The two links are users.qwest.net/~benpeg72/Secure/wanadoo.swf and users.qwest.net/~lorddaven/Links/FlashPlayer10.0.45.2.exe are still active. I have forward to abuse (at) qwest.net and us-cert.gov but I have no answers/action.
Kaspersky detects it as Trojan-Spy.Win32.Zbot.afjs.
It is a malware/trojan detected by 16/41 antivirus companies.
Return-Path: <xxxxxxxxxx>
Received: from mwinf2b09.orange.fr (mwinf2b09 [10.232.22.37]) by mwinb7603 with LMTPA; Mon, 22 Feb 2010 07:34:41 +0100
X-Sieve: CMU Sieve 2.3
X-Bcc: xxxxxxxxxxxxxxxxxxxxxx
Received: from me-wanadoo.net (localhost [127.0.0.1]) by mwinf2b09.orange.fr (SMTP Server) with ESMTP id 9329C1C000A7 for <
[email protected]>; Mon, 22 Feb 2010 07:34:41 +0100 (CET)
Received: from orange (AMarseille-553-1-225-12.w92-153.abo.wanadoo.fr [92.153.17.12]) by mwinf2b09.orange.fr (SMTP Server) with SMTP id 2357A1C00051 for <xxxxxxxxxxxxx>; Mon, 22 Feb 2010 07:34:39 +0100 (CET)
X-ME-UUID:
[email protected]Content-Transfer-Encoding: 7bit
From: "Daisy" <xxxxxxxxxx>
To: <xxxxxxxxxxx>
Subject: [spam] oui ?
MIME-Version: 1.0
Content-Type: text/html;
charset="iso-8859-1"
X-Antivirus: avast! (VPS 100221-1, 21/02/2010), Outbound message
X-MimeOLE: Produced By Microsoft MimeOLE V6.1.7600.16385
X-Antivirus-Status: Clean
Message-ID: <
[email protected]>
X-SpamFlt-Status: Not Detected
Date: Mon, 22 Feb 2010 07:34:39 +0100 (CET)
X-me-spamlevel: not-spam
X-me-spamrating: 40.000000
X-me-spamcause: OK, (0)(0000)gggruggvucftvghtrhhoucdtuddrvdeltddrgedvgddvudduhecuteggodetufdouefnucfrrhhofhhilhgvmecuoffgnecuuegrihhlohhuthemuceftddtnecu
X-Text-Classification: spam
X-POPFile-Link: http://127.0.0.1:8080/jump_to_message?view=9892
<EMBED height=360
type=application/x-shockwave-flash width=634
src=http://www.users.qwest.net/~benpeg72/Secure/wanadoo.swf</FONT>
</FONT>
Posted: Tue Feb 23, 2010 2:12 pm 
