can anyone translate this for me??

Question

Qua Tang Trai Tim. Thanks in advance

Answer 1

Its a worm

File type: PE
Memory resident: Yes
Size of malware: 206,488 Bytes (compressed); 406,168 Bytes (uncompressed)
Initial samples received on: Oct 4, 2006
Compression type: UPX
Payload 1: Changes Internet Explorer title bar
Payload 2: Modifies Yahoo! Messenger settings
Payload 3: Disables Task Manager and Registry Editor
Payload 4: Modifies home page of Internet Explorer

Details:

Installation and Autostart Technique

Upon execution, this worm drops a copy of itself as YAHOO.EXE in the Windows system folder.

It then creates the following registry entry to enable its automatic execution at every system startup:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Run
Task Manager = "%System%\yahoo.exe"

(Note: %System% is the Windows system folder, which is usually C:\Windows\System on Windows 98 and ME, C:\WINNT\System32 on Windows NT and 2000, or C:\Windows\System32 on Windows XP and Server 2003.)

Other Registry Modifications

This worm modifies the following registry entries to disable the Windows Task Manager and Registry Editor:

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Policies\SYSTEM
DisableTaskMgr = "dword:00000001"
DisableRegistryTools = "dword:00000001"

(Note: The default value data of the aforementioned entries is "0". Modifying the said entries to its original value data has the same result as deleting them.)

It also changes the Internet Explorer title and home page by modifying the following registry entries:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Window Title = "Qua Tang Trai Tim http://{BLOCKED}atangtraitim.us.tf"

(Note: The default value data of the aforementioned entry is "Microsoft Internet Explorer".)

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Start Page = "http://{BLOCKED}atangtraitim.us.tf"

(Note: The default value data of the aforementioned entry is user-defined.)

It changes content-related settings of the Yahoo! Messenger application by modifying the following registry entries:

HKEY_CURRENT_USER\Software\Yahoo\
pager\View\YMSGR_buzz
content url = "http://{BLOCKED}atangtraitim.us.tf"

(Note: The default value data of the aforementioned entry is "http://tools.search.yahoo.com/ym/buzz".)

HKEY_CURRENT_USER\Software\Yahoo\
pager\View\YMSGR_Launchcast
content url = "http://{BLOCKED}atangtraitim.us.tf"

(Note: The default value data of the aforementioned entry is "http://radio.launch.yahoo.com/radio/play/playmessenger.asp".)

Propagation via Instant Messenger

This worm propagates via the Yahoo! Messenger instant messaging application. It sends the following instant message, which is in Vietnamese language, to all contacts of the affected user:

Toi da lang nghe bai hay nay voi mot chut cam xuc la, mot chut to
mo, sao giua dong doi buon trai & bon be, ca am nhac va long
nguoi cung ngap chim vao nhung lo toan tinh toan, chuyen ban
buon loi danh... http://{BLOCKED}atangtraitim.us.tf

The said instant message contains a link that when accessed, connects to the URL http://{BLOCKED}eehost19.websamba.com/sinhviennl to download a copy of itself.

Affected Platforms

This worm runs on Windows 98, ME, NT, 2000, XP, and Server 2003 with Yahoo! Messenger installed.

Answer 2

It is Vietnamese

Qua Tang means Gift
and Trai Tim means Heart

Answer 3

With regard to grip time Trai...translated from dutch

Answer 4

outdoors Egypt there are 2 sorts: a million- those who were close up by technique of their governments; by technique of blinding them with money and vehicles and stuff; so that they idea they are dealt with like 1st type citizen.....zay dewal el5aleeg 2- those who're soliciting for his or her rights of their international locations, so that they get 'em. In Egypt: you're dealt with like a second type citizen; because you behave as a 2d type citizen at the same time as it includes asking on your rights