listen up people......someone is carrying a worm or something of the sort on their system.
ive recieved emails from:
|clutch|@hotmail.com, Jeasus Freak@d3chicago.com, Ice Hammer@d3chicago.com, @DBBMailer.net, d3chicago.com and finally.....gameedit.com
People, PLEASE run checks on your systems. everyone ive talked to has reported clean results. this inlcudes both of my systems which i have scanned 10+ times now. its not a local host on my part, im fully updated and scanned, and im clean.
OMG Viruses
-
MD-2389
- Defender of the Night
- Posts: 13477
- Joined: Thu Nov 05, 1998 12:01 pm
- Location: Olathe, KS
- Contact:
Ace, you could have easily been a victim of the infamous dictionary attack. Thats how spammers are nabbing addresses. When I got back from my 2 week vacation, I found over 100 spam e-mails in my inbox....and I never gave it out to anyone other than people I know. I never posted it on the internet or anything. (Yes I realize your problem isn't spam, but the idea still applies.)
What flip is trying to say is that you need to look at the headers to see where the damn things are coming from. It doesn't matter of the addresses are spoofed or not, there is a good chance that the server address is legitimate.
What flip is trying to say is that you need to look at the headers to see where the damn things are coming from. It doesn't matter of the addresses are spoofed or not, there is a good chance that the server address is legitimate.
that, i know....problem is, they have stopped coming 
now i cant track them, unless i get another one.
*EDIT*
got one......
X-Message-Info: yilqo4+6kc64AXpUCzRAW0/E+7BGrT7U
Received: from localhost ([68.32.133.177]) by mc9-f6.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
Sun, 1 Aug 2004 06:30:23 -0700
From: <lclutchl@hotmail.com>
Reply-To: <lclutchl@hotmail.com>
X-Priority: 3 (Normal)
X-MailScanner: Found to be clean
Subject: Fw: here´s the document
To: <acecombatxfa27a@hotmail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="RxNQKjAMJUPTQmqRKBBAXBqtNnWfQSGv"
Return-Path: lclutchl@hotmail.com
Message-ID: <MC9-F6To0Esbwju6Ok40005ee2b@mc9-f6.hotmail.com>
X-OriginalArrivalTime: 01 Aug 2004 13:30:24.0093 (UTC) FILETIME=[B32688D0:01C477CB]
Date: 1 Aug 2004 06:30:24 -0700
looking at this:
Received: from localhost ([68.32.133.177]) by mc9-f6.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
Sun, 1 Aug 2004 06:30:23 -0700
but my IP is 65.83.202.97, how could it be Local?
**EDIT 2**
another one:
X-Message-Info: EoYTbT2lH2MsQxQLKd6QGg8OdPqYrWLN
Received: from localhost ([68.32.133.177]) by mc3-f26.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
Sat, 31 Jul 2004 13:46:50 -0700
From: <bug@geom.umn.edu>
Reply-To: <bug@geom.umn.edu>
X-Priority: 3 (Normal)
X-MailScanner: Found to be clean
Subject: here´s the archive you requested
To: <acecombatxfa27a@hotmail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="wRujbudSMryVKoqtDnSLsElnVPvViBDC"
Return-Path: bug@geom.umn.edu
Message-ID: <MC3-F26FUuaS434g6d5000374f2@mc3-f26.hotmail.com>
X-OriginalArrivalTime: 31 Jul 2004 20:46:50.0475 (UTC) FILETIME=[810993B0:01C4773F]
Date: 31 Jul 2004 13:46:50 -0700
***EDIT 3***
yet another one:
X-Message-Info: yilqo4+6kc64AXpUCzRAW0/E+7BGrT7U
Received: from localhost ([68.32.133.177]) by mc1-f23.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
Sat, 31 Jul 2004 18:32:06 -0700
From: <anything@gmail.com>
Reply-To: <anything@gmail.com>
X-Priority: 3 (Normal)
X-MailScanner: Found to be clean
Subject: Fw: Undeliverable mail--
To: <acecombatxfa27a@hotmail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="leIpiICOEAoLbUioQiRGcJmfwFMlnNQp"
Return-Path: anything@gmail.com
Message-ID: <MC1-F23kw28kalWaQPa000585d9@mc1-f23.hotmail.com>
X-OriginalArrivalTime: 01 Aug 2004 01:32:06.0312 (UTC) FILETIME=[5ADF0A80:01C47767]
Date: 31 Jul 2004 18:32:06 -0700
****EDIT 4****
then i found this:
Dear Name:
This is not Spam. You agreed to receive information regarding business
opportunities when you signed up from IP address (Put their IP address here)
I would like to send you details on an outstanding business opportunity, but
I only want to send this information to those people who wish to receive it.
If you would like me to send you additional information you can signup for
my information by clicking on the following link.
http://www.isoregister.com/9810354341/chub50
If you do not wish to be contacted again, then you can click on this link
and you will be removed from my list forever. (Put unsubscribe link here)
Either way, I thank you for your time and wish you much success in the
future.
All the Best,
Daniel J. Salzano
http://www.isoresponder.com/remove.php?id=44405-208
You provided the following infor
Thanks,
Daniel J. Salzano
PO BX 200605
South Ozone Park, NY 11420-0605
corky195094@msn.com
This is not an unsolicited Email. You subscribed to this Mailing List on
2004-07-31 00:00:00 from IP Address 68.154.42.89. In case you wish to
unsubscribe yourself from this Mailing List, kindly click the following URL:
http://www.isoresponder.com/remove.php?id=44405-208
thats not my IP again.......WTF is going on here jeez
*****EDIT 5*****
then i found this:
Hello andrew,
You are receiving this email because you agreed to receive
offers regarding Online Business Opportunities to your mailbox
either by subscribing to this list from our website at
http://www.myibizweekly.com or http://ezineadhelper.com from
one of our many associated opt-in special offer websites.
This is the information I have on file:
First Name: andrew
Email Address: acecombatxfa27a@hotmail.com
If you need to change your name, email address, please click
on the link below to make any changes:
http://www.ezineadhelper.com/cgi-bin/ar ... 015&p=9999
If your browser does not recognize the link below as live,
you may cancel by sending the following email:
mailto:webmaster@ezineadhelper.com?subject=MIBWremoval and I
will manually remove you.
Or just click the link at the bottom of this email to
unsubscribe automatically.
You may contact us here:
Copyright(c) 2004 KDM Publishing
Ezine Ad Helper.com
My IBiz Weekly.com
Ezine Ad Helper, and My IBiz Weekly is owned by:
KDM Publishing
Owner: Donesia Muhammad
264 Jadetree Drive
Hopkins, SC 29061
(877)256-8119 Voice Mail
Disclaimer:
All subscribers are double optin. We do not spam email
addresses to subscribe. We do not collect email addresses
from web sites, phone books or offers that are sent to us
which are sometimes spam. We don't hold
people captive.
All subscribers have the opportunity to unsubscribe from any
newsletter at any time using the unsubscribe line at the
bottom of the newsletter or the maintenance forms at the web
site. Subscribers can subscribe or unsubscribe at will from
any or all ezines. From time to time we may have links to
other websites from our sites. We do not control, and
therefore cannot be responsible for the collection, use or
disclosure of your information by any such third party site.
Please carefully review the privacy policy of any third
party site that you link to from our newsletters. Reprint
only with permission from copyright holder (s). All
trademarks are property of their respective owners.
Donesia Muhammad, publisher and webmaster
http://EzineAdHelper.com
======================
If you wish to cancel your subscription, simply click once on the link below.
http://www.ezineadhelper.com/cgi-bin/ar ... 015&p=9999
this shiz is starting to piss me off
now i cant track them, unless i get another one.
*EDIT*
got one......
X-Message-Info: yilqo4+6kc64AXpUCzRAW0/E+7BGrT7U
Received: from localhost ([68.32.133.177]) by mc9-f6.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
Sun, 1 Aug 2004 06:30:23 -0700
From: <lclutchl@hotmail.com>
Reply-To: <lclutchl@hotmail.com>
X-Priority: 3 (Normal)
X-MailScanner: Found to be clean
Subject: Fw: here´s the document
To: <acecombatxfa27a@hotmail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="RxNQKjAMJUPTQmqRKBBAXBqtNnWfQSGv"
Return-Path: lclutchl@hotmail.com
Message-ID: <MC9-F6To0Esbwju6Ok40005ee2b@mc9-f6.hotmail.com>
X-OriginalArrivalTime: 01 Aug 2004 13:30:24.0093 (UTC) FILETIME=[B32688D0:01C477CB]
Date: 1 Aug 2004 06:30:24 -0700
looking at this:
Received: from localhost ([68.32.133.177]) by mc9-f6.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
Sun, 1 Aug 2004 06:30:23 -0700
but my IP is 65.83.202.97, how could it be Local?
**EDIT 2**
another one:
X-Message-Info: EoYTbT2lH2MsQxQLKd6QGg8OdPqYrWLN
Received: from localhost ([68.32.133.177]) by mc3-f26.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
Sat, 31 Jul 2004 13:46:50 -0700
From: <bug@geom.umn.edu>
Reply-To: <bug@geom.umn.edu>
X-Priority: 3 (Normal)
X-MailScanner: Found to be clean
Subject: here´s the archive you requested
To: <acecombatxfa27a@hotmail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="wRujbudSMryVKoqtDnSLsElnVPvViBDC"
Return-Path: bug@geom.umn.edu
Message-ID: <MC3-F26FUuaS434g6d5000374f2@mc3-f26.hotmail.com>
X-OriginalArrivalTime: 31 Jul 2004 20:46:50.0475 (UTC) FILETIME=[810993B0:01C4773F]
Date: 31 Jul 2004 13:46:50 -0700
***EDIT 3***
yet another one:
X-Message-Info: yilqo4+6kc64AXpUCzRAW0/E+7BGrT7U
Received: from localhost ([68.32.133.177]) by mc1-f23.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
Sat, 31 Jul 2004 18:32:06 -0700
From: <anything@gmail.com>
Reply-To: <anything@gmail.com>
X-Priority: 3 (Normal)
X-MailScanner: Found to be clean
Subject: Fw: Undeliverable mail--
To: <acecombatxfa27a@hotmail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="leIpiICOEAoLbUioQiRGcJmfwFMlnNQp"
Return-Path: anything@gmail.com
Message-ID: <MC1-F23kw28kalWaQPa000585d9@mc1-f23.hotmail.com>
X-OriginalArrivalTime: 01 Aug 2004 01:32:06.0312 (UTC) FILETIME=[5ADF0A80:01C47767]
Date: 31 Jul 2004 18:32:06 -0700
****EDIT 4****
then i found this:
Dear Name:
This is not Spam. You agreed to receive information regarding business
opportunities when you signed up from IP address (Put their IP address here)
I would like to send you details on an outstanding business opportunity, but
I only want to send this information to those people who wish to receive it.
If you would like me to send you additional information you can signup for
my information by clicking on the following link.
http://www.isoregister.com/9810354341/chub50
If you do not wish to be contacted again, then you can click on this link
and you will be removed from my list forever. (Put unsubscribe link here)
Either way, I thank you for your time and wish you much success in the
future.
All the Best,
Daniel J. Salzano
http://www.isoresponder.com/remove.php?id=44405-208
You provided the following infor
Thanks,
Daniel J. Salzano
PO BX 200605
South Ozone Park, NY 11420-0605
corky195094@msn.com
This is not an unsolicited Email. You subscribed to this Mailing List on
2004-07-31 00:00:00 from IP Address 68.154.42.89. In case you wish to
unsubscribe yourself from this Mailing List, kindly click the following URL:
http://www.isoresponder.com/remove.php?id=44405-208
thats not my IP again.......WTF is going on here jeez
*****EDIT 5*****
then i found this:
Hello andrew,
You are receiving this email because you agreed to receive
offers regarding Online Business Opportunities to your mailbox
either by subscribing to this list from our website at
http://www.myibizweekly.com or http://ezineadhelper.com from
one of our many associated opt-in special offer websites.
This is the information I have on file:
First Name: andrew
Email Address: acecombatxfa27a@hotmail.com
If you need to change your name, email address, please click
on the link below to make any changes:
http://www.ezineadhelper.com/cgi-bin/ar ... 015&p=9999
If your browser does not recognize the link below as live,
you may cancel by sending the following email:
mailto:webmaster@ezineadhelper.com?subject=MIBWremoval and I
will manually remove you.
Or just click the link at the bottom of this email to
unsubscribe automatically.
You may contact us here:
Copyright(c) 2004 KDM Publishing
Ezine Ad Helper.com
My IBiz Weekly.com
Ezine Ad Helper, and My IBiz Weekly is owned by:
KDM Publishing
Owner: Donesia Muhammad
264 Jadetree Drive
Hopkins, SC 29061
(877)256-8119 Voice Mail
Disclaimer:
All subscribers are double optin. We do not spam email
addresses to subscribe. We do not collect email addresses
from web sites, phone books or offers that are sent to us
which are sometimes spam. We don't hold
people captive.
All subscribers have the opportunity to unsubscribe from any
newsletter at any time using the unsubscribe line at the
bottom of the newsletter or the maintenance forms at the web
site. Subscribers can subscribe or unsubscribe at will from
any or all ezines. From time to time we may have links to
other websites from our sites. We do not control, and
therefore cannot be responsible for the collection, use or
disclosure of your information by any such third party site.
Please carefully review the privacy policy of any third
party site that you link to from our newsletters. Reprint
only with permission from copyright holder (s). All
trademarks are property of their respective owners.
Donesia Muhammad, publisher and webmaster
http://EzineAdHelper.com
======================
If you wish to cancel your subscription, simply click once on the link below.
http://www.ezineadhelper.com/cgi-bin/ar ... 015&p=9999
this shiz is starting to piss me off
