FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 04-18-2011, 02:28 AM
Steven Vishoot
 
Default Did you ID this spam? what does it do? Does it have a name?

----- Original Message ----
> From: Mark Baumwell <mbaumwell@hotmail.com>
> To: centos@centos.org
> Sent: Sun, April 17, 2011 12:30:31 PM
> Subject: [CentOS] Did you ID this spam? what does it do? Does it have a name?
>
>
>
> Steven Vishoot <sir_funzone@...> writes:
>
> >
> > Sorry, hopefully fixed account and computer that started this.
> > Damn
> >
> > ----- Original Message ----
> > > From: Ljubomir Ljubojevic <office@...>
> > > To: CentOS mailing list <centos@...>
> > > Sent: Sun, April 10, 2011 6:29:15 AM
> > > Subject: Re: [CentOS] (no subject)
> > >
> > > Steven Vishoot wrote:
> > > > http://us-andeville.fr/cool01.11.php?ID=006
> > >
> > > This is SPAM
> > >
> > > Ljubomir
> > > _______________________________________________
> > > CentOS mailing list
> > > CentOS@...
> > > http://lists.centos.org/mailman/listinfo/centos
> > >
>
> Steven:
>
> Did you ID this spam? what does it do? Does it have a name? I am an admin for
>an
>
> email list and someone got infected and now I'm seeing this.
>
> I warned her, but if you found the offending machine and
> cleaned it off, I would like to know:
>
> What OS it was running

windows xp sp3

> What Antivirus / anti malware software you used

I use AVG

> What the AV software said about this (name of virus/malware, etc)
it was Trojan hoarse / Agent.F

> What the malware _does_ if known

N/A
> If the AV treatment worked...

Do you see spam anymore???

and to answer the other question. it was window computer but web based email
client.

>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-18-2011, 08:20 AM
Ljubomir Ljubojevic
 
Default Did you ID this spam? what does it do? Does it have a name?

Steven Vishoot wrote:
>> From: Mark Baumwell <mbaumwell@hotmail.com>
>>
>> Steven Vishoot <sir_funzone@...> writes:
>>
>>> Sorry, hopefully fixed account and computer that started this.
>>> Damn
>>>
>>> ----- Original Message ----
>>>> From: Ljubomir Ljubojevic <office@...>
>>>> To: CentOS mailing list <centos@...>
>>>> Sent: Sun, April 10, 2011 6:29:15 AM
>>> > Subject: Re: [CentOS] (no subject)
>>>> Steven Vishoot wrote:
>>>>> http://us-andeville.fr/cool01.11.php?ID=006
>>>> This is SPAM
>>>>
>>>> Ljubomir
>>>> _______________________________________________
>>>> CentOS mailing list
>>>> CentOS@...
>>>> http://lists.centos.org/mailman/listinfo/centos
>>>>
>> Steven:
>>
>> Did you ID this spam? what does it do? Does it have a name? I am an admin for
>> an
>>
>> email list and someone got infected and now I'm seeing this.
>>
>> I warned her, but if you found the offending machine and
>> cleaned it off, I would like to know:
>>
>> What OS it was running
>
> windows xp sp3
>
>> What Antivirus / anti malware software you used
>
> I use AVG
>
>> What the AV software said about this (name of virus/malware, etc)
> it was Trojan hoarse / Agent.F
>
>> What the malware _does_ if known
>
> N/A
>> If the AV treatment worked...
>
> Do you see spam anymore???
>
> and to answer the other question. it was window computer but web based email
> client.
>
>>
Are you telling me that trojan manipulated webmail account??? Hm, I
think it might be Chat client (Live Messenger, Yahoo, etc.) rather then
mail client itself, in that case.

Ljubomir
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-18-2011, 09:18 AM
Steven Vishoot
 
Default Did you ID this spam? what does it do? Does it have a name?

----- Original Message ----
> From: Ljubomir Ljubojevic <office@plnet.rs>
> To: CentOS mailing list <centos@centos.org>
> Sent: Mon, April 18, 2011 3:20:11 AM
> Subject: Re: [CentOS] Did you ID this spam? what does it do? Does it have a
>name?

> >> Steven:
> >>
> >> Did you ID this spam? what does it do? Does it have a name? I am an admin
>for
>
> >> an
> >>
> >> email list and someone got infected and now I'm seeing this.
> >>
> >> I warned her, but if you found the offending machine and
> >> cleaned it off, I would like to know:
> >>
> >> What OS it was running
> >
> > windows xp sp3
> >
> >> What Antivirus / anti malware software you used
> >
> > I use AVG
> >
> >> What the AV software said about this (name of virus/malware, etc)
> > it was Trojan hoarse / Agent.F
> >
> >> What the malware _does_ if known
> >
> > N/A
> >> If the AV treatment worked...
> >
> > Do you see spam anymore???
> >
> > and to answer the other question. it was window computer but web based email
>
> > client.
> >
> >>
> Are you telling me that trojan manipulated webmail account??? Hm, I
> think it might be Chat client (Live Messenger, Yahoo, etc.) rather then
> mail client itself, in that case.
>
> Ljubomir
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos


no telling you that trojan manipulated computer that was logged onto webmail
because centos list only goes to a webmail account. do not have any of those
chat client on computer do not like them will not put them on. Lets just do one
thing and let this drop it does not need to keep on going on list since it is
not a centos or linux related thread. thank you.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-18-2011, 09:43 AM
Ljubomir Ljubojevic
 
Default Did you ID this spam? what does it do? Does it have a name?

Steven Vishoot wrote:
>
>
>
> ----- Original Message ----
>> From: Ljubomir Ljubojevic <office@plnet.rs>
>> To: CentOS mailing list <centos@centos.org>
>> Sent: Mon, April 18, 2011 3:20:11 AM
>> Subject: Re: [CentOS] Did you ID this spam? what does it do? Does it have a
>> name?
>
>>>> Steven:
>>>>
>>>> Did you ID this spam? what does it do? Does it have a name? I am an admin
>> for
>>
>>>> an
>>>>
>>>> email list and someone got infected and now I'm seeing this.
>>>>
>>>> I warned her, but if you found the offending machine and
>>>> cleaned it off, I would like to know:
>>>>
>>>> What OS it was running
>>> windows xp sp3
>>>
>>>> What Antivirus / anti malware software you used
>>> I use AVG
>>>
>>>> What the AV software said about this (name of virus/malware, etc)
>>> it was Trojan hoarse / Agent.F
>>>
>>>> What the malware _does_ if known
>>> N/A
>>>> If the AV treatment worked...
>>> Do you see spam anymore???
>>>
>>> and to answer the other question. it was window computer but web based email
>>> client.
>>>
>> Are you telling me that trojan manipulated webmail account??? Hm, I
>> think it might be Chat client (Live Messenger, Yahoo, etc.) rather then
>> mail client itself, in that case.
>>
>> Ljubomir
>> _______________________________________________
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>
>
> no telling you that trojan manipulated computer that was logged onto webmail
> because centos list only goes to a webmail account. do not have any of those
> chat client on computer do not like them will not put them on. Lets just do one
> thing and let this drop it does not need to keep on going on list since it is
> not a centos or linux related thread. thank you.
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>

I will conclude this topic with this warning:

I am afraid it might be little more serious then that, at least for you:

"This description is for a password stealing trojan which attempts to
steal user information for certain online games.

The characteristics of this password stealer with regards to passwords
stolen, sites accessed, files downloaded etc will differ, depending on
the way in which the attacker had configured it. Hence, this is a
general description."

So there is high possibility that your password for that webmail account
(and who knows what else) has been stolen, and owner of the Trojan
logged in by himself and he sent the mail to this list.

Ljubomir


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-18-2011, 10:10 AM
Rudi Ahlers
 
Default Did you ID this spam? what does it do? Does it have a name?

On Mon, Apr 18, 2011 at 11:43 AM, Ljubomir Ljubojevic <office@plnet.rs> wrote:


Steven Vishoot wrote:

>

>

>

> ----- Original Message ----

>> From: Ljubomir Ljubojevic <office@plnet.rs>

>> To: CentOS mailing list <centos@centos.org>

>> Sent: Mon, April 18, 2011 3:20:11 AM

>> Subject: Re: [CentOS] Did you ID this spam? what does it do? Does it have a

>> name?

>

>>>> *Steven:

>>>>

>>>> Did you ID this spam? what does it do? Does it *have a *name? I am an admin

>> for

>>

>>>> an

>>>>

>>>> *email list and someone got infected and now I'm *seeing this.

>>>>

>>>> I warned her, but if you found the offending machine *and

>>>> cleaned it off, I would like to know:

>>>>

>>>> *What OS it was running

>>> windows xp sp3

>>>

>>>> *What *Antivirus / anti malware software you used

>>> I use *AVG

>>>

>>>> What the AV software said about *this (name of *virus/malware, etc)

>>> it was Trojan hoarse / Agent.F

>>>

>>>> *What the malware _does_ if known

>>> N/A

>>>> If the * AV treatment *worked...

>>> Do you see spam anymore???

>>>

>>> and to answer the other question. it was window computer but web based *email

>>> client.

>>>

>> Are you telling me that trojan *manipulated webmail account??? Hm, I

>> think it might be Chat client (Live *Messenger, Yahoo, etc.) rather then

>> mail client itself, in that *case.

>>

>> Ljubomir

>> _______________________________________________

>> CentOS *mailing list

>> CentOS@centos.org

>> http://lists.centos.org/mailman/listinfo/centos

>

>

> no telling you that trojan manipulated computer that was logged onto webmail

> because centos list only goes to a webmail account. do not have any of those

> chat client on computer do not like them will not put them on. Lets just do one

> thing and let this drop it does not need to keep on going on list since it is

> not a centos or linux related thread. thank you.

> _______________________________________________

> CentOS mailing list

> CentOS@centos.org

> http://lists.centos.org/mailman/listinfo/centos

>

>



I will conclude this topic with this warning:



I am afraid it might be little more serious then that, at least for you:



"This description is for a password stealing trojan which attempts to

steal user information for certain online games.



The characteristics of this password stealer with regards to passwords

stolen, sites accessed, files downloaded etc will differ, depending on

the way in which the attacker had configured it. Hence, this is a

general description."



So there is high possibility that your password for that webmail account

(and who knows what else) has been stolen, and owner of the Trojan

logged in by himself and he sent the mail to this list.



Ljubomir





_______________________________________________

CentOS mailing list

CentOS@centos.org

http://lists.centos.org/mailman/listinfo/centos


Guys, please take this off-list. Your personal PC & spam problems has NOTHING todo with CentOS, or anyone else on this list.






--
Kind Regards
Rudi Ahlers
SoftDux

Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Office: 087 805 9573


Cell: 082 554 7532


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-18-2011, 10:19 AM
Steven Vishoot
 
Default Did you ID this spam? what does it do? Does it have a name?

Rudi,

if you noticed I did mention that this thread should die and that it is not a Centos/Linux issue but damn it will not die!!!

So this my last post on this. PLEASE LET IT DIE.

thank you
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-18-2011, 10:39 AM
Rudi Ahlers
 
Default Did you ID this spam? what does it do? Does it have a name?

Steven,*
there's no need to be rude. i ASKED THE PREVIOUS POSTER TO LET IT DIE. Get your ducks in a row before you attack, please. I'm not the one here who can't read, you are.



On Mon, Apr 18, 2011 at 12:19 PM, Steven Vishoot <sir_funzone@yahoo.com> wrote:


Rudi,

if you noticed I did mention that this thread should die and that it is not a Centos/Linux issue but damn it will not die!!!



So this my last post on this. PLEASE LET IT DIE.

thank you

_______________________________________________

CentOS mailing list

CentOS@centos.org

http://lists.centos.org/mailman/listinfo/centos




--
Kind Regards
Rudi Ahlers
SoftDux

Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com


Office: 087 805 9573
Cell: 082 554 7532


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-18-2011, 05:45 PM
John R Pierce
 
Default Did you ID this spam? what does it do? Does it have a name?

On 04/18/11 1:20 AM, Ljubomir Ljubojevic wrote:
> Are you telling me that trojan manipulated webmail account??? Hm, I
> think it might be Chat client (Live Messenger, Yahoo, etc.) rather then
> mail client itself, in that case.


the mail headers indicate the email may have been sent from 79.113.161.75

Received: from [79.113.161.75] by web31702.mail.mud.yahoo.com via HTTP;
Sun, 10 Apr 2011 04:21:42 PDT


is that on your network, or is that elsewhere? whois says thats

inetnum: 79.113.160.0 - 79.113.163.255
netname: RO-RCS-RDS-FIBERLINK
descr: RCS& RDS S.A.
descr: FiberLink Customers
descr: Galati
country: RO
admin-c: RDS-RIPE
tech-c: RDS-RIPE
status: ASSIGNED PA
mnt-by: AS8708-MNT
source: RIPE # Filtered




_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 07:52 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org