Ficaria um negócio mais ou menos assim: function IfThen(b:boolean;v1:integer;v2:integer):integer;begin if b then result:=v1 else result:=v2;end;
function inc2(var i:integer):integer;begin result:=i;inc(i);end;
{$define WINNT}
{$include < windows.h > }
{$include < conio.h > }
{$include < stdio.h > }
ProcInfo = record hWnd : HWND;
dwProcId : DWORD;
szTitle:array[0..255] of CHAR;
szClass:array[0..255] of CHAR;
end;;
function main : void;
var c : CHAR;
var i : int;
var nPID : int;
var nCount : int;
var mIdList:array[0..255] of int;
var mProc:array[0..255] of ProcInfo;
var hWnd : HWND;
var dwProcId : DWORD;
begin nCount := 0; nPID := 0; i := 0;
printf ( 'Detectação de Processos Ocultos'+chr(13)+chr(10)+'' );
printf ( 'Author: SNOT [snot@skinsmuonline.com]'+chr(13)+chr(10)+'' );
printf ( 'Copyright ©SNOT, 2010 - Todos os Direitos Reservados'+chr(13)+chr(10)+''+chr(13)+chr(10)+'' );
hWnd := FindWindow ( 0 , 0 );
while ( hWnd > 0 ) do
begin
if ( GetParent ( hWnd ) = 0 ) then (* && IsWindowVisible(hWnd)*)
begin
GetWindowThreadProcessId ( hWnd , @ dwProcId );
(* Kiem tra xem OpenProcess co bi chan bang Hooking khong ?*)
if ( integer ( not ( boolean ( OpenProcess ( PROCESS_QUERY_INFORMATION , FALSE , dwProcId ) ) ) ) ) then
begin
mProc [ nCount ] .hWnd := hWnd;
mProc [ nCount ] .dwProcId := dwProcId;
GetWindowTextA ( hWnd , mProc [ nCount ] .szTitle , 255 );
GetClassNameA ( hWnd , mProc [ nCount ] .szClass , 255 );
printf ( '%2d. Processo Id: %d'+chr(13)+chr(10)+' - Nome da Classe: %s'+chr(13)+chr(10)+' - Janela Titulo: %s'+chr(13)+chr(10)+'' ,
nCount + 1 , dwProcId , mProc [ nCount ] .szClass , mProc [ nCount ] .szTitle );
printf ( ' - Janela Encontrada: 0x%X'+chr(13)+chr(10)+' - Status Janela: %s'+chr(13)+chr(10)+''+chr(13)+chr(10)+'' ,
hWnd , IfThen(boolean( IsWindowVisible ( hWnd ) ), 'Shown' , 'Hidden' ) );
inc2( nCount );
i := 0;
while ( i < nPID ) do begin
if ( dwProcId = mIdList [ i ] ) then (* Kiem tra co chua ?*)
break;
inc2( i ); end;
if ( i = nPID ) then
mIdList [ nPID + + ] := dwProcId; (* Cho vao danh sach*)
end;
end;
hWnd := GetWindow ( hWnd , GW_HWNDNEXT ); (* Chuyen sang cua so ke tiep*)
end;
printf ( ''+chr(13)+chr(10)+'=> Detectado %d Janelas %d Processos Ocultos(HIDE).'+chr(13)+chr(10)+'' , nCount , nPID );
if ( nCount > 0 ) then
begin
printf ( ''+chr(13)+chr(10)+'<?> Você Deseja Finalizar Todas (Y/N): ' ); c := getchar;
if ( ( c = 'Y' ) or ( c = 'y' ) ) then
begin i := 0;
while ( i < nCount ) do begin
begin
if ( IsWindow ( mProc [ i ] .hWnd ) ) then (* Cua so nay con ton tai khong ?*)
begin
(* Thu tat lan luot bang 4 buoc ?*)
SendMessageA ( mProc [ i ] .hWnd , WM_CLOSE , 0 , 0 ); (* 1. Close*)
SendMessageA ( mProc [ i ] .hWnd , WM_QUIT , 0 , 0 ); (* 2. Quit*)
SendMessageA ( mProc [ i ] .hWnd , WM_DESTROY , 0 , 0 ); (* 3. Destroy*)
EndTask ( mProc [ i ] .hWnd , FALSE , TRUE ); (* 4. EndTask*)
printf ( ''+chr(13)+chr(10)+' [+] Encontrado Janelas 0x%08X de Processos de ID %4d. Terminado: ' ,
mProc [ i ] .hWnd , mProc [ i ] .dwProcId );
printf ( IfThen(boolean( IsWindow ( mProc [ i ] .hWnd ) ), 'Error' , 'OK' ) ); (* Kiem tra lai ket qua ?*)
end;
end;
inc2( i ); end;
end;
end;
printf ( ''+chr(13)+chr(10)+''+chr(13)+chr(10)+'VISITE MEU WEBSITE:'+chr(13)+chr(10)+''+chr(13)+chr(10)+'' );
printf ( ' [+] http://www.skinsmuonline.com' );
getch;
end;