Klez.Worm.FileInfector.DDS removal guide

The Klez.Worm.FileInfector.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Klez.Worm.FileInfector.DDS virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Klez.Worm.FileInfector.DDS?


File Info:
name: D4371BC689911550B45D.mlw
path: /opt/CAPEv2/storage/binaries/bac05b471be6f74926de529dcf03071c3482d40b176bfff22b92378ea9cf0af4
crc32: B53E34DB
md5: d4371bc689911550b45d316ae9bb13c0
sha1: 2cf5aac935425269fbcfb02fdf8d4d47c7e76d95
sha256: bac05b471be6f74926de529dcf03071c3482d40b176bfff22b92378ea9cf0af4
sha512: e33d650bd39540845c6b344b8d938248af6b35ec97b7c6f7195dc059c1661b54ad4f73cbf97dedf79d369e0e73b3e04fab918ad60fad362efcd4237076927288
ssdeep: 1536:zaWLF1kxTnUI4CFPtv6iSJnaGlbVxhog:zaWExTnUTCFPtvanaGlbVxho
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T117838D23B9938073D496C27012B99B559AFE98321766E5C3D7018E7B3D70AD1DA3B30B
sha3_384: 59d07d3807488754b186bd4b14702cb10defff3da2dfa7df7c341389a9a6bc5813edfc3ab543e053c7602ac77e87367f
ep_bytes: 558bec6aff6838d240006874a8400064
timestamp: 2002-01-18 01:22:13

Version Info:
0: [No Data]

Klez.Worm.FileInfector.DDS also known as:

Bkav	W32.AIDetectMalware
Lionic	Worm.Win32.Klez.t!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Dropped:Win32.Elkern.B
FireEye	Generic.mg.d4371bc689911550
CAT-QuickHeal	W32.Klez.H
Skyhigh	BehavesLike.Win32.Klez.mm
ALYac	Dropped:Win32.Elkern.B
Cylance	unsafe
Zillya	Worm.Klez.Win32.4
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	EmailWorm ( 000805561 )
Alibaba	Malware:Win32/km_24958.None
K7GW	EmailWorm ( 000805561 )
CrowdStrike	win/malicious_confidence_100% (W)
Baidu	Win32.Worm.Klez.a
VirIT	Worm.Win32.Klez.J
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Klez
APEX	Malicious
TrendMicro-HouseCall	WORM_KLEZ.GEN
ClamAV	Win.Worm.Klez-2
Kaspersky	Email-Worm.Win32.Klez.j
BitDefender	Dropped:Win32.Elkern.B
NANO-Antivirus	Trojan.Win32.Klez.fwaj
SUPERAntiSpyware	Worm.Klez
Avast	Win32:Klez-E [Wrm]
Tencent	Worm.Win32.Klez.c
Sophos	W32/Klez-Fam
F-Secure	Worm.WORM/Klez.E
DrWeb	Win32.HLLM.Klez.6
VIPRE	Dropped:Win32.Elkern.B
TrendMicro	WORM_KLEZ.GEN
Trapmine	malicious.high.ml.score
Emsisoft	Dropped:Win32.Elkern.B (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	I-Worm/Klez.h
Webroot	W32.Klez.Gen
Google	Detected
Avira	WORM/Klez.E
Varist	W32/Klez.J@mm
Antiy-AVL	Worm[Email]/Win32.Klez
Kingsoft	malware.kb.a.1000
Microsoft	Worm:Win32/Klez.G@mm
Xcitium	TrojWare.Win32.Trojan.Agent.Gen@67u02
Arcabit	Win32.Elkern.B
ViRobot	I-Worm.Win32.Klez-gen
ZoneAlarm	Email-Worm.Win32.Klez.j
GData	Win32.Trojan.PSE.11SQ9WV
Cynet	Malicious (score: 100)
AhnLab-V3	Win32/Klez.worm.I
Acronis	suspicious
McAfee	W32/Klez.f@MM
MAX	malware (ai score=83)
VBA32	MalwareScope.Worm.Klez.1
Malwarebytes	Klez.Worm.FileInfector.DDS
Panda	W32/Klez.H
Zoner	Worm.Win32.Klez.27775
Rising	Worm.Klez!1.A1CB (CLASSIC)
Yandex	Trojan.GenAsa!AMX6vz3TVj8
Ikarus	Email-Worm.Win32.Klez.J
MaxSecure	Worm.W32.Klez.h
Fortinet	W32/Klez.fam@mm
BitDefenderTheta	Gen:NN.ZexaF.36744.fqY@aa5cMjd
AVG	Win32:Klez-E [Wrm]
Cybereason	malicious.935425
DeepInstinct	MALICIOUS

How to remove Klez.Worm.FileInfector.DDS?

Klez.Worm.FileInfector.DDS removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X