search

Home  >  Article  >  Backend Development  >  Simple anti-U disk virus (malformed folder that cannot be deleted)

Simple anti-U disk virus (malformed folder that cannot be deleted)

黄舟
黄舟Original
2017-01-22 14:20:492236browse

很久的风行就是用的这种方法来防止用户删除它。

很久以前的一段时期也用次方法防U盘病毒

如下所示

:Simple anti-U disk virus (malformed folder that cannot be deleted)


防U盘病毒的原理就是在每个盘创建一个这样的文件

下面先接受几个win API

DWORD WINAPI GetLogicalDriveStrings(<span style="white-space:pre">  </span>//获取磁盘  
  _In_  DWORD  nBufferLength,  
  _Out_ LPTSTR lpBuffer  );
<span style="color: rgb(69, 69, 69); font-family: &#39;Segoe UI&#39;, &#39;Lucida Grande&#39;, 
Verdana, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 20.0060005187988px;">
Fills a buffer with strings that specify valid drives in the system.</span>

第二个API

BOOL WINAPI CreateDirectory(  
  _In_     LPCTSTR               lpPathName,  
  _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes  
);  
<span style="color: rgb(69, 69, 69); font-family: &#39;Segoe UI&#39;, &#39;Lucida Grande&#39;, 
Verdana, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 20.0060005187988px;">
Creates a new directory. </span>

下面是代码

#include "stdafx.h"  
#include <windows.h>  
  
void ImmuntiyAutoRun()  
{  
    //建立无法删除的文件夹  
    char szDriverStr[MAXBYTE] = { 0 };  
  
    DWORD dwLen = GetLogicalDriveStringsA(MAXBYTE, szDriverStr);  
  
    for (int i = 0; i < dwLen; i+=4)  
    {  
        char szRoot[4] = {}, szPath[MAX_PATH] = { 0 };  
        strncpy_s(szRoot, &szDriverStr[i], 4);  
        strcpy_s(szPath, szRoot);  
        strcat_s(szPath, "autorun.inf");  
        if (!CreateDirectoryA(szPath, nullptr))  
            printf_s("Error:%d", GetLastError());  
        strcat_s(szPath, "\\anti......\\");  
        if (!CreateDirectoryA(szPath, nullptr))  
            printf_s("Error:%d", GetLastError());  
    }  
      
}  
  
int _tmain(int argc, _TCHAR* argv[])  
{  
  
    ImmuntiyAutoRun();  
    getchar();  
    return 0;  
}

这样就会在每一个盘下面创建一个尾部带"....."的畸形文件夹。


但注意的是,用win API 可以把他删除哦。

BOOL WINAPI RemoveDirectory(  
  _In_ LPCTSTR lpPathName  
);

以上就是 简单的反U盘病毒(删除不了的畸形文件夹)的内容,更多相关内容请关注PHP中文网(www.php.cn)!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:The simplest simulated U disk virus (Autorun.inf)Next article:The simplest simulated U disk virus (Autorun.inf)

Related articles

See more