- 注册时间
- 2004-11-27
- 最后登录
- 1970-1-1
|
发表于 2007-6-18 14:00:30
|
显示全部楼层
自用的U盘防毒程序- // DefU.cpp : Defines the entry point for the application.
- //
- #include "stdafx.h"
- #include <windows.h>
- LRESULT CALLBACK WindowProcedure (HWND, UINT, WPARAM, LPARAM);
- void WINAPI Scan();
- void WINAPI Process(LPCSTR szDrive);
- char szClassName[ ] = "DefUClass";
- int WINAPI WinMain (HINSTANCE hThisInstance,
- HINSTANCE hPrevInstance,
- LPSTR lpszArgument,
- int nFunsterStil)
- {
- HANDLE hToken;
- TOKEN_PRIVILEGES tkp;
- OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken);
- LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid);
- tkp.PrivilegeCount = 1;
- tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
- AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, NULL, NULL);
- HWND hwnd;
- MSG messages;
- WNDCLASSEX wincl;
- wincl.hInstance = hThisInstance;
- wincl.lpszClassName = szClassName;
- wincl.lpfnWndProc = WindowProcedure;
- wincl.style = CS_DBLCLKS;
- wincl.cbSize = sizeof (WNDCLASSEX);
- wincl.hIcon = LoadIcon (NULL, IDI_APPLICATION);
- wincl.hIconSm = LoadIcon (NULL, IDI_APPLICATION);
- wincl.hCursor = LoadCursor (NULL, IDC_ARROW);
- wincl.lpszMenuName = NULL;
- wincl.cbClsExtra = 0;
- wincl.cbWndExtra = 0;
- wincl.hbrBackground = (HBRUSH) COLOR_BACKGROUND;
- if (!RegisterClassEx (&wincl))
- return 0;
- hwnd = CreateWindowEx (
- 0,
- szClassName,
- "DefU",
- 0,
- CW_USEDEFAULT,
- CW_USEDEFAULT,
- 0,
- 0,
- HWND_DESKTOP,
- NULL,
- hThisInstance,
- NULL
- );
- char szMe[MAX_PATH];
- GetModuleFileName(NULL, szMe, MAX_PATH);
- CReg* reg = new CReg;
- reg->Open(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", KEY_ALL_ACCESS);
- reg->SetValue("DefU", szMe);
- reg->Close();
- delete reg;
- while (GetMessage (&messages, NULL, 0, 0))
- {
- TranslateMessage(&messages);
- DispatchMessage(&messages);
- }
- return messages.wParam;
- }
- LRESULT CALLBACK WindowProcedure (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam)
- {
- switch (message)
- {
- case WM_DEVICECHANGE:
- Scan();
- break;
- default:
- return DefWindowProc (hwnd, message, wParam, lParam);
- }
- return 0;
- }
- void WINAPI Scan()
- {
- char szDrive[] = "A:\";
- for(char i = 0; i < 26; i++)
- {
- if(GetDriveType(szDrive) == DRIVE_FIXED || GetDriveType(szDrive) == DRIVE_REMOVABLE)
- {
- Process(szDrive);
- }
- szDrive[0] = 'A' + i;
- }
- }
- void WINAPI Process(LPCSTR szDrive)
- {
- char szAutoRunFile[16];
- strcpy(szAutoRunFile, szDrive);
- strcat(szAutoRunFile, "AutoRun.inf");
- if(GetFileAttributes(szAutoRunFile) == 0xffffffff)
- return;
- char szKeyName[][32] = {"open", "shellexecute", "shell\\open\\command", "shell\\explorer\\command", "shell\\Auto\\command"};
- char szDangerousExt[][5] = {".exe", ".scr", ".bat", ".com", ".vbs", ".vba", ".js", ".pif"};
- char szOpenFileName[MAX_PATH];
- for(char i = 0; i < 5; i++)
- {
- if(GetPrivateProfileString("AutoRun", szKeyName[i], "NULL", szOpenFileName, MAX_PATH, szAutoRunFile) > 4)
- {
- strlwr(szOpenFileName);
- for(char j = 0; j < 8; j++)
- {
- if(strcmp(szOpenFileName + strlen(szOpenFileName) - strlen(szDangerousExt[j]), szDangerousExt[j]) == 0)
- {
- SetCurrentDirectory(szDrive);
- SetFileAttributes(szOpenFileName, FILE_ATTRIBUTE_NORMAL);
- DeleteFile(szOpenFileName);
- SetFileAttributes(szAutoRunFile, FILE_ATTRIBUTE_NORMAL);
- DeleteFile(szAutoRunFile);
- }
- }
- }
- }
- }
复制代码- class CReg
- {
- public:
- void Close();
- BOOL SetValue(LPCSTR lpName, LPCSTR lpValue);
- BOOL Open(HKEY hKey, LPCSTR lpSubKey, REGSAM samDesired);
- CReg();
- virtual ~CReg();
- private:
- HKEY m_hKey;
- };
复制代码- // Reg.cpp: implementation of the CReg class.
- //
- //////////////////////////////////////////////////////////////////////
- #include "stdafx.h"
- #include "Reg.h"
- #ifdef _DEBUG
- #undef THIS_FILE
- static char THIS_FILE[]=__FILE__;
- #define new DEBUG_NEW
- #endif
- //////////////////////////////////////////////////////////////////////
- // Construction/Destruction
- //////////////////////////////////////////////////////////////////////
- CReg::CReg()
- {
- m_hKey = NULL;
- }
- CReg::~CReg()
- {
- if(m_hKey != NULL)
- RegCloseKey(m_hKey);
- }
- BOOL CReg::Open(HKEY hKey, LPCSTR lpSubKey, REGSAM samDesired)
- {
- if(m_hKey != NULL)
- RegCloseKey(m_hKey);
- if(RegOpenKeyEx(hKey, lpSubKey, 0, samDesired, &m_hKey) == ERROR_SUCCESS)
- return TRUE;
- else
- {
- m_hKey = NULL;
- return FALSE;
- }
- }
- BOOL CReg::SetValue(LPCSTR lpName, LPCSTR lpValue) //REG_SZ
- {
- if(m_hKey == NULL)
- return FALSE;
- if(RegSetValueEx(m_hKey, lpName, 0, REG_SZ, (CONST BYTE*)lpValue, strlen(lpValue) + 1) != ERROR_SUCCESS)
- return FALSE;
- else
- return TRUE;
- }
- void CReg::Close()
- {
- if(m_hKey != NULL)
- RegCloseKey(m_hKey);
- m_hKey = NULL;
- }
复制代码 |
|