unit Unit1;

interface

uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls, Mask,ComCtrls;

type
TForm1 = class(TForm)
   Label1: TLabel;
   Label2: TLabel;
   Timer1: TTimer;
   procedure Timer1Timer(Sender: TObject);
private
   { Private declarations }
public
   { Public declarations }
end;

var
Form1: TForm1;

implementation

{$R *.dfm}
var
NewData : array[0..1] of byte = ($00,$00);
Bytesread : DWORD;

procedure TForm1.Timer1Timer(Sender: TObject);
var
hwin, pid: DWORD;
hprocess: DWORD;
begin
  hwin := FindWindow(nil,'外挂窗口');
   if hwin = 0 then
   Form1.Label1.Caption:='目标程序未运行'
   else
   Form1.Label1.Caption:='目标程序已运行';
   GetWindowThreadProcessId(hwin, pid);
   hprocess := OpenProcess(PROCESS_ALL_ACCESS, False, pid);
   if WriteProcessMemory(hProcess ,Pointer($00410000),@newdata,1 ,BytesRead ) then
   begin
   CloseHandle(hProcess);
   Form1.Label2.Caption:='目标程序解密成功　';
   end
   else
   begin
   CloseHandle(hProcess);
   Form1.Label2.Caption:='目标程序解密失败　';
   end;
   end;
end.