KELIHOS Worm Removal Guide

Do you know what KELIHOS Worm is?

KELIHOS Worm is a cunning computer infection that gets to the PC in a form of a spam email. More precisely, the threat is executed once you click the link that you find after opening an email whose subject is related to the events in Boston in April 2013. In order to attract the receivers’ attention and make them open the emails, cyber criminals use the following subjects: “Explosions at Boston Marathon”, “Aftermath to explosion at Boston Marathon”, “Runner captures. Marathon Explosion” and some others.

The spam emails does not contain a text but a link which may vary. Different links have been detected and they end with either with /news.html or /boston.html. When the user clicks the link provided, a new browser window containing a video appears. At the same time, the link loads a Java applet. An applet is a program that can be executed from within another program. The Java applet is used to exploit a Java flaw. It is also possible to notice how a file boston.avi_____.exe is downloaded as a download window should appear on the screen.

It is known that the IPs related to the links that execute KELIHOS Worm are actually located in different countries, including Japan, Russia, Australia, Netherland and some more. It is important to known that the file mentioned is not the only file that can be downloaded. Different malicious files can also be downloaded from other sources, which is why it is important to delete the threat and other malicious files. Moreover, it has been found that other social platforms such as Twitter have been used to spread similar malware.

KELIHOS Worm is not the only threat of this type in wild. There is a threat named Backdoor:Win32/Kelihos.A which also spreads via spam emails, modifies the Registry and communicates to remote servers to receive commands from the attackers.

Due to the fact KELIHOS Worm as well as a great number of other computer threats can steal information such as contact information and the credentials from File Transfer Protocol, it is important to take immediate measures to terminate it. To prevent the damage that may be caused after clicking malicious links, you should utilize a reliable spyware removal program. We advise using SpyHunter as this software is capable of computer protection and if you want to make sure that KELIHOS Worm is not running or is removed from the PC, implement this software without hesitating.

In non-techie terms:

KELIHOS Worm is a computer threat which will try to get to the PC under the guise of an email enabling you to view a video about the marathon and the act of terror in Boston. Emails whose senders are not familiar and the topics are not related to you personally should not be opened but deleted from the PC. In case you have already infected the machine with KELIHOS Worm, do not worry. Use our spyware removal tool which will instantly terminate the threat.

Aliases: Win32.Tepfer.