The principle of the U disk virus is mainly the autorun.inf file
autorun.inf is one of the more common files in our computer use. Its function is to allow a specified file to be automatically run when the disk is double-clicked. However, in recent years, the use of autorun.inf files to spread Trojan horses or viruses has appeared. It allows the target program to execute through the user's misoperation and achieves the purpose of invading the computer, which has brought great negative effects.
Today I will teach you how to make an immune device with MFC
Interface:
There is a combo box control, add a variable to it
CComboBox m_CbDrive;
two variables
wchar_t *AUTORUN =L"antorun.inf";
wchar_t *IMMUNITY= L"\\Immunity...\\";
Initialize the combo box control function:
void CImmunityUDlg::InitComboDrive()
{
TCHAR szDriveStr[MAXBYTE] = {
0 };
TCHAR* pTmp = NULL;
SetDlgItemText(IDC_COMBO_DRIVE,L"请选择免疫的磁盘盘符");
GetLogicalDriveStrings(MAXBYTE,szDriveStr);
pTmp = szDriveStr;
while (*pTmp)
{
m_CbDrive.AddString(pTmp);
pTmp += 4;
}
}
Called in OnInitDialog().
The processing event of the immune button:
void CImmunityUDlg::OnBtnImmunity()
{
TCHAR szPath[MAX_PATH] = {
0 };
GetDlgItemText(IDC_COMBO_DRIVE, szPath,MAX_PATH);
wcscat(szPath, AUTORUN);
BOOL bRet = CreateDirectory(szPath, NULL);
if (!bRet)
{
AfxMessageBox(_T("无法免疫该盘符!可能已经免疫,或者该盘符为不可读写状态!"));
return;
}
wcscat(szPath, IMMUNITY);
bRet= CreateDirectory(szPath, NULL);
if (!bRet)
{
AfxMessageBox(_T("无法免疫该盘符!可能已经免疫,或者该盘符为不可读写状态!"));
}
}
Handle the event of the cancel immunization button:
void CImmunityUDlg::OnBtnCancel()
{
TCHAR szPath[MAX_PATH] = {
0 };
GetDlgItemText(IDC_COMBO_DRIVE, szPath, MAX_PATH);
wcscat(szPath, AUTORUN);
wcscat(szPath, IMMUNITY);
RemoveDirectory(szPath);
ZeroMemory(szPath, MAX_PATH);
GetDlgItemText(IDC_COMBO_DRIVE, szPath, MAX_PATH);
wcscat(szPath, AUTORUN);
wcscat(szPath, IMMUNITY);
}
Everything is done, let the program run, put this program on the desktop
Click the immune button: a folder will be generated on the desktop Click
in:
delete autorun.inf Try:
OK, this project is complete