[CentOS] Did you ID this spam? what does it do? Does it have a name?

Mon Apr 18 10:10:24 UTC 2011
Rudi Ahlers <Rudi at SoftDux.com>

On Mon, Apr 18, 2011 at 11:43 AM, Ljubomir Ljubojevic <office at plnet.rs>wrote:

> Steven Vishoot wrote:
> >
> >
> >
> > ----- Original Message ----
> >> From: Ljubomir Ljubojevic <office at plnet.rs>
> >> To: CentOS mailing list <centos at centos.org>
> >> Sent: Mon, April 18, 2011 3:20:11 AM
> >> Subject: Re: [CentOS] Did you ID this spam? what does it do? Does it
> have a
> >> name?
> >
> >>>>  Steven:
> >>>>
> >>>> Did you ID this spam? what does it do? Does it  have a  name? I am an
> admin
> >> for
> >>
> >>>> an
> >>>>
> >>>>  email list and someone got infected and now I'm  seeing this.
> >>>>
> >>>> I warned her, but if you found the offending machine  and
> >>>> cleaned it off, I would like to know:
> >>>>
> >>>>  What OS it was running
> >>> windows xp sp3
> >>>
> >>>>  What  Antivirus / anti malware software you used
> >>> I use  AVG
> >>>
> >>>> What the AV software said about  this (name of  virus/malware, etc)
> >>> it was Trojan hoarse / Agent.F
> >>>
> >>>>  What the malware _does_ if known
> >>> N/A
> >>>> If the   AV treatment  worked...
> >>> Do you see spam anymore???
> >>>
> >>> and to answer the other question. it was window computer but web based
>  email
> >>> client.
> >>>
> >> Are you telling me that trojan  manipulated webmail account??? Hm, I
> >> think it might be Chat client (Live  Messenger, Yahoo, etc.) rather then
> >> mail client itself, in that  case.
> >>
> >> Ljubomir
> >> _______________________________________________
> >> CentOS  mailing list
> >> CentOS at centos.org
> >> http://lists.centos.org/mailman/listinfo/centos
> >
> >
> > no telling you that trojan manipulated computer that was logged onto
> webmail
> > because centos list only goes to a webmail account. do not have any of
> those
> > chat client on computer do not like them will not put them on. Lets just
> do one
> > thing and let this drop it does not need to keep on going on list since
> it is
> > not a centos or linux related thread. thank you.
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
> >
>
> I will conclude this topic with this warning:
>
> I am afraid it might be little more serious then that, at least for you:
>
> "This description is for a password stealing trojan which attempts to
> steal user information for certain online games.
>
> The characteristics of this password stealer with regards to passwords
> stolen, sites accessed, files downloaded etc will differ, depending on
> the way in which the attacker had configured it. Hence, this is a
> general description."
>
> So there is high possibility that your password for that webmail account
> (and who knows what else) has been stolen, and owner of the Trojan
> logged in by himself and he sent the mail to this list.
>
> Ljubomir
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


Guys, please take this off-list. Your personal PC & spam problems has
NOTHING todo with CentOS, or anyone else on this list.




-- 
Kind Regards
Rudi Ahlers
SoftDux

Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Office: 087 805 9573
Cell: 082 554 7532
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20110418/ca83235e/attachment-0005.html>