W32/Netsky.b@MM

[ZWarrior]

(((((((((((((((((((( McAfee Dispatch )))))))))))))))))))))))

[This message is brought to you as a subscriber to the McAfee Dispatch. To unsubscribe, please follow the instructions at the bottom of this email.]

------------------------------------------------------------
            ** VIRUS ADVISORY - W32/Netsky.b@MM **
------------------------------------------------------------

Dear W. Andy,

W32/Netsky.b@MM is a Medium Risk mass-mailing worm that copies itself to folders named "share" or "sharing" on the infected system. It spreads itself to addresses it steals, spoofing or forging the "from: field" or using the address skynet@skynet.de. The worm also tries to deactivate the W32/Mydoom.a@MM and W32/Mydoom.b@MM viruses on the host computer.

Caution: An infected email can come from addresses you recognize.
------------------------------------------------------------
***What to look for***

Subject-Body: Varies. Examples include:

-I have your password!
-about me
-anything ok?
-do you?
-from the chatter

Attachment: Varies but may have a double-extension such as .rtf.pif contained in a .ZIP file.

Aliases: Moodown.B, I-Worm.Moodown.b
------------------------------------------------------------

Up-to-date McAfee VirusScan users with DAT 4325 are protected from this threat.

Learn More about W32/Netsky.b@MM
==> http://us.mcafee.com/root/campaign.asp?cid=9647

Scan for W32/Netsky.b@MM:
==> http://us.mcafee.com/root/campaign.asp?cid=9648

[ZWarrior]

New variant:



------------------------------------------------------------
            ** VIRUS ADVISORY - W32/Netsky.c@MM **
------------------------------------------------------------

A new variant of last week's Netsky virus, W32/Netsky.c@MM is a Medium Risk mass-mailing worm that also copies itself to folders named "share" or "sharing" on an infected system.
It spreads by stealing email addresses, spoofing or forging the "from: field". Like its earlier counterpart, the worm tries to deactivate the W32/Mydoom.a@MM and W32/Mydoom.b@MM viruses on the host computer.

Upon infection, W32/Netskyk.c@MM will also spread via P2P programs like KaZaa, Bearshare and Limewire that use shared folder names containing the words "share" or "sharing".

Note: The attachment may be either a ZIP file (with the
worm) or an executable, with a single (.doc, .htm, .rtm,
.text) or double file extension (.com, .exe, .pif, .scr).
Filenames that are carried within the worm include:

3D Studio Max 3dsmax.exe
Adobe Photoshop 9 full.exe
Adobe Premiere 9.exe
Ahead Nero 7.exe
Best Matrix Screensaver.scr

Caution: An infected email can come from someone you know.

What to look for:

Subject/Body: Varies. Examples include:

-Your provider will be disabled!
-tell me more about your document!
-explain!
-do not visit the pages on the list I sent!
-do not open the attachment!

Attachment: Varies. Examples include:

-454543403
-aboutyou
-associal
-attach2
-auction
-transfer

------------------------------------------------------------

NOTE: Up-to-date McAfee VirusScan users with dat 4328 are protected from this threat.

Learn More about W32/Netsky.c@MM
==> http://us.mcafee.com/root/campaign.asp?cid=9690

Scan for W32/Netsky.c@MM:
==> http://us.mcafee.com/root/campaign.asp?cid=9691

____________________________________________________________

[snauzberries]

YAY ANOTHER TOY!


hmmmmm hey jolly want a worm?