Locked Oculta Proceso

[Anto]

Este codigo fue sacado de una pagina brasilera no es "mio".

 

Colocan en un form 1 timer y 2 botones

no es lo mas ideal para ocultar un proceso pero sirve

probado solo en Xp Sp3.

unit Unit1;

 

interface

 

uses

Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,

Dialogs,Commctrl, StdCtrls, ExtCtrls;

 

type

TForm1 = class(TForm)

Button1: TButton;

Button2: TButton;

Timer1: TTimer;

Label1: TLabel;

procedure Button1Click(Sender: TObject);

procedure Button2Click(Sender: TObject);

procedure Timer1Timer(Sender: TObject);

private

{ Private declarations }

public

{ Public declarations }

end;

 

var

Form1: TForm1;

 

implementation

 

{$R *.dfm}

Procedure OcultarApp(App: String);

var

dwSize,dwNumBytes,PID,hProc: Cardinal;

PLocalShared,PSysShared: PlvItem;

h: THandle;

iCount,i: integer;

szTemp: string;

begin

h:=FindWindow('#32770',nil);

h:=FindWindowEx(h,0,'#32770',nil);

h:=FindWindowEx(h,0,'SysListView32',nil);

iCount:=SendMessage(h, LVM_GETITEMCOUNT,0,0);

for i:=0 to iCount-1 do

begin

dwSize:=sizeof(LV_ITEM) + sizeof(CHAR) * MAX_PATH;

PLocalShared:=VirtualAlloc(nil, dwSize, MEM_RESERVE + MEM_COMMIT, PAGE_READWRITE);

GetWindowThreadProcessId(h,@PID);

hProc:=OpenProcess(PROCESS_ALL_ACCESS,false,PID);

PSysShared:=VirtualAllocEx(hProc, nil, dwSize, MEM_RESERVE OR MEM_COMMIT, PAGE_READWRITE);

PLocalShared.mask:=LVIF_TEXT;

PLocalShared.iItem:=0;

PLocalShared.iSubItem:=0;

PLocalShared.pszText:=LPTSTR(dword(PSysShared) + sizeof(LV_ITEM));

PLocalShared.cchTextMax:=20;

WriteProcessMemory(hProc,PSysShared,PLocalShared,1024,dwNumBytes);

SendMessage(h,LVM_GETITEMTEXT,i,LPARAM(PSysShared));

ReadProcessMemory(hProc,PSysShared,PLocalShared,1024,dwNumBytes);

szTemp:=pchar(dword(PLocalShared)+sizeof(LV_ITEM));

if LowerCase(szTemp) = App then

ListView_DeleteItem(h,i);

VirtualFree(pLocalShared, 0, MEM_RELEASE);

VirtualFreeEx(hProc, pSysShared, 0, MEM_RELEASE);

CloseHandle(hProc);

end;

end;

procedure TForm1.Button1Click(Sender: TObject);

begin

timer1.Enabled:=true;

 

end;

 

procedure TForm1.Button2Click(Sender: TObject);

begin

timer1.Enabled:=false;

end;

 

procedure TForm1.Timer1Timer(Sender: TObject);

begin

OcultarApp('notepad.exe');// No necesariamente notepad.exe

end;

 

end.

 

Pdd: Si leen en el codigo llegando al final dice ('notepad.exe') , hay remplazan por el nombre de su proceso.