Re: klez being sent to the list

[Kimberly Thompson <lomara@xxxxxxxxxxxxx>]

On Sat, 2002-11-16 at 17:28, SicilianMother@aol.com wrote:
> In a message dated 11/16/2002 1:30:42 PM Pacific Standard Time, 
> lomara@earthlink.net writes:
> 
> > The machine that is infected
> > with Klez that is sending this crap to all of us is a Charter Pipeline
> > subscriber - 
> 
> What is this.........what is "charter pipline subscriber"......

This is most likely a person using Charter Pipeline for their cable
internet service. 
http://www.chartercom.com/products/internet/internet.asp

also, other 
> than this being a nuisance, is it harmful to our computers?  

It is always running on your machine, taking your resources to email
itself all over the place all the time.  It won't reformat your machine
or delete files. It'll also try to turn off your antivirus software.

Also keep in mind that it attaches a random file from your machine when
it emails itself to someone in your address book.  This means there is a
high likelihood that it could email something around that you'd rather
keep confidential.  

Read about what it does here
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html


Also, how do you 
> get it?  Do you get it from opening the email?  downloading it?  or simply 
> just by receiving it. 

If you are using Outlook express, it will exploit a known microsoft
security flaw in the preview window and run the virus without
doubleclicking the attachment.  If you aren't using the preview
window,and delete the email without looking at it, you'll be ok. 
Opening the email is sufficient to execute the virus.


People who are using non-windows machines are immune to klez.