mailing list archives
Re: Forensics help - Outgoing email
From: "Dave \"No, not that one\" Korn" <davek_throwaway () hotmail com>
Date: Sun, 18 Jun 2006 16:54:32 +0100
castellan2004-fd () yahoo com wrote:
Recently, I was introduced to the torrent network
(primarily because I wanted to download some Linux
distros). My curiosity made me download other audio
torrents to see the efficiency of the torrent network.
One thing I have noticed on my system is that there
is an email being sent out periodically to some system
(247.16.delicado.com.uy). When the email is being
sent out, the AVG Anti Virus is scanning the email,
is how I found out about the delicado.com.uy system.
I do not know what is being sent out. Can the torrent
files compromise security on your system? Has my
system been compromised and become part of a bot
network? How do I find out what is causing this email
to go out? How do I fix this problem?
One possible explanation is that one of the music files you downloaded
wasn't actually an mp3 but a virus-infected exe, with a name like
'foo.mp3.exe' or 'foo.mp3
.exe' that can easily slip past your notice if you aren't paying full
attention. I suggest you run a full scan with AVG, and perhaps try out one
or two of the on-line virus scanners as well.
On the other hand, some versions of the torrent software are known to have
been bundled with ad/spyware, so perhaps you should run AdAware or SpyBot
S'n'D as well?
Can't think of a witty .sigline today....
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/