On Mon, Apr 18, 2011 at 11:43 AM, Ljubomir Ljubojevic <office@xxxxxxxx> wrote:
Steven Vishoot wrote:
>
>
>
> ----- Original Message ----
>> From: Ljubomir Ljubojevic <office@xxxxxxxx>
>> To: CentOS mailing list <centos@xxxxxxxxxx>
>> Sent: Mon, April 18, 2011 3:20:11 AM
>> Subject: Re: Did you ID this spam? what does it do? Does it have a
>> name?
>
>>>> Steven:
>>>>
>>>> Did you ID this spam? what does it do? Does it have a name? I am an admin
>> for
>>
>>>> an
>>>>
>>>> email list and someone got infected and now I'm seeing this.
>>>>
>>>> I warned her, but if you found the offending machine and
>>>> cleaned it off, I would like to know:
>>>>
>>>> What OS it was running
>>> windows xp sp3
>>>
>>>> What Antivirus / anti malware software you used
>>> I use AVG
>>>
>>>> What the AV software said about this (name of virus/malware, etc)
>>> it was Trojan hoarse / Agent.F
>>>
>>>> What the malware _does_ if known
>>> N/A
>>>> If the AV treatment worked...
>>> Do you see spam anymore???
>>>
>>> and to answer the other question. it was window computer but web based email
>>> client.
>>>
>> Are you telling me that trojan manipulated webmail account??? Hm, I
>> think it might be Chat client (Live Messenger, Yahoo, etc.) rather then
>> mail client itself, in that case.
>>
>> Ljubomir
>> _______________________________________________
>> CentOS mailing list
>> CentOS@xxxxxxxxxx
>> http://lists.centos.org/mailman/listinfo/centos
>
>
> no telling you that trojan manipulated computer that was logged onto webmail
> because centos list only goes to a webmail account. do not have any of those
> chat client on computer do not like them will not put them on. Lets just do one
> thing and let this drop it does not need to keep on going on list since it is
> not a centos or linux related thread. thank you.
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
>
I will conclude this topic with this warning:
I am afraid it might be little more serious then that, at least for you:
"This description is for a password stealing trojan which attempts to
steal user information for certain online games.
The characteristics of this password stealer with regards to passwords
stolen, sites accessed, files downloaded etc will differ, depending on
the way in which the attacker had configured it. Hence, this is a
general description."
So there is high possibility that your password for that webmail account
(and who knows what else) has been stolen, and owner of the Trojan
logged in by himself and he sent the mail to this list.
Ljubomir
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
Guys, please take this off-list. Your personal PC & spam problems has NOTHING todo with CentOS, or anyone else on this list.
--
Kind Regards
Rudi Ahlers
SoftDux
Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Office: 087 805 9573
Cell: 082 554 7532
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos