Information on Klez and Its Removal
Posted on 13.05.2002
Brief information
Klez is a virus that spreads via the Internet attached to infected e-mails. The worm itself is a Windows PE EXE file about 57-65Kb (depending on its version) in length, and it is written in Microsoft Visual C++.

When an infected file is started, the worm copies itself to a Windows system folder with the krn132.exe name. Then it writes its key to registry to make itself start automatically with Windows.

More information on Klez family of viruses:
http://www.net-security.org/virus_item.php?id=4285



Statistics

According to the Real Time Virus Reporting provided by BitDefender, in the past one month Klez virus (variants E and H) infected more then 5738 systems and more then 100,000 files. And we are talking just about BitDefender statistics.

Mentioned statistics (regulary updated) can be found here:
http://www.net-security.org/v/bd/RTVR/rtvr.php

According to the Sophos "Top Ten Viruses And Hoaxes Reported To Sophos In April 2002" list, first two places were reserved for:

1. W32/Klez-G (Klez variants G & H) 77.8%
2. W32/Klez-E (Klez variant) 5.8%

Full list can be found over here:
http://www.net-security.org/press.php?id=751

In the "Kaspersky Labs Virus Top Twenty for April 2002" listing, Klez holds the first position with 94,5% infections

Full list can be found over here:
http://www.net-security.org/press.php?id=753



Removal

Romanian anti virus company BitDefender released a scanner that scans your computer for any traces of Win32.Klez virus (variants A, B, C, D, E, F, G) and Win32.Elkern (variants A, B, C).

BitDefender AntiKlez - http://www.net-security.org/software.php?id=105

Symantec's Klez Removal Tool does basically the same, with not as nice GUI as BitDefender's program.

Symantec FixKlez - http://www.net-security.org/software.php?id=106

Also, as a service to our visitors you can scan your whole computer for viruses from Help Net Security. The nice looking and very powerfull and accurate online scanner is unfortunately optimized just for Internet Explorer users (becuase of some ActiveX controls).

OnLine Scan on HNS - http://www.net-security.org/v/bd/scan





Spotlight

Almost 1 in 10 Android apps are now malware

Posted on 28 July 2014.  |  Cheetah Mobile Threat Research Labs analyzed trends in mobile viruses for Q1 and Q2 of 2014. Pulling 24.4 million sample files they found that 2.2 million files had viruses. This is a 153% increase from the number of infected files in 2013.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Jul 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //