Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » W32/Klez.A@mm

Overview

Threat Risk MEDIUM MEDIUM
Destructivity MEDIUM MEDIUM
Payload Drops destructive virus
Detection files published 29 Oct 2001 03:00:00
Description created 04 Nov 2001 03:00:00
Description updated 09 Jan 2002 04:05:00
Malware type WORM
Alias Kleezer
Klaz
Spreading mechanism EMAIL
Summary None

W32/Klez.A@mm

Spreading

This worm, similar to the W32/Nimda.A and W32/Toal series of viruses, uses a security hole in Internet Explorer to automatically execute when a user opens or previews the mail in Outlook/Outlook Express.

Payload Details

As mentioned, Klez installs a virus, W95/Elkern, on infected machines. This virus can be destructive in certain settings.

Analysis

n/a

Removal

The worm itself will be deleted. In addition, the system may need to be cleaned of the W95/ElKern virus, which is planted by the worm. Despite the name prefix this virus will only work under some releases of Win98.


Last Updated: 12 Nov 2015 11:06:10