John, this is how it went
1. I received an original message frm 'tony'. It had two files attached purporting to be an IE6 patch for windoze. 2. This looked suspicious, I downloaded the files without opening them. They had the look of the present plague, the Klez worm. My AVG agreed. 3. I bounced the message back to 'tony' on the supposition that he was an innocent victim, putting through the list to warn other possible recipients. This reply didn't carry the original attachments so a) it couldn't infect anyone b) no Klez would be detected by any anti-virus program. 4. Any IE user opening the attachments to the original message from 'tony' would have their address book infected and become an innocent propagator. It may also start mashing up some of the operations on the host computer. All the A/V sites contain detailed information, it is a current major pest with many variants Hope this answers your questions Peter Goff <SNIP> ----- Original Message ----- From: "John G Hitchcock" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, August 27, 2002 9:21 PM Subject: Re: [ql-users] A IE 6.0 patch <SNIP> > ----- Original Message ----- > From: Peter Goff > To: [EMAIL PROTECTED] > Sent: Monday, August 26, 2002 9:06 PM > Subject: Re: [ql-users] A IE 6.0 patch > > > YOU'VE GOT KLEZ!!!! > ----- Original Message ----- > From: tony > To: [EMAIL PROTECTED] > Sent: Monday, August 26, 2002 8:25 PM > Subject: [ql-users] A IE 6.0 patch > > > Hi,This is a IE 6.0 patch > I hope you would enjoy it. > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.384 / Virus Database: 216 - Release Date: 21/08/02 > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.384 / Virus Database: 216 - Release Date: 21/08/02
