Charles "virus free for the moment" Andrews wrote:
>Several members of the CR list appear to have been infected by the W32.klez.h
>worm. I've received a number of infected posts from members of the list.
>
>The Symantec site appears to have a free tool to root out the worm, as well as
>directions for manual removal.
>
>Please disinfect....all these infected attachments are annoying..
>
>http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html
While this is good advice for Wintel users, note that one of the sneaky things about this virus is that it uses a false "From:" address, so there is no way to know whose infected machine it was sent from. It harvests addresses from the Outlook Express address book of the infected machine, which it uses for both "To:" and "From:" headers.
Thus, there's no point in sending a message to the putative sender, because that's not whose machine actually sent it.
I've even received versions of this that appeared to have come from myself, and I use a Mac!
Sheldon "This Is A Tough One" Brown
Newtonville, Massachusetts
+-------------------------------------------------------------+
| I often quote myself. It adds spice to my conversation. |
| --George Benard Shaw |
+-------------------------------------------------------------+
Harris Cyclery, West Newton, Massachusetts
Phone 617-244-9772, 617-244-1040, FAX 617-244-1041
http://harriscyclery.com
Hard-to-find parts shipped Worldwide
http://captainbike.com
Useful articles about bicycles and cycling
http://sheldonbrown.com