I am being hit virtually every day by variants of the W32.Klez.xxx virus. A couple of weeks ago it hit me for the first time. At that incident, I'm not sure my virus scanner effectively deleted the virus since it was an older version of McAfee. I immediately disconnected my system from the Internet and went through a detailed and tedious cleansing process using DOS.
This virus is a nasty worm that travels around using e-mail and the address books in your computers to resend itself out to everyone listed in your computer address book in Outlook and Outlook Express. I understand that unlike some viruses, you do NOT have to open an attachment for this virus to infect your computer! If the virus arrives in your inbox and you don't have a up-to-date anti-virus program running...you’re screwed!
A detailed description on the McAfee site indicates that certain versions of the Klez series viruses contain TIME BOMBs...sub-viruses that go off on certain dates during the year and wreak havoc with your hard drive by overwriting files so this virus has the potential to be very destructive if not removed. I know of a couple of folks who failed to detect and clean this bug and they did lose their hard drives. Additionally, you may have been hit by mail delivery from someone whom you know...but the message in fact did not come from the person in the "From" box. Here is a bit of info on how the little critter works, from out friends at Symantec:
"Some variants of this worm use a technique known as "spoofing." If so, the worm randomly selects an address that it finds on an infected computer. It uses this address as the "From" address that it uses when it performs its mass-mailing routine. Numerous cases have been reported in which users of uninfected computers received complaints that they sent an infected message to someone else.
For example, Linda Anderson is using a computer that is infected with W32.Klez.E@mm; Linda is not using an antivirus program or does not have current virus definitions. When W32.Klez.gen@mm performs its emailing routine, it finds the email address of Harold Logan. It inserts Harold's email address into the "From" portion of an infected message that it then sends to Janet Bishop. Janet then contacts Harold and complains that he sent her an infected message, but when Harold scans his computer, Norton AntiVirus does not find anything--as would be expected--because his computer is not infected."
I am using Norton Antivirus to scan every mail message, both incoming and outgoing. Norton appears to be very effective in stopping this virus.
Go to the Norton website: http://www.symantec.com/ and select the "Search Virus Encyclopedia" hyperlink. Select the "W" option and follow the directions to the explanation of this annoying virus. There are even directions on how to delete this bug if you are infected.
GOOD LUCK!!!