 Description
This mass-mailing worm (with dozens of name variants) comes in an executable file attached to an email message. Unfortunately, however, you don't necessarily have to run the file to facilitate your PC's infection; viewing the message in Microsoft Outlook's or Outlook Express' preview pane may execute the file automatically, thanks to a problem with some versions of Internet Explorer. The worm then gathers email addresses from your Windows Address Book and other files it scans on your computer.
How To Tell If Klez Is On Your PC
Symptoms vary by strain. Look for obviously false error messages (they may contain misspelled words and/or poor phrasing) that appear when you try to run various programs. Klez also renames executable files with random extensions, sometimes giving them hidden and system attributes, while renaming itself to take the place of a changed executable. If you browse the files on your primary hard drive and see executable files alongside others of similar length with strange extensions (Aol.cdc, Msoffice.vhe, etc.), an infection is likely.
How To Get Rid Of Klez
Use Windows' Add/Remove Programs function to remove your antivirus software and then reinstall it before trying to deal with Klez. Then, if you use McAfee VirusScan, launch the program and click Scan My Computer For Viruses, then make sure that Scan Subfolders, Scan All Files, and Scan For New Unknown Viruses are selected and click Scan. If the List Of Detected Files that appears when the scan is complete includes infected files, try using VirusScan's Clean option to repair the infected files. If that doesn't work, click Delete. Klez is fairly destructive, so make a note of the files that you're deleting. You'll probably have to replace them with clean copies from original installation CDs. |
Email This
Print This
