Over the last 24 hours my internet provider has filtered out and alerted me concerning 7 virus containing e-mails. I have never had this great a number of these things hit me… One of the e-mails is from Tony Dixon in the UK. The title of the e-mail is ‘300,000 Jobs’. I have never had any kind of contact with Tony or his business, and I am certain our Tony Dixon is not sending out these bombs. I am able to safely open this kind of stuff without allowing it to infect my own computer, and did so on the e-mail attributed to Tony. It did not contain an enclosure, but the text was miles and miles of computer language.
Curious…
Best to all.
Byll
There has been a recent resurgeance of the Klez virus in our little circle here, and one of its characteristics is that it fakes the sender name. A friend of mine had his name faked on one recently. If the virus you received is Klez, it means whoever’s machine it came from had both your email and Tony’s email in the mailbox, and grabbed one as “to” and one as “from”.
Irritating, isn’t it?
Yup…Irritating it is. It also means the machine it came from must be one of those associated with this board, to have both Tony’s and my e-mail addresses on it…
Cheers, Avanutria.
Byll
I average about 6-10 email infected with the Klez per day.
It’s things like this that make me glad I don’t use outlook. 
My school screens out suspicious attachments, too, and I have gotten a handful of pre-screened messages in the last few days, but I haven’t recognized the sender names.
Even if you don’t use outlook, you aren’t immune from at least getting it - although I’m not sure you can propagate it without outlook. I use Eudora and still get two a day, almost always allegedly from senders I don’t know. Luckily, McAfee gets almost all of them, although last week there was a Mime variant that McAfee was able to spot but not clean or delete. Fortunately, I was able to get rid of it the old-fashioned way.
Personally, I’d like to see someone in law enforcement start to take it seriously. These underparented brats and sociopathic nerds do untold financial damage annually, but there is no concerted effort to get and punish them. For myself, I’m all in favor of capital punishment for the antisocial little jackasses that keep developing these things, but at the very least they and/or their parents ought to be paying fines large enough to make sure thay never get their slimy little paws on another computer. As a mimimum, chopping off their hands, a la the Saudis, would be acceptable.
I got one supposedly from Tony Dixon this morning titled “W32.Klez.E removal tools” that was infected with Klez… very dirty trick indeed!
Of course the e-mail wasn’t really from Tony… careful inspection of the message header revealed the name of the true sender, but I won’t mention any names because I’m sure it was unintentional on their part since Klez e-mails itself.
Do be careful everybody… Klez won’t be going away any time soon.
Bainne na mbó 's na ngamhna, and the juice of the barley for me. </MARQUEE](http://www.stopstart.fsnet.co.uk/smilie/guin.gif></MARQUEE)>
[ This Message was edited by: raindog1970 on 2002-09-15 09:39 ]
Having investigated this recently, I will add that it is klez H you’re dealing with. They had a girl on another board recently apologizing to EVERYBODY just because her address got in someone’s as sender and the receiver chose to tell them on the board that they had a virus. Poor thing looked like a fool scanning her computer and posting notes saying, “Would you believe my virus software isn’t finding it?” Nobody there seemed to get it. There’s a special circle of Hell for those who set other people up like this, con artists and those who think it’s fun to frighten people. I was so glad that my software caught it like yours did!
Would someone who understands this Klez thing please IM me? I’m on AIM as Tyghress. I got an email from someone. . .I just need to have the virus explained. . .
Thanks
This is from the McAffe website.
What can this virus do?
This worm makes use of the Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability in Microsoft Internet Explorer (v 5.01 or 5.5 without SP2). Simply opening or previewing an infected message in a vulnerable email reader can result in infection.
The virus arrives in an email message containing a wide variety of possible subject lines and with the ability to “spoof” the “From” field.
Sample Message:
From (many possible): flag@21cn.com, yuezhi@citiz.net, click here for a list of other examples.
Subject (many possible): can you help me, we want peace, click here for a list of other possible subjects.
Body (many possible): Klez.E is the most common world-wide spreading worm. It’s very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can’t detect or clean it.We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC.
NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select ‘continue’. If you have any question,please mail to me.
Attachment (many possible): The file attachment name is generated randomly, and ends with a .exe, .scr, .pif, or .bat extension, for example: ALIGN.pif
The worm may also send a clean document found on the hard drive of an infected system.
When run, the virus will copy itself to the system folder and also insert a copy of the W95/Elkern.cav virus.
The virus will attempt to spread via a variety of methods. It mass-mails itself to email addresses found on the local system, exploits a Microsoft vulnerability (mentioned above), and spreads via network shares.
Click here for further details and information.
Hope this helps