Silent noise - about spam, trojans and other nasty stuff

I don't know what this guy was thinking.
Started out with a usual soddy story that a good 419 scam is supposed to contain.

Ramadan Kareem

My name Madam Henan Abdul-haleem Ali .from Basrah address:shu'aiba
\basrah refinery\refinery houses:no.(20)Basrah city .My husband
Engineering contractorBasrah oil Refinery company Ltd.Whom was
killed by bomblast attack on his way to work. his convoy came
under attack by roadside bomb blast kililling his driver & body
guards,b4 my husband death he received the sum of $11million from

Virustotal a few moments ago: Result: 1/41 (2.44%). Comodo is the one recognizing it.

A dig for antivirus-fast-scan04. com shows right now:

antivirus-fast-scan04.com. 1900 IN      A       94.102.51.26
antivirus-fast-scan04.com. 1900 IN      A       78.46.251.43
antivirus-fast-scan04.com. 1900 IN      A       88.198.107.25
antivirus-fast-scan04.com. 1900 IN      A       88.198.120.177
antivirus-fast-scan04.com. 1900 IN      A       91.212.107.5
antivirus-fast-scan04.com. 1900 IN      A       91.212.127.200

From the top:
94.102.51.26: Ecatel

To protect your privacy, your card will formally be billed as a payment
for a product or service at some lawful online store.
The administration of that store doesn't know anything about memberships
we sold. They really sure that you purchased their product.

Legal?
Work of art?
Or abused children?

You know the answer to that.

The Viral Spiral spammer on the loose again.
He has been for a while now, after he disappeared from this mailbox some years ago.
Most of his stuff ends up in the spamfolder these days.

There are a few signs that tells me he has partnered up with the ROKSO-listed spammer John Pirro.

Since I am scribbling down stuff mostly about trojans, viruses, spam and other nasty things, I am quite used to see that phrase. Or variations of that phrase. E.g. in connection with scareware, you know those fake "Antivirus 2009 Pro" or whatever they call themselves. "Warning: Your computer is infected with spyware!"
Some time back it showed up in a slightly bit different connection, an alleged receipt from a payment processor. The whole sentence (yes, in capitals):

WARNING! FOR SECURITY REASON, DO NOT CONTACT BANK OR BILLING COMPANY REGARDING THIS ORDER!

Other customers of my host (fusednetwork.com) have been spammed by NextTree.

Link to the story so far:
http://blog.fusednetwork.com/2009/08/18/nexttree-finds-their-roots-in-spam/

I'm not one of those who got spammed, but I have a kind of morbid interest in spammers and other criminals on the net, so I gave it some seconds.