VX Heaven

Source code of computer viruses

PRC-KO.XP - Virus for Windows by Deroko

Virus for Windows

Author's comments

prc-ko is infector for XP only using NaTive NT apis via sysenter... infects exe files in current directory, proof of concept that this can be done prc-ko :) Writen for issue #2 of phearless zine... This is possible to modify to infect files in other dirs (sub, dot/dot) but it is a lot of debuging and experimenting and other shit for nothing... Use kernel32.dll -> portable and easy, NaTive APIs -> hard to understand, very complicated, undocumented etc... but luckily we have win2k src :))) from 1989?!?!? Now I know why it has so many buffer overflows in it....

