Can someone tell me how a computer is infected with the Klez virus?
I've read that an attached file has to be opened to be infected, which is understandable.

But I have also read just previewing the message can infect you, which I don't understand.
Does that mean the message is infected by HTML or a script of some kind? I would imagine scripted.
How would it be possible to avoid such viruses?

I just checked Outlook Express and found no way of turning off HTML and/or scripts. (If there is a way, please let me know.)
Does that mean if I received such a virus, I am basically hosed if I merely preview the message? ICK... is all I can say to that.

Thanks.

Yes.

Basically you catch it from an infected email, and yes it runs from a script.

There is a way to prevent scrips from running in OE, go to Tools => Options => Security => Restricted Sites Zone. Then make sure that all scripting, JS and ActiveX is turned off in the Restricted Zone...not prompt, but disabled.

Also under View => Layout and disable the Preview pane.

Of course another option would be to NOT use OE...see the link in my sig...

I already had OE on the Restricted Site Zone. And the Restricted Site Zone is set to the default setting to high which disables just about everything. :) So maybe I already received this virus in the scripted form and didn't even realized it.

I tried using Pegasus right before I asked the question and I didn't see any options for turning off HTML and/or scripting.
Of course most of my time was spent trying to fix a problem. It was trying to access my network printer each time I started the program and each time I tried to view the default installed email messages which caused it to crash each time.
Needless to say, I couldn't find that option and there was no help with that particular problem. So I just decided to uninstall it. When I tried to access OE via the icon, guess what? It couldn't find the program.
I had to open Explorer and find the OE program and start that up and make that my default email program.

Maybe others had better luck with it, but I won't be installing that program again.

I use MailWasher to see what my email is before downloading it and I delete anything that looks like Klez. As a backup, I have Norton AV scanning email and it caught the Klez on the one time I missed it in MailWasher so I was able to delete it before it had a chance to do any damage. I use Netscape for email, so the setup may be a bit different, but generally I would encourage using several layers of security these days.

Budfred

I've gotten this worm and it took me sometime to get rid of it. When I first got it, I had no idea that I had it. If I remember right, my computer wouldn't close down right and after awhile it got to be annoying. Since then I have gotten a new VS program and twice so far it has comeback to me, but it gotten caught both times.
It is certainly a devil of a worm to get rid of, it took me 3 days to get it off a friend's computer.

To get OE back (if you want to):-
(1)IE Tools<>Options<>Programs and make sure OE is set as EMail
(2)OE Tools<>Options<>Programs and make OE the Default Mail Handler
or
(3) From Start<>Run and type exactly with quotes and spaces "C:\Program Files\Outlook Express\MSIMN.EXE" /REG

When you used Pegasus it was obviously set as the default mail client - and it doesn't revert back automatically.

Foxmail (http://www.pcworld.com/downloads/file_description/0,fid,16961,00.asp) has HTML turned off by default though you can both use a toggle button or set HTML as default if you want.

btw ... The script (if there - it isn't there with every version) isn't the virus but it can activate the virus attachment without you actually opening it; this wont happen (so far) if the preview pane is disabled or until you open the message.

Thank Paul.
I had done option #2 last week in order to make OE my default client again.

Right now, I got all Internet options set to high for OE.
Scripting, Java, ActiveX, ect... are all disabled.

If I happen to get this virus, that will teach me not to trust OE (and Microsoft) ever again.

As it stands, I can say that I've only been affected by one virus in all my computer years. And that happened like 5 years ago.
Either I've been very lucky, or just playing it smart. ;)