I've gotten two copies of this E-Mail tonight. Both we're stopped by Norton's AV -- the attached files contained a virus called W32.Frethem.K@mm. This is one I have not seen before so I thought I'd pass the information on. The text of the E-Mail is shown below my signature. Here's what Norton's says about this virus: W32.Frethem.K@mm is a worm, and is a variant of W32.Frethem.B@mm. It uses its own SMTP engine to send itself to email addresses that it finds in the Microsoft Windows Address Book and in .dbx, .wab, .mbx, .eml, and .mdb files. The email message arrives with the following characteristics: Subject: Re: Your password! Attachments: Decrypt-password.exe and Password.txt Also Known As: I-Worm.Frethem.l [AVP], W32/Frethem.l@MM [McAfee], WORM_FRETHEM.K [Trend], W32/Frethem-Fam [Sophos] Type: Worm Infection Length: 48,640 bytes Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me Systems Not Affected: Macintosh, Unix, Linux CVE References: CVE-2001-0154 Regards from the "Keyboard Cowboy", Master NetLord ,,,,, Ô¿Ô¬ Cincinnati, Ohio Scottsdale, Arizona «::::»¤«::::»¤¤«::::»¤«::::» Monday 07/15/2002 9:20:18 PM ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ATTENTION! You can access very important information by this password DO NOT SAVE password to disk use your mind now press cancel (M. S. Tinarwo) A T T A C H E D F I L E S I N L I N E D I S P L A Y Attached text follows, filename: password.txt To unsub or change your email settings: //www.freelists.org/webpage/pctechtalk To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/