[讨论] 高手写的木马程式大家来破解 bayant PTT批踢踢实业坊

[讨论] 高手写的木马程式大家来破解

楼主: bayant (VAN) 2015-04-02 23:03:31

程式码如下:以下是记事本档名FaceProv内的东西,但小弟删掉后再次开机会自动产生,
主程式应该在其它地方
9:7:47 = Process Attach
9:7:47 = end process attach
9:7:47 = ##### Begin waiting Mutex to release process #####
9:7:47 = hWnd = 0x00020096; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows ??.x=0, y=0, width=1024, height=768
9:7:47 = hWnd = 0x0002009e; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
9:7:47 = hWnd = 0x0002009a; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
9:9:20 = Process Attach
9:9:20 = end process attach
9:9:20 = ***** NULL == SampleProvider *****
9:9:20 = ##### Begin waiting Mutex to release process #####
9:9:20 = hWnd = 0x0002001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
9:9:20 = hWnd = 0x00020018; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
9:9:20 = hWnd = 0x0002002e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
9:9:20 = hWnd = 0x0002001a; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
9:9:21 = Need to re-create objects.
9:9:21 = s1.
9:9:21 = s2.
9:9:21 = find user name
9:9:21 = Start show animate
9:9:21 = Shell Excutute VerifyHost
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:9:21 = find user name
9:11:24 = begin close Process
9:11:24 = Terminate Process
9:11:25 = end close Process
9:11:25 = DLL_PROCESS_DETACH
9:13:40 = Process Attach
9:13:40 = end process attach
9:13:40 = ***** NULL == SampleProvider *****
9:13:40 = hWnd = 0x00050112; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
9:13:40 = hWnd = 0x00040116; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
9:13:40 = hWnd = 0x0006010a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
9:13:40 = hWnd = 0x0005011a; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
9:13:44 = Process Attach
9:13:44 = ## ERR ## Setevent
9:13:44 = ***** NULL == SampleProvider *****
9:13:44 = begin close Process
9:13:44 = end close Process
9:13:44 = ##### Get event and release process end #####
9:13:44 = hWnd = 0x000400dc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1024, height=768
9:13:44 = hWnd = 0x000200b0; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
9:13:44 = hWnd = 0x00090044; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
9:13:44 = hWnd = 0x000300e2; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
10:33:55 = Process Attach
10:33:55 = end process attach
10:33:55 = ***** NULL == SampleProvider *****
10:33:55 = ##### Begin waiting Mutex to release process #####
10:33:55 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
10:33:55 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
10:33:56 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
10:33:56 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
10:34:0 = Need to re-create objects.
10:34:0 = s1.
10:34:0 = s2.
10:34:2 = find user name
10:34:2 = Start show animate
10:34:2 = Shell Excutute VerifyHost
10:34:2 = find user name
10:34:2 = find user name
10:34:2 = find user name
10:34:2 = find user name
10:34:2 = find user name
10:34:6 = find user name
10:34:6 = find user name
10:34:6 = find user name
10:34:6 = find user name
10:34:6 = find user name
10:34:6 = find user name
10:34:6 = find user name
10:35:3 = find user name
10:35:3 = find user name
10:35:3 = find user name
10:35:3 = find user name
10:35:3 = find user name
10:35:3 = find user name
10:35:15 = begin close Process
10:35:15 = Terminate Process
10:35:16 = end close Process
10:35:16 = DLL_PROCESS_DETACH
23:44:50 = Process Attach
23:44:50 = end process attach
23:44:50 = ***** NULL == SampleProvider *****
23:44:50 = hWnd = 0x00530502; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
23:44:50 = hWnd = 0x006505bc; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
23:44:50 = hWnd = 0x0080044e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
23:44:50 = hWnd = 0x0026039e; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
23:44:56 = Process Attach
23:44:56 = ## ERR ## Setevent
23:44:56 = ##### Get event and release process #####
23:44:56 = begin close Process
23:44:56 = end close Process
23:44:56 = ##### Get event and release process end #####
23:44:56 = hWnd = 0x005300e2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1024, height=768
23:44:56 = hWnd = 0x007d00f4; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
23:44:56 = hWnd = 0x000700ae; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
23:44:56 = hWnd = 0x003e007e; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
23:46:22 = Process Attach
23:46:22 = end process attach
23:46:22 = ##### Begin waiting Mutex to release process #####
23:46:22 = ***** NULL == SampleProvider *****
23:46:22 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
23:46:22 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
23:46:23 = hWnd = 0x00010024; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
23:46:23 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
23:46:41 = Need to re-create objects.
23:46:41 = s1.
23:46:41 = s2.
23:46:41 = find user name
23:46:41 = Start show animate
23:46:41 = Shell Excutute VerifyHost
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:46:41 = find user name
23:47:14 = find user name
23:47:14 = find user name
23:47:14 = find user name
23:47:14 = find user name
23:47:15 = find user name
23:47:15 = find user name
23:47:15 = find user name
23:47:15 = find user name
23:47:15 = find user name
23:47:15 = find user name
23:47:15 = find user name
23:47:15 = find user name
23:47:16 = find user name
23:47:16 = find user name
23:47:16 = find user name
23:47:16 = find user name
23:47:16 = find user name
23:47:16 = find user name
23:47:23 = find user name
23:47:23 = find user name
23:47:23 = find user name
23:47:23 = find user name
23:47:23 = find user name
23:47:23 = find user name
23:47:24 = find user name
23:47:24 = find user name
23:47:24 = find user name
23:47:24 = find user name
23:47:24 = find user name
23:47:24 = find user name
23:47:33 = find user name
23:47:33 = find user name
23:47:33 = find user name
23:47:33 = find user name
23:47:39 = begin close Process
23:47:39 = Terminate Process
23:47:40 = end close Process
23:47:40 = DLL_PROCESS_DETACH
23:49:1 = Process Attach
23:49:1 = end process attach
23:49:1 = ***** NULL == SampleProvider *****
23:49:1 = ##### Begin waiting Mutex to release process #####
23:49:1 = hWnd = 0x000203ee; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
23:49:1 = hWnd = 0x000303ac; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
23:49:1 = hWnd = 0x000203ec; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
23:49:1 = hWnd = 0x000303c0; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
23:49:5 = Process Attach
23:49:5 = ## ERR ## Setevent
23:49:5 = ***** NULL == SampleProvider *****
23:49:5 = ##### Get event and release process #####
23:49:5 = begin close Process
23:49:5 = end close Process
23:49:5 = ##### Get event and release process end #####
23:49:5 = hWnd = 0x000100cc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1024, height=768
23:49:5 = hWnd = 0x000100c8; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
23:49:5 = hWnd = 0x000200c6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
23:49:5 = hWnd = 0x000100ca; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
1:39:45 = Process Attach
1:39:45 = end process attach
1:39:45 = ***** NULL == SampleProvider *****
1:39:45 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
1:39:45 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
1:39:45 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
1:39:45 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
1:39:49 = Need to re-create objects.
1:39:49 = s1.
1:39:49 = s2.
1:39:50 = find user name
1:39:50 = Start show animate
1:39:50 = Shell Excutute VerifyHost
1:39:50 = find user name
1:39:50 = find user name
1:39:50 = find user name
1:39:50 = find user name
1:39:50 = find user name
1:39:53 = find user name
1:39:53 = find user name
1:39:53 = find user name
1:39:53 = find user name
1:39:53 = find user name
1:39:53 = find user name
1:39:53 = find user name
1:39:58 = find user name
1:39:58 = find user name
1:39:58 = find user name
1:39:58 = find user name
1:39:58 = find user name
1:39:58 = find user name
1:40:8 = begin close Process
1:40:8 = Terminate Process
1:40:9 = end close Process
1:40:9 = DLL_PROCESS_DETACH
1:57:5 = Process Attach
1:57:5 = end process attach
1:57:5 = ##### Begin waiting Mutex to release process #####
1:57:5 = hWnd = 0x00350476; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
1:57:5 = hWnd = 0x001604be; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
1:57:5 = hWnd = 0x002e04f6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
1:57:5 = hWnd = 0x0011050c; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
1:57:10 = Process Attach
1:57:10 = ## ERR ## Setevent
1:57:10 = ##### Get event and release process #####
1:57:10 = begin close Process
1:57:10 = end close Process
1:57:10 = ##### Get event and release process end #####
1:57:10 = hWnd = 0x006100dc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1024, height=768
1:57:10 = hWnd = 0x000200b2; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
1:57:10 = hWnd = 0x00150050; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
1:57:10 = hWnd = 0x001000d4; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
4:18:2 = Process Attach
4:18:2 = end process attach
4:18:2 = ***** NULL == SampleProvider *****
4:18:2 = ##### Begin waiting Mutex to release process #####
4:18:2 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
4:18:2 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
4:18:3 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
4:18:3 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
4:18:5 = Need to re-create objects.
4:18:5 = s1.
4:18:5 = s2.
4:18:7 = find user name
4:18:7 = Start show animate
4:18:7 = Shell Excutute VerifyHost
4:18:7 = find user name
4:18:7 = find user name
4:18:7 = find user name
4:18:7 = find user name
4:18:7 = find user name
4:18:8 = find user name
4:18:8 = find user name
4:18:8 = find user name
4:18:8 = find user name
4:18:8 = find user name
4:18:8 = find user name
4:18:8 = find user name
4:20:6 = find user name
4:20:6 = find user name
4:20:6 = find user name
4:20:6 = find user name
4:20:6 = find user name
4:20:6 = find user name
4:20:9 = begin close Process
4:20:9 = Terminate Process
4:20:10 = end close Process
4:20:10 = DLL_PROCESS_DETACH
4:44:8 = Process Attach
4:44:8 = end process attach
4:44:8 = ***** NULL == SampleProvider *****
4:44:8 = hWnd = 0x00050362; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
4:44:8 = hWnd = 0x000403ea; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
4:44:8 = hWnd = 0x000203ee; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
4:44:8 = hWnd = 0x000403ec; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
4:44:12 = Process Attach
4:44:12 = ## ERR ## Setevent
4:44:12 = ##### Get event and release process #####
4:44:12 = begin close Process
4:44:12 = end close Process
4:44:12 = ##### Get event and release process end #####
4:44:12 = hWnd = 0x000e00e8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1024, height=768
4:44:12 = hWnd = 0x002300f0; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
4:44:12 = hWnd = 0x000d00c0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
4:44:12 = hWnd = 0x000b00fa; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
11:29:4 = Process Attach
11:29:4 = end process attach
11:29:4 = ***** NULL == SampleProvider *****
11:29:4 = ##### Begin waiting Mutex to release process #####
11:29:4 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
11:29:4 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
11:29:4 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
11:29:4 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
11:29:14 = Need to re-create objects.
11:29:14 = s1.
11:29:14 = s2.
11:29:14 = find user name
11:29:14 = Start show animate
11:29:14 = Shell Excutute VerifyHost
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:29:14 = find user name
11:30:28 = find user name
中间差不多省略
5:3:19 = find user name
15:3:34 = begin close Process
15:3:34 = Terminate Process
15:3:35 = end close Process
15:3:35 = DLL_PROCESS_DETACH
16:27:51 = Process Attach
16:27:51 = end process attach
16:27:51 = ##### Begin waiting Mutex to release process #####
16:27:52 = ***** NULL == SampleProvider *****
16:27:52 = hWnd = 0x00ff0808; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
16:27:52 = hWnd = 0x003b0814; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
16:27:52 = hWnd = 0x006d07f6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
16:27:52 = hWnd = 0x00220810; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
16:27:52 = Need to re-create objects.
16:27:52 = s1.
16:27:52 = s2.
16:27:52 = find user name
16:27:52 = Start show animate
16:27:52 = Shell Excutute VerifyHost
16:27:52 = find user name
16:27:52 = find user name
16:27:52 = find user name
16:27:52 = find user name
16:27:52 = find user name
16:27:52 = find user name
16:27:52 = find user name
16:27:52 = find user name
16:27:52 = find user name
16:27:52 = find user name
17:1:49 = find user name
17:1:49 = find user name
17:1:49 = find user name
17:1:49 = find user name
17:1:50 = begin close Process
17:1:50 = Terminate Process
17:1:51 = end close Process
17:1:51 = DLL_PROCESS_DETACH
20:37:19 = Process Attach
20:37:19 = end process attach
20:37:19 = ***** NULL == SampleProvider *****
20:37:19 = ##### Begin waiting Mutex to release process #####
20:37:19 = hWnd = 0x000307d8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
20:37:19 = hWnd = 0x000c08ac; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
20:37:19 = hWnd = 0x0004072e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
20:37:19 = hWnd = 0x000d0882; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
20:37:24 = Process Attach
20:37:24 = ## ERR ## Setevent
20:37:24 = ##### Get event and release process #####
20:37:24 = begin close Process
20:37:24 = end close Process
20:37:24 = ***** NULL == SampleProvider *****
20:37:24 = hWnd = 0x001a0124; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1024, height=768
20:37:24 = hWnd = 0x0032009a; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
20:37:24 = hWnd = 0x00040064; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
20:37:24 = hWnd = 0x00290114; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
21:46:36 = Process Attach
21:46:36 = end process attach
21:46:36 = ***** NULL == SampleProvider *****
21:46:36 = ##### Begin waiting Mutex to release process #####
21:46:36 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: Windows 登入.x=0, y=0, width=1366, height=768
21:46:36 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Window.x=0, y=0, width=1, height=1
21:46:36 = hWnd = 0x00010024; ClassName: MSCTFIME UI; Title: MSCTFIME UI.x=0, y=0, width=0, height=0
21:46:36 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.x=0, y=0, width=0, height=0
21:46:37 = Need to re-create objects.
21:46:37 = s1.
21:46:37 = s2.
21:46:38 = find user name
21:46:38 = Start show animate
21:46:38 = Shell Excutute VerifyHost
21:46:38 = find user name
21:46:38 = find user name
21:46:38 = find user name
21:46:38 = find user name
21:46:38 = find user name
21:46:42 = find user name
21:46:42 = find user name
21:46:42 = find user name
21:46:42 = find user name
21:46:42 = find user name
21:46:42 = find user name
21:46:42 = find user name
21:46:46 = find user name
21:46:46 = find user name
21:46:46 = find user name
21:46:46 = find user name
21:46:46 = find user name
21:46:46 = find user name
21:47:0 = begin close Process
21:47:0 = Terminate Process
21:47:1 = end close Process
21:47:1 = DLL_PROCESS_DETACH

继续阅读

[问题] 与网页互动从WF到WPF...Federer5566 [问题] 什么样的程式会用到显卡的apiArton0306 Re: 有人知道侯捷老师的近况吗？s80199 C++撰写一个井字游戏Acrisius [问题] 搞不懂是除法还是啥出了问题Nessa1103 Re: [闲聊] 挑一款高识别度的字型来写程式吧!adrianshum [请益] 有人了解Racket吗？carelai Fw: [情报] Naughty Dog 游戏平行运算技术投影片cjcat2266 Re: [征求] 请帮我看我程式习题理解得对不对LPH66 Fw: [征求] 请帮我看我程式习题理解得对不对Nessa1103