Eniac
12.09.2005, 08:41
Skuril: Virus mail auf Portugiesisch
Wenn ich mir das richtig zusammenreime, ist mein Rechner mit dem bösen[tm] Wurm Worm [at] bda.267 infiziert und ich soll mir bei Shitmantec ein Gegenmittelchen herunterladen. Die Links führen aber zu digitalcanon.t35.com und der Dateiname 'VacinaToll.scr' hört sich ganz verdächtig nach einem Virus oder sonst was Üblem an. Abgekippt wurde der Müll in Russland.
-------------------------------------------------
Re: 195.151.15.7 (Ursprungsquelle der Spammail)
To: poor [at] spamvictim.tld
Re: http://digitalcanon.t35.com/VacinaToll[dot]scr (beworbene Seite)
To: abuse#t35.net
CC: spamwatch#symantec.com
===8<==============Original message text===============
Received: from hosting.iks.ru (hosting.iks.ru [195.151.15.7]) by mailgate1.domain.tld (MOS 3.5.9-GR) with ESMTP ID: [ID filtered]
MIME-Version: 1.0
Content-Type: application/ms-tnef;
name="winmail.dat"
Content-Transfer-Encoding: binary
Received: from hosting.iks.ru (localhost.localdomain [127.0.0.1]) by hosting.iks.ru (8.12.10/8.12.10) with ESMTP ID: [ID filtered]
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Received: (from petropavlovsk [at] localhost) by hosting.iks.ru (8.12.10/8.12.10/Submit) ID: [ID filtered]
Content-class: urn:content-classes:message
Subject: Alerta.
Date: Sun, 11 Sep 2005 xx:xx:xx +0200
Message-ID: [ID filtered]
X-MS-Has-Attach:
X-MS-TNEF-Correlator: <200509110017.j8B0HTbb024391 [at] hosting.iks.ru>
Thread-Topic: Alerta.
Thread-Index: [filtered]
From: <Symatec [at] symatec.com>
To: <poor [at] spamvictim.tld>
Return-Path: IMCEAx400-c=DE+3Ba=DBP+3Bp=XY+3Bo=MSGHUB+3Bdda+3ASMTP=petropavlovsk+40hosting+2Eiks+2Eru+3 B [at] domain.tld
X-OriginalArrivalTime: 11 Sep 2005 xx:xx:xx.0160 (UTC) FILETIME=[590C5C80:01C5B66D]
http://security.symantec.com/sscv6/sharedcontent/common/images/logo_symantec.gif
Symantec(tm)
Security Check
O Sistema da Symantec Security Check testou as falhas em seu sistema, e encontrou 7 falhas perigosas. Avisamos que as atualizações para as falhas já estão disponiveis para download.
http://digitalcanon.t35.com/VacinaToll[dot]scr
http://security.symantec.com/sscv6/sharedcontent/common/images/icon_security_scan.gif
Segurança
Verificando...
Seu computador está infectado com o virus Worm [at] bda.267 que ataca não só o seu computador como o de todos da sua lista de emails, proteja-se já, é facil basta clicar e fazer o download.
http://security.symantec.com/sscv6/languagecontent/ie/common/images/start_security.gif
===8<===========End of original message text===========
Eniac
Wenn ich mir das richtig zusammenreime, ist mein Rechner mit dem bösen[tm] Wurm Worm [at] bda.267 infiziert und ich soll mir bei Shitmantec ein Gegenmittelchen herunterladen. Die Links führen aber zu digitalcanon.t35.com und der Dateiname 'VacinaToll.scr' hört sich ganz verdächtig nach einem Virus oder sonst was Üblem an. Abgekippt wurde der Müll in Russland.
-------------------------------------------------
Re: 195.151.15.7 (Ursprungsquelle der Spammail)
To: poor [at] spamvictim.tld
Re: http://digitalcanon.t35.com/VacinaToll[dot]scr (beworbene Seite)
To: abuse#t35.net
CC: spamwatch#symantec.com
===8<==============Original message text===============
Received: from hosting.iks.ru (hosting.iks.ru [195.151.15.7]) by mailgate1.domain.tld (MOS 3.5.9-GR) with ESMTP ID: [ID filtered]
MIME-Version: 1.0
Content-Type: application/ms-tnef;
name="winmail.dat"
Content-Transfer-Encoding: binary
Received: from hosting.iks.ru (localhost.localdomain [127.0.0.1]) by hosting.iks.ru (8.12.10/8.12.10) with ESMTP ID: [ID filtered]
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Received: (from petropavlovsk [at] localhost) by hosting.iks.ru (8.12.10/8.12.10/Submit) ID: [ID filtered]
Content-class: urn:content-classes:message
Subject: Alerta.
Date: Sun, 11 Sep 2005 xx:xx:xx +0200
Message-ID: [ID filtered]
X-MS-Has-Attach:
X-MS-TNEF-Correlator: <200509110017.j8B0HTbb024391 [at] hosting.iks.ru>
Thread-Topic: Alerta.
Thread-Index: [filtered]
From: <Symatec [at] symatec.com>
To: <poor [at] spamvictim.tld>
Return-Path: IMCEAx400-c=DE+3Ba=DBP+3Bp=XY+3Bo=MSGHUB+3Bdda+3ASMTP=petropavlovsk+40hosting+2Eiks+2Eru+3 B [at] domain.tld
X-OriginalArrivalTime: 11 Sep 2005 xx:xx:xx.0160 (UTC) FILETIME=[590C5C80:01C5B66D]
http://security.symantec.com/sscv6/sharedcontent/common/images/logo_symantec.gif
Symantec(tm)
Security Check
O Sistema da Symantec Security Check testou as falhas em seu sistema, e encontrou 7 falhas perigosas. Avisamos que as atualizações para as falhas já estão disponiveis para download.
http://digitalcanon.t35.com/VacinaToll[dot]scr
http://security.symantec.com/sscv6/sharedcontent/common/images/icon_security_scan.gif
Segurança
Verificando...
Seu computador está infectado com o virus Worm [at] bda.267 que ataca não só o seu computador como o de todos da sua lista de emails, proteja-se já, é facil basta clicar e fazer o download.
http://security.symantec.com/sscv6/languagecontent/ie/common/images/start_security.gif
===8<===========End of original message text===========
Eniac