P°edm∞t zprßvy (jedna z nßsledujφcφch mo₧nostφ):
The A-Team VS KnightRider ... who would win ?
And I miss you most of all, my darling ...
The air will hold you if you try, trust my wings of desire. Glory, Glorified.......
If I were God and didn't belive in myself would it be blasphemy
Just one kiss, will make it better. Just one kiss, and we will be alright.
I can't help this longing, comfort me.
It's dark in here, you can feel it all around. The underground.
.. and there's no need to be scared,you re always on my mind.
You just take a giant step, one step higher.
The horizons lean forward, offering us space to place new steps of change.
I like this calm, moments before the storm
Darling, when did you fall..when was it over?

T∞lo zprßvy (jedna z nßsledujφcφch mo₧nostφ):
Yeah ok, so it's not yours it's mine :)
You should like this, it could have been made for you
speak to you later
Pretty good either way though, isn't it?
Happy Birthday
still cause for a celebration though, check out the details I attached
This made me laugh
Got some more stuff to tell you later but I can't stop right now
so I'll email you later or give you a ring if that's ok ?!
Speak to you later

Soubor, p°ipojen² ke zprßv∞, mß zcela nßhodnΘ jmΘno a jednu z nßsledujφcφch p°φpon:
.BAT, .COM, .EXE, .PIF, .SCR

Po spuÜt∞nφ se worm zkopφruje do adresß°e Windows pod jmΘnem KAREN.EXE a vytvo°φ polo₧ku v Registry,  kterß zajistφ jeho spuÜt∞nφ p°i startu poΦφtaΦe:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ Karen="C:\WINDOWS\karen.exe"

Pak se pokusφ poslat sebe sama na vÜechny adresy, nalezenΘ v adreß°φch programu Outlook.

Worm vytvo°φ navφc skript pro program mIRC se jmΘnem script.ini. Tak je schopen poslat sebe sama dalÜφm u₧ivatel∙m, kte°φ se p°ipojφ na stejn² kanßl IRC jako infikovan² u₧ivatel. Worm je tΘ₧ schopen m∞nit aliasy u₧ivatel∙ IRC, a to v zßvislosti na slovech pou₧it²ch p°i diskusi.

Pokud je na infikovanΘm poΦφtaΦi provozovßn MS IIS Web Server, worm se pokusφ o Üφ°enφ i na poΦφtaΦe u₧ivatel∙, kte°φ takov² web navÜtφvφ. Zkopφruje sebe sama do souboru C:\INETPUB\WWWROOT\WEB.EXE a vytvo°φ soubor DEFAULT.HTM ve stejnΘm adresß°i. Pokud u₧ivatel p°istoupφ na tuto strßnku, prohlφ₧eΦ jej vyzva, aby ulo₧il Φi spustil program web.exe.

Odstran∞nφ:

• sma₧te vÜechny nalezenΘ infikovanΘ soubory
• odstra≥te vÜechny polo₧ky z registry, kterΘ na tyto soubory ukazovaly
• pokud na infikovanΘm poΦφtaΦi provozujete MS-IIS Web Server, odstra≥te takΘ soubory default.htm a web.exe

Zdroj: Alwil software - v²robce antiviru AVAST

Jedno·Φelov² antivirus:

N∞kolik dobr²ch rad:

P°ed pou₧itφm jedno·Φelov²ch antivir∙ je vhodnΘ vypnout stßvajφcφ antivirov² systΘm a to p°edevÜφm on-access skener (Φasto oznaΦovßn jako rezidentnφ Ütφt).

Pokud jde o hojn∞ pou₧φvan² antivirus AVG 6.0, pak se onen rezidentnφ Ütφt vypφnß zaÜkrtßvacφ volbou v jednΘ ze zßlo₧ek AVG Control Center (ikonka na liÜt∞ vpravo dole). ╚ty°barevnß ikonka by m∞la zeÜednout.

Ve Windows XP a ME je taktΘ₧ vhodnΘ vypnout funkci OBNOVA SYST╔MU (RESTORE SYSTEM), kterß by pozd∞ji brßnila smazßnφ infikovan²ch soubor∙, kterΘ "uvφzly" v adresß°φch _RESTORE (Windows ME) nebo SYSTEM INFORMATION VOLUME (Windows XP).

Postup pro Windows ME: