Dear user of mail.com,
Your account was used to send a huge amount of unsolicited commercial e-mail during this week.
Probably, your computer was infected by a recent virus and now contains a trojaned proxy server.
We recommend that you follow our instruction in the attached file in order to keep your computer safe.
Best regards,
mail.com technical support team.
MAILER-DAEMON@mail.com
Der Anhang transcript.zip entpuppt sich als transcript.txt.exe, also als Schadprogramm:
MZêˇˇâˆ@ÿ∫¥ Õ!âˆLÕ!This program cannot be run in DOS mode.
$PEL‡`ÄÌêPı0UPX0ÄćUPX1`ê`@‡.rsrcd@¿1.24UPX! ˚áHë¶qµ∆˚\û&wˇá®êkernel32.dˇõÃflll5root\IEFrameATV˛ˇ¸H_Noterctrl_renwndˇ∑ˇˇ|y_Óœπ›ï¬g;ÑÄ‘8 ≤ü˚çx∂ˇˇˇ@@+ÙAÃ…OÕ¸ˇ◊%k@<èS6@ˇnˇflTÃ’Ëß3ªΩöAWÖ@]/∑€›@-
y(§,ä‹óø¸Âæ/øß8Ö/∑∑ˇÚ]é_Å’Dec£vOüS›æ˚€ep^ugJulnMayprkóÌÕFebaSa’›s∑ÌiThuWeduï¬Mo/≤èmø%s, %us.2u:Û¬{[c=Into≠µÌtGC:zHSta˚˛(dnsapiUiphlp
usw.
Details zur IP-Adresse 59.37.166.64
inetnum: 59.32.0.0 – 59.42.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
Wien Linz Freiburg 2025