误报你就不用管了。
你把有问题的EXE文件发上来,我给你做一下免杀。
[ 本帖最后由 yuma 于 2012-7-22 13:30 编辑 ]
你把有问题的EXE文件发上来,我给你做一下免杀。
[ 本帖最后由 yuma 于 2012-7-22 13:30 编辑 ]
心生万象,万象皆程序!
本人计算机知识网:http://bbs.为防伸手党,本站已停止会员注册。
再制作二页EXE文件检测是否有“木马”代码,结果没有发现“木马”
为了进一步确认“木马”是否就是在27b.exe上面,于是又独立制作了27c.exe和28a.exe,检测结果是这二页都没有“木马”代码;那么究竟那一组代码是“木马”代码,现将有关页码代码发如下,请您用火眼金睛把“木马”找出来,深表谢意!
27c.exe代码如下:
程序代码:[color=#008000]'关闭前面的窗体用 Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long Const PROCESS_TERMINATE = 1 '下面是链接网站用代码(一共有两个部分,第2段见下面Command3) Private Declare Function ShellExecute Lib "shell32.dll" Alias _ "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, _ ByVal lpFile As String, ByVal lpParameters As String, _ ByVal lpDirectory As String, ByVal nShowCmd As Long) As Long Private Const SW_SHOW = 5 '以下二级菜单 Private Declare Function GetMenu Lib "user32" _ (ByVal hwnd As Long) As Long Private Declare Function GetSubMenu Lib "user32" _ (ByVal hMenu As Long, ByVal nPos As Long) As Long Private Declare Function SetMenuItemBitmaps Lib "user32" _ (ByVal hMenu As Long, ByVal nPosition As Long, ByVal wFlags As Long, _ ByVal hBitmapUnchecked As Long, ByVal hBitmapChecked As Long) As Long Const MF_BYPOSITION = &H400& 'Private Sub Form_Unload(Cancel As Integer) '二级菜单用 'Unload FrmMenu 'End Sub Private Sub frame1_MouseDown(Button As Integer, Shift As Integer, x As Single, y As Single) '二级菜单用 If Button And vbRightButton Then PopupMenu FrmMenu.jrswj End If End Sub Private Sub tp8_Click() '二级菜单用 End End Sub Private Sub UnloadMe(bQuestion As Boolean, bEnd As Boolean, Optional ByRef Cancel As Integer) '关闭钮(补2) Dim Ltem As Long Dim LpID As Long Dim hLong As Long Dim strWinName As String strWinName = "第27届(1)" hLong = FindWindow(vbNullString, strWinName) If hLong Then GetWindowThreadProcessId hLong, LpID Ltem = OpenProcess(PROCESS_TERMINATE, False, LpID) TerminateProcess Ltem, 0 hLong = 0 End If strWinName = "第27届(2)" hLong = FindWindow(vbNullString, strWinName) If hLong Then GetWindowThreadProcessId hLong, LpID Ltem = OpenProcess(PROCESS_TERMINATE, False, LpID) TerminateProcess Ltem, 0 hLong = 0 End If strWinName = "第27届(3)" hLong = FindWindow(vbNullString, strWinName) If hLong Then GetWindowThreadProcessId hLong, LpID Ltem = OpenProcess(PROCESS_TERMINATE, False, LpID) TerminateProcess Ltem, 0 hLong = 0 End If strWinName = "第27届(4)" hLong = FindWindow(vbNullString, strWinName) If hLong Then GetWindowThreadProcessId hLong, LpID Ltem = OpenProcess(PROCESS_TERMINATE, False, LpID) TerminateProcess Ltem, 0 hLong = 0 End If strWinName = "第27届(5)" hLong = FindWindow(vbNullString, strWinName) If hLong Then GetWindowThreadProcessId hLong, LpID Ltem = OpenProcess(PROCESS_TERMINATE, False, LpID) TerminateProcess Ltem, 0 hLong = 0 End If strWinName = "第27届(6)" hLong = FindWindow(vbNullString, strWinName) If hLong Then GetWindowThreadProcessId hLong, LpID Ltem = OpenProcess(PROCESS_TERMINATE, False, LpID) TerminateProcess Ltem, 0 hLong = 0 End If If bQuestion Then If MsgBox("你要退出《第27届奥运会邮票集》吗?", vbYesNo + vbExclamation, "系统询问") <> vbYes Then Cancel = True Exit Sub Else hLong = FindWindow(vbNullString, strWinName) If hLong Then GetWindowThreadProcessId hLong, LpID Ltem = OpenProcess(PROCESS_TERMINATE, False, LpID) TerminateProcess Ltem, 0 hLong = 0 End If End If End If For Each pForm In Forms Unload pForm Next End Sub Private Sub Command10_Click() Unload xj27b '去本届第2页 Load xj27b xj27b.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command11_Click() Unload xj27d '去本届第4页 Load xj27d xj27d.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command13_Click() Unload xj27d '去本届第4页 Load xj27d xj27d.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command14_Click() Unload xj27e '去本届第5页 Load xj27e xj27e.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command15_Click() Unload xj27e '去本届第5页 Load xj27e xj27e.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command17_Click() Dim Ltem As Long Dim LpID As Long Dim hLong As Long Dim strWinName As String If MsgBox("你要退出《第27届奥运会邮票集》吗?", vbYesNo + vbExclamation, "系统询问") = vbYes Then Unload Me End Else Cancel = True End If 'bQuestion = True '关闭钮用(6特) 退出系统,单页用此句代码 'Unload Me End Sub Private Sub Command20_Click() Load xj27f '去第6页 xj27f.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Form_QueryUnload(Cancel As Integer, UnloadMode As Integer) '关闭钮用1222(补2) ' If UnloadMode = 0 Then UnloadMe True, True, Cancel End Sub Private Sub Command18_Click() Dim web As String '链接网站用,网址放在Combo1的属性Text中,拖1个图形框Picture1,拖1个Combo1 web = Combo1.Text ShellExecute 0&, vbNullString, web, vbNullString, vbNullString, 0 End Sub Private Sub Command19_Click() Load xj27f '去第6页 xj27f.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command2_Click() Unload xj27b '去本届第2页 Load xj27b xj27b.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command3_Click() Unload xj27d '去本届第4页 Load xj27d xj27d.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command5_Click() Unload xj27b '去本届第2页 Load xj27b xj27b.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command6_Click() Unload xj27d '去本届第4页 Load xj27d xj27d.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command7_Click() Unload xj27a '去本届第1页 Load xj27a xj27a.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command8_Click() Unload xj27b '去本届第2页 Load xj27b xj27b.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command9_Click() Unload xj27a '去本届第1页 Load xj27a xj27a.Show 'UnloadMe False, False '关闭钮(补) End Sub Private Sub Command1_Click() '返回主页 Dim Ltem As Long Dim LpID As Long Dim hLong As Long Dim strWinName As String strWinName = "奥林匹克运动会邮票集" hLong = FindWindow(vbNullString, strWinName) If hLong Then GetWindowThreadProcessId hLong, LpID Ltem = OpenProcess(PROCESS_TERMINATE, False, LpID) TerminateProcess Ltem, 0 hLong = 0 End If Shell "rundll32.exe url.dll,FileProtocolHandler " & App.Path & "\olpk.exe", vbMaximizedFocus 'UnloadMe False, True '关闭钮用(补) End Sub Private Sub Command4_Click() '返回主页 Dim Ltem As Long Dim LpID As Long Dim hLong As Long Dim strWinName As String strWinName = "奥林匹克运动会邮票集" hLong = FindWindow(vbNullString, strWinName) If hLong Then GetWindowThreadProcessId hLong, LpID Ltem = OpenProcess(PROCESS_TERMINATE, False, LpID) TerminateProcess Ltem, 0 hLong = 0 End If Shell "rundll32.exe url.dll,FileProtocolHandler " & App.Path & "\olpk.exe", vbMaximizedFocus 'UnloadMe False, True '关闭钮用(补) End Sub Private Sub Form_Load() '留言栏,注意MyApp编号 Command12.Enabled = False '按钮失效代码 Command16.Enabled = False End Sub Private Sub form_resize() '滚动条与鼠标事件用 If Frame1.Height > Me.Height Then VScroll1.Visible = True Else VScroll1.Visible = False End If If Frame1.Width > Me.Width Then HScroll1.Visible = True Else HScroll1.Visible = False End If HScroll1.Left = 0 HScroll1.Top = Me.ScaleHeight - HScroll1.Height VScroll1.Left = Me.ScaleWidth - VScroll1.Width VScroll1.Top = 0 HScroll1.Width = Me.ScaleWidth VScroll1.Height = Me.ScaleHeight If VScroll1.Visible = True Then If HScroll1.Visible = True Then HScroll1.Width = Abs(Me.ScaleWidth - VScroll1.Width) VScroll1.Height = Abs(Me.ScaleHeight - HScroll1.Height) End If End If HScroll1.Max = (Frame1.Width - Me.Width) + 3 * VScroll1.Width VScroll1.Max = (Frame1.Height - Me.Height) + 3 * HScroll1.Height HScroll1.ZOrder VScroll1.ZOrder Frame1.Left = (Me.ScaleWidth - Frame1.Width) / 2 End Sub Private Sub HScroll1_Change() '滚动条与鼠标事件用 Frame1.Left = -HScroll1.Value End Sub Private Sub Image1_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image10_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image11_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image12_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image13_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image14_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image15_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image16_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image17_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image18_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image19_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image2_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image20_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image21_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image22_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image23_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image24_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image25_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image26_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image27_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image28_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image29_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image3_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image30_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image4_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image5_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image6_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image7_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub Image8_Click() Load xj27c01a xj27c01a.Show End Sub Private Sub Image9_Click() Load xj27c02a xj27c02a.Show End Sub Private Sub VScroll1_Change() '滚动条与鼠标事件用 Frame1.Top = -VScroll1.Value End Sub Private Sub VScroll1_GotFocus() '滚动条与鼠标事件用 Command1.SetFocus End Sub
[/color]
27b.rar
帮不了你了!