YOLO

Evolution of an "harmless" troll batch file (see file revisions)

Explanations:

It puts a fake BSOD (to force user to reboot after batch silent installlation) and change clock's AM/PM to some "yolo batchman" text. it also create a self-replicating batch file (that starts some shit like web browser, notepad, paint and file explorer in a loop) and register it in startup. Some shit may not work anymore (like the website, i believe it was playing some cursed video in loop at the time) since it was made in 2015 (and for windows 7)

But... WHY?

actually, the fake BSOD is just an excuse for reboot (and to learn batch escape characters) script was made at first to punish students who go smoking without locking their computer (i was an IT teacher at that time) finally, some students evolved it (see code revisions) to make this "armagetroll" version. it was so beautiful that i kept it here. tehee 😜

Removal:

boot in fail safe mode

• delete all bat files located in %appdata%\Microsoft\Windows\Start Menu\Programs\Startup
• delete all bat files located in %windir%\System32\
• delete all bat files located in "infected" user's %appdata%
• delete all bat files located in %allusersprofile%\Microsoft\Windows\Start Menu\Programs\Startup\

Start an elevated cmd prompt and type:

• reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v YourOwnLifeOrganizer /f
• reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v IgfxTray /f
• reg add "HKCU\Control Panel\international" /v s1159 /t REG_SZ /d "AM" /f
• reg add "HKCU\Control Panel\international" /v s2359 /t REG_SZ /d "PM" /f

Reboot