目     錄
引    言 1
第一章　計(jì)算機(jī)病毒簡(jiǎn)介 2
1.1　計(jì)算機(jī)病毒的認(rèn)識(shí) 2
　　1.2計(jì)算機(jī)病毒的觸發(fā)機(jī)制 2
　　1.3計(jì)算機(jī)病毒的起源 4
　　1.4計(jì)算機(jī)病毒的結(jié)構(gòu)特征 4
    1.5　病毒的結(jié)構(gòu) 4
    1.6　病毒的特征 5
1.7　計(jì)算機(jī)病毒的發(fā)展歷史 6
1.4　蠕蟲病毒 6
1.5　計(jì)算機(jī)病毒發(fā)展趨勢(shì) 10
第二章　QQ盜號(hào)木馬簡(jiǎn)述 11
2.1  QQ盜號(hào)木馬介紹  11
2.2 QQ盜號(hào)木馬原理與癥狀 11
2.2．1　QQ盜號(hào)木馬原理 12
2.2．2 QQ盜號(hào)木馬的發(fā)作癥狀 13
2.3  QQ盜號(hào)木馬的具體說明 13
2.4  QQ盜號(hào)木馬的傳播方式 14
2.5  QQ盜號(hào)木馬的觸發(fā)原理以及駐留方式 14
2.6  QQ盜號(hào)木馬主要模塊分析 14
2.7  QQ盜號(hào)木馬的解決方案 14
　　2.7.1　手工清楚該木馬 14
　　2.7.2　安全建議 17
第四章  QQ盜號(hào)木馬專殺工具 23
4.1  QQ盜號(hào)木馬軟件介紹 23
4.2  QQ盜號(hào)木馬的具體實(shí)現(xiàn) 25
4.3 QQ盜號(hào)木馬軟件流程圖 29
　　3.3.1　什么是API函數(shù) 19
　　3.3.2　軟件中涉及的API函數(shù)及其定義 20
第四章  VB的介紹 23
3.1   VB的誕生 18
3.2   VB的特性 18
3.3   VB中的API函數(shù) 19
　　3.3.1　什么是API函數(shù) 19
　　3.3.2　軟件中涉及的API函數(shù)及其定義 20
第五章  設(shè)計(jì)總結(jié) 30
致謝 36
參考文獻(xiàn) 37
附錄 38

摘   要
　　現(xiàn)在，計(jì)算機(jī)病毒已經(jīng)滲透信息社會(huì)的各個(gè)領(lǐng)域，不但給計(jì)算機(jī)系統(tǒng)帶來了巨大的破壞和潛在的威脅而且還對(duì)個(gè)人的網(wǎng)上個(gè)人信息構(gòu)成了威脅。為了確保信息的安全與暢通，因此研究對(duì)算機(jī)病毒的分析與清除的方法是迫在眉睫的。本論文從主要對(duì)QQ盜號(hào)木馬進(jìn)行分析，首先認(rèn)識(shí)一下計(jì)算機(jī)病毒以及他的觸發(fā)機(jī)制，概述了計(jì)算機(jī)病毒的發(fā)展歷史及結(jié)構(gòu)，并針對(duì)具體的實(shí)例—QQ盜號(hào)木馬病毒，初步分析其有關(guān)性質(zhì)和作用原理，仔細(xì)閱讀它的源程序，根據(jù)病毒的發(fā)作機(jī)制，提出了它的清除方式。
　　QQ盜號(hào)木馬主要是利用郵件來傳播，當(dāng)被激活時(shí)，會(huì)生成幾個(gè)文件，對(duì)系統(tǒng)進(jìn)行監(jiān)聽一旦有人登陸QQ其密碼就會(huì)被竊取。我主要是采用對(duì)生成的文件進(jìn)行查找，因?yàn)樗傻奈募枪潭ǖ?，這就很有助與殺此病毒，但其隱藏屬性是查找次文件的一大難點(diǎn)。所以，找到此文件并去除其屬性，就成文了殺毒軟件的核心部分，最后，在將改其注冊(cè)表。最終實(shí)現(xiàn)其殺毒的目的。
 
關(guān)鍵詞：病毒   木馬    路徑   注冊(cè)表   屬性

Abstract

　　　　Now,Computer virus' already seeped the information society each domainNot， only has brought the huge destruction and the latent threat for the computer system moreover also individual information posed the threat to individual net on. In order to guarantee the information the security and is unimpeded,Therefore studies to the calculating machine virus's analysis and the elimination method is imminent. The present paper from mainly robs the number wooden horse to QQ to carry on the analysis,First knew the computer virus as well as he triggers the mechanism, Has outlined computer virus' development history and the structure, And aims at concrete example QQ to rob the number wooden horse virus, Preliminary analysis its related nature and mechanism,Carefully reads its source program, Manifests suddenly the mechanism according to the virus,Proposed its elimination way.
    QQ-virus Mainly is disseminates using the mail ，When is activated,Can produce several documents，Carries on the monitor to the system once some people to land QQ its password to be able to steal. I mainly am use to the production document carry on the search,Because he produces the document is fixed, But its hideaway attribute is searches the inferior document a big difficulty. Therefore,Found this document and removes its attribute,Have been partial on the existing writing kill-virus software core, Finally,Will be changing its registry. Finally realizes its kill-virus goal.

Keywords:   virus   QQ-virus     path     register   attribute