I have gotten about 10 emails with different names on them to my adult email accounts. When you clcik the email in Outlook it instantly tries to open and ask if you want to save it to disk or open.

The files says:
C:/Windows Temporary Internet
Files\Content.IE5\SE5V8XAJ\stuff.mp3.pif

Of course I elect to close =)


Here is the message source:

Return-Path: <klefholtz@netzero.net>
Delivered-To: webmaster@famouspornstars.com
Received: (qmail 68392 invoked from network); 25 Nov 2001 18:37:20 -0000
Received: from unknown (HELO mail7.wlv.netzero.net) (209.247.163.57)
by 64.62.104.68 with SMTP; 25 Nov 2001 18:37:20 -0000
Received: (qmail 27427 invoked from network); 25 Nov 2001 18:00:54 -0000
Received: from dialup-64.154.123.49.dial1.omaha1.level3.net (HELO aol.com) (64.154.123.49)
by mail7.wlv.netzero.net with SMTP; 25 Nov 2001 18:00:54 -0000
From: "kira lefholtz" <_klefholtz@netzero.net>
To: webmaster@pornstarsatplay.net
Subject: Re:
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="====_ABC1234567890DEF_===="
X-Priority: 3
X-MSMail-Priority: Normal
X-Unsent: 1


And on one of the others:

Return-Path: <zombie55@earthlink.net>
Delivered-To: webmaster@famouspornstars.com
Received: (qmail 65328 invoked from network); 25 Nov 2001 10:08:29 -0000
Received: from unknown (HELO harrier.prod.itd.earthlink.net) (207.217.120.12)
by 64.62.104.68 with SMTP; 25 Nov 2001 10:08:29 -0000
Received: from pool-63.53.131.67.nwrk.grid.net ([63.53.131.67] helo=aol.com)
by harrier.prod.itd.earthlink.net with smtp (Exim 3.33 #1)
id 167vdv-0004nU-00
for webmaster@famouspornstars.com; Sun, 25 Nov 2001 01:32:07 -0800
From: "Greg Hoggatt" <_zombie55@earthlink.net>
To: webmaster@famouspornstars.com
Subject: Re:
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="====_ABC1234567890DEF_===="
X-Priority: 3
X-MSMail-Priority: Normal
X-Unsent: 1
Message-Id: <E167vdv-0004nU-00@harrier.prod.itd.earthlink.net>
Date: Sun, 25 Nov 2001 01:32:07 -0800

Looks like it attaches and sends out in your email possibly. If someone wants the file I can send it to you.

Shane

And all of the subjects have been just
RE:

and 40kb in size

Shane

Its not new been getting it for weeks.
I delete anything with atachements nowdays dont even bother looking to see what it is.

I just started getting those myself.

Dont feel bad there is another even worse called concept virus and it wont prompt you for shit. Not only does it infect and send more mails it takes over your entire network on all win9x machines with a macro exploit.

Then after it takes over the network it adds more .nws and .eml files to every dir on your machine and starts copying other shit till it fills your drive 100%.

I have been getting this thing and finally learned to delete all emails around it to not run it and get rid of it. Once you open it you wont see anything except your CPU start heating up while it takes over everything.

Only way to fix = Format
Only protection linux or email filering on your email server because antivirus cant seem to catch it or remove it and i have tried a few of them.

So beware if you see an email with shit like aspdesktopfdgfrg in subject cause it just creates characters but always has the word desktop somewhere mixed in there.

Thanks toker!