There is a computer at our office that I believe is infected with Klez. Every Tuesday emails are sent back to the system from the postmaster and mailer daemon that messages sent from the machine couldn't be sent and we aren't trying to send anything from it. I ran McAfee with the latest DATs, also in MSDOS mode (I heard Klez deletes clean files and to avoid clean in DOS), also did the Daily Scan from McAfee's site in DOS mode but can't find anything. Any ideas or suggestions?

Well this might help if indeed it is the Klez virus http://service4.symantec.com/SUPPORT/ent-security.nsf/70687ac727bd80b78525655b007a5021/eb4a74d3e3ce858288256bae006c3657?OpenDocument

The Klez worm often forge's email headers of the infected mail, meaning that the mail may not actually be coming from where it appears to be. The worm takes addresses from the infected user's address book and pretends to mail the virus from that address. What often happens is that the email is rejected by the destination mail server, and returned to the email address that has been forged. Possibly thats what is happening here. Either that or you have a new variant. Either way, download a Klez fix tool from Symantec.com, and if that finds nothing, then don't worry about it.

An easy to use (not from DOS) tool is: AntiKlez,it's the 5th in the site : http://www.webattack.com/Freeware/security/fwavspecial.shtml I found it effective.

Download F-Prot 3.12 (fp-312.zip) antivirus from F-Secure's website. It's free and it's one of the best for FINDING viruses. And since it's DOS-based, it doesn't put all the hooks into Windows that another AV would. ftp://ftp.f-secure.com/anti-virus/free/ And make sure you download and unzip the latest definitions (fp-def.zip) to the folder you unzip the program to. Then, if you have Klez, or whatever other virus, go to Symantec's website and download the appropriate tool specific to that virus, and use that tool to CLEAN the virus (seems F-Prot leaves a bit to be desired for cleaning viruses). http://securityresponse.symantec.com/avcenter/tools.list.html Hope this helps.