Stavih ovo u software mada ovde bolje lezi...
1. Klez.H is Capable of Revealing Confidential Information
Kaspersky Labs reports the beginning of a large-scale epidemic, first
exposed on April 17, attributed to the Internet-worm Klez.H. This
dangerous virus currently accounts for over 70% of all infections from
malicious programs and this number continues to rise. Presently the
spread of this epidemic has affected practically all countries.
Klez.H poses a special threat: the worm scans the disks of an infected
computer and depending on a set of conditions attaches a file to each
infected email it distributes. Klez.H selects this file from the
infected computer's disk storage and looks for files with the following
extensions:
.txt .htm .html .wab .asp .doc .rtf .xls .jpg .cpp .c .pas .mpg .mpeg
.bak .mp3 .pdf
The result being the possible leakage of important confidential
information, the consequences of which cannot be foretold. In a similar
fashion, near the end of 2001, the Internet-worm SirCam made public
classified documents from a score of government institutions
representing different countries from around the world. "In contrast to
earlier versions, Klez.H does not have the ability to destroy stored
data. Instead Klez.H maintains its threat from its ability to,
unsanctioned, mail out files from the infected computer,"- commented
Eugene Kaspersky, Kaspersky Labs Head of Anti-Virus Research - "Under
these conditions Klez.H poses a greater threat to corporate clients for
which an information leak can have unpredictable consequences."
The speed at which Klez.H has spread demonstrates that the majority of
users have ignored the advice to install the Internet Explorer security
patch that will protect a computer from any version of Klez as well as
from future modifications of it. In addition users do not regularly
update anti-virus program databases. The consequence of this lax
behavior is the Klez.H has a good chance to achieve a large-scale
epidemic just like another infamous version of this worm - Klez.E, which
already for several months has confidently taken first place in the list
of most wide-spread viruses.
Considering the high danger of infection from Klez.H, Kaspersky Labs
once again strongly recommends users update their Kaspersky Anti-Virus
database. For more thorough protection users should install the Internet
Explorer security patch found at:
http://www.microsoft.com/windows/ie/dow ... efault.asp
Kaspersky Labs is providing a free utility that will detect and remove
all of the most widely spread versions of Klez, including Klez.H. You
can download this utility at the following address:
ftp://ftp.kaspersky.ru/utils/clrav.com
More detailed information covering Klez.H can be found in the Kaspersky
Labs Virus Encyclopedia at:
http://www.viruslist.com/viruslist.html?id=4415