I've been sent a copy of the Klez virus 5 times in the last 4 days. It uses random subject lines so it can be kind of hard to guess whether it's a virus or not. If you don't have IE's security patches up to date the virus will execute automatically as soon as you open the e-mail - even if you don't click on the attachment.
http://www3.ca.com/solutions/collateral.asp?CT=65&ID=1705(I check my mail through a Unix server, so I'm not vulnerable. The HTML message appears to be corrupted to make the attachment appear to be a sound file, which Windows will automatically try to open and play if you used Outlook or Outlook Express to view the message.)
I've received 5 different messages, but one was actually kind of funny, it read:
"Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC. NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me."
It came from "support@ipix.com" which I traced to be a real website, but they wouldn't be making any anti-virus tools. If you look at the note that kind of gives it away too.
The problem is a direct result of M$'s terrible code! Speaking of that, take a look at:
http://www.eweek.com/article/0,3658,s%253D701%2526a%253D26875,00.asp It's an interesting way to try to protect your code, that's for sure.
