| |
Hey Stupid
Our Second virus sender
sender....IP#63.170.211.129
mail information below
MIME-Version: 1.0
Received: from [63.170.211.129] by hotmail.com (3.2)
with ESMTP id
MHotMailBC6ACC4E00834004311F3FAAD381058E0; Sat Mar 03
15:42:26 2001
From Sat Mar 03 15:43:15 2001
Today, Snowhite was turning 18. The 7 Dwarfs always
where very educated
and polite with Snowhite. When they
go out work at mornign, they promissed a *huge* surprise.
Snowhite was anxious. Suddlently, the door open,
and
the Seven Dwarfs enter...
Attachment: dwarf4you.exe (30k)
***********Scanning************
Name of File Virus Scan Result
dwarf4you.exe W32/Hybris.gen@MM Virus Found
There is no cure available for the virus on the file dwarf4you.exe
***********Start GPS Scan************
Scan Complete
Registrant:
Southnet (SONET2-DOM)
Route 1 Box 13G
Hamilton, AL 35570
Hamilton, AL 35570 US
Domain Name: SONET.NET
Administrative Contact, Technical Contact:
Williams, Anthony C (AW154) tony@SONET.NET
Southnet
PO Box 1775
Hamilton, AL 35570
205.921.2040 (FAX) 205.921.7032
Billing Contact:
Cantrell, Alan (AC571) alan@SONET.NET
Southnet
PO Box 1775
Hamilton, AL 35570
205.921.7801
Record last updated on 04-Jan-2001.
Record expires on 10-Jan-2002.
Record created on 09-Jan-1996.
Database last updated on 25-Feb-2001 07:02:21 EST.
Domain servers in listed order:
DNS.SONET.NET 206.104.254.2
RAPTOR.VIPER.NET 204.181.41.4
Traced to Haleyville.
Haleyville Zoom...but Gps went one step futher,looks like
some has control of his computer and now it has picked
up the illeagal connection see below
TROJAN DETECTED LOCATION
Destination: www.63.170.211.129.com
********TROJAN SOURCE GPS SCANNING********
# Name IP Address Location RT* High Low Avg Total Dropped WhoIs
1) jas1804tc2ns.sonet.net 63.91.84.10
Unknown 146 160 146 152 3 0(0%) 1
2) jas1804-7100.sonet.net 63.160.10.1
Unknown 162 162 147 152 3 0(0%) 1
3) 228.atm1-0.gw1.atl5.alter.net 157.130.79.37
lon 33.742N, lat 84.383W
181 181 177 179 3 0(0%) 2
4) 143.at-5-0-0.xr1.atl5.alter.net 152.63.80.130
lon 33.742N, lat 84.383W
182 182 180 181 3 0(0%) 2
5) 0.so-3-0-0.tr1.atl5.alter.net 152.63.9.229
lon 33.742N, lat 84.383W
180 184 180 181 3 0(0%) 2
6) 129.at-6-2-0.tr1.dca8.alter.net 146.188.141.170
lon 38.908N, lat 77.017W
210 221 191 207 3 0(0%) 2
7) 0.so-4-3-0.xr1.dca8.alter.net 152.63.144.50
lon 38.908N, lat 77.017W
< 200 200 197 198 3 0(0%) 2
8) pos6-0.br4.dca8.alter.net 152.63.36.21
lon 38.908N, lat 77.017W
192 192 188 189 3 0(0%) 2
9) 137.39.52.54 Unknown 202 202 187 192 3 0(0%) -
10) p4-0-0.r00.mclnva02.us.bb.verio.net 129.250.2.249 Unknown 206 206 196 202 3 0(0%) 3
11) p4-0-1.r05.plalca01.us.bb.verio.net 129.250.2.245
lon 37.442N,lat 122.142W
282 307 280 289 3 0(0%) 3
12) p4-6-2-0.r06.plalca01.us.bb.verio.net 129.250.3.113
lon 37.442N, lat 122.142W
290 290 278 282 3 0(0%) 3
13) p1-0-0-0.r00.oremut01.us.bb.verio.net 129.250.3.26 Unknown 306 310 303 306 3 0(0%) 3
14) pvu0.vwhpvu0.verio.net 129.250.29.194 Unknown 301 398 295 331 3 0(0%) 3
15) 129.com 192.41.43.230 Unknown 309 309 294 300 3 0(0%) 4
********All times in milliseconds (ms)*********
Our Trojan User is here
The exact Location cannot not be given
because our user is located in the united states
WE WILL CRIMINALLY PROSECUTE TO THE FULLEST EXTENT OF THE LAW!!!!
1) The Data is for information purposes, and to assist persons in obtaining information about or related to Criminal Activeity. By submitting a
WHOIS query, you agree that you will use this Data only for Lawful Purposes ONLY.
Your Busted...IP# 63.170.211.129
Your infected with a Trojan.
Get a new Virus Scanner or up date your Virus Tables
|
|
