tag:blogger.com,1999:blog-4252428322984442391.post5847508921757983648..comments2023-05-18T05:57:45.463-07:00Comments on withoutbugs.com: VB Script: How to create a virus?Unknownnoreply@blogger.comBlogger6125tag:blogger.com,1999:blog-4252428322984442391.post-13738173679027721942010-12-24T08:11:55.903-08:002010-12-24T08:11:55.903-08:00You can run the script in the edited section above...You can run the script in the edited section above to see what scripts are being run from which location.Chief Editorhttps://www.blogger.com/profile/17678121382231285858noreply@blogger.comtag:blogger.com,1999:blog-4252428322984442391.post-31633653662226053802010-11-11T08:30:53.206-08:002010-11-11T08:30:53.206-08:00I've just found this running on one of our cli...I've just found this running on one of our client workstations at the office.<br /><br />As far as I can work out, it:<br />1 - ensures that a folder called c:\tempe exists and that a copy of d.vbs exists within it<br />2 - marks the folder and files as hidden<br />3 - turns off hidden folder view in windows explorer<br />4 - creates an entry in HKCU\Software\Microsoft\Windows\Currentversion\Run<br />5 - consumes 99% system resources<br /><br />It's easy to remove, just terminate the process, remove the c:\tempe folder & all contents, then remove the Run entry from the registry.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4252428322984442391.post-38907207779993875232010-10-20T10:36:19.601-07:002010-10-20T10:36:19.601-07:00ok thx Kman..
:)
nice blogok thx Kman..<br />:)<br />nice blog:)https://www.blogger.com/profile/16115915246719578371noreply@blogger.comtag:blogger.com,1999:blog-4252428322984442391.post-34925793299499455522010-09-16T08:55:09.804-07:002010-09-16T08:55:09.804-07:00Silently hogging my machine, to be very precise.Silently hogging my machine, to be very precise.Chief Editorhttps://www.blogger.com/profile/17678121382231285858noreply@blogger.comtag:blogger.com,1999:blog-4252428322984442391.post-44575021084513207162010-09-13T02:18:57.470-07:002010-09-13T02:18:57.470-07:00i mean what that vbs do?i mean what that vbs do?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4252428322984442391.post-12717340348323312302010-09-13T02:16:04.158-07:002010-09-13T02:16:04.158-07:00whats the output?whats the output?Anonymousnoreply@blogger.com