Simple anti-USB virus (Cannot delete malformed folder)

A long fashion is the way to prevent users from deleting it.

A long time ago also use the method to prevent the U disk virus

As shown below

:

The principle of anti-U-disk virus is to create one such file on each disk

Let's take a few win APIs

DWORD WINAPI getlogicaldrivestrings (<span style= "White-space:pre" >  </span>//Get disk    _in_  DWORD  nbufferlength,    _out_ LPTSTR lpbuffer  );

<span style= "Color:rgb (69, 69, 69); font-family: ' Segoe UI ', ' Lucida Grande ', Verdana, Arial, Helvetica, Sans-serif; font-size:14px; line-height:20.0060005187988px; " >fills a buffer with strings so specify valid drives in the system.</span>

A second API

BOOL WINAPI createdirectory (    _in_     lpctstr               lppathname,    _in_opt_ lpsecurity_attributes lpSecurityAttributes  );  <span style= "Color:rgb (69, 69, 69); font-family: ' Segoe UI ', ' Lucida Grande ', Verdana, Arial, Helvetica, Sans-serif; font-size:14px; line-height:20.0060005187988px; " >creates a new directory. </span>

Here is the code

#include "stdafx.h"  #include <windows.h>    void Immuntiyautorun ()  {      //Create a folder that cannot be deleted      Char Szdriverstr[maxbyte] = {0};        DWORD Dwlen = Getlogicaldrivestringsa (Maxbyte, szdriverstr);        for (int i = 0; i < Dwlen; i+=4)      {          char szroot[4] = {}, Szpath[max_path] = {0};          strncpy_s (Szroot, &szdriverstr[i], 4);          strcpy_s (szpath, szroot);          strcat_s (szpath, "Autorun.inf");          if (! Createdirectorya (szpath, nullptr))              printf_s ("error:%d", GetLastError ());          strcat_s (szpath, "\\anti......\\");          if (! Createdirectorya (szpath, nullptr))              printf_s ("error:%d", GetLastError ());      }        }    int _tmain (int argc, _tchar* argv[])  {        immuntiyautorun ();      GetChar ();      return 0;  }

This creates a malformed folder with a trailing "..." under each of the disks.

But note that with the win API can remove him oh.

BOOL WINAPI removedirectory (    _in_ lpctstr lppathname  );

The above is a simple anti-U disk virus (deleted malformed folder) content, more relevant content please pay attention to topic.alibabacloud.com (www.php.cn)!

