Re: Exploit
- From: "R. McCarty" <PcEngWork-NoSpam_@xxxxxxxxxxxxxx>
- Date: Wed, 30 Nov 2005 16:43:11 -0500
The "Issue" is jokes and cartoons via email. Always read email in Plain
text. Active content in email is dangerous.
"David Kelsey" <david_kelseyNO@xxxxxxxxxxxxxxx> wrote in message
news:OXNB3Wf9FHA.4076@xxxxxxxxxxxxxxxxxxxxxxx
> Yesterday, my cursor suddenly started moving on its own, with no input
> from me, and I could not stop it. It moved to the start button, clicked
> it, then clicked run, entered the address of my other network computer
> plus 'my documents' and the name of my accounts file, which it opened.
> While all this was going on, I was trying to end task with the Task
> Manager, where the open task was called 'too funny LA 21' or something
> similar, which was the subject line of an e-mail I received from a friend
> in Canada. It contained a nun joke within the body of the message. It
> took several attempts to end task.
>
> Then I started removing all trace of the e-mail from both computers, and
> emptied whatever folders I could. My deleted items folder on one computer
> had already been emptied (not by me) of all mails except about 30 or 40
> ZDNet pages which I had received and deleted over several months. I have
> e-mailed ZDNet with the details in case they know anything about it.
>
> I got the latest updates, and scanned both machines with Norton and AVG,
> with no result. MS Antispyware ran and found nothing, but then it never
> has found anything ever on either machine. I checked with Symantec, and
> found nothing relating to this activity, either real or hoax.
>
> Since then, both machines appear to be running normally.
>
> Does anyone recognise this exploit, if that is what it is, please? It
> seems to be a macro of sorts, but I don't have it in my EZ Macros list,
> and I have deleted any trace of macros from Excel, not that there appeared
> to be anything active. I can't think how anything could know the address
> of my accounts file, nor can I think of any reason for accessing it. It
> doesn't contain any passwords or anything that could be used to get into
> my bank or whatever. However, it is very worrying, because obviously the
> run command could have been anything. Having said all that, it could be a
> useful macro, if I knew where to find it. I am the only user of the
> machine it cropped up on, and my wife is the only other person in the
> house. She wouldn't set up any macros. Could there be a key logger on
> board?
>
> I have XP Pro SP2 with all updates, four spyware programs, and two
> antivirus programs, plus the XP firewall and my ISP's firewall. You'd
> think the thing would be locked down tight, wouldn't you?
>
> David Kelsey
>
.
- Follow-Ups:
- Re: Exploit
- From: David Kelsey
- Re: Exploit
- References:
- Exploit
- From: David Kelsey
- Exploit
- Prev by Date: No answer yet
- Next by Date: Re: VIDEO PROBLEM
- Previous by thread: Re: Exploit
- Next by thread: Re: Exploit
- Index(es):
