Showing posts with label anti-virus. Show all posts
Showing posts with label anti-virus. Show all posts

Saturday, April 9, 2011

Inbox - VIRUS ALERT "Express delivery" the crook sent several of these without the attachment ATT00017.txt (95b) during this week


-----original message-----
 From: Express delivery [express.deliveryv4@yahoo.com]
To:
Date: Sat 4/9/2011 12:45 PM
Subject: Express delivery

Dear customer

The parcel was sent your home adress
And it will arrive within 10 business days

More information and the tracking number
are attached in document below.

Thank You

© 1994-2011 Express Services, Inc.

Note - if you know people that send viruses report them to their your local police - It is a CRIMINAL OFFENCE and the sender could be sentences to prison


____Alerta de ESET NOD32 Antivirus, versiĆ³n de la base de firmas de virus  __________

Alerta, ESET NOD32 Antivirus ha encontrado las siguientes amenazas en este mensaje:

doc.zip - una variante de Win32/TrojanDownloader.Stohil.O Troyano - eliminado
doc.zip > ZIP > doc.exe - una variante de Win32/TrojanDownloader.Stohil.O Troyano - era parte de un objeto eliminado



Saturday, January 22, 2011

Inbox -VIRUS ALERT delete any emails from SIMON25@HOTMAIL.CO.UK

VERY URGENT - PLEASE READ - NOT A JOKE
 
PASS THIS ON!
 

 
IF A PERSON CALLED SIMON ASHTON (   SIMON25@HOTMAIL.CO.UK   ) CONTACTS YOU THROUGH EMAIL DON'T OPEN THE MESSAGE. DELETE IT BECAUSE HE IS A HACKER!!

TELL EVERYONE ON YOUR LIST   BECAUSE IF SOMEBODY ON YOUR LIST ADDS HIM  THEN YOU WILL GET HIM ON YOUR LIST. HE WILL FIGURE OUT YOUR ID COMPUTER ADDRESS, SO COPY AND PASTE THIS MESSAGE TO EVERYONE EVEN IF YOU DONT CARE FOR THEM AND FAST BECAUSE IF HE HACKS THEIR EMAIL HE HACKS YOUR MAIL TOO!!!!!.....

Anyone-using Internet mail such as Yahoo, Hotmail, AOL and so on.  This information arrived this morning, Direct from both Microsoft and Norton. Please send it to everybody you know who has access to the Intern et. You may receive an apparently harmless e-mail titled  'Mail Server Report'

If you open either file, a message will appear on your screen saying:  'It is too late now, your life is no longer  beautiful.'

Subsequently you will LOSE EVERYTHING IN YOUR PC,
And the person who o sent it to you will gain access to your  name, e-mail and password.

This is a new virus which started to circulate on Saturday afternoon. AOL has already confirmed the severity, and the  anti virus software's are not capable of destroying it  .

The virus has been created by a hacker who calls himself  'life owner'..

PLEASE SEND A COPY OF THIS E-MAIL TO ALL YOUR FRIENDS, And ask them to

PASS IT ON IMMEDIATELY!

Take Care

 


Monday, January 10, 2011

Inbox - SCAM ALERT Virus progam has blocked http://uknolde.dominiotemporario.com/200089/barra2.GIP - IP 187.17.98.39.80


We have deleted this email in view of the virus program warning about this correspondence but publish the text below. 
We are not Italian and do not bank with this institution. Caixa is a Spanish  bank. The scammer has used a mixture of
languages, Italian, Spanish and Portuguese. The text below is published to warn you.


"Prezado Cliente,


O Internet Banking CAIXA Atualizou.


Informamos a todos os usuarios do Internet Banking CAIXA que a Atualizacao e obrigatoria o nao cumprimento
implicara no cancelamento de sua ASSINATURA ELETRONICA e no cancelamento do seu acesso ao internet
bank impossibilitando consultas de saldo, pagamentos, transferencias etc.
Se voce ainda nao Atualizou seu acesso, clique no botao e  cadastre-se agora mesmo. E facil e rapido"
Alerta de ESET NOD32 Antivirus
Acceso denegado! 

 Detalles:

   PĆ”gina de Internet:
   http://www.google.com/search?q=http://uknolde.dominiotemporario.com/200089/barra2.GIP+-+IP+187.17.98.39.80+&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:es-ES:official&client=firefox-a


   DescripciĆ³n:
   El acceso a esta pĆ”gina de Internet ha sido bloqueado por
   ESET NOD32 Antivirus. La misma se encuentra en la lista de sitios con
   contenido potencialmente.
www.eset.com
187.17.98.39.80 is an invalid ip address.
 source http://www.ip2location.com/ 

Which tells you that the sender is a CROOK 

Thursday, September 9, 2010

Inbox - Check out my photos (If you do not know the person delete it - Could be a trojan virus)


Received by our South American Correspondent. This is a suspicious spam/scam It has a forged IP and if you click or copy the URL, it may send to pictures from your own country. In my case, it showed: Meet Venezuela singles. It may have variations depending on your country. 
----- Original Message -----
From: Amy J. Papineau sg@fishinginthailand.com
Sent: Thursday, September 09, 2010 12:48 AM
Subject: Check out my photos


                                                                                                                                                                                                                                                            
Hi,
 
I have my private pics uploaded. Interested in seeing them? Then go to:
 
 
Remove >From Mailing List
 
Information for Police / Interpol




Delivered-To: 
Received: by 10.227.43.5 with SMTP id u5cs50614wbe;
        Wed, 8 Sep 2010 13:58:46 -0700 (PDT)
Received: by 10.220.62.136 with SMTP id x8mr123379vch.35.1283979525813;
        Wed, 08 Sep 2010 13:58:45 -0700 (PDT)
Return-Path: 
Received: from fishinginthailand.com (mamakos.ath.forthnet.gr [62.1.195.78])
        by mx.google.com with SMTP id t5si393084vch.28.2010.09.08.13.58.41;
        Wed, 08 Sep 2010 13:58:45 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning sg@fishinginthailand.com does not designate  
62.1.195.78 as permitted sender) client-ip=62.1.195.78; Authentication-Results: mx.google.com; 
spf=softfail (google.com: domain of transitioning sg@fishinginthailand.com does not designate 62.1.195.78 
as permitted sender) smtp.mail=sg@fishinginthailand.com
Received: from nntp.pinxodet.net ([120.212.73.149]) by smtp.doneohx.com with ESMTP; Thu, 09 Sep 
2010 21:52:24 +0100
 
Very similar routing to this email so the person behind it could be the same - if they hide this information 
they have something to hide from the authorities and China has a reputation for internet fraud
 
Message-ID: 
Date: Thu, 09 Sep 2010 21:39:36 +0100
From: "Amy J. Papineau" 
MIME-Version: 1.0
To: 
Subject: Check out my photos
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
.
IP 
62.1.195.78
Country 
Greece (GRC)  
Region 
Attiki
City 
Athens
and
IP
120.212.73.149
Country
China (CHN)  
Region
Beijing
City
Beijing
 
Google sender Amy J. Papineau
 


  • Spam.la - Fight spam, use an anonymous @spam.la address!

    02588520@spam.la, "Kimi", Order anti-ed without prescription, 34 mins 27 secs. 
    02588520@spam.la, "Amy J. Papineau", Check out my photos, 2 hours 26 mins ... 
    www.spam.la/?f=02588520 - Cached

  • Radaris: Looking for Amy Papineau? Attempting to track down ...

    Amy J Papineau A Alsterlund Amy Alsterlund, Coeur D Alene, IDCoeur D Alene, ID ...  
    Amy J Papineau. Amy Papineau. Died in 1983. Amy Papineau Amy Papineau ...  
    radaris.com/p/Amy/Papineau/
  • Webmaster says - Very similar to this scam email which if you click will put a trojan virus in your computer
    "Hola, te envĆ­o fotos nuevas (2-3 de ellos son demasiado franca, pero tĆŗ sabes que yo no  soy tĆ­mido ;-)). Captura: fotos"   We have removed the link to prevent crook infecting your computer OJAS from United States   on Delphi comments "The user screen name fishing in Thailand says a lot! Phishing! LOL! We have been asking newbies to pay attention to user names"  http://nextwink.com.au/useful/scammers.php

    Friday, August 20, 2010

    Inbox - Fotos (uno hoy y tres ayer!) Atrapados - Es el mismo estafador detrƔs de las fotos y las estafas de oferta de empleo espaƱol


    La delincuencia es grave, pero tambiƩn debemos darnos cuenta de que los estafadores detrƔs de estos intentos son terroristas y esperamos que la Interpol estƔn haciendo algo al respecto
    Crime is serious but we must also realize that the scammers behind these attempts are terrorists and we hope that Interpol are doing something about it - read this report 
    From: Amidio
    Sent: Friday, August 20, 2010 5:31 PM
    Subject: Re: fotos

    Hola, te envĆ­o fotos nuevas (2-3 de ellos son demasiado franca, pero tĆŗ sabes que yo no soy tĆ­mido ;-)). Captura: fotos
    Si hace clic obtendrĆ” un virus troyano

    InformaciĆ³n para la policĆ­a y Interpol
    Return-Path:
    Received: from 110-46-8.connect.netcom.no (110-46-8.connect.netcom.no [89.8.46.110])
        by mailer.ran.es (8.14.2/8.13.8) with ESMTP id o7KEV9T6031145;
        Fri, 20 Aug 2010 16:31:10 +0200
    Message-ID: <000d01cb4074$542361a0$6400a8c0@burlinessyt>
    From: "Amidio"
    To: <funkyhairnlw@itccommunications.net>
    Subject: Re: fotos
    Date: Fri, 20 Aug 2010 16:31:08 +0100
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
        boundary="----=_NextPart_000_0007_01CB4074.542361A0"
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook Express 6.00.2900.2180
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
    X-UIDL: 7
    Old-X-EsetId: E74D982990713469F84B987D9D2B70
    X-EsetId: E74D982990713469F84B987D9D2B70
    X-EsetScannerBuild: 7681

     
    Buscar en este Blog funkyhair
    Jun 07, 2010
    Jun 07, 2010
    To: Esto se hace normalmente en blanco, pero el correo fue funkyhair@itccommunications.net (como el propietario de este dominio, puedo confirmar que no hay direcciĆ³n de correo electrĆ³nico con ese nombre, asĆ­ que no sĆ© lo que el servidor ...

    Monday, June 7, 2010

    Ayer rtve 1 de la televisiĆ³n de difusiĆ³n nacional que la policĆ­a estĆ” siendo exitoso en la captura de la mafia Nigeria

    rtve Ayer 1 de la televisiĆ³n nacional espaƱola informĆ³ que la policĆ­a estĆ” siendo exitoso en la captura de la mafia nigeriana, residente en EspaƱa., ¿QuĆ© hay tras el premio de loterĆ­a y la benificiary de una estafa de las cartas de herencia, en lĆ­nea y se envĆ­a tambiĆ©n a nosotros por puesto. TambiĆ©n se mencionĆ³ que estĆ”n detrĆ”s de la estafa de empleo (se publica a continuaciĆ³n), que son intentos de phishing para robar su identidad. Este es el segundo intento de Phishing que he recibido de esta fuente en 24 horas.

    Hola! 
    Estas buscando un sobresueldo? Estoy trabajando ya durante 2 meses en las horas libres del trabajo principal a favor de una compania grande. En el mes pasado he cobrado 2.880 euros. Ellos siguen buscando colaboradores. Si necesitas un trabajo adicional, envia su breve resumen (nombre, apellidos, pais de residencia, ciudad, edad, telefono de contacto) a la direccion:

    h r m @ e s - t r a b a j o w u g . c o m [por favor elimine los espacios en la direccion de email]
    scam, es-citezen.com, e s - t r a b a j o w u g . c o m, espana-west.com, es-position.net, fotos,

    Monday, March 3, 2008

    Virus attack

    Down from midnight last monday to 2030 hour last friday due to this attack.

    Did someone not like one of the controversial postings?