Subj : RE: malware using the wconline as a server
To   : All
From : HECTOR SANTOS
Date : Thu Jan 31 2019 19:18:36

Date: Thu, 12 Oct 2006 03:27:07 -0400
From: HECTOR SANTOS
To: BILLY SCHWARZ
Subject: RE: malware using the wconline as a server
Newsgroups: win.server.smtp.&.avs
Message-ID: <1160638027.46.1160502831@winserver.com>
References:  <1160502831.46.0@winserver.com>
X-WcMsg-Attr: Rcvd
X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
Lines: 23

Make sure you TURN off the HTTP PROXY in WEB SERVER SETUP and restart 
WCONLINE.



On 10/10/06 1:53 PM, BILLY SCHWARZ wrote to HECTOR SANTOS:

> I have up graded our ecommerce server to the 6.1  Monday october 9, 
2006 I 
> noticed that it had a lot of traffic.
> 
> The malware is written to use the wconline to broadcast ad's to who knows 
> where.  As of today I have not found the program.
> 
> I can block the wconline with the fire wall and it will stop.
> 
> None of your other servers running an earlier update seem to be affected
> 
> 
> Billy Schwarz
> sysop@hightecproductions.com 

 
--- Platinum Xpress/Win/WINServer v3.1
 * Origin: Prison Board BBS Mesquite Tx  //telnet.RDFIG.NET www. (1:124/5013)

.