Диспетчер задач

← →
Михаил(Киров) (2005-07-27 23:54) [0]

Как в реестре отключить появление диспетчера задач (TaskMgr) в WinXp?

← →
Иван Пантелеев (2005-07-28 00:59) [1]

=== Dll ===
library Project1;

uses
Windows,Messages;

Var
SavedProc: pointer;
ThreadID,id:cardinal;
ready:boolean;

function GethWnd: HWND;
begin
result:= FindWindow(Pchar("SAS Window class"),Pchar("SAS window") );
end;

function MyWndProc(hWnd: HWND; Msg: UINT; wParam: WPARAM; lParam: LPARAM): LRESULT; stdcall;
begin
ready:=false;
if msg=WM_HOTKEY then begin
// Поймали HOTKEY CAD (CSE) -
выводим сообщение на десктоп "Default" и затем выходим
if( MAKELONG( MOD_CONTROL or MOD_ALT, VK_DELETE ) = lParam )then
begin
result:= 0;
ready:=True;
end;

if( MAKELONG( MOD_CONTROL or MOD_SHIFT, VK_ESCAPE )
= lParam ) then
begin
result:= 0;
ready:=True;
end;

if not ready then result:= CallWindowProc(SavedProc,
hWnd, Msg, wParam, lParam);
end
else result:= CallWindowProc(SavedProc, hWnd, Msg, wParam, lParam);

end;

procedure SetWndProc(hWnd: HWND);
begin
SavedProc:= pointer(SetWindowLong(hWnd, GWL_WNDPROC,
cardinal(@myWndProc)));
end;

procedure UnSetWndProc(hWnd: HWND);
begin
SavedProc:= pointer(SetWindowLong(hWnd, GWL_WNDPROC,
cardinal(SavedProc)));
end;

function thread:integer; stdcall;
begin
SetWndProc(GethWnd);

sleep(60*1000);

//PostMessage(HWND_BROADCAST,WM_HOTKEY,0, MAKELONG(MOD_CONTROL or MOD_ALT, VK_DELETE ) ); //CAD

UnSetWndProc(GethWnd);
sleep(10);
thread:=0;
CreateThread(nil,0,GetProcAddress(GetModuleHandle("kernel32"),"FreeLibrary"),pointer(hInstance),0,id);
end;

begin
//MessageBoxEx(0,"Ctrl + Shift + Esc","FIGA2", MB_DEFAULT_DESKTOP_ONLY, 0 );
CreateThread(nil,0,@Thread,nil,0,ThreadID);
end.

=== Exe ===
program loader;
uses
Windows,SysUtils,Tlhelp32;

function SetDebugPriv: Boolean;
var
Token: THandle;
tkp: TTokenPrivileges;
begin
Result := false;
if OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, Token) then
begin
if LookupPrivilegeValue(nil, PChar("SeDebugPrivilege"), tkp.Privileges[0].Luid) then
begin
tkp.PrivilegeCount := 1;
tkp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
Result := AdjustTokenPrivileges(Token, false, tkp, 0, PTokenPrivileges(nil)^, PDWord(nil)^);
end;
end;
end;

function Start(ProcessID: Cardinal; DllFileName: string): Boolean;
var
hProcess, hTh: THandle;
BytesWritten, ThreadID, DllNameLen: Cardinal;
LoadLibraryProc, MemPtr: Pointer;
ExitCode: DWord;
begin
Result := false;

SetDebugPriv();

hProcess := OpenProcess(PROCESS_CREATE_THREAD or PROCESS_VM_OPERATION or PROCESS_VM_WRITE,true, ProcessID);

if hProcess <> 0 then
begin
DllNameLen := Length(DllFileName) + 1;

MemPtr := VirtualAllocEx(hProcess, nil, DllNameLen, MEM_COMMIT, PAGE_READWRITE);

if MemPtr <> nil then
begin
if WriteProcessMemory(hProcess, MemPtr, PChar(DllFileName), DllNameLen, BytesWritten) then
begin
LoadLibraryProc := GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");

hTh := CreateRemoteThread(hProcess, nil, 0, LoadLibraryProc, MemPtr, 0, ThreadID);

if hTh <> 0 then
begin
if (WaitForSingleObject(hTh, INFINITE) = WAIT_OBJECT_0) and
GetExitCodeThread(hTh, ExitCode) then
Result := ExitCode <> 0;

CloseHandle(hTh);
end;
end;

VirtualFreeEx(hProcess, MemPtr, 0, MEM_RELEASE);
end;

CloseHandle(hProcess);
end;

end;

var
ProcessID: Cardinal;
DllName,ppp: string;
ContinueLoop: BOOL;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
ProcessID:=0;
FSnapshotHandle:=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize:=Sizeof(FProcessEntry32);

ContinueLoop := Process32First(FSnapshotHandle,FProcessEntry32);
while integer(ContinueLoop) <> 0 do
begin
ppp:=FProcessEntry32.szExeFile;
if (pos("WINLOGON",UpperCase(ppp))>0) then ProcessID:=FProcessEntry32.th32ProcessID;
ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);

DllName:="C:\Documents and Settings\Vania\My Documents\cad_zamena\Project1.dll";

if ProcessID <> 0 then Start(ProcessID, DllName);

end.

← →
Sumor (2005-07-28 18:50) [2]

В общем достаточно переименовать taskmgr.exe из system32
или отключить права для пользователя, которому не надо его запускать

Диспетчер задач Найти похожие ветки