为什么像我这样的简单旧程序多年来一直存在,有时会引发我的反病毒?它拿起了这个编译过的exe,并说它可能是gen / dropper或类似的东西。
以下是代码:
#include "c:\\dxsdk\\include\\d3d9.h"
#include "c:\\dxsdk\\include\\d3dx9.h"
#include <time.h>
#include <sstream>
using namespace std;
#define APPTITLE "DirectX Practice"
LRESULT CALLBACK WinProc(HWND,UINT,WPARAM,LPARAM);
int Initialize(HWND);
void OnCleanup(HWND);
void OnInterval(HWND);
BOOL KEY_DOWN(UINT);
BOOL KEY_UP(UINT);
LPDIRECT3D9 d3d = NULL;
LPDIRECT3DDEVICE9 d3ddev = NULL;
LPDIRECT3DSURFACE9 backBuffer = NULL;
LPDIRECT3DSURFACE9 surface = NULL;
UINT Screen_Width = 0;
UINT Screen_Height = 0;
int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow)
{
//
MSG msg;
////////////
Screen_Width = 1280;//GetSystemMetrics(SM_CXFULLSCREEN);
Screen_Height= 800;//GetSystemMetrics(SM_CYFULLSCREEN);
// can't use the real rez if it isn't standard
if( Screen_Width==0 || Screen_Height==0 ){
MessageBox(
NULL,
"Could not detect native screen resolution. Using Default.",
"Error",
MB_ICONERROR|MB_SYSTEMMODAL);
Screen_Width = 800;
Screen_Height = 600;
}
WNDCLASSEX wc;
wc.cbSize = sizeof(WNDCLASSEX);
wc.style = CS_HREDRAW|CS_VREDRAW;
wc.lpfnWndProc = (WNDPROC)WinProc;
wc.cbClsExtra = 0;
wc.cbWndExtra = 0;
wc.hInstance = hInstance;
wc.hIcon = NULL;
wc.hCursor = LoadCursor(NULL,IDC_ARROW);
wc.hbrBackground = (HBRUSH)GetSysColorBrush(COLOR_BTNFACE);
wc.lpszMenuName = NULL;
wc.lpszClassName = APPTITLE;
wc.hIconSm = NULL;
if(!RegisterClassEx(&wc))
return FALSE;
HWND hwnd;
hwnd = CreateWindow(
APPTITLE,
APPTITLE,
WS_EX_TOPMOST|WS_VISIBLE|WS_POPUP,
CW_USEDEFAULT,
CW_USEDEFAULT,
Screen_Width,
Screen_Height,
NULL,
NULL,
hInstance,
NULL);
if(!hwnd)
return FALSE;
ShowWindow(hwnd,SW_SHOW/*nCmdShow*/);
UpdateWindow(hwnd);
if(!Initialize(hwnd))
return FALSE;
int done = 0;
while( !done )
{
if(PeekMessage(&msg,NULL,0,0,PM_REMOVE))
{
if(msg.message==WM_QUIT)
{
MessageBox(hwnd,"Exiting","Notice",MB_OK|MB_SYSTEMMODAL);
done = 1;
}
TranslateMessage(&msg);
DispatchMessage(&msg);
}else{
OnInterval(hwnd);
}
}
return msg.wParam;
}
LRESULT CALLBACK WinProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
switch(msg)
{
case WM_DESTROY:
OnCleanup(hwnd);
PostQuitMessage(0);
return 0;
default:
return DefWindowProc(hwnd,msg,wParam,lParam);
}
return 0;
}
int Initialize(HWND hwnd)
{
d3d = Direct3DCreate9(D3D_SDK_VERSION);
if(d3d == NULL){
MessageBox(hwnd,"Could not initialize Direct3D 9","Error",MB_ICONERROR|MB_SYSTEMMODAL);
return 0;
}
D3DPRESENT_PARAMETERS dp;
ZeroMemory(&dp,sizeof(dp));
dp.Windowed = FALSE;
dp.SwapEffect = D3DSWAPEFFECT_DISCARD;
dp.BackBufferFormat = D3DFMT_X8R8G8B8;
dp.BackBufferCount = 1;
dp.BackBufferWidth = Screen_Width;
dp.BackBufferHeight = Screen_Height;
dp.hDeviceWindow = hwnd;
d3d->CreateDevice(
D3DADAPTER_DEFAULT,
D3DDEVTYPE_HAL,
hwnd,
D3DCREATE_SOFTWARE_VERTEXPROCESSING,
&dp,
&d3ddev);
if(d3ddev == NULL){
MessageBox(hwnd,"Could not create Direct3D 9 device","Error",MB_ICONERROR|MB_SYSTEMMODAL);
return 0;
}
srand(time(NULL));
d3ddev->Clear(0,NULL,D3DCLEAR_TARGET,D3DCOLOR_XRGB(0,0,0),1.0f,0);
d3ddev->GetBackBuffer(0,0,D3DBACKBUFFER_TYPE_MONO,&backBuffer);
if(d3ddev->CreateOffscreenPlainSurface(
1294,614,
D3DFMT_X8R8G8B8,
D3DPOOL_DEFAULT,
&surface,
NULL) != D3D_OK )
{
MessageBox(hwnd,"Could not create off-screen data surface","Error",MB_ICONERROR|MB_SYSTEMMODAL);
return 0;
}
if(D3DXLoadSurfaceFromFile(
surface,
NULL,
NULL,
"green.jpg",
NULL,
D3DX_DEFAULT,
0,
NULL) != D3D_OK )
{
MessageBox(hwnd,"Could not load image","Error",0);
return 0;
}
return 1;
}
void OnCleanup(HWND hwnd)
{
MessageBox(hwnd,"exiting","bye",MB_ICONERROR|MB_SYSTEMMODAL);
if( surface!=NULL )
{
surface->Release();
}
if(d3ddev!=NULL)
{
d3ddev->Release();
}
if(d3d!=NULL)
{
d3d->Release();
}
}
void OnInterval(HWND hwnd)
{
/*RECT rect;
int r;
int g;
int b;
*/
if( KEY_DOWN(VK_ESCAPE) )
PostMessage(hwnd,WM_QUIT,0,0);
if(d3ddev == NULL)
return;
d3ddev->Clear(0,NULL,D3DCLEAR_TARGET,D3DCOLOR_XRGB(0,0,0),1.0f,0);
if(d3ddev->BeginScene())
{
/*r = rand()%255;
g = rand()%255;
b = rand()%255;
d3ddev->ColorFill(surface,NULL,D3DCOLOR_XRGB(r,g,b));
rect.left = rand()%Screen_Width/2;
rect.top = rand()%Screen_Height/2;
rect.right = rect.left + rand()%Screen_Width/2;
rect.bottom = rect.top + rand()%Screen_Height/2;
*/
// blit surface's contents to the screen into the
// target rect area
d3ddev->StretchRect(surface,NULL,backBuffer,&rect,D3DTEXF_NONE);
d3ddev->EndScene();
}
d3ddev->Present(NULL,NULL,NULL,NULL);
}
BOOL KEY_DOWN(UINT key)
{
return (BOOL)(GetAsyncKeyState(key) & 0x8000);
}
BOOL KEY_UP(UINT key)
{
return !((BOOL)(GetAsyncKeyState(key) & 0x8000));
}
什么是启动病毒扫描程序,更准确地说,我该怎么做才能避免这种情况?
答案 0 :(得分:0)
检查重新编译时会发生什么。如果问题不存在,则可能是某些其他进程正在篡改您的可执行文件。检查为什么virri扫描程序与文件中的模式匹配,以及编译器是否真正创建了该代码(通过转储编译器的中间汇编程序)
希望有所帮助
答案 1 :(得分:0)
我认为这是一种趋势。防病毒软件只能检测到这么多病毒。因此,他们开始检测到大量的误报,以提醒用户防病毒软件有多好以及他的计算机是多么幸运受到保护。
我也经常遇到这个问题。一些用户开始抱怨使用防病毒软件进行误报,我提交报告,发布修正假阳性的更新,并在一个月内回复误报。
最佳解决方案是数字签名。数字签名文件可以保证它来自受信任的来源,因此大多数防病毒应用程序都不会将其报告为问题。缺点是您必须购买代码签名证书。