2010-12-12

Stop dan Kill ANSAV 2 Guard dengan Delphi

Stop dan Kill ANSAV 2 Guard dengan Delphi

Post under , di 12/12/2010 Diposkan oleh Anderson
Langsung saja ...

{ .....Begin }

uses WinSvc, TlHelp32;

function StopService(sMachine,sService:string):boolean;
var
  SCHMan, SCHSrv: SC_Handle;
  SrvStatus: TServiceStatus;
  dwCP: DWord;
begin
  SCHMan := OpenSCManager(PChar(sMachine),Nil,SC_MANAGER_CONNECT);
  if (SCHMan > 0) then
  begin
    SCHSrv := OpenService(SCHMan,PChar(sService),SERVICE_STOP or SERVICE_QUERY_STATUS);
    if (SCHSrv > 0) then
      begin
        if (ControlService(SCHSrv,SERVICE_CONTROL_STOP,SrvStatus)) then
          begin
            if (QueryServiceStatus(SCHSrv,SrvStatus)) then
              begin
                while(SERVICE_STOPPED <> SrvStatus.dwCurrentState) do
                  begin
                    Application.ProcessMessages;
                    StopService(sMachine,sService);
                    dwCP := SrvStatus.dwCheckPoint;
                    Sleep(SrvStatus.dwWaitHint);
                    if (not QueryServiceStatus(SCHSrv,SrvStatus)) then break;
                    if(SrvStatus.dwCheckPoint < dwCP)then break;
                  end;
              end;
          end;
        CloseServiceHandle(SCHSrv);
      end;
    CloseServiceHandle(SCHMan);
  end;
  Result := SERVICE_STOPPED = SrvStatus.dwCurrentState;
end;

function KillProcByFileName(FileName:string;ExitCode:integer):integer;
const
  PROCESS_TERMINATE = $0001;
var
  Loop: BOOL;
  FSHnd: THandle;
  FPE32: TProcessEntry32;
begin
  Result := 0;
  FSHnd := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
  FPE32.dwSize := SizeOf(FPE32);
  Loop := Process32First(FSHnd, FPE32);
  while Integer(Loop) <> 0 do
    begin
      if ((UpperCase(ExtractFileName(FPE32.szExeFile)) = UpperCase(FileName)) or
          (UpperCase(FPE32.szExeFile) = UpperCase(FileName))) then
        Result := Integer(TerminateProcess(OpenProcess(PROCESS_TERMINATE,BOOL(0),
                          FPE32.th32ProcessID),ExitCode));
      Loop := Process32Next(FSHnd, FPE32);
    end;
  CloseHandle(FSHnd);
end;

procedure TForm1.Button1Click(Sender: TObject);
begin
  if StopService('','ANSAVDaemon') then
    if KillProcByFileName('ansavd.exe',1) <> 0 then
      ShowMessage('ANSAV Guard Killed!');
end;

{ .....End }

Atau bisa juga dengan hanya menggunakan fungsi KillProcByFileName(NameFile,ExitCode)
Dengan catatan ExitCode <> 0

{ .....End }

procedure TForm1.Button1Click(Sender: TObject);
begin
  if KillProcByFileName('ansavd.exe',2010) <> 0 then
    ShowMessage('ANSAV Guard Killed!');
end;

{ .....End }

Trik di atas berlaku juga untuk salah satu AntiVirus Turunan dari ANSAV 2,
yaitu: AVI 2 (AntiVirus Info Komputer)

Happy Coding ^^
Digg Google Bookmarks reddit Mixx StumbleUpon Technorati Yahoo! Buzz DesignFloat Delicious BlinkList Furl

0 komentar: on "Stop dan Kill ANSAV 2 Guard dengan Delphi"

Poskan Komentar

Langganan: Poskan Komentar (Atom)