OpenBCM V1.07b12 (Linux)

Packet Radio Mailbox

DB0FHN

[JN59NK Nuernberg]

 Login: GUEST





  
KB2VXA > HELP     11.09.03 21:05l 51 Lines 2218 Bytes #999 (0) @ WW
BID : 12902_WT3V
Read: GUEST DB0FHN
Subj: Re: That mysterious ~ file
Path: DB0FHN<DB0THA<DB0ERF<DB0SON<DB0MRW<DB0BOX<DB0ZKA<DB0SIP<OE9XPI<HB9EAS<
      HB9AK<K1UOL<K1UOL<WA2PNU<KC2COJ<WT3V
Sent: 030911/1800Z @:WT3V.#CNJ.NJ.USA.NOAM #:12902 [Lakehurst] $:12902_WT3V
From: KB2VXA@WT3V.#CNJ.NJ.USA.NOAM
To  : HELP@WW

Hello all,

You're all dancing around the camp fire but haven't gotten the steps 
right yet. (;->)

OK people, stop speculating and pay attention! You have been passing 
around a hint and you got it right, that mystery file is your Outlook 
Express address book with some strange code added. It's exact purpose 
isn't clear, so it could be doing one of two things. It could be sending 
spam or it could be reporting those addresses (plus yours) to whoever put 
it in your computer via a Trojan. The reason it keeps reappearing is you 
haven't found and deleted the Trojan OR you haven't plugged your security 
leak with Windows Update.

Now I'll tell you of my adventure so you may just get a clue. One day I 
noticed a bunch of unknown addresses which had bounced Juno e-mail with 
errors such as "unknown user" and "mail box full" and got curious. I 
looked in the juno.bin folder and found a file with ~ as it's only 
identifier. HUH? There is no such thing belonging in my computer and 
especially in Juno which uses a unique file system. (BTW, nothing 
appeared on the desktop) Naturally I deleted it and went running to the 
updates. Seems I had been a bit lax in that area. (;->) Well, one Windows 
update and one Systems Suite update later all was well, no more funky 
files and no bounced e-mail from people I never heard of.

Now here's the strange bit, that funky file contained my Outlook Express 
address book with some odd code added just like the ones being discussed 
here. Now what the heck was the OE book doing in Juno when Juno has it's 
own and has no connection to OE? That one is used by my primary e-mail 
account, the top secret one you will never know about (ha ha) and I never 
had a bit of trouble with it.

Oh well, moot point anyway, my problem is solved and everything back to 
normal. "It gets curiouser and curiouser." said Alice.

73 de Warren, KB2VXA@WT3V.#CNJ.NJ.USA.NOAM
Powered by JCP&L atomic energy.

E-MAIL: kb2vxa@juno.com

**************************************
Preserve the integrity of our network,
stop Internet forwarding!
**************************************

Message timed by cesium laser: 18:08 on 2003-Sep-11 GMT



Read previous mail | Read next mail

 11.03.2025 03:02:07lGo back Go up