E-mail this

  • Home

  • Search
  • Send Comments
  • What's New
  • Hottest 25
      Legends

  • Odd News
  • Glossary
  • FAQ

  • Autos
  • Business
  • Cokelore
  • College
  • Computers

  • Crime
  • Critter Country
  • Disney
  • Embarrassments
  • Food

  • Glurge Gallery
  • History
  • Holidays
  • Horrors
  • Humor

  • Inboxer Rebellion
  • Language
  • Legal
  • Lost Legends
  • Love

  • Luck
  • Media Matters
  • Medical
  • Military
  • Movies

  • Music
  • Old Wives' Tales
  • Photo Gallery
  • Politics
  • Pregnancy

  • Quotes
  • Racial Rumors
  • Radio & TV
  • Religion
  • Risqué Business

  • Science
  • September 11
  • Sports
  • Titanic
  • Toxin du jour

  • Travel
  • Weddings

  • Message Archive
 
Home --> Computers --> Virus Hoaxes & Realities --> Klez

Klez

Virus name:   Klez   (also known as W32/Klez.gen@MM or W32.Klez.E).

Status:   Real.

Origins:   The Klez virus arrives as an attachment to e-mails bearing spoofed return addresses and subject lines selected randomly from a large pool of choices. The subject line might be any of the following:
  • congratulations
  • darling
  • eager to see you
  • the Garden of Eden
  • honey
  • how are you
  • introduction on ADSL
  • japanese girl VS playboy
  • japanese lass' sexy pictures
  • let's be friends
  • look,my beautiful girl friend
  • meeting notice
  • please try again
  • questionnaire
  • so cool a flash,enjoy it
  • some questions
  • sos!
  • spice girls' vocal concert
  • welcome to my hometown
  • Worm Klez.E immunity
  • your password
  • Returned mail—"[random phrase]"
  • Undeliverable mail—"[random phrase]"
  • a [random phrase] game
  • a [random phrase] patch
  • a [random phrase] tool
  • a [random phrase] website
  • [random phrase] removal tools
Where [random phrase] is one or two words selected from the following list (e.g., "W32.Elkern removal tools," "a special powful tool"):
  • excite
  • funny
  • good
  • humour
  • new
  • nice
  • powful

  • F-Secure
  • IE 6.0
  • Kaspersky
  • Mcafee
  • Sophos
  • Symantec
  • Trendmicro
  • W32.Elkern
  • W32.Klez.E
  • WinXP
Klez exploits a bug in Microsoft's Internet Explorer (version 5) to infect a user's system, and once installed it sends out e-mail messages to addresses found in local files, Microsoft Outlook address books, and ICQ address books. It will also overwrite any txt, .htm, .html, .wab, .doc, .xls, .jpg, .cpp, .c, .pas, .mpg, .mpeg, .bak, or .mp3 file on the 6th of every odd numbered month (January, March, May, July, September, and November).

See the links below for more information on how to detect and remove Klez.

Additional Information:
    W32.Klez.H@mm W32.Klez.H@mm
(Symantec Security Response)
    W32/Klez.e@MM W32/Klez.e@MM
(McAfee Virus Information Library)
    How to save your PC from virus attacks How to Save Your PC from Virus Attacks
(CNN.com)
Last updated:   28 January 2008

Urban Legends Reference Pages © 1995-2014 by snopes.com.
This material may not be reproduced without permission.
snopes and the snopes.com logo are registered service marks of snopes.com.