A fresh variant of the Klez worm is spreading across the Internet this afternoon.

Klez-H, which antivirus vendors rate as a moderate risk, is capable of spreading by either email or network shares. The worm comes bundled with the ElKern virus, which tries to infect all executable files in the "Program Files" folder. It also attempts to disable on-access virus scanners, among its other tricks.

On infected machines, the worm sends an email message containing an infected attachment to email addresses harvested from the Windows address book, ICQ database, or local files. The subject line, message bodies, and attachment file names are random.

Russian virus fighters Kaspersky Labs report that Klez-H has "already resulting in numerous computer infections in many countries including Japan, China, Austria and the Czech Republic". Managed services firm, MessageLabs, which scans its users email for viruses, reports blocking thousands of copies of the bug.

Users are advised to update their antivirus software and delete any suspicious emails without opening them. ®