On 2004-03-04 09:13, Angus Macdonald wrote: > That's what bagle does. All we can tell from this is that someone that has > the list in his or her address book has been infected. Bagle look through much more than just the address book: http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.j@xxxxxxx [...] 7. Scans files on the local drives with the following extensions: * .adb * .asp * .cfg * .cgi * .dbx * .eml * .htm * .mdx * .mmf * .msg * .nch * .ods * .php * .pl * .sht * .tbb * .txt * .uin * .wab * .xml and collects any email addresses it finds. Also, http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=101071 Virus writers are getting smart about playing with psychology: users tend to trust messages coming from the administration of their ISP, particularly when it impacts their ability to send email. -- Glenn Jackman NCF Sysadmin glennj@xxxxxx ******************************************************** This Weeks Sponsor StressedPuppy.com Games Feeling stressed out? Check out our games to relieve your stress. http://www.StressedPuppy.com ******************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm