Subject: Another virus warning...
Hi friends :heartbeat: ...
Today I received another email with a virus in it. I looks like someone is using my email address on hotmail to spread viruses everywhere :no: :no: [-X ...
Or a virus program is making it automatically, so check your systems...
I'm guessing who could hate the poor good'ol Tormie O:) O:) O:) so much to use his email address for such things :-k :-k :-k ....
I'm thinking about a hacker attack, so I'm backing up the site very often, if something will happen I can restore the site entirely...

Hi. This is the qmail-send program at umail5.superb.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<lex71@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DSamXan@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DFunnygamebox@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dmarcnrg@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dwolferl@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<kristina.welther@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<oth@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1AcS4v-1qgUe80@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dmoorhuhn25@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<Giftzwerg260281@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DPeter_Poth@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<in@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DCulatorRacing1@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DMartin.Oswald@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1A6YMA-0cfqTI0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DCPetzoldTine@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DVerenaAlex71@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<_bender@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<gvlangsdorff@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<A.Stoll@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<BB2F@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<e.sauer@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<frank@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<mailing@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dchris@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1A54Zb-0KGfVQ0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dtommys-gameland@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<opr7jlv5a5jnxktp@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<devnull@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<stefanhary@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dbending_bender@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Ddasben@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<webhits@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1A6YnF-2BmJFY0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<ns@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<abrechnung@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<ctrust@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<E1AQQZA-0002bX-TO@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<payback@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<on@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<Armin.Blum@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<en@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<christian.lambert@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<ng_bender@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1APopa-0GrCtc0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<answer@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1APMyK-1PG0Ce0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<edaktion@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dcalvin@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<eland@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

--- Below this line is a copy of the message.



From: <tormentorclone@hotmail.com>
To:
Subject: Details
Sent: Monday, May 17, 2004 1:20 PM
I was surprised, too! :-(??
Who could suspect something like that? shit



+-+-+ X- Mail_Scanner: No Virus found
+-+-+ GAMERSHELL- AntiVirus Service
+-+-+ http://www.gamershell.com

Last edited by Tormie on 17 May 2004 20:08; edited 2 times in total
Subject:
Interesting.....
10.10.10.101 is not a routable IP address....
at least I don't think it is....
I may have to look it up.....

Subject:
Being a hotmail mail I don't know how to download headers, if it went in O.E. I simply go to spamcop to reveil the exact ip...

Subject:
hhrrrmmmmmmmm.....
Reserved IP adresses for private networks
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255


its official 10.10.10.101 is a non routable IP address....
which means it doesn't exist on the internet.....

Subject:
I know it, in any case I found this :

http://www.symantec.com/avcenter/ve...sober.g@mm.html

I'll write an annuncement for this...

Subject:
Torm, if you go into the mail options on a hotmail account. you can select it to show the advanced headers. that will show you the complete header with ip addresses and all when you open the e-mail.

Subject: Re: Another virus warning...
Ok, here is what spamcop.net said:

http://www.spamcop.net/sc?id=z48571...ddc25b62142cbez

it looks like the mail came from 207.228.225.114

and here is the message with the headers (without the virus): ::


X-Message-Info: JGTYoYF78jEHjJx36Oi8+YDSEg8qKPPD
Received: from vpop2.superb.net ([207.228.225.114]) by mc6-f36.hotmail.com with Microsoft SMTPSVC(5.0.2195.6713);
Mon, 17 May 2004 06:28:34 -0700
Received: (qmail 10875 invoked from network); 17 May 2004 13:28:23 -0000
Received: from unknown (HELO umail5.superb.net) (10.10.10.105)
by vpop2.superb.net with SMTP; 17 May 2004 13:28:23 -0000
Received: (qmail 18231 invoked for bounce); 17 May 2004 13:28:18 -0000
Date: 17 May 2004 13:28:18 -0000
From:
To:
Subject: failure notice
Return-Path: <>
Message-ID: <MC6-F36OWQOQfnil3NC000dc8c3@mc6-f36.hotmail.com>
X-OriginalArrivalTime: 17 May 2004 13:28:35.0179 (UTC) FILETIME=[DAD693B0:01C43C12]

Hi. This is the qmail-send program at umail5.superb.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<lex71@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DSamXan@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DFunnygamebox@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dmarcnrg@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dwolferl@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<kristina.welther@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<oth@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1AcS4v-1qgUe80@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dmoorhuhn25@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<Giftzwerg260281@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DPeter_Poth@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<in@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DCulatorRacing1@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DMartin.Oswald@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1A6YMA-0cfqTI0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DCPetzoldTine@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3DVerenaAlex71@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<_bender@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<gvlangsdorff@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<A.Stoll@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<BB2F@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<e.sauer@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<frank@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<mailing@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dchris@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1A54Zb-0KGfVQ0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dtommys-gameland@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<opr7jlv5a5jnxktp@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<devnull@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<stefanhary@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dbending_bender@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Ddasben@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<webhits@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1A6YnF-2BmJFY0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<ns@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<abrechnung@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<ctrust@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<E1AQQZA-0002bX-TO@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<payback@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<on@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<Armin.Blum@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<en@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<christian.lambert@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<ng_bender@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1APopa-0GrCtc0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<answer@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<1APMyK-1PG0Ce0@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<edaktion@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<3Dcalvin@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

<eland@gamershell.com>:
10.10.10.101 failed after I sent the message.
Remote host said: 554 mail server permanently rejected message (#5.3.0)

--- Below this line is a copy of the message.

Return-Path: <tormentorclone@hotmail.com>
Received: (qmail 11416 invoked by uid 503); 17 May 2004 13:21:34 -0000
Received: from unknown (HELO tormentorclone.com) (80.138.219.51)
by umail5.superb.net with SMTP; 17 May 2004 13:21:34 -0000
From:
To:
Date: Mon, 17 May 2004 13:20:00 GMT
Subject: Details
Importance: Normal
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
Message-ID: <86df10a153e012.21550.qmail@hotmail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="===640b4d7dfab2a68e9d2eb8790"
Content-Transfer-Encoding: 7bit
This is a multi-part message in MIME format.

--===640b4d7dfab2a68e9d2eb8790

I was surprised, too! :-(??
Who could suspect something like that? shit

Last edited by Tormie on 17 May 2004 22:00; edited 1 time in total
Subject:
Maybe it is one of those people whom you play Wolfenstein with.
Gamers and viruses go hand in hand.
You said that you kicked some guy's ass pretty good.
Maybe this is how they are getting back at you.

Profile PM  
Subject:
The most of the e-mail addresses are @gamershell.com they are gamers is almost certainty!

Profile PM  
Subject:
C:Documents and SettingsBBunes.MRIPA>tracert 207.228.225.114

Tracing route to vpop2.superb.net [207.228.225.114]
over a maximum of 30 hops:

1 3 ms 6 ms 1 ms 209.180.181.249
2 41 ms 211 ms 207 ms eug-edge-01.inet.qwest.net [207.109.242.113]
3 142 ms 41 ms 27 ms egn-core-01.inet.qwest.net [207.109.240.241]
4 13 ms 13 ms 15 ms pdx-core-01.inet.qwest.net [205.171.205.210]
5 58 ms 20 ms 18 ms tkw-core-02.inet.qwest.net [205.171.205.102]
6 37 ms 25 ms 19 ms tkw-core-03.inet.qwest.net [205.171.190.10]
7 39 ms 63 ms 40 ms svl-core-02.inet.qwest.net [205.171.205.110]
8 50 ms 72 ms 39 ms svl-core-01.inet.qwest.net [205.171.14.117]
9 41 ms 41 ms 58 ms bur-core-03.inet.qwest.net [205.171.8.241]
10 39 ms 39 ms 40 ms bur-core-02.inet.qwest.net [205.171.13.45]
11 48 ms 38 ms 40 ms lap-brdr-01.inet.qwest.net [205.171.213.50]
12 68 ms 61 ms 82 ms 205.171.1.82
13 140 ms 62 ms 38 ms pos5-0-2488M.cr1.LAX1.gblx.net [67.17.72.105]
14 99 ms 99 ms 100 ms pos0-0-2488M.cr1.WDC2.gblx.net [67.17.71.22]
15 104 ms 99 ms 99 ms so7-0-0-2488M.ar3.WDC2.gblx.net [67.17.71.14]
16 100 ms 99 ms 100 ms pos6-3.core1.dca1.hopone.net [64.211.206.102]
17 99 ms * 104 ms vl2.rsm1.dist1.dca1.hopone.net [207.228.224.134]

18 * * * Request timed out.
19 * * ^C

the IP address resolved to hopone.net out of washington dc, its on a close enough subnet to assume that its only probably 1 or 2 more hops away

from the looks of things, it may even be the games server.....

Subject:
Search results for: 207.228.225.114


OrgName: HopOne Internet Corporation
OrgID: HOPO
Address: 1010 Wisconsin Avenue N.W.
City: Washington
StateProv: DC
PostalCode: 20007-3603
Country: US

NetRange: 207.228.224.0 - 207.228.255.255
CIDR: 207.228.224.0/19
NetName: HOPONE-DCA1-1
NetHandle: NET-207-228-224-0-1
Parent: NET-207-0-0-0-0
NetType: Direct Assignment
NameServer: NS1.HOPONE.NET
NameServer: NS3.HOPONE.NET
NameServer: NS2.HOPONE.NET
NameServer: NS4.HOPONE.NET
Comment:
RegDate: 1999-12-07
Updated: 2003-08-19

TechHandle: HJ48-ARIN
TechName: Jass, Haralds
TechPhone: +1-202-318-0530
TechEmail:

OrgAbuseHandle: IPADM132-ARIN
OrgAbuseName: IP Administration
OrgAbusePhone: +1-202-318-0530
OrgAbuseEmail:

OrgTechHandle: HJ48-ARIN
OrgTechName: Jass, Haralds
OrgTechPhone: +1-202-318-0530
OrgTechEmail:

# ARIN WHOIS database, last updated 2004-05-16 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

Subject:
How do you say "give em shit Torm" in Italian?

Subject:
..There are 2 or 3 versions :bigrinnin:...

I red about this worm virus today on our newspapers too... the virus spread itself without the intention of the PC owner, he only has the addresses of the site...


Page 1 of 1


  
You cannot post new topics
You cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls
You cannot attach files
You cannot download files
You cannot post calendar events