正文描述:《自制杀毒小软件》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库。
1、#defineDEBUGMSG #include #include #include #include #include #include"Psapi.h" #pragmacomment(lib,"Psapi.lib") #defineerronGetLastError() TCHARname[50]={0};//保存虫虫的文件名+路径 FILE*Gfp=NULL;//输出到文件 BOOLScanVXER(LPTSTRV_FileName,longV_FileOffset,intV_Length,TCHAR*V_Cont
2、ents); //匹配特征码函数 BOOLScanFileVXER(LPTSTRFileName); //文件遍历函数 BOOLProcessVXER(void); //枚举进程函数 BOOLKillProc(DWORDProcessID); //杀进程函数 BOOLEnablePrivilege(LPTSTRPrivilegeName); //提升权限函数 BOOLRegDelVXER(void); //删除注册表项函数 voidUsage(LPCTSTRParameter); //帮助函数 intmain(in
3、targc,TCHAR*argv[]) { if(argc!=2) { Usage(argv[0]); return0; } #ifdefDEBUGMSG Gfp=fopen("VXER.txt","a+"); if(Gfp==NULL) { printf("Open"VXER.txt"fail"); return0; } fprintf(Gfp,"%s","[-------------------------Filelist-------------------------]"); #endif
4、 if(strlen(argv[1])>10) { printf("Finenamenolargerthan"10""); return0; } if(!(ScanFileVXER(argv[1]))) { #ifdefDEBUGMSG printf("ScanFileVXER()GetLastErrorreports%d",erron); #endif fclose(Gfp); return0; } if(!(ProcessVXER())) { #ifdefDEBUGMSG printf("Pr
5、ocessesVXER()GetLastErrorreports%d",erron); #endif fclose(Gfp); return0; } if(!(RegDelVXER())) { #ifdefDEBUGMSG printf("RegDelVXER()GetLastErrorreports%d",erron); #endif fclose(Gfp); return0; } fclose(Gfp); return0; } BOOLScanFileVXER(LPTSTRFileName) {
6、 WIN32_FIND_DATAFindFileData; DWORDlpBufferLength=255; TCHARlpBuffer[255]={0}; TCHARDirBuffer[255]={0}; HANDLEhFind=NULL; UINTcount=0; longFileOffset=0x1784;//偏移地址 intFileLength=0x77;//长度 TCHARContents[]={ 0x49,0x20,0x6A,0x75,0x73,0x74,0x20,0x77,0x61,0x6E,0x74,0x20
7、,0x74,0x6F,0x20,0x73, 0x61,0x79,0x20,0x4C,0x4F,0x56,0x45,0x20,0x59,0x4F,0x55,0x20,0x53,0x41,0x4E,0x21, 0x21,0x20,0x62,0x69,0x6C,0x6C,0x79,0x20,0x67,0x61,0x74,0x65,0x73,0x20,0x77,0x68, 0x79,0x20,0x64,0x6F,0x20,0x79,0x6F,0x75,0x20,0x6D,0x61,0x6B,0x65,0x20,0x74,0x68, 0x69,
8、0x73,0x20,0x70,0x6F,0x73,0x73,0x69,0x62,0x6C,0x65,0x20,0x3F,0x20,0x53,0x74, 0x6F,
显示全部收起