Destructive Worm Set To Go Off Wednesday

March 6 is when one of the most prevalent security threats is timed to deliver its payload. Here's what you can do.

Security and antivirus software maker Central Command—in conjunction with partners—is warning all Internet users that one of the worlds most common Internet worms—Worm/Klez-E—is a timed worm scheduled to activate a file-deletion payload on Wednesday, March 6. The file spreads by e-mail and can execute, in some cases, without the recipient clicking on a file attachment.

"We have seen a significant peak in confirmed infections over the last 30 days of Worm/Klez-E," says Steven Sundermeier, product manager for Central Command." This poses a serious problem for all Internet and e-mail users since tomorrow it unleashes its vastly damaging payload."

This variation of the Klez-E worm arrived in mid-January. Central Commands tracking showed it as the fourth most-prevalent virus or worm last month, according to Sundermeier. So far in March, Central Commands numbers show Worm/Klez-E to be the most prevalent virus or worm, affecting users in 97 different countries. MessageLabs VirusEye tracking service ( currently lists the worm as the second most-prevalent virus or worm.

Central Commands Sundermeier says, "We show it at 37 percent of all system infections. It should also be noted that this worm takes advantage of a known vulnerability in Microsoft Outlook which can allow the worm to execute itself on many systems without the user having to open an e-mail attachment."

On March 6, the worm will attempt to overwrite files that have the extensions .bak, .c, .cpp, .doc, .htm, .html, .jpg, .mp3, .mpeg, .mpg,.pas, .txt, .wab, and .xls.

Users can download a free trial edition of Vexira Antivirus software from Central Command ( to scan for the virus remove the worm.