📄 antimonitormain.~pas
字号:
unit AntiMonitorMain;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, ComCtrls;
type
TForm1 = class(TForm)
StatusBar1: TStatusBar;
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
//******************************************
//通过查找窗口标题栏实现检测FileMon和Regmon
//******************************************
//通过查找窗口标题栏内容检测FileMon
function AntiFileMonTitle():Boolean;
var
hWnd:THandle;
begin
hWnd:=FindWindow(nil,'Registry Monitor - Sysinternals: www.sysinternals.com');
if hWnd<>0 then
Result:=True
else
Result:=False;
end;
//通过查找窗口类名检测FileMon
function AntiFileMonClass():Boolean;
var
hWnd:THandle;
begin
hWnd:=FindWindow('FileMonClass',nil);
if hWnd<>0 then
Result:=True
else
Result:=False;
end;
//通过查找窗口标题栏内容检测RegMon
function AntiRegMonTitle():Boolean;
var
hWnd:THandle;
begin
hWnd:=FindWindow(nil,'File Monitor - Sysinternals: www.sysinternals.com');
if hWnd<>0 then
Result:=True
else
Result:=False;
end;
//通过查找窗口类名检测RegMon
function AntiRegMonClass():Boolean;
var
hWnd:THandle;
begin
hWnd:=FindWindow('18467-41',nil);
if hWnd<>0 then
Result:=True
else
Result:=False;
end;
procedure TForm1.FormCreate(Sender: TObject);
begin
if AntiFileMonTitle or AntiFileMonClass then
MessageBox(Handle,'注意:软件被FileMon监视!','提示',MB_OK+MB_ICONINFORMATION);
if AntiRegMonTitle or AntiRegMonClass then
MessageBox(Handle,'注意:软件RegMon被监视!','提示',MB_OK+MB_ICONINFORMATION);
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -