Hi Eileen, Sorry to not give this to you directly but this is critical. Everyone pay attention. =============================================== - Two new worms strike down systems exploiting the Plug and Play (PnP) vulnerability, reports Panda Software- - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Several media, like CNN, ABC and The New York Times, affected Madrid, August 17 2005 - PandaLabs reports attacks from two new worms, Zotob.D and IRCBot.KB, that exploit a vulnerability in Plug and Play (PnP) service, which Microsoft recently published on its Security Bulletin MS05-039, that could allow a remote attacker take control of the affected system. Several media, like CNN, ABC or The New York Times have been affected. To exploit the vulnerability mentioned above, both generate random IP addresses to which they try to connect through port 445, searching vulnerable systems. If found, they will send instructions to download a copy of the worm by TFTP (a simplified version of the traditional FTP protocol). They both get installed on the systems, modifying a registry key to ensure its execution on every system startup, and initialize a backdoor component which is available through IRC, awaiting orders in a specified channel, which could allow a remote attacker take control of the system. It only spreads to systems having operating systems Windows 2000, XP and Windows Server 2003. In addition, Zotob.D, searches for the most popular adware programs to delete their files and directories. The visible effects which these worms caused in the affected machines are the repeatedly shutting down and rebooting, so that it could be very dangerous in corporate environments. Panda Software recommends users to download the patch offered by Microsoft which appeared just some days ago. The web page to download this patch is available at: http://www.microsoft.com/technet/security/bulletin/ms05-039.mspx To help as many users as possible scan and disinfect their systems, Panda Software offers its free, online anti-malware solution, Panda ActiveScan, which now also detects spyware, at http://www.activescan.com. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free from ht tp://www.pandasoftware.com/partners/webmasters. Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software's website (htt p://www.pandasoftware.com/about/subscriptions/) and complete the corresponding form. More information about these and other threats is available in Panda Software's Encyclopedia at: http://www.pandasoftware.com/virus_info/encyclopedia/ NOTE: The addresses above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ============================================= This is from PandaLabs and I have been using them as a third source of anti's. Very dependable. Kenneth R Sword Jr

-ORANGE VIRUS ALERT: Panda Software offers free tools for eliminating the Zotob and IRCBot worms- Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, August 17 2005 - To prevent the Zotob and IRCBot worms from continuing to spread, above all through computers that do not have effective anti-malware protection installed, Panda Software has made its free PQRemove applications available to all users, which detect and eliminate all known variants of Zotob, as well as IRCBot.KC and KD from any computer that could be affected. These tools can be downloaded from http://www.pandasoftware.com/download/utilities/ Proof of the threat posed by these new malware specimens is that over the last few hours, companies and media like DaimlerChrysler, Kraft Foods, UPS, General Electric or the Financial Times, have joined those initially affected, like CNN, ABC, The New York Times, Caterpillar or the US Congress. The fact that the ABC TV network had to use electric typewriters to finish their World News Tonight news program shows the seriousness of these attacks. In order to protect yourself against these new malware specimens, it is highly advisable to download and install the update released by Microsoft, at http://ww w.microsoft.com/technet/security/bulletin/ms05-039.mspx. To prevent these new variants of Zotob or IRCBot from affecting your computer, Panda Software recommends keeping antivirus software up-to-date. Panda Software clients can already access the updates to detect and disinfect these new malicious codes. TruPreventTM proactive detection technologies from Panda Software block these worms without the need for previous updates, so systems with these technologies installed have been protected from the moment that each of these malicious codes appeared. Panda Software clients that don't yet have these technologies already have the updates available to install them along with their antivirus and ensure they have preventive protection against unknown viruses and intruders such as Zotob or IRCBot. For users with a different antivirus program installed, Panda TruPrevent(tm) Personal is the perfect solution, as it is both compatible with and complements these products, providing a second layer of preventive protection that acts while the antivirus is updated, decreasing the risk of infection. More information about TruPreventTM Technologies at http://www.pandas oftware.com/truprevent To help as many users as possible scan and disinfect their systems, Panda Software offers its free, online anti-malware solution, Panda ActiveScan, which now also detects spyware, at http://www.activescan.com. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free from ht tp://www.pandasoftware.com/partners/webmasters. Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software's website (ht tp://www.pandasoftware.com/about/subscriptions) and complete the corresponding form. More information about these and other threats is available in Panda Software's Encyclopedia at: http://www.pandasoftware.com/virus_info/encyclopedia/ NOTE: The addresses above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ------------------------------------------------------------

That's Ok Kenneth! Thanks for that information, I will send out a forum! :)

Thanks.

Your Welcome Gene :)