Posted By:
jverri01Bob, et. al:
Actually - right now a wave of viruses that originated from the NIMDA 32 virus are spreading like crazy, globally. They are one of like 9 variations of a virus (actually a worm, but being called a virus) known as Klez. It has also been called Klez32, Klez32@, Klez.a, Klez.h, etc., etc.
What it is: an email message that arrives in your box. The subject is something like "hope you enjoy this", or "RE:". The worm uses a security breech in Outlook to access your hard drive. YOU DO NOT HAVE TO OPEN THE MESSAGE TO BE INFECTED BY IT. Simply RECEIVING IT IS ENOUGH.
What it does: It immediately takes hold of your address book. It randomly begins sending messages to people you have emailed, or received email messages from. YOU WILL NOT KNOW IT IS SENDING THE MESSAGES. many times, it will select a RANDOM file from your hard drive and attach it to the message. It creates a "community" of infected machines, that continue to grow in population. You will receive daily emails from addresses you have emailed previously, many with additional viruses attached.
If untreated, this virus is EXTREMELY harmful. It begins by damaging your file/directory structure, and can go as far as corrupting the operating system.
The trouble I am seeing:
NEW variations of this worm are proliferating right now. MOST Anti-Virus software claims to be able to disinfect the KLEZ virus. THIS IS NOT TRUE. Many of the new patterns (updates to anti-virus software) do NOT include the tools to disinfect newer flavors of KLEZ.
KLEZ buries itself in your REGISTRY, so, the damage it can do is far-reaching.
I have received several messages lately that my software has quarantined because of infection.
You do NOT have to be using Outlook for your system to be infected. EVEN if you have DISABLED Outlook - you can STILL be infected.
More information on the LATEST variation:
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_KLEZ.H