一个简单AutoRun病毒专杀的源代码

#include <iostream.h>
#include <windows.h>

BOOL DELU()
{
        UINT        revtype;
        HANDLE        hFile;
        DWORD        dwread;
         int                j,n,q;
        BOOL        retu;
         char        buff[256];
         char        name[256] = "h:\\";
         char        sname[256] = "h:\\autorun.inf";
         for (BYTE i=0x41; i < 0x5b; i++)         //遍历所有盘符，从“A”到“Z”

        {
                name[0] = i;
                revtype = GetDriveType(name);         //取得盘符类型

                 if (DRIVE_REMOVABLE == revtype)         //如果是移动盘符

                {
                        sname[0] = name[0];                         //改变字符数组的第一个字母，也即盘符

                        SetFileAttributes(sname, FILE_ATTRIBUTE_NORMAL);         //设置autorun.inf文件属性为正常，方便删除

                        cout<< "找到移动设备，盘符为："<<name[0]<<endl;
                        hFile = CreateFile(sname,         //打开找到的autorun.inf文件

                                GENERIC_READ,    
                                FILE_SHARE_READ,    
                                NULL, OPEN_EXISTING,    
                                FILE_ATTRIBUTE_ARCHIVE,    
                                NULL);
                        ReadFile(hFile, &buff, strlen(buff), &dwread, NULL);         //读取autorun.inf文件的内容放到buff中

                        CloseHandle(hFile);
                        retu = DeleteFile(sname);
                         if (retu)
                        {
                                cout<< "autorun.inf文件已经删除成功！"<<endl;
                        }
                         for (j = 0; buff[j] >= 1 && buff[j] <= 122; j++)                 //截断放入到buff中的数据，得到inf文件内容

                        {

                         if (buff[j-3] == 'E' && buff[j-2] == 'X' && buff[j-1] == 'E')         //如果发现是EXE，就停下来，并且结束字符串

                                {
                                        buff[j] = 0x00;                 //0x00表示字符串结束标志

                                         break;
                                }
                        }
                        n = j;
                         while ((buff[n] != '=') && (n > 9))                 //从缓冲区后面开始找等号

                        {
                                n-=1;
                        }
                         for (j = n+1, q = 3; buff[j]; j++,q++)         //上面一个for和while实现了找出木马完整路径，下面的把该路径赋值给name数组

                        {
                                name[q] = buff[j];
                        }
                        name[q] = 0x00;
                        SetFileAttributes(name, FILE_ATTRIBUTE_NORMAL);
                        retu = FALSE;
                        retu = DeleteFile(name);
                         if (retu)
                        {
                                cout<<name<< "文件已经删除!"<<endl;
                        }
                        cout<< "扫描结束!"<<endl;

                }
        }
         return true;
}

int main()
{
        cout<< "U盘病毒专杀！"<<endl;
        cout<< "-------by wiliwiin"<<endl;
        BOOL Bret;
        Bret = DELU();
         return 0;
}