ေတြ႔တာနဲ႔ တင္လိုက္တယ္ေနာ္
တစ္ျခားဆိုဒ္ကေန ကိုယ့္ဆိုဒ္မွာလဲ ၀င္သံုးရင္းနဲ႔ အဆင္ေျပေအာင္လို႔
ဘယ္လိုမွ မထင္ၾကပါနဲ႔ဗ်ာ
[You must be registered and logged in to see this link.] ကေန တစ္ဆင့္ေဖာ္ျပလိုက္ပါတယ္
[You must be registered and logged in to see this link.]

Loikaw Virus Removal ကိုေရးထားတဲ့ VB Script ကေတာ့ ေအာက္ပါအတိုင္းျဖစ္ပါတယ္။
Team DVT ရဲ႕ Everstrike Software နဲ႕ pack လုပ္ထားပံုပါပဲ။
[You must be registered and logged in to see this image.]

Code:

' ----- ExeScript Options Begin -----
' ScriptType: window
' DestDirectory: temp
' Icon: C:\gear.ico
' OutputFile: C:\Documents and Settings\Server\Desktop\backuploikaw\Loikaw Virus Removal.exe
' Comments: Removal Tool Made By Nay Lin Han
' CompanyName: Myanmar Chat Online
' FileDescription: 1.0.0.1
' LegalCopyright: [You must be registered and logged in to see this link.]
' ProductName: 1.0.0.1
' ----- ExeScript Options End -----
dim objFSO
Set oShell = CreateObject("Wscript.Shell")
strUserName = oShell.ExpandEnvironmentStrings("%UserName%")
strWinDir = oShell.ExpandEnvironmentStrings("%SYSTEMROOT%")
strWinDiv = oShell.ExpandEnvironmentStrings("%SYSTEMDRIVE%")
strTemp = oShell.ExpandEnvironmentStrings("%TEMP%")

Set objFSO = CreateObject("Scripting.FileSystemObject")

oShell.run "REG Delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /f",0,true
oShell.run "taskkill /F /IM Iexplorer.exe",0,true


Function KillProcess(strProcessName)
    Dim oProcess
    KillProcess = False
    For Each oProcess in GetObject("winmgmts:").InstancesOf("Win32_Process")
        If InStr(UCase(strProcessName), UCase(oProcess.Name)) <> 0 Then
            oProcess.Terminate()
            KillProcess = True
            Exit Function
        End If
    Next
End Function

KillProcess("extramain.exe")
KillProcess(strUserName & ".exe")
KillProcess("Loikaw.exe")
KillProcess("control.exe")



If objFSO.FileExists( strWinDir & "\system32\extramain.exe") Then
    Set Virus1 = objFSO.GetFile( strWinDir & "\system32\extramain.exe")
        If Virus1.Attributes = Virus1.Attributes AND 4 Then
            Virus1.Attributes = Virus1.Attributes - 4 -2 -1
        End If
    objFSO.DeleteFile( strWinDir & "\system32\extramain.exe")
End If

If objFSO.FileExists( strWinDir & "\" & strUserName & ".exe") Then
    Set Virus2 = objFSO.GetFile( strWinDir & "\" & strUserName & ".exe")
        If Virus2.Attributes = Virus2.Attributes AND 4 Then
            Virus2.Attributes = Virus2.Attributes - 4 -2 -1
        End If
    objFSO.DeleteFile( strWinDir & "\" & strUserName & ".exe")
End If

If objFSO.FileExists( strWinDir & "\system32\Iexplorer.exe") Then
    Set Virus3 = objFSO.GetFile( strWinDir & "\system32\Iexplorer.exe")
        If Virus3.Attributes = Virus3.Attributes AND 4 Then
            Virus3.Attributes = Virus3.Attributes - 4 -2 -1
        End If

    objFSO.DeleteFile( strWinDir & "\system32\Iexplorer.exe")
End If

If objFSO.FileExists( strWinDiv & "\Documents and Settings\" & StrUserName & "\Application Data\control.exe") Then
    Set Virus4 = objFSO.GetFile( strWinDiv & "\Documents and Settings\" & StrUserName & "\Application Data\control.exe")
        If Virus4.Attributes = Virus4.Attributes AND 4 Then
            Virus4.Attributes = Virus4.Attributes - 4 -2 -1
        End If

    objFSO.DeleteFile( strWinDiv & "\Documents and Settings\" & StrUserName & "\Application Data\control.exe")
End If

If objFSO.FileExists( strWinDir & "\Loikaw.exe") Then
    Set Virus5 = objFSO.GetFile( strWinDir & "\Loikaw.exe")
        If Virus5.Attributes = Virus5.Attributes AND 1 Then
            Virus5.Attributes = Virus5.Attributes -1
        End If

    objFSO.DeleteFile( strWinDir & "\Loikaw.exe")
End If


If objFSO.FileExists( strWinDiv & "\Documents and Settings\" & StrUserName & "\Desktop\Virus Information.txt") Then
    objFSO.DeleteFile( strWinDiv & "\Documents and Settings\" & StrUserName & "\Desktop\Virus Information.txt")
End If

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

Set colDiskDrives = objWMIService.ExecQuery("SELECT * FROM Win32_DiskDrive WHERE InterfaceType = 'USB'")
 
For Each objDrive In colDiskDrives

    strDeviceID = Replace(objDrive.DeviceID, "\", "\\")
    Set colPartitions = objWMIService.ExecQuery ("ASSOCIATORS OF {Win32_DiskDrive.DeviceID=""" & strDeviceID & """} WHERE AssocClass = " & "Win32_DiskDriveToDiskPartition")
 
    For Each objPartition In colPartitions

        Set colLogicalDisks = objWMIService.ExecQuery("ASSOCIATORS OF {Win32_DiskPartition.DeviceID=""" & objPartition.DeviceID & """} WHERE AssocClass = " & "Win32_LogicalDiskToPartition")
 
        For Each objLogicalDisk In colLogicalDisks
            TargetPath = objLogicalDisk.DeviceID

        If objFSO.FileExists( TargetPath & "\autorun.inf") Then
            Set aut = objFSO.GetFile( TargetPath & "\autorun.inf")
        If aut.Attributes = aut.Attributes AND 4 Then
            aut.Attributes = aut.Attributes -4 -2 -1
        End If
            objFSO.DeleteFile( TargetPath & "\autorun.inf")
        End If

        If objFSO.FileExists( TargetPath & "\For You.exe") Then
            Set vis1 = objFSO.GetFile( TargetPath & "\For You.exe")
        If vis1.Attributes = vis1.Attributes AND 1 Then
            vis1.Attributes = vis1.Attributes -4 -2 -1
        End If
            objFSO.DeleteFile( TargetPath & "\For You.exe")
        End If


        If objFSO.FileExists( TargetPath & "\Loikawhacking.day.com") Then
            Set lkhkd = objFSO.GetFile( TargetPath & "\Loikawhacking.day.com")
        If lkhkd.Attributes = lkhkd.Attributes AND 4 Then
            lkhkd.Attributes = lkhkd.Attributes -4 -2 -1
        End If
            objFSO.DeleteFile( TargetPath & "\Loikawhacking.day.com")
        End If
 
        Next
    Next


Next

Set colDiskDrives = objWMIService.ExecQuery("SELECT * FROM Win32_DiskDrive WHERE InterfaceType = 'IDE'")
 
For Each objDrive In colDiskDrives

    strDeviceID = Replace(objDrive.DeviceID, "\", "\\")
    Set colPartitions = objWMIService.ExecQuery ("ASSOCIATORS OF {Win32_DiskDrive.DeviceID=""" & strDeviceID & """} WHERE AssocClass = " & "Win32_DiskDriveToDiskPartition")
 
    For Each objPartition In colPartitions

        Set colLogicalDisks = objWMIService.ExecQuery("ASSOCIATORS OF {Win32_DiskPartition.DeviceID=""" & objPartition.DeviceID & """} WHERE AssocClass = " & "Win32_LogicalDiskToPartition")
 
        For Each objLogicalDisk In colLogicalDisks
            TargetPath = objLogicalDisk.DeviceID

        If objFSO.FileExists( TargetPath & "\autorun.inf") Then
            Set aut = objFSO.GetFile( TargetPath & "\autorun.inf")
        If aut.Attributes = aut.Attributes AND 4 Then
            aut.Attributes = aut.Attributes -4 -2 -1
        End If
            objFSO.DeleteFile( TargetPath & "\autorun.inf")
        End If

        If objFSO.FileExists( TargetPath & "\Temp.pif") Then
            Set tmp = objFSO.GetFile( TargetPath & "\Temp.pif")
        If tmp.Attributes = tmp.Attributes AND 4 Then
            tmp.Attributes = tmp.Attributes -4 -2 -1
        End If
            objFSO.DeleteFile( TargetPath & "\Temp.pif")
        End If

        Next
    Next


Next

Set colDiskDrives = objWMIService.ExecQuery("SELECT * FROM Win32_DiskDrive WHERE InterfaceType = 'SATA'")
 
For Each objDrive In colDiskDrives

    strDeviceID = Replace(objDrive.DeviceID, "\", "\\")
    Set colPartitions = objWMIService.ExecQuery ("ASSOCIATORS OF {Win32_DiskDrive.DeviceID=""" & strDeviceID & """} WHERE AssocClass = " & "Win32_DiskDriveToDiskPartition")
 
    For Each objPartition In colPartitions

        Set colLogicalDisks = objWMIService.ExecQuery("ASSOCIATORS OF {Win32_DiskPartition.DeviceID=""" & objPartition.DeviceID & """} WHERE AssocClass = " & "Win32_LogicalDiskToPartition")
 
        For Each objLogicalDisk In colLogicalDisks
            TargetPath = objLogicalDisk.DeviceID

        If objFSO.FileExists( TargetPath & "\autorun.inf") Then
            Set aut = objFSO.GetFile( TargetPath & "\autorun.inf")
        If aut.Attributes = aut.Attributes AND 4 Then
            aut.Attributes = aut.Attributes -4 -2 -1
        End If
            objFSO.DeleteFile( TargetPath & "\autorun.inf")
        End If

        If objFSO.FileExists( TargetPath & "\Temp.pif") Then
            Set tmp = objFSO.GetFile( TargetPath & "\Temp.pif")
        If tmp.Attributes = tmp.Attributes AND 4 Then
            tmp.Attributes = tmp.Attributes -4 -2 -1
        End If
            objFSO.DeleteFile( TargetPath & "\Temp.pif")
        End If

        Next
    Next


Next

Dim WshShell
Set WshShell = WScript.CreateObject("WScript.Shell")
On Error Resume Next
WshShell.RegDelete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\DisableRegistryTools"
On Error Resume Next
WshShell.RegDelete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\DisableTaskMgr"
On Error Resume Next
WshShell.RegDelete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun"
On Error Resume Next
WshShell.RegDelete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions"
On Error Resume Next
WshShell.RegDelete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\system\DisableRegistryTools"
On Error Resume Next
WshShell.RegDelete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\system\DisableTaskMgr"
On Error Resume Next
WshShell.RegDelete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun"
On Error Resume Next
WshShell.RegDelete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions"
On Error Resume Next
WshShell.RegDelete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ * "
On Error Resume Next
WshShell.RegDelete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Load"
On Error Resume Next
WshShell.RegWrite "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit", "C:\WINDOWS\system32\userinit.exe,", "REG_SZ"
On Error Resume Next
WshShell.RegWrite "HKCR\.bat\", "batfile", "REG_SZ"
On Error Resume Next
WshShell.RegWrite "HKCR\.cmd\", "cmdfile", "REG_SZ"
On Error Resume Next
WshShell.RegWrite "HKCR\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\DefaultIcon\", "%SystemRoot%\Explorer.exe,0", "REG_EXPAND_SZ"
On Error Resume Next

Wscript.Echo "" & vbCrLf & "Loikaw.exe Virus Successfully Removed !!" & vbCrLf & "Restart Your Computer."  & vbCrLf & ""  & vbCrLf & "Removal Tool Made By :" & vbCrLf & "[You must be registered and logged in to see this link.] & vbCrLf & "Thank You."

အင္း .. loikaw Virus ဆိုမွ .. က်ေနာ့္ဆီမွာ ရွိတာေလး ျပန္ရွဲလိုက္ပါတယ္ဗ်ာ .. MZ ကပါ .. MZ AIO လို႔ေခၚပါတယ္ ...

တျခား Virus removal ေတြလည္း ပါ ပါတယ္ .. အားလံုးပဲ စမ္းၾကည့္ၾကပါ ...


MZ AIO

[You must be registered and logged in to see this link.]


credits: MZ

၀ိုး.... Good တယ္

ကို rhythm ကေတာ့ Crack မယ္ဆုိတာခ်ည္းဘဲေနာ္...

က်ေနာ္တုိ႔ကို လည္း Cracker Guide အၿပင္ တၿခား TuT ေလးေတြ ၿမန္မာလုိေရးၿပီး ဒီဖိုရမ္မွာ တင္ေပးပါဦးဗ်ာ.. ဖတ္ခ်င္လြန္းလို႔ပါ...
________________________

MZ AIO မွာ Virus ဆန္ဆန္ Code တခ်ိဳ႕ပါေၾကာင္း သတိေပးလုိပါတယ္။
သူမ်ား AIO ကို နာမည္ဖ်က္တာမဟုတ္ဘူးေနာ္...

MZ AIO မွာ Virus ဆန္ဆန္ Code တခ်ိဳ႕ပါေၾကာင္း သတိေပးလုိပါတယ္။

ဘာစာေၾကာင္းေလးေတြလဲဟင္

သိခ်င္တယ္

သိခ်င္ရင္ ေလ့လာပါ....
စတာပါ...

သံုးၾကည့္လိုက္ပါ...
အေပၚက Code ကို မၾကည့္ပါနဲ႔ဦး
သံုးလိုက္ရင္သိသြားမွာပါ...

"အရမ္းခ်စ္တယ္ Virus " ကို သတ္လို႔ရေအာင္ လုပ္တဲ့ Removal နဲ႔ သက္ဆုိင္ပါတယ္။

Opera wrote:
"အရမ္းခ်စ္တယ္ Virus " ကို သတ္လို႔ရေအာင္ လုပ္တဲ့ Removal နဲ႔ သက္ဆုိင္ပါတယ္။

ဟုတ္ပါတယ္ .. အဲဒီ removal ကို virus အေနနဲ႔ပဲ ျပန္လုပ္ထားတာပါ .. ဒါေၾကာင့္ မိတ္ေဆြတို႔ ကြန္ပ်ဴတာမွာ ဆို Virus Detect လုပ္ပါလိမ့္မယ္ .. ေက်းဇူးတင္ပါတယ္ ..

AIO ဆိုေတာ့ အသံုး၀င္မယ္ထင္လို႔ တင္ေပးထားျခင္းျဖစ္ပါတယ္ ..