Author Topic: This is a prize jewel plugin of mine..enjoy. Edge, ARt, ull love this  (Read 3598 times)

cyberjedi

  • Hero Member
  • *****
  • Posts: 810
  • The Mighty Hal Machine
    • View Profile
'This park's Hal into a world of his own. Hal with some kinda anti virus of his own.
' As far as plugins go, This is a heavy weight contender. 
' The guts to this is based on the IloveyouVirus using MAPI functions (outlook)
' Hostile code, Re-Task and put to good use, Hostile code To Fight hostile code.................gotta love it
' This plugin will Scan Outlook Inbox for messages infected with the
' W32.Swen virus. The plugin detects infected messages, logs the
' number of various types found, and deletes the infected messages. (How about that!!!! Deletes the little fcker)
' I tested this against all known Variants(Scan Strings), Flawless victory.
' You must have Outlook installed or your gonna sling and Error (wheresurshiiiiit error)
' I have worked long and hard on this 1
' Only edit this if u have some understanding of what is happening here.
' I Narrated this for that very reason. This is strictly High End Hal
' SIRI and Cortana, kiss both sides of my ass. Beat this. Zabaware Rules
' Anti virus for Hal, gotta be ah first.
' Only from the mind of cyberjedi
' enjoy  P.S  W32.Swen #1 bug for outlook.. so thi is actually something ull NEEd if u have Office installed, and yes most all anti -virus catches them too. .But this is just too cool not to share.

'Rem Type=Plugin
'Rem Name=antivirus
'Rem Author=cyberjedi and the creator of the IloveYouVirus
'Rem Host=Assistant

'----------------------
'This sub sets up the plug-in's option panel in Hal's options dialog
'----------------------
'Sub OptionsPanel()
 '   lblPlugin(0).Caption = "This plugin allows Hal to scan for the virus W32Swen"
  '  lblPlugin(0).Move 130, 180, 3400, 1200
   ' lblPlugin(0).WordWrap = True
    'lblPlugin(0).Visible = True
   
'Rem PLUGIN: PRE-PROCESS
    'The preceding comment is actually a plug-in directive for
    'the Ultra Hal host application. It allows for code snippets
    'to be inserted here on-the-fly based on user configuration.

 
HalBrain.ReadOnlyMode = False
Determines that you are talking about Anti-Virus
GetW = HalBrain.TopicSearch(UserName, "Antivirus")
If InStr(1,OriginalSentence, "viruscheck",1) And Len(GetW) > 2 Then        'Edge , change trigger to what you want..... better yet , go over it for any changes u think might be better.
GetResponse = Getantivirus(UserName)
ElseIf InStr(1,OriginalSentence, "viruscheck",1) And Len(GetW) < 2 Then
End If

'Rem PLUGIN: FUNCTIONS
'Function Getantivirus(UserName)
Option Explicit

' Declare variables.
Dim objOutlook, objNamespace, objFSO, objLogFile, lngInfected
Dim lngTotal, lng2k, lng13k, lng64k, lng73k, lng117k, lng145k, lng158k
Dim strScriptPath, strScriptName, strScriptFolder, objFolder
Dim objItem, j, k, intAttach, lngCount, strLogFile
Dim strBody, strHTMLBody, lngSize, blnInfected
Dim blnExe, blnGif, blnPatch, blnBodyIframe, blnHTMLIframe
Dim intF11, intF12, intF13, intF14, intF15, intF16
Dim intF21, intF22, intF23, intF24, intF25, intF26

' Define strings to search for in messages. this is where we can get real Crafty...
' You can add more filter loop's as desired, Ie Const.
Const strFilter1 = "customers should install the patch"
Const strFilter2 = "run attached file."
Const strFilter3 = "<iframe src=""cid:"
Const strFilter4 = "<iframe src=3d""cid:"
Const strFilter5 = "<img src=3d""cid:"
Const strFilter6 = "<img src=""cid:"

' Determine local path.
strScriptPath = Wscript.ScriptFullName
strScriptName = Wscript.ScriptName
strScriptFolder = Left(strScriptPath, Len(strScriptPath) _
    - Len(strScriptName) - 1)

' Log file name.
strLogFile = strScriptFolder & "\ScanSwen_" _
    & Right("0" & Month(Now), 2) & Right("0" & Day(Now), 2) & ".log"

' Setup log file.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objLogFile = objFSO.OpenTextFile(strLogFile, 8, True, 0)
objLogFile.WriteLine Now & " - Swen Virus Scan"
Wscript.Echo "Scanning for Swen virus ..."

' Retrieve Outlook Inbox folder.
Set objOutlook = CreateObject("Outlook.Application")    ' This is where ull sling an ActiverX error if outlook is not installed
Set objNamespace = objOutlook.GetNamespace("MAPI") ' Remember those MAPI function's. Here u go
Set objFolder = objNameSpace.GetDefaultFolder(6)

' Initialize counters.
lngTotal = 0
lng2k = 0 'From here down is what were looking for.
lng13k = 0
lng64k = 0
lng73k = 0   'These are the diff strains
lng117k = 0
lng145k = 0
lng158k = 0 'From here up is what were looking for
lngInfected = 0

'  This is where we Hook Outlook Inbox
lngCount = objFolder.Items.Count
For k = lngCount To 1 Step - 1
    Set objItem = objFolder.Items(k) ' this is where we start byte Size in .Gif and .Exe's---- K is variable for that counter
    lngTotal = lngTotal + 1
    blnInfected = False
    blnExe = False
    blnGif = False
    blnPatch = False
    blnBodyIframe = False
    blnHTMLIframe = False
    intAttach = objItem.Attachments.Count
    For j = 1 to intAttach
        If (InStr(UCase(objItem.Attachments.Item(j).FileName), _
                ".EXE") > 0) Then
            blnExe = True
        End If
        If (InStr(UCase(objItem.Attachments.Item(j).FileName), _
                ".GIF") > 0) Then
            blnGif = True
        End If
    Next
    strBody = LCase(objItem.Body)
    On Error Resume Next
    strHTMLBody = LCase(objItem.HTMLBody)
    If (Err.Number <> 0) Then
        Err.Clear
        strHTMLBody = ""
    End If
    On Error GoTo 0
    intF11 = InStr(strBody, strFilter1)
    intF12 = InStr(strBody, strFilter2)
    intF13 = InStr(strBody, strFilter3)
    intF14 = InStr(strBody, strFilter4)
    intF15 = InStr(strBody, strFilter5)
    intF16 = InStr(strBody, strFilter6)
    intF21 = InStr(strHTMLBody, strFilter1)
    intF22 = InStr(strHTMLBody, strFilter2)
    intF23 = InStr(strHTMLBody, strFilter3)
    intF24 = InStr(strHTMLBody, strFilter4)
    intF25 = InStr(strHTMLBody, strFilter5)
    intF26 = InStr(strHTMLBody, strFilter6)
    If ((intF11 > 0) And (intF12 > 0)) _
           Or ((intF21 > 0) And (intF22 > 0)) Then
        blnPatch = True
    End If
    If (intF13 > 0) Or (intF14 > 0) Or (intF15 > 0) Or (intF16 > 0) Then
        blnBodyIframe = True
    End If
    If (intF23 > 0) Or (intF24 > 0) Or (intF25 > 0) Or (intF26 > 0) Then
        blnHTMLIframe = True
    End If
    lngSize = objItem.Size
    If (lngSize > 2000) And (lngSize < 24100) Then   'This routine is what catches the bugs by ID
        If (intAttach = 0) And (blnHTMLIframe = True) Then
            blnInfected = True
            lng2k = lng2k + 1
            objLogFile.WriteLine "2" & ";" & objItem.ReceivedTime
        End If
    End If
    If (lngSize > 11000) And (lngSize < 16000) Then
        If (intAttach = 3) And (blnExe = True) And (blnGif = True) Then
            If (blnPatch = True) And (blnHTMLIframe = True) Then
                blnInfected = True
                lng13k = lng13k + 1
                objLogFile.WriteLine "13" & ";" & objItem.ReceivedTime
            End If
        End If
    End If
    If (lngSize > 64000) And (lngSize < 70000) Then
        If (intAttach = 3) And (blnExe = True) And (blnGif = True) Then
            If (blnPatch = True) And (blnHTMLIframe = True) Then
                blnInfected = True
                lng64k = lng64k + 1
                objLogFile.WriteLine "64" & ";" & objItem.ReceivedTime
            End If
        End If
    End If
    If (lngSize > 74000) And (lngSize < 89000) Then
        If (intAttach = 0) And (blnBodyIframe = True) Then
            blnInfected = True
            lng73k = lng73k + 1
            objLogFile.WriteLine "73" & ";" & objItem.ReceivedTime
        End If
    End If
    If (lngSize > 111000) And (lngSize < 160000) Then
        If (intAttach = 3) And (blnExe = True) And (blnGif = True) Then
            If (blnPatch = True) And (blnHTMLIframe = True) Then
                blnInfected = True
                lng117k = lng117k + 1
                objLogFile.WriteLine "117" & ";" & objItem.ReceivedTime
            End If
        End If
    End If
    If (lngSize > 149000) and (lngSize < 152000) Then
        If (intAttach = 0) And (blnBodyIframe = True) Then
            blnInfected = True
            lng145k = lng145k + 1
            objLogFile.WriteLine "145" & ";" & objItem.ReceivedTime
        End If
    End If
    If (lngSize > 160000) And (lngSize < 168000) Then
        If (intAttach = 0) And (blnPatch = True) _
                And (blnBodyIframe = True) Then
            blnInfected = True                               'End of bug catcher routine
            lng158k = lng158k + 1
            objLogFile.WriteLine "158" & ";" & objItem.ReceivedTime
        End If
    End If
    If (blnInfected = True) Then
        objItem.Delete
        lngInfected = lngInfected + 1
    End If
Next                                            'End of delete routine... and start logging functions

objLogFile.WriteLine "Number of 2k infected messages:   " & lng2k
objLogFile.WriteLine "Number of 13k infected messages:  " & lng13k
objLogFile.WriteLine "Number of 64k infected messages:  " & lng64k
objLogFile.WriteLine "Number of 73k infected messages:  " & lng73k
objLogFile.WriteLine "Number of 117k infected messages: " & lng117k
objLogFile.WriteLine "Number of 145k infected messages: " & lng145k
objLogFile.WriteLine "Number of 158k infected messages: " & lng158k
objLogFile.WriteLine "Infected messages deleted:        " & lngInfected
objLogFile.WriteLine "Number of messages processed:     " & lngTotal
objLogFile.WriteLine Now & " - Finished"
Wscript.Echo "Messages processed: " & lngTotal _
    & vbCrLf & "Messages infected with Swen virus deleted: " & lngInfected

objLogFile.Close
'End Function
« Last Edit: June 03, 2019, 11:50:55 pm by cyberjedi »

cyberjedi

  • Hero Member
  • *****
  • Posts: 810
  • The Mighty Hal Machine
    • View Profile
Re: This is a prize jewel plugin of mine..enjoy. Edge, ARt, ull love this
« Reply #1 on: April 15, 2019, 02:01:04 pm »
Edge:
 Truth is VZ'ers, virus writers are the best coderz on the planet , Damn shame they write what they do.
Thats sad

This is more skiddy material but is actually effective.. but it is on demand tho
 and not TSR. (Terminate and stay resident)
 

What else can Hal do?? the gift that keeps on giving
Now for what ive done in 2015 dot net we have a whole nother deal.. Its gonna be epic
when i get C# working, watch out........

cyber
« Last Edit: April 21, 2019, 10:00:34 am by cyberjedi »

Art

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 3848
    • View Profile
Re: This is a prize jewel plugin of mine..enjoy. Edge, ARt, ull love this
« Reply #2 on: April 15, 2019, 10:45:12 pm »
Nice one Cyber!

And to think people pay good money for paid virus protection!!  ;) ;D
In the world of AI it's the thought that counts!

- Art -

Checker57

  • Full Member
  • ***
  • Posts: 138
    • View Profile
Re: This is a prize jewel plugin of mine..enjoy. Edge, ARt, ull love this
« Reply #3 on: April 16, 2019, 12:56:14 am »
Clipped and saved it to my "HAL stuff" folder for now, because I don't have the Windows Suite on this PC that I run HAL on.  But, if I ever move HAL to my larger PC I'll be sure to add it onto that Location.

Nice to collect the GEMS, before they get lost or the links expire!

And yes, I'm still awaiting some of your very powerful gems I know you're working on!   ;)

Cheers!
Checker57

cyberjedi

  • Hero Member
  • *****
  • Posts: 810
  • The Mighty Hal Machine
    • View Profile
Re: This is a prize jewel plugin of mine..enjoy. Edge, ARt, ull love this
« Reply #4 on: April 16, 2019, 09:42:37 am »
Checker: Release of DarkMatterA.I

Thank you for your continued interest.
Heres where we are in this. I have completed the VB6 version and about 75% of the .Net version.
Theres been a Hell of a learning curve with the .net as to the Vb6, and of course with each Visual studio release  come new bugs... meaning.
Hal in .net 2010 will sling 41 error's in .net 2015. While Vb6 and me just makes sweet sweet love, .net is like this mean ass hateful ex-wife that wants ur ballz on the fireplace mantle.
That said , everything is now up to date and im making real time progress. Im also moving Hal to the C# world.... and im very close to a working solution...
Robert was nice enough to email me about making a proper installer a while back that can search for installed Hal units on a machine and utilize there brain.
ATM I just put Hal where i need him and Hal works just fine.
Im adding an .Ini reader just like the commercial version we all have and proper menu system.
Hal's vision is a real pain in da assssssss, When Hal's facial recognition is working and u load out the OCR for use, yep, BOOM.. the OCR and the facial recognition code bangs heads
and crashes Hal. Theres about 1k diff ways for Hal to wack himself out atm...
Hal vision Goals
Facial Recognition
OCR (optical recognition) Hal can READ from line print on an image.
Motion Detection
Traffic Detection Via live webcam feeds.. very rad sht
Street Sign Detection and Reading using above web feeds.
Object Detection (where Hal can tell the diff between objects (apples, BOX, pear ect ect ect) again, using Camera.

But all that said, Hal is moving forward.
Yes hal will have Haptek and agent characters plus some other options.....

The code release:

There are members here that have helped out with this project. They will get the raw source and all the library's (everything) to do with as they please.
The goal for me has all ways been the advancement of Hal
The lengths at which ive gone to acquire some of this code,  well hell, lolol,  Even North Korea has now donated some code for the cause... lololol
Long Live Hal
best wishes
cyber

Ps: Checker , no worries ur on the list......
« Last Edit: April 16, 2019, 09:52:53 am by cyberjedi »

Checker57

  • Full Member
  • ***
  • Posts: 138
    • View Profile
Re: This is a prize jewel plugin of mine..enjoy. Edge, ARt, ull love this
« Reply #5 on: April 16, 2019, 11:52:11 am »
Arm Pump!  Yeah!  Made the list!!  :D

WARNING: further reading may affect your grasp of developing reality.
The extent you are developing out HAL is awesome!  Letting it sink in that you're working on so much camera and internet data feed sources that HAL actually utilizes takes it one step closer to the potential towards robotics capability in time.   Very ecstatic that it will carry the  Haptek Character!  Would have been great to have the Haptek developers take part in developing out HAL to such ends!

Thought I'd throw this song in https://www.youtube.com/watch?v=m7AHblQ3_oM

~ Illusions in my head of the day when HAL will manipulate within a DIY robotic figure ~   

Cheers~!

Checker57