This is a multi-part message in MIME format. ------=_NextPart_000_002B_01BE616A.9797FAE0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Some idiot sent out the following e-mail a couple days ago: Goodmorning. 02/23/99 We at mail.yahoo.com are pleased to release this cute little game which = promises to captive and mesmerize you for hours on end. Lots of dedication went into the production of this compact little PC = entertainer. Simply download the file "Yahoo.exe", double-click and let = the fun begin. Brandon. Assistant Director Yahoo Inc. _________________________________________________________ DO YOU YAHOO!? Get your free @yahoo.com address at http://mail.yahoo.com // Yahoo.exe is actually the netbus 2.0 server designed to install = without the user knowing anything. // The following registry entries were embeded within the exe. REGEDIT4 [HKEY_CLASSES_ROOT\.dl_] @=3D"exefile" "Content Type"=3D"application/x-msdownload" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Rundll32"=3D"rundll2.dl_" [HKEY_LOCAL_MACHINE\Software\Net Solutions] [HKEY_LOCAL_MACHINE\Software\Net Solutions\NetBus Server] [HKEY_LOCAL_MACHINE\Software\Net Solutions\NetBus Server\General] "Accept"=3D"1" "TCPPort"=3D"20043" "Visibility"=3D"3" "AccessMode"=3D"2" [HKEY_LOCAL_MACHINE\Software\Net Solutions\NetBus Server\Protection] "Password"=3D"$\".-(" ------=_NextPart_000_002B_01BE616A.9797FAE0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN"> <HTML> <HEAD> <META content=3Dtext/html;charset=3Diso-8859-1 = http-equiv=3DContent-Type> <META content=3D'"MSHTML 4.71.2016.0"' name=3DGENERATOR> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT size=3D2>Some idiot sent out the following e-mail a couple = days=20 ago:</FONT></DIV> <DIV><FONT size=3D2></FONT> </DIV> <DIV><FONT size=3D2>Goodmorning.<BR>02/23/99<BR><BR><BR>We at = mail.yahoo.com are=20 pleased to release this cute little game which promises to captive and = mesmerize=20 you for hours on end.<BR><BR>Lots of dedication went into the production = of this=20 compact little PC entertainer. Simply download the file = "Yahoo.exe",=20 double-click and let the fun begin.<BR><BR><BR>Brandon.<BR>Assistant = Director=20 Yahoo = Inc.<BR>_________________________________________________________<BR>DO=20 YOU YAHOO!?<BR>Get your free @yahoo.com address at <A=20 href=3D"http://mail.yahoo.com">http://mail.yahoo.com></FONT></DIV> <DIV><FONT size=3D2></FONT> </DIV> <DIV><FONT size=3D2></FONT> </DIV> <DIV><FONT size=3D2></FONT> </DIV> <DIV><FONT size=3D2>// Yahoo.exe is actually the netbus 2.0 server = designed to=20 install without the user knowing anything.</FONT> </DIV> <DIV><FONT size=3D2>// The following registry entries were embeded = within the=20 exe.</FONT></DIV> <DIV><FONT size=3D2></FONT> </DIV> <DIV><FONT size=3D2><FONT face=3DTerminal size=3D1> <P>REGEDIT4</P> <P>[HKEY_CLASSES_ROOT\.dl_]</P> <P>@=3D"exefile"</P> <P>"Content Type"=3D"application/x-msdownload"</P> <P>[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]</P>= <P>"Rundll32"=3D"rundll2.dl_"</P> <P> </P> <P>[HKEY_LOCAL_MACHINE\Software\Net Solutions]</P> <P>[HKEY_LOCAL_MACHINE\Software\Net Solutions\NetBus Server]</P> <P>[HKEY_LOCAL_MACHINE\Software\Net Solutions\NetBus Server\General]</P> <P>"Accept"=3D"1"</P> <P>"TCPPort"=3D"20043"</P> <P>"Visibility"=3D"3"</P> <P>"AccessMode"=3D"2"</P> <P>[HKEY_LOCAL_MACHINE\Software\Net Solutions\NetBus = Server\Protection]</P> <P>"Password"=3D"$\".-("</P> <P> </P> <P> </P></FONT></FONT></DIV></BODY></HTML> ------=_NextPart_000_002B_01BE616A.9797FAE0--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:37:46 PDT