My Microsoft Outlook sbc/yahoo/dsl e-mail is being inundated with
KlezH virus messages which usually state "Mail Undeliverable..etc."
Symantec Antivirus catches these and deletes them. However, how can
these be stopped at the sbc/yahoo/dsl end? I cannot find anywhere to
ask them that question. What has also been happening is that e- mail
that has been previously dealt with several days before, including
deletion, reappears when I open my Microsoft Outlook connection days
later. What is going on, and how can I get rid of this inconvenience?
Sincerely, 
Thomas Murphy.

Hi Thomas,

The Klez virus spoofs the From address, making it a little more
difficult to determine the email's origin. However, it can be done and
armed with that info, you can contact their ISP and report the
problem.

With Yahoo mail, when reading the email you will find a link that says
"Full Headers". Click that link to reveal the header information
associated with that email. Look for "Return-Path". The email address
listed there is the actual sender (and the actual person infected with
Klez).

With Microsoft Outlook, you don't need to actually read the message.
Just right-click it where it appears in the top pane list. Select
Options from the drop down menu. In the ensuing dialog box, you will
see the actual headers of the message appear. Again, make note of the
email address listed in "Return-Path".

Armed with these email addresses, determine who the ISP is, i.e. the
information to the right of the @ sign in the email address. Send a
message to abuse@ followed by the ISP, for example abuse@rr.com (for
Road Runner) and alert them to the fact that you are receiving Klez
infected email from (include the Return Path email address).

As an example, let's say the headers indicated that the person sending
the Klez infected email was xyz@someisp.com. You would send an email
to abuse@someisp.com, alerting them to the fact that one of their
subscribers, xyz@someisp.com, was infected with Klez and sending
infected emails out.

It's important to remember that - as frustrating as the situation is -
the person who is sending the emails is not deliberately doing so.
Klez disables antivirus software on the system, so it is very likely
the person is completely unaware they are infected.

Antivirus vendor McAfee provides a free detection and removal tool for
all variants of Klez. You can read more about Stinger at:
http://antivirus.about.com/library/weekly/aa100802a.htm

You may download Stinger directly at:
http://vil.nai.com/vil/stinger/

You can also contact your ISP and ask if they have virus scanning or
filtering available at the server. They quite often do, it's usually
free, and it's a simple matter of asking them to enable it.

Klez is the most prevalent of viruses right now and has been a top
infector since it was first released over a year ago. Since it sends
itself to people whose email addresses are found on an infected user's
system, chances are you may know the person who is sending it to you.
Though you seem to be receiving them mainly with the fake
"undeliverable message" text, Klez can send itself as holiday
greetings or with dozens of other subject lines and message bodies.

A discussion of the continuing Klez plague can be found at:
http://antivirus.about.com/library/weekly/aa030503a.htm

An indepth, technical analysis of Klez can be found at:
http://www.virusbtn.com/resources/viruses/indepth/klez.xml

In summary, reporting a nuisance like Klez is no different than
reporting a spam nuisance. After all, it is unsolicited email. A good
resource for spam reporting can be found at:
http://www.rawdc.org/web/spam.html

Hope this helps! If you need clarification on any of these steps,
please let me know!

antivirus-ga

Thanks for your comprehensive analysis. I shall follow it to the
letter, and hopefuly get rid of these e-mails once and for all

Outlook is notorious for viruses. I would suggest switching to another
email client. Eudora (http://www.eudora.com) is excellent. I use the
email client built into Mozilla (http://www.mozilla.com) which I like
even more. The Mozilla web browser rocks too! -shiva777

Switching programs will not stop people from sending you viruses.  I
don't think yahoo offers an antivirus program on their end.  If these
messages come from many different email addresses, you will have to do
the inevitable... Stop using that email address and start using a
different (new) email address.  Don't enter it on webpages, especially
for "free" stuff.  Those people sell you address until everyone has
it.  Once you are on a "virus" mailing list, or spam list of any type,
it is practically impossible to be removed from it.

Side note, Eudora is not "excellent".

Perhaps files still infected with viruses are still in your mailboxes
or in the trash section of Outlook, and you have not emptied the
trash. A remote possibility is that the virus makes the email pop back
into the Inbox folder.

SBC Yahoo has itss own virus protection. There should be a technical
support number to call in case of problems. Perhaps you are at a user
privilege level that excludes antivirus checking on your email.

it may seem that the emails are reappearing, and this may be possible,
but it is more likely that you are simply recieving identical virus
emails. the viruses often send themselves more than once with the same
from address and subject line.

It actually sounds like you may have the virus.  Most antivirus
programs cannot entirely eliminate the klez virus.  You may want to go
to the following web site and run this tool. 
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html

Make sure you follow the instructions exactly.

I have the same problem and I have not found any way to stop it other
than setting a filter that deletes or moves them to a special folder.

I filter on the typical message from the virus checker