIT.MEM_COMMIT, WindowsAPI.Win32API.MEM_PAGE.PAGE_READWRITE);  

                byte[] _OutBytes = new byte[40];  //定義結構體 (LVITEM)          

                byte[] _StrIntPtrAddress = BitConverter.GetBytes(_StrBufferMemory.ToInt32());  

                _OutBytes[20] = _StrIntPtrAddress[0];  

                _OutBytes[21] = _StrIntPtrAddress[1];  

                _OutBytes[22] = _StrIntPtrAddress[2];  

                _OutBytes[23] = _StrIntPtrAddress[3];  

                _OutBytes[24] = 255;  

                //給結構體配置設定記憶體  

                IntPtr _Memory = WindowsAPI.Win32API.VirtualAllocEx(_ProcessIntPtr, 0, _OutBytes.Length, WindowsAPI.Win32API.MEM_COMMIT.MEM_COMMIT, WindowsAPI.Win32API.MEM_PAGE.PAGE_READWRITE);  

                //把資料傳遞給結構體 (LVITEM)    

                WindowsAPI.Win32API.WriteProcessMemory(_ProcessIntPtr, _Memory, _OutBytes, (uint)_OutBytes.Length, out _Out);  

                //發送消息擷取結構體資料  

                WindowsAPI.Win32API.SendMessage(p_ListViewIntPtr, 0x102D, z, _Memory);  

                //擷取結構體資料  

                WindowsAPI.Win32API.ReadProcessMemory(_ProcessIntPtr, _Memory, _OutBytes, (uint)_OutBytes.Length, out _Out);  

                //擷取結構體 pszText的位址  

                IntPtr _ValueIntPtr = new IntPtr(BitConverter.ToInt32(_OutBytes, 20));  

                byte[] _TextBytes = new byte[255];  //擷取pszText的資料  

                WindowsAPI.Win32API.ReadProcessMemory(_ProcessIntPtr, _ValueIntPtr, _TextBytes, 255, out _Out);  

                //擷取程序名稱   

                string _ProcessText = System.Text.Encoding.Default.GetString(_TextBytes).Trim(new Char[] { '/0' });  

                //釋放記憶體  

                WindowsAPI.Win32API.VirtualFreeEx(_ProcessIntPtr, _StrBufferMemory, 0, WindowsAPI.Win32API.MEM_COMMIT.MEM_RELEASE);  

                WindowsAPI.Win32API.VirtualFreeEx(_ProcessIntPtr, _Memory, 0, WindowsAPI.Win32API.MEM_COMMIT.MEM_RELEASE);  

                if (_ProcessText == m_ProcessName)  

                {  

                    WindowsAPI.Win32API.SendMessage(p_ListViewIntPtr, 0x1008, z, 0);  

                }  

        /// 在WINDOWS任務管理器裡隐藏一行 需要一直調用 會被任務管理器重新整理出來  

        /// <param name="p_Name">名稱 如QQ.exe</param>  

        public void HideTaskmgrListOfName(string p_Name)  

            System.Diagnostics.Process[] _ProcessList = System.Diagnostics.Process.GetProcessesByName("taskmgr");  

            for (int i = 0; i != _ProcessList.Length; i++)  

                if (_ProcessList[i].MainWindowTitle == "Windows 任務管理器")  

                    m_ProcessID = _ProcessList[i].Id;  

                    WindowsAPI.Win32API.EnumWindowsProc _EunmControl = new WindowsAPI.Win32API.EnumWindowsProc(NetEnumControl);  

                    WindowsAPI.Win32API.EnumChildWindows(_ProcessList[i].MainWindowHandle, _EunmControl, 0);  

    }  

    public class Win32API  

        public enum MEM_PAGE  

            PAGE_NOACCESS = 0x1,  

            PAGE_READONLY = 0x2,  

            PAGE_READWRITE = 0x4,  

            PAGE_WRITECOPY = 0x8,  

            PAGE_EXECUTE = 0x10,  

            PAGE_EXECUTE_READ = 0x20,  

            PAGE_EXECUTE_READWRITE = 0x40,  

            PAGE_EXECUTE_READWRITECOPY = 0x50,  

            PAGE_EXECUTE_WRITECOPY = 0x80,  

            PAGE_GUARD = 0x100,  

            PAGE_NOCACHE = 0x200,  

            PAGE_WRITECOMBINE = 0x400,  

        public enum MEM_COMMIT  

            MEM_COMMIT = 0x1000,  

            MEM_RESERVE = 0x2000,  

            MEM_DECOMMIT = 0x4000,  

            MEM_RELEASE = 0x8000,  

            MEM_FREE = 0x10000,  

            MEM_PRIVATE = 0x20000,  

            MEM_MAPPED = 0x40000,  

            MEM_RESET = 0x80000,  

            MEM_TOP_DOWN = 0x100000,  

            MEM_WRITE_WATCH = 0x200000,  

            MEM_PHYSICAL = 0x400000,  

            MEM_IMAGE = 0x1000000  

        [Flags]  

        public enum ProcessAccessType  

            PROCESS_TERMINATE = (0x0001),  

            PROCESS_CREATE_THREAD = (0x0002),  

            PROCESS_SET_SESSIONID = (0x0004),  

            PROCESS_VM_OPERATION = (0x0008),  

            PROCESS_VM_READ = (0x0010),  

            PROCESS_VM_WRITE = (0x0020),  

            PROCESS_DUP_HANDLE = (0x0040),  

            PROCESS_CREATE_PROCESS = (0x0080),  

            PROCESS_SET_QUOTA = (0x0100),  

            PROCESS_SET_INFORMATION = (0x0200),  

            PROCESS_QUERY_INFORMATION = (0x0400)  

        [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Auto)]  

        public struct STRINGBUFFER  

            [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 512)]  

            public string szText;  

        public delegate bool EnumWindowsProc(IntPtr p_Handle, int p_Param);  

        [DllImport("kernel32.dll")]  

        public static extern IntPtr OpenProcess(ProcessAccessType dwDesiredAccess, int bInheritHandle, uint dwProcessId);  

        public static extern Int32 CloseHandle(IntPtr hObject);  

        public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);  

        public static extern Int32 WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesWritten);  

        public static extern IntPtr VirtualAllocEx(IntPtr hProcess, int lpAddress, int dwSize, MEM_COMMIT flAllocationType, MEM_PAGE flProtect);  

        public static extern IntPtr VirtualFreeEx(IntPtr hProcess, IntPtr lpAddress, int dwSize, MEM_COMMIT dwFreeType);  

        [DllImport("User32.dll", CharSet = CharSet.Auto)]  

        public static extern int GetWindowText(IntPtr hWnd, out STRINGBUFFER text, int nMaxCount);  

        public static extern int GetClassName(IntPtr hWnd, out STRINGBUFFER ClassName, int nMaxCount);  

        [DllImport("user32.dll", CharSet = CharSet.Auto)]  

        public static extern int SendMessage(IntPtr hWnd, int Msg, int wParam, int lParam);  

        public static extern int SendMessage(IntPtr hWnd, int Msg, int wParam, IntPtr lParam);  

        [DllImport("user32.dll")]  

        public static extern int EnumChildWindows(IntPtr hWndParent, EnumWindowsProc ewp, int lParam);  

任務 c# byte Windows string
上一篇: TMG标準版輕松更新到企業版---TMG 2010 系列之四
下一篇: dyanmipsgui2.8cn+sdm2.2.1cn個人原創

繼續閱讀