监视进程的时间,运行状态等信息的程序.(xp下请重新编译)

在NT环境下隐藏进程，也就是说在用户不知情的条件下，执行自己的代码的方法有很多种，比如说使用注 册表插入DLL，使用Windows挂钩等等。其中比较有代表性的是Jeffrey Richer在《Windows核心编程》中 介绍的LoadLibrary方法和罗云彬在《Windows环境下32位汇编语言程序设计》中介绍的方法。两种方法的 共同特点是：都采用远程线程，让自己的代码作为宿主进程的线程在宿主进程的地址空间中执行，从而达 到隐藏的目的。相比较而言，Richer的方法由于可以使用c/c++等高级语言完成，理解和实现都比较容易 ，但他让宿主进程使用LoadLibrary来装入新的DLL，所以难免留下蛛丝马迹，隐藏效果并不十分完美。罗 云彬的方法在隐藏效果上绝对一流，不过，由于他使用的是汇编语言，实现起来比较难（起码我写不了汇 编程序:)）。笔者下面介绍的方法可以说是对上述两种方法的综合：采用c/c++编码，实现完全隐藏。并 且，笔者的方法极大的简化了远程线程代码的编写，使其编写难度与普通程序基本一致。-the NT environment hidden process, the user is unaware of the conditions, the implementation of their code There are various ways, for instance, the use of the registry into DLL, etc. linked to the use of Windows. The more representative Jeffrey Richer is the "core Windows programming" introduced by the LoadLibrary method and the Luo Bin, "under Windows 32 assembly language programming" introduced by the method. Two methods are common features are : remote threads are used to keep the code as host process threads in t

启动并控制其它Exe程序，在一个进程中启动另外一个程序。适合与初学者。-initiate and control other Exe procedures, in a process launched another procedure. Fit and beginners.

此段程序采用公开的 Win2k注射远程线程，来保护指定进程始终处于运行状态。 生成wap32.exe拷贝到c:下运行，则Wap32进程不死。-During the proceedings open Win2k injection remote threads, to protect the designation process has always been running. Generation wap32.exe copy of the c : run, Wap32 process of immortality.

c++程序，模拟操作系统进程管理，里面有所有的文件和所明-c procedures, the operating system simulation process management, which has all the documents and that

一个计算器程序 能够执行计算器的普通功能-a calculator program to implement the general function calculator

This section allows you to browse the files contained within a ZIP file without having to download it first. The file list below shows all of the files those that are in a text format that we recognize the extension for (e.g. source code files) are linked to a page where you can view the contents of the file. -This section allows you to browse the files contained within a ZIP file without having to do wnload it first. The file list below shows all of the files those that are in a text format that we r ecognize the extension for (e.g. source code fi les) are linked to a page where you can view the co ntents of the file.

进程枚举 类似于任务管理器中的任务列表 可以列举出系统运行的进程-Enumeration process is similar to Task Manager task list can be listed out in the process of system operation

一个进程隐藏的例子-an example of the hidden proce

利用psapi实现的显示系统进程信息-use psapi achieve process information display system