May 2nd, 2002, 06:55 AM
Worm using own SMTP engine
This question is also about W32.Klez. When my friend, whose computer was infected with this worm, called her ISP, she was told by the technician that she could go on the Internet to get the removal tool and instructions, but she should not open her Outlook Express, as that would send out more infected messages. Is that accurate?
Since Klez uses its own SMTP engine, does Outlook Express have anything to do with it once the computer is already infected? Or would just turning on her computer and making the dial up connection send off the next round of infected messages which is in the code?
Sorry I just don't comprehend how such things work.
May 2nd, 2002, 10:57 AM
Go here and you will find almost everything about this virus.
May 2nd, 2002, 12:47 PM
May 2nd, 2002, 12:53 PM
sun7dots - Thanks, but I've already been there, maybe a dozen times. And also to the other 13 sources I got when I did a search on the Symantec website for w32.Klez. And to the information at Panda Software, too.
No where did I find an answer to this specific question. The literature says that Klez uses its own SMTP engine, but I just don't understand the details of how that would work, nor the implications.
Now that a computer of the secretary of a large organization to which I belong has been infected, I expect I'll have to answer a lot more questions, since there are many members whom I suspect don't have antivirus programs to protect them.
May 2nd, 2002, 01:04 PM
Something's got to launch the code for it to start the SMTP engine, such as double-clicking the attachment; hence the advice not to start OE, since using the preview pane will cause the code to launch.
May 2nd, 2002, 01:14 PM
May 2nd, 2002, 01:27 PM
m4ilm4n - Is this true each time the worm is executed? I'm talking now about a computer on which it has already executed once.
May 2nd, 2002, 01:40 PM
Your question seem to be that once a computer is infected by Klez, can the worm/virus by itself utilize Outlook Express to send infected emails when the PC logs on to the internet?
If this is the question, I have never seen the answer.
May 2nd, 2002, 01:43 PM
bucket - Your last reply is exactly what I meant. Thanks for rephrasing that for me.
May 2nd, 2002, 01:50 PM