Problem solve Get help with specific problems with your technologies, process and projects.

Eradicating Klez

I currently have 17 clients on our network and am running NAVCE v7.6, however we are under a constant bombardment of the virus W32.Klez.H@mm. This is on a daily basis and seems to only affect a certain amount of clients. Most times the NAVCE reports that the virus is a "Forward from client and the action is to 'leave alone.'" Sometimes the virus does come through the email as a real threat and is quarantined immediately.

I feel that the klez virus is in our network somewhere, but I am unable to locate it, even going through the registry HKEY-LOCAL_MACHINE to locate it. This is becoming a real problem with the clients and was hoping you could point me in the right direction.

It's one of the toughest viruses I've had to deal with. While I can't tell if it has caused any severe damage, I do have a couple of clents that I have had to reformat their machines and reload all their software. As you could imagine, this is very time consuming. I could really use some help.
First, do some research on your target.

Here's a site that provides you with a tool to clean it up: http://www.kaspersky.com/news.html?tnews=20140&id=224687

The Microsoft patch is found at http://www.microsoft.com/technet/security/bulletin/MS01-027.asp

Here's another source of information and instructions for clean up: http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.e@mm.html

Here's a tip to keep your system clean: https://searchsecurity.techtarget.com/tip/Cleaning-out-a-virus-infection

This was last published in September 2002

Dig Deeper on Network Infrastructure

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.