Is this a new virus? n/m it is a KLEZ virus

pyonir

Lifer
Dec 18, 2001
40,855
319
126
the email text is:

Hi,This is a very nice game
This game is my first work.
You're the first player.
I expect you would like it.

and it comes with two attachments (which i haven't opened) called:

demo.exe
and
ispsbusy.htm

Anyone seen this before? the from address is weird too, it is:

From: 2GriladesSao_orl <2GriladesSao_orl@rwtrcdm.r>

Complete header:

-F: <ibo86@quixnet.net> Thu Aug 01 15:16:50 2002
Received: from smtp2.quixnet.net [63.65.123.52] by mostaffa.myownemail.com with ESMTP
(SMTPD32-6.00) id A72FDD00140; Thu, 01 Aug 2002 15:16:47 -0500
Received: from Fdpqdaicq (h162-040-129-212.ip.alltel.net [162.xxxx])
by smtp2.quixnet.net (8.9.3/8.9.3) with SMTP id QAA12510
for <serickson@iamit.com>; Thu, 1 Aug 2002 16:28:07 -0400 (EDT)
Date: Thu, 1 Aug 2002 16:28:07 -0400 (EDT)
Message-Id: <200208012028.QAA12510@smtp2.quixnet.net>
From: 2GriladesSao_orl <2GriladesSao_orl@rwtrcdm.r>
To: xxxxxxxx@iamit.com
Subject: A very nice game
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=B814FLr60H5AK81d38xn86azoe0
X-RCPT-TO: <xxxxxxx@iamit.com>
X-UIDL: 958519702
Status: U
 

edjam

Golden Member
May 3, 2001
1,196
0
0
Could be I suppose, probably is actually, send it to Symantec or someone.
 

HappyPuppy

Lifer
Apr 5, 2001
16,997
2
71
I got that same email last week. I deleted it like I do all email with unexpected attachments. You should do the same.
 

pyonir

Lifer
Dec 18, 2001
40,855
319
126
Originally posted by: HappyPuppy
I got that same email last week. I deleted it like I do all email with unexpected attachments. You should do the same.

oh i am. i was just curious. did a little googling and it looks like an old trojan virus. appears to be a pretty nasty one too. i wonder how i got it, i really don't give that email address out to anyone. oh well...

EDIT: actually found it is a Klez.E worm. :D
 

WarCon

Diamond Member
Feb 27, 2001
3,920
0
0
I think it might be Klez. I got that same email plus 13 others of different flavors.
 

Jfur

Diamond Member
Jul 9, 2001
6,044
0
0
A variant of Klez that spoofs email address and comes through some sort of javascript malcode is going around.