Correction to previous notice: It is not the Netsky.D virus. It is W32.Beagle/W32.Bagle (.H or .I). Sorry about the misinformation. I was only passing on what had been posted on the Listowners Mailing List. Doesn't really matter though, since this new infection is spreading like wildfire. The AV people estimate the chances of receiving an email with the infection is about 1:19. So, if you receive 190 emails daily, you might receive 10 infected messages. SgtGeorge ********************************************** (Please do not reply to this notice here on the Mailing Lists. If you must discuss it, contact the manager of the List.) Have any of you been receiving the latest Netsky.D infection? It's been hitting hard and heavy. I've seen quite a few posts on other Mailing Lists about it and McAfee wasn't catching it. Neither were AOL's AV software or any other server's software. BUT..... my AVG Pro DID catch it! Hooray! (AVG Pro has been updated 5 times in the past 32 hours!) FOR YAHOO EMAIL USERS (and probably others): Netsky.D is faking emails from Yahoo about users' accounts. Here is what the fake email looks like: ********************************************** Dear user of Yahoo.com, Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. For details see the attached file. Attached file protected with the password for security reasons. Password is 66482. The Management, The Yahoo.com team http://www.yahoo.com Attachment TextDocument.zip .zip file Scan and Download Attachment Scan and Save to my Yahoo! Briefcase ********************************************** DO NOT OPEN THE SUPPOSED TEXTDOCUMENT.ZIP !!!!! It is the Netsky.D virus!!!!! If you open it, you are infected immediately. Netsky.D will probably be sending itself purporting to be from other email services. Do not click on the attachment! Do not do ANYTHING with the email except delete it. If your Anti- Virus program is working AND has been updated during the past few hours, the AV program probably caught it. As of this morning McAfee hadn't updated virus definitions for it. They probably have by now. Regards, SgtGeorge -- Outgoing mail is certified Virus Free. Checked by AVG Anti-Virus (http://www.grisoft.com). Version: 7.0.225 / Virus Database: 262.1.3 - Release Date: 3/3/04

George Norton Antivirus 2003 Professional Edition has also up dated their virus definitions to include more that what they had on Monday. Monday their list before I went live to update today took care of: W32.Beagle.A@mm W32.Beagle.B@mm , C, D, & E. The live update today has included up-dates for F, F@mm[zip ], G, H, I, J, & K strains of this virus. This program also is protecting against: W32.Netsky.B@mm W32.Netsky.C@mm W32.Netsky.D@mm W32.Netsky.dam W32.Netsky.E@mm W32.Netsky.F@mm W32.Netsky.gen W32.Netsky@mm I am glad to say that we have not been infected with any virus for two weeks now. That is our programs have stopped or killed all viruses before they infected our system. Jim ----- Original Message ----- From: George W. Durman <GeorgeWDurman@comcast.net> To: <BROYLES-L@rootsweb.com> Sent: Wednesday, March 03, 2004 9:48 AM Subject: [BROYLES] Nasty New Virus "Netsky.D" (Update-Actually W32.Beagle/W32.Bagle (.H or .I)) > Correction to previous notice: > > It is not the Netsky.D virus. It is W32.Beagle/W32.Bagle (.H or .I). > Sorry about the misinformation. I was only passing on what had > been posted on the Listowners Mailing List. Doesn't really matter > though, since this new infection is spreading like wildfire. The > AV people estimate the chances of receiving an email with the > infection is about 1:19. So, if you receive 190 emails daily, you > might receive 10 infected messages. SgtGeorge > > ********************************************** > > (Please do not reply to this notice here on the Mailing Lists. > If you must discuss it, contact the manager of the List.) > > > Have any of you been receiving the latest Netsky.D infection? > It's been hitting hard and heavy. I've seen quite a few posts on > other Mailing Lists about it and McAfee wasn't catching it. > Neither were AOL's AV software or any other server's software. > BUT..... my AVG Pro DID catch it! Hooray! (AVG Pro has > been updated 5 times in the past 32 hours!) > > > FOR YAHOO EMAIL USERS (and probably others): > > Netsky.D is faking emails from Yahoo about users' accounts. > Here is what the fake email looks like: > > ********************************************** > Dear user of Yahoo.com, > > Your e-mail account will be disabled because of improper using in > next three days, if you are still wishing to use it, please, resign > your account information. > > For details see the attached file. > > Attached file protected with the password for security reasons. > > Password is > 66482. > > The Management, > The Yahoo.com team > > http://www.yahoo.com > > Attachment > TextDocument.zip > .zip file > > Scan and Download Attachment > Scan and Save to my Yahoo! Briefcase > ********************************************** > > DO NOT OPEN THE SUPPOSED TEXTDOCUMENT.ZIP !!!!! > It is the Netsky.D virus!!!!! If you open it, you are infected > immediately. > > Netsky.D will probably be sending itself purporting to be from > other email services. Do not click on the attachment! Do not > do ANYTHING with the email except delete it. If your Anti- > Virus program is working AND has been updated during the > past few hours, the AV program probably caught it. As of this > morning McAfee hadn't updated virus definitions for it. They > probably have by now. > > Regards, > SgtGeorge > > > -- > Outgoing mail is certified Virus Free. > Checked by AVG Anti-Virus (http://www.grisoft.com). > Version: 7.0.225 / Virus Database: 262.1.3 - Release Date: 3/3/04 > > > > ==== BROYLES Mailing List ==== > You can contact the List Manager at: > broyles-admin@rootsweb.com > > ============================== > Gain access to over two billion names including the new Immigration > Collection with an Ancestry.com free trial. Click to learn more. > http://www.ancestry.com/rd/redir.asp?targetid=4930&sourceid=1237 > >