#pragma comment(lib, "WinTrust.lib")
int main()
{
TCHAR szExe[MAX_PATH];
//_tprintf(_T("Please Type Exe File Path:/n"));
//_tscanf_s(_T("%ws"), szExe, MAX_PATH);
::GetModuleFileName(::AfxGetInstanceHandle(), (LPTSTR)szExe, MAX_PATH);
_tprintf(_T("Verifying %ws/n"), szExe);
GUID gd = WINTRUST_ACTION_GENERIC_VERIFY_V2;
WINTRUST_FILE_INFO FileData;
memset(&FileData, 0, sizeof(FileData));
FileData.cbStruct = sizeof(WINTRUST_FILE_INFO);
FileData.pcwszFilePath = (LPCTSTR)szExe;
FileData.hFile = NULL;
FileData.pgKnownSubject = NULL;
WINTRUST_DATA WinTrustData;
memset(&WinTrustData, 0, sizeof(WINTRUST_DATA));
WinTrustData.cbStruct = sizeof(WINTRUST_DATA);
WinTrustData.pPolicyCallbackData = NULL;
WinTrustData.pSIPClientData = NULL;
WinTrustData.dwUIChoice = WTD_UI_NONE;
WinTrustData.fdwRevocationChecks = WTD_REVOKE_NONE;
WinTrustData.dwUnionChoice = WTD_CHOICE_FILE;
WinTrustData.dwStateAction = 0;
WinTrustData.hWVTStateData = NULL;
WinTrustData.pwszURLReference = NULL;
WinTrustData.dwProvFlags = WTD_SAFER_FLAG;
WinTrustData.dwUIContext = 0;
WinTrustData.pFile = &FileData;
LONG lRst = WinVerifyTrust(NULL, &gd, &WinTrustData);
if (lRst == ERROR_SUCCESS)
{
_tprintf(_T("Verified Success!/n"));
}
else
{
_tprintf(_T("Verified Fail!Error Number:0x%08X/n"), lRst);
}
system("Pause");
}
其实是MSDN上面的一个代码,可以校验EXE自身是否有被修改过。可以放在完整软件的启动时执行,用以校验自身是否被病毒感染,是否被脱壳等。。。WinXP SP3+VS2008编译运行通过