I've already done all three, and I did #2, #3, then #1. I won't be giving the user their new password until they have fixed their PC. :)
At 04:43 AM 3/17/2009, GrayHat wrote: > >> One of my users had their PC compromised, > >> and their SMTP password stolen by a trojan. > >> This was then used to log into my server from zombie > >> spam bots and send massive amounts of spam all > >> over the world. > > > 1) Remove trojan by antivirus software ( or simply reinstall OS) > > > > 2) change password of this user > > > > 3) clear spam e-mails files from "ASSP\notspam\" folder and clear > > spam recipients from whitelist ( or simply restore from backup) > >I'd switch 1<->2 I mean, FIRST change the password, THEN >proceed to the cleanup so that, during the cleanup the account >won't be abused by other bots > > >------------------------------------------------------------------------------ >Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are >powering Web 2.0 with engaging, cross-platform capabilities. Quickly and >easily build your RIAs with Flex Builder, the Eclipse(TM)based development >software that enables intelligent coding and step-through debugging. >Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com >_______________________________________________ >Assp-test mailing list >[email protected] >https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
