Klez at it again

Mon May 17 11:30:46 PDT 2004

Folks,

Please review the mail headers, someone on one of these lists has Klez. 
This is not really bounce message: 1.  No Windoze here (much less
Outhouse) 2.  I don't think I know this e-mail address

The Return-Path has most certainly been altered.  But we can say that it
originated on comcast.net:

[68.58.49.21]) by mtaout06.icomcast.net
 (iPlanet Messaging Server 5.1 HotFix 0.6 (built Apr 26 2002))
 with SMTP id <0GVI000R09I5D4 at mtaout06.icomcast.net> for
david at pananix.com; Thu, 02 May 2002 18:37:25 -0400 (EDT)
Date: Thu, 02 May 2002 18:37:17 -0400 (EDT)
Date-warning: Date header was inserted by mtaout06.icomcast.net
From: postmaster <postmaster at pananix.com>
Subject: Undeliverable mail--"Troubleshooting"
To: david at pananix.com
Message-id: <0GVI000R19I5D4 at mtaout06.icomcast.net>
MIME-version: 1.0
Content-type: multipart/alternative;
 boundary="Boundary_(ID_wi9KXBf+sfYB8WitpSrZWA)"
X-Spam-Status: No, hits=0.0 required=5.0 tests= version=2.01
Status:   

The following mail can't be sent to Dcarpenterrn at aol.com:

From: david at pananix.com
To: Dcarpenterrn at aol.com
Subject: Troubleshooting
The attachment is the original mail

Attachments included the Klez virus (God, I'm getting tired of getting
them, I've over 60 copies now).

You don't have to fess up, just please reformat and reinstall your system,
then put on all the patches and STOP USING OUTHOUSE!

NOTE:  Klez, when run, first disables antivirus software, deletes
signature files from common AV programs, then installs itself as a
service.  You can't run, you can't hide, all you can do is reformat.

Thanx, and sorry for the interruption.  Now, back to our regularly
scheduled programming, with Perl^H^H^H^HLinux.

Ciao,

David A. Bandel
-- 
Focus on the dream, not the competition.
		-- Nemesis Racing Team motto