Automated PC Solutions       VACM - Virus Alerts for the Common Man VACM Home APCS Home Links      Contact APCS "get it" links:         #1 AntiSpyware #1 AntiVirus   #1 Personal Firewall

Attachments "foto.zip" and "fotos.zip" are VIRUSES

Attachments "foto.zip" and "fotos.zip" are VIRUSES.

It will send itself to everyone you know AND open a
backdoor to your system on port 80, allowing the virus
writers full access to your system over the internet.
It will also infect other systems that you are
networked with.

It also spreads through P2P networks (such as Kazaa
and others).

Dubbed WORM_Beagle.AI, Beagle.AV, and Downloader.Ject.D,
Beagle.AI is a downloader Trojan that attempts to shutdown
antivirus and security software running on infected systems.
Several AntiVirus vendors are reporting the Downloader
viruses among the top 10 most detected this past month.

Beagle.AI was discovered August 31, 2004.  It affects users
of Windows 2000, Windows 95, Windows 98, Windows Me,
Windows NT, and Windows XP.

Beagle.AI is not a mass-mailing email worm, it is a Trojan
that was emailed as spam to recipients on August 31, 2004.

If you double-click the attachment, you will infect your
system with the full virus which DOES do mass mailing of
itself to every email address found in your address book
and system in general.

The email you would have received had a subject line of
'foto', a message body that read just 'foto', and an
attachment named either 'foto.zip' or 'fotos.zip'.

This is a serious virus and needs to be dealt with if
you have infected system(s).  If you are not infected,
refer to the "What You Should Do" section of this alert
in order to avoid infection.

***************************************************
* What You Should Do
***************************************************
Long time VACM Subscribers know to NEVER double-click on
email attachments.  What you should do is, make sure
your antivirus is completely up to date, then and only
then, right-click on the attachment, choose "Save As",
save the attachment to your disk drive, and only then
will you have any confidence as to whether or not the
attachment is a virus because in the course of saving
the attachment, your antivirus software gets a chance to
scan the file being saved and will report if it is a
virus or not.

For full details on how to "Fear No Attachment", please
refer to the following VACM alert from year 2001:

http://www.apcsnh.com/vacm/vacm090501.html

If you did double-click on the "foto.zip" or "fotos.zip"
attachment, your are infected and you will need to
remove the virus from you system.  Use the removal
tool from Symantec for this task.  
You can find the removal tool and instructions here:

  Symantec Removal Tool

IMPORTANT: read the instructions for the removal tool!!!
Windows ME and Windows XP users MUST shut off the System
Restore function in order to remove this virus.

After running the removal tool per the Symantec instructions,
it is very advisable to do a manual virus definitions update
and then do a complete virus scan of your
system(s).

Best Regards,
Marc Deschenes, VACM Editor
The VACM Project at
Automated PC Solutions

*** Be sure to check out the appendix at the end of this alert if you are having trouble booting your computer into "Safe Mode". The process is all spelled out for you there.   Why should you be very concerned about Spyware? Learn how to avoid Identity Theft and Windows corruption in this free VACM Video:      VACM-tested #1 AntiSpyware Software How did they steal my Identity? Why do I get so much SPAM ? Why is your computer running so slow ? Today, every PC needs just a few protection softwares. Find out what and why. Visit our Links Page to avoid Indentiry Theft and costly computer repairs.    VACM Links to Protection Tools and Softwares Keep your PC Safe and Avoid a costly trip to the shop... with these VACM approved tools. You need 3 things to protect your PC(s) automatically. Use these links to go directly to the Download and Purchase pages: the best AntiSpyware product the best Firewall product the best AntiVirus product           Old Shotgun Shell Boxes are collector's items and worth good money!  (yes... just the empty boxes) get your   ShotShell BlueBook price guide now.     To cancel your subscription to VACM, reply to this email with the word UNSUBSCRIBE in the subject. If you click on the link below, the "unsubscribe" email will be created for you and you can simply hit "Send" in you email program: Create My Unsubscribe Email IMPORTANT: please include the email address at which you are currently receiving VACM Alerts in the body of the message.     ******** APPENDIX - Handy How-To Tips **********   * How To Boot into Safe Mode Shut the computer down so that the power is off. Turn the computer on, wait 1 second and begin pressing the F8 key on the keyboard, once every second repeatedly. Do this until the Windows Startup Menu appears. If you get a keyboard error, press F1 to resume and then continue pressing the F8 key once every second, or your PC may tell you to press another key for BIOS setup. Select Safe Mode from the Windows Startup Menu, then press the Enter key on the keyboard. Windows will then boot into Safe Mode. NOTE: This may take longer than a normal boot. At the end of the boot process a dialog box will appear informing you that Windows is in Safe Mode. Click OK on this dialog box. Windows is now in Safe Mode. If you miss hitting the F8 at the right time, Windows will boot normally and you will not see the "Safe Mode" message.  In this case, start from the top of these instructions until you get the boot menu screen where you can choose "Safe Mode".  This can be a little tricky the first time you do it.