Simple anti-U disk virus (malformed folder that cannot be deleted)

黄舟
Release: 2017-01-22 14:20:49
Original
2149 people have browsed it

很久的风行就是用的这种方法来防止用户删除它。

很久以前的一段时期也用次方法防U盘病毒

如下所示

:Simple anti-U disk virus (malformed folder that cannot be deleted)


防U盘病毒的原理就是在每个盘创建一个这样的文件

下面先接受几个win API

DWORD WINAPI GetLogicalDriveStrings( //获取磁盘 _In_ DWORD nBufferLength, _Out_ LPTSTR lpBuffer );
Copy after login
 Fills a buffer with strings that specify valid drives in the system.
Copy after login

第二个API

BOOL WINAPI CreateDirectory( _In_ LPCTSTR lpPathName, _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes );  Creates a new directory. 
Copy after login

下面是代码

#include "stdafx.h" #include  void ImmuntiyAutoRun() { //建立无法删除的文件夹 char szDriverStr[MAXBYTE] = { 0 }; DWORD dwLen = GetLogicalDriveStringsA(MAXBYTE, szDriverStr); for (int i = 0; i < dwLen; i+=4) { char szRoot[4] = {}, szPath[MAX_PATH] = { 0 }; strncpy_s(szRoot, &szDriverStr[i], 4); strcpy_s(szPath, szRoot); strcat_s(szPath, "autorun.inf"); if (!CreateDirectoryA(szPath, nullptr)) printf_s("Error:%d", GetLastError()); strcat_s(szPath, "\\anti......\\"); if (!CreateDirectoryA(szPath, nullptr)) printf_s("Error:%d", GetLastError()); } } int _tmain(int argc, _TCHAR* argv[]) { ImmuntiyAutoRun(); getchar(); return 0; }
Copy after login

这样就会在每一个盘下面创建一个尾部带"....."的畸形文件夹。


但注意的是,用win API 可以把他删除哦。

BOOL WINAPI RemoveDirectory( _In_ LPCTSTR lpPathName );
Copy after login

以上就是 简单的反U盘病毒(删除不了的畸形文件夹)的内容,更多相关内容请关注PHP中文网(m.sbmmt.com)!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!