[pchelpers] Re: Klez virus/worm cat #4 threat
- From: "Jackie MacWhirter" <jmacwhirter@xxxxxxxxx>
- To: <pchelpers@xxxxxxxxxxxxx>
- Date: Sun, 28 Apr 2002 08:04:58 -0700
Hi Robert:
Will you resend your message again please, this time changing to the mode of
plain text it. If you are using Outlook express look in Format you can
change it there. Just go over the URLS to make sure they are high lighted.
Sometimes when you change over to Plain Text . Anyhow you won't have all
this gibberish. Thank you- Jackie MacWhirter
----- Original Message -----
From: Robert Weyer
To: pchelpers
Sent: Saturday, April 27, 2002 3:53 PM
Subject: [pchelpers] Klez virus/worm cat #4 threat
Content-Type: multipart/alternative;
boundary="----=_NextPart_002_01BB_01C1EE14.65057E60"
------=_NextPart_002_01BB_01C1EE14.65057E60
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
New York Times
http://www.nytimes.com/2002/04/27/technology/27VIRU.html?todaysheadlines
A New Risk to Computers Worldwide
By JOHN SCHWARTZ
rogue computer program that is the online equivalent of a quick-change =
artist is infecting computers around the world via e-mail and clogging =
computer networks.
The program, W32/KLEZ.H, is a "blended threat," combining elements of a =
virus, which infects machines, and a worm, which transports itself from =
machine to machine. It also tries to disable some antivirus programs.
It makes itself hard for users to spot by changing its e-mail subject =
line, message and name of the attachment at random, drawing from a =
database that includes, for example, such subject lines as "Hello, =
honey," and "A very funny website."=20
The program has grown increasingly common as users unknowingly activate =
it - sometimes without even opening the e-mail attachment that carries =
the virus - and allow it to send copies of itself to those in the =
victim's e-mail address file.
"It is exploding," said Keith Peer, chief executive of Central Command, =
a computer security company.
The rapid spread of the program caused Symantec and McAfee.com, two =
prominent computer protection companies, to upgrade their warnings about =
it in recent days; Symantec said on its Web site that it now considered =
the program a "category 4" risk, its second-highest ranking.
The program exploits vulnerable spots in computer programs, most notably =
a problem in earlier versions of Microsoft's mail programs, Outlook and =
Outlook Express, which allows some types of computer programs to be =
activated even if they are in the "preview pane."=20
=20
=20
=20
=20
=20
=20
Topics =20
Alerts =20
=20
Computer Security =20
=20
Electronic Mail =20
=20
Computers and the Internet =20
=20
McAfee.com Corporation =20
=20
Create Your Own | Manage Alerts
Take a Tour =20
=20
=20
=20
Sign Up for Newsletters =20
=20
=20
=20
=20
=20
Get Stock Quotes
Look Up Symbols=20
=20
=20
=20
Portfolio | Company Research
U.S. Markets | Int. Markets
Mutual Funds | Bank Rates
Commodities & Currencies =20
=20
=20
=20
=20
=20
=20
=20
The program can also grab files randomly from victims' hard drives and =
send them out, but it does little damage to the machines themselves, =
antivirus companies said.
Microsoft has had patches available to fix these problems for more than =
a year, but many people do not keep their software up to date, said =
Vincent Weafer, the director of research at Symantec Security Response.
Although most antivirus software programs already provided protection =
against the Klez family, the new variant has enough new wrinkles to =
trick some of the digital sentries. The latest versions of software have =
been updated to block the worm, and the companies offer free online =
tools to cleanse infected machines.
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.350 / Virus Database: 196 - Release Date: 4/17/2002
------=_NextPart_002_01BB_01C1EE14.65057E60
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2722.2800" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D3>
<P><FONT size=3D3>New York Times</FONT></P>
<P><A=20
href=3D"http://www.nytimes.com/2002/04/27/technology/27VIRU.html?todayshe=
adlines">http://www.nytimes.com/2002/04/27/technology/27VIRU.html?todaysh=
eadlines</A></P><FONT=20
size=3D3>
<H2>A New Risk to Computers Worldwide</H2>
<P></NYT_HEADLINE></P>
<P></P>
<P><NYT_BYLINE version=3D"1.0" type=3D" "></P>
<H5>By JOHN SCHWARTZ</H5>
<P></NYT_BYLINE></P>
<P></P>
<P><NYT_TEXT><FONT class=3Dtsa></P>
<P><IMG align=3Dleft alt=3DA border=3D0=20
src=3D"http://graphics.nytimes.com/images/dropcap/a.gif";> rogue computer =
program=20
that is the online equivalent of a quick-change artist is infecting =
computers=20
around the world via e-mail and clogging computer networks.</P>
<P>The program, W32/KLEZ.H, is a "blended threat," combining elements of =
a=20
virus, which infects machines, and a worm, which transports itself from =
machine=20
to machine. It also tries to disable some antivirus =
programs.</FONT></FONT></P>
<P> </P>
<P>It makes itself hard for users to spot by changing its e-mail subject =
line,=20
message and name of the attachment at random, drawing from a database =
that=20
includes, for example, such subject lines as "Hello, honey," and "A very =
funny=20
website." </P>
<P>The program has grown increasingly common as users unknowingly =
activate it —=20
sometimes without even opening the e-mail attachment that carries the =
virus —=20
and allow it to send copies of itself to those in the victim's e-mail =
address=20
file.</P>
<P>"It is exploding," said Keith Peer, chief executive of Central =
Command, a=20
computer security company.</P>
<P>The rapid spread of the program caused Symantec and <A=20
href=3D"http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=3Dhtt=
p://custom.marketwatch.com/custom/nyt-com/html-companyprofile.asp&sym=
b=3DMCAF">McAfee.com</A>,=20
two prominent computer protection companies, to upgrade their warnings =
about it=20
in recent days; Symantec said on its Web site that it now considered the =
program=20
a "category 4" risk, its second-highest ranking.</P>
<P>The program exploits vulnerable spots in computer programs, most =
notably a=20
problem in earlier versions of <A=20
href=3D"http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=3Dhtt=
p://custom.marketwatch.com/custom/nyt-com/html-companyprofile.asp&sym=
b=3DMSFT">Microsoft's</A>=20
mail programs, Outlook and Outlook Express, which allows some types of =
computer=20
programs to be activated even if they are in the "preview pane." </P>
<TABLE align=3Dright border=3D0 cellPadding=3D0 cellSpacing=3D0 =
width=3D195>
<TBODY>
<TR>
<TD><IMG border=3D0 height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"; =
width=3D9></TD></TR>
<TR>
<TD><NYT_LINKS_ONSITE version=3D"1.0" type=3D"main"><!--Error: there =
are no related articles associated with this article --><!--Error: there =
are no nyt_urls associated with this article, error # variables.errno =
-->
<TABLE align=3Dright border=3D0 cellPadding=3D0 =
cellSpacing=3D0><!---->
<TBODY>
<TR>
<TD rowSpan=3D99 width=3D9><IMG border=3D0 height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D10></TD></TR><!---->
<FORM action=3D/mem/tnt.html method=3Dpost><INPUT name=3DretA =
type=3Dhidden=20
=
value=3Dhttp://www.nytimes.com/2002/04/27/technology/27VIRU.html><INPUT=20
name=3DretT type=3Dhidden value=3D"A New Risk to Computers =
Worldwide"><INPUT=20
name=3Dtopic1 type=3Dhidden value=3D"Computer Security"><INPUT=20
name=3Dtopic_field1 type=3Dhidden value=3Ddes><INPUT =
name=3Dtopic2 type=3Dhidden=20
value=3D"Electronic Mail"><INPUT name=3Dtopic_field2 =
type=3Dhidden=20
value=3Ddes><INPUT name=3Dtopic3 type=3Dhidden=20
value=3D"Computers and the Internet"><INPUT name=3Dtopic_field3 =
type=3Dhidden=20
value=3Ddes><INPUT name=3Dtopic4 type=3Dhidden=20
value=3D"McAfee.com Corporation"><INPUT name=3Dtopic_field4 =
type=3Dhidden=20
value=3Dnyt_org_all><INPUT name=3Dmodule type=3Dhidden =
value=3Dcall><INPUT=20
name=3Dalert_context type=3Dhidden value=3D1>=20
<TR>
<TD colSpan=3D5>
<TABLE bgColor=3D#ffffff border=3D0 cellPadding=3D0 =
cellSpacing=3D0=20
width=3D184>
<TBODY>
<TR>
<TD colSpan=3D8><IMG border=3D0 height=3D18 hspace=3D0=20
=
src=3D"http://graphics.nytimes.com/images/membercenter/newstracker_head.g=
if"=20
width=3D184></TD></TR>
<TR>
<TD colSpan=3D8 width=3D184><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D8 width=3D184><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D5><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D5></TD>
<TD align=3Dleft height=3D20 vAlign=3Dcenter =
width=3D109><IMG border=3D0=20
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D109><BR><STRONG><FONT=20
face=3D"Arial, Helvetica, sans-serif"=20
size=3D1>Topics</FONT></STRONG></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD align=3Dleft vAlign=3Dcenter width=3D61><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D61><BR><STRONG><FONT face=3D"Arial, Helvetica, =
sans-serif"=20
size=3D1> Alerts</FONT></STRONG></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D8 width=3D184><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D5><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D5></TD>
<TD align=3Dleft height=3D20 vAlign=3Dcenter =
width=3D109><FONT=20
face=3D"Arial, Helvetica, sans-serif" =
size=3D1>Computer=20
Security</FONT></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD align=3Dmiddle vAlign=3Dcenter width=3D61><INPUT =
border=3D0=20
height=3D15 name=3Dtopic1_check=20
=
src=3D"http://graphics.nytimes.com/images/membercenter/turn_on.gif"=20
type=3Dimage value=3Dy width=3D49></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D8 width=3D184><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D5><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D5></TD>
<TD align=3Dleft height=3D20 vAlign=3Dcenter =
width=3D109><FONT=20
face=3D"Arial, Helvetica, sans-serif" =
size=3D1>Electronic=20
Mail</FONT></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD align=3Dmiddle vAlign=3Dcenter width=3D61><INPUT =
border=3D0=20
height=3D15 name=3Dtopic2_check=20
=
src=3D"http://graphics.nytimes.com/images/membercenter/turn_on.gif"=20
type=3Dimage value=3Dy width=3D49></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D8 width=3D184><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D5><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D5></TD>
<TD align=3Dleft height=3D20 vAlign=3Dcenter =
width=3D109><FONT=20
face=3D"Arial, Helvetica, sans-serif" =
size=3D1>Computers and the=20
Internet</FONT></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD align=3Dmiddle vAlign=3Dcenter width=3D61><INPUT =
border=3D0=20
height=3D15 name=3Dtopic3_check=20
=
src=3D"http://graphics.nytimes.com/images/membercenter/turn_on.gif"=20
type=3Dimage value=3Dy width=3D49></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D8 width=3D184><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D5><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D5></TD>
<TD align=3Dleft height=3D20 vAlign=3Dcenter =
width=3D109><FONT=20
face=3D"Arial, Helvetica, sans-serif" =
size=3D1>McAfee.com=20
Corporation</FONT></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD width=3D3><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D3></TD>
<TD align=3Dmiddle vAlign=3Dcenter width=3D61><INPUT =
border=3D0=20
height=3D15 name=3Dtopic4_check=20
=
src=3D"http://graphics.nytimes.com/images/membercenter/turn_on.gif"=20
type=3Dimage value=3Dy width=3D49></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D8 width=3D184><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD align=3Dmiddle colSpan=3D6 height=3D20 =
vAlign=3Dcenter=20
width=3D182><FONT face=3D"Arial, Helvetica, =
sans-serif" size=3D1><A=20
=
href=3D"http://www.nytimes.com/mem/tnt.html?module=3Dcall&alert_conte=
xt=3D0&retA=3Dhttp://www.nytimes.com/2002/04/27/technology/27VIRU.htm=
l&retT=3DA+New+Risk+to+Computers+Worldwide">Create=20
Your Own</A></FONT> | <FONT=20
face=3D"Arial, Helvetica, sans-serif" size=3D1><A=20
=
href=3D"http://www.nytimes.com/mem/tnt.html?module=3Dmanage&retA=3Dht=
tp://www.nytimes.com/2002/04/27/technology/27VIRU.html&retT=3DA+New+R=
isk+to+Computers+Worldwide">Manage=20
Alerts</A></FONT><BR><FONT face=3D"Arial, Helvetica, =
sans-serif"=20
size=3D1><A=20
=
href=3D"http://www.nytimes.com/ads/marketing/newstracker/index.html";>Take=
=20
a Tour</A> </FONT></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D8 width=3D184><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR></TBODY></TABLE>
<TABLE bgColor=3D#ffffff border=3D0 cellPadding=3D0 =
cellSpacing=3D0=20
width=3D184>
<TBODY>
<TR>
<TD bgColor=3D#ffffff colSpan=3D3 width=3D184><IMG =
border=3D0 height=3D2=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D3 width=3D184><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 =
height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD>
<TD align=3Dmiddle height=3D20 vAlign=3Dcenter =
width=3D182><A=20
href=3D"http://email.nytimes.com/";><FONT=20
face=3D"Arial, Helvetica, sans-serif" size=3D2>Sign Up =
for=20
Newsletters</FONT></A></TD>
<TD bgColor=3D#cccccc width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D3 width=3D184><IMG =
border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR></TBODY></TABLE></TD></TR></FORM>
<TR>
<TD colSpan=3D5><IMG align=3Dcenter alt=3D"Other Resources" =
border=3D0=20
height=3D22=20
=
src=3D"http://graphics.nytimes.com/images/article/new_otherResources.gif"=
=20
width=3D184></TD></TR>
<TR>
<TD bgColor=3D#cccccc height=3D1 width=3D1><IMG border=3D0 =
height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"; =
width=3D1></TD>
<TD bgColor=3D#cccccc width=3D5><IMG border=3D0 height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"; =
width=3D5></TD>
<TD bgColor=3D#cccccc width=3D172><IMG border=3D0 height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D172></TD>
<TD bgColor=3D#cccccc width=3D5><IMG border=3D0 height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"; =
width=3D5></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"; =
width=3D1></TD>
<TD colSpan=3D3 width=3D182>
<FORM action=3D/redirect/marketwatch/redirect.ctx =
method=3Dget=20
name=3Dgetquotes><INPUT name=3DMW type=3Dhidden=20
=
value=3Dhttp://marketwatch.nytimes.com/custom/nyt-com/html-companyprofile=
.asp>=20
<TABLE border=3D0 cellPadding=3D0 cellSpacing=3D0 =
width=3D182>
<TBODY>
<TR>
<TD rowSpan=3D8 width=3D5><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D5></TD>
<TD height=3D8 width=3D172><IMG border=3D0 height=3D8=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D172></TD>
<TD rowSpan=3D8 width=3D5><IMG border=3D0 height=3D1=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D5></TD></TR>
<TR>
<TD align=3Dleft width=3D172><FONT color=3D#000000=20
face=3D"Times New Roman,Times,Bookman Old =
Style,Garamond"=20
size=3D-1>Get Stock Quotes<BR><A=20
=
href=3D"http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=3Dhtt=
p://marketwatch.nytimes.com/custom/nyt-com/html-companyprofile.asp">Look =
Up Symbols</A></FONT></TD></TR>
<TR>
<TD width=3D172><IMG border=3D0 height=3D5=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD align=3Dleft width=3D172><INPUT name=3Dsymb =
size=3D15> <INPUT=20
align=3Dtop alt=3DSubmit border=3D0 height=3D19=20
=
src=3D"http://graphics.nytimes.com/images/article/formArrow.gif"=20
type=3Dimage vspace=3D3 width=3D18></TD></TR>
<TR>
<TD width=3D172><IMG border=3D0 height=3D5=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD align=3Dleft width=3D172><FONT color=3D#000000=20
face=3D"Times New Roman,Times,Bookman Old =
Style,Garamond"=20
size=3D-2><A=20
=
href=3D"http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=3Dhtt=
p://marketwatch.nytimes.com/custom/nyt-com/portfolio/view.asp">Portfolio<=
/A> | =20
<A=20
=
href=3D"http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=3Dhtt=
p://marketwatch.nytimes.com/custom/nyt-com/html-companyprofile.asp">Compa=
ny=20
Research</A><BR><A=20
=
href=3D"http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=3Dhtt=
p://marketwatch.nytimes.com//custom/nyt-com/html-usmarkets.asp">U.S.=20
Markets</A> | <A=20
=
href=3D"http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=3Dhtt=
p://marketwatch.nytimes.com/custom/nyt-com/html-intlmarkets.asp">Int.=20
Markets</A><BR><A=20
=
href=3D"http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=3Dhtt=
p://marketwatch.nytimes.com/custom/nyt-com/html-fundfinder.asp">Mutual=20
Funds</A> | <A=20
href=3D"http://www.nytimes.com/partners/banking/";>Bank =
Rates</A><BR><A=20
=
href=3D"http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=3Dhtt=
p://marketwatch.nytimes.com/custom/nyt-com/html-currencies.asp">Commoditi=
es=20
& Currencies</A></FONT> </TD></TR>
<TR>
<TD height=3D8><IMG border=3D0 height=3D8=20
=
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR></TBODY></TABLE></FORM></TD>
<TD bgColor=3D#cccccc width=3D1><IMG border=3D0 height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD bgColor=3D#cccccc colSpan=3D5 height=3D1 width=3D184><IMG =
border=3D0=20
height=3D1 =
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"=20
width=3D1></TD></TR>
<TR>
<TD colSpan=3D5><!-- context ad reference "Middle5" =
--><!--nytstore-cont--><IMG=20
height=3D21 =
src=3D"http://graphics4.nytimes.com/ads/nytstore.gif"=20
=
width=3D184><BR></TD></TR></TBODY></TABLE><!----></NYT_LINKS_ONSITE></TD>=
</TR>
<TR>
<TD><IMG border=3D0 height=3D1=20
src=3D"http://graphics.nytimes.com/images/misc/spacer.gif"; =
width=3D9></TD>
<TR>
<TD=20
align=3Dright><!-- context ad reference "Frame3" =
--><BR></TD></TR></TBODY></TABLE>
<P>The program can also grab files randomly from victims' hard drives =
and send=20
them out, but it does little damage to the machines themselves, =
antivirus=20
companies said.</P>
<P>Microsoft has had patches available to fix these problems for more =
than a=20
year, but many people do not keep their software up to date, said =
Vincent=20
Weafer, the director of research at Symantec Security Response.</P>
<P>Although most antivirus software programs already provided protection =
against=20
the Klez family, the new variant has enough new wrinkles to trick some =
of the=20
digital sentries. The latest versions of software have been updated to =
block the=20
worm, and <FONT size=3D3>the companies offer free online tools to =
cleanse infected=20
machines.</NYT_TEXT><BR clear=3Dall></P><!--plsfield:NYT_FOOTER--><FONT=20
size=3D3></FONT></FONT></FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D3><FONT size=3D3><FONT =
size=3D3><BR>---<BR>Outgoing mail=20
is certified Virus Free.<BR>Checked by AVG anti-virus system (<A=20
href=3D"http://www.grisoft.com";>http://www.grisoft.com</A>).<BR>Version: =
6.0.350 /=20
Virus Database: 196 - Release Date:=20
4/17/2002</FONT></FONT></FONT></DIV></BODY></HTML>
------=_NextPart_002_01BB_01C1EE14.65057E60--
-- Binary/unsupported file stripped by Ecartis --
-- Type: image/gif
-- File: a.gif
-- Binary/unsupported file stripped by Ecartis --
-- Type: image/gif
-- File: spacer.gif
-- Binary/unsupported file stripped by Ecartis --
-- Type: image/gif
-- File: newstracker_head.gif
-- Binary/unsupported file stripped by Ecartis --
-- Type: image/gif
-- File: new_otherResources.gif
-- Binary/unsupported file stripped by Ecartis --
-- Type: image/gif
-- File: nytstore.gif
-- Binary/unsupported file stripped by Ecartis --
-- Type: text/x-vcard
-- File: Robert Weyer.vcf
- References:
- [pchelpers] Klez virus/worm cat #4 threat
- From: Robert Weyer
Other related posts:
- » [pchelpers] Klez virus/worm cat #4 threat
- » [pchelpers] Re: Klez virus/worm cat #4 threat
![http://graphics.nytimes.com/images/dropcap/a.gif"](http://graphics.nytimes.com/images/dropcap/a.gif"){kind=link}
![http://graphics.nytimes.com/images/misc/spacer.gif"](http://graphics.nytimes.com/images/misc/spacer.gif"){kind=link}
![http://graphics.nytimes.com/images/misc/spacer.gif"=20](http://graphics.nytimes.com/images/misc/spacer.gif"=20){kind=link}
![http://graphics.nytimes.com/images/membercenter/turn_on.gif"=20](http://graphics.nytimes.com/images/membercenter/turn_on.gif"=20){kind=link}
![http://graphics.nytimes.com/images/article/new_otherResources.gif"=](http://graphics.nytimes.com/images/article/new_otherResources.gif"=){kind=link}
![http://graphics.nytimes.com/images/article/formArrow.gif"=20](http://graphics.nytimes.com/images/article/formArrow.gif"=20){kind=link}
![http://graphics4.nytimes.com/ads/nytstore.gif"=20](http://graphics4.nytimes.com/ads/nytstore.gif"=20){kind=link}
- [pchelpers] Klez virus/worm cat #4 threat
- From: Robert Weyer