I have moved this discussion to the proper forum - sorry for my ignorance of the process.
To answer your question about how I know this is happening, yesterday I got a delivery failure notification, listing a whole long list of email addresses that I supposedly sent posts to (but I didn't), and at the end it says:
"ZoneAlarm Security Suite has detected the following infected attachment(s):
*Message Part>reg_pass-data.zm9 : Win32.Sober.W!ZIP : Unable to repair"
These addresses were all sent to "setonimaging.com" Don't even know who that is.
This morning, I got another one, slightly different:
The original message was received at Sat, 10 Dec 2005 10:06:00 -0500 (EST)
from host-216-153-135-93.buf.choiceone.net [216.153.135.93]
"Your e-mail is being returned to you because there was a problem with its
delivery. The address which was undeliverable is listed in the section
labeled: "----- The following addresses had permanent fatal errors -----".
The reason your mail is being returned to you is listed in the section
labeled: "----- Transcript of Session Follows -----".
The line beginning with "<<<" describes the specific reason your e-mail could
not be delivered. The next line contains a second error message which is a
general translation for other e-mail servers.
Please direct further questions regarding this message to your e-mail
administrator.
--AOL Postmaster"
Again, with a long list of AOL addresses, none of which I know. They seem to be just CG.
I've been getting occasional Avast Timeout - Connection elapsed! messages, with (thunderbird.exe -> charter.net:110) underneath. What port is 110? What does it do?I think this is the source of the generation, but can't block Thunderbird, as it is my email program.