Did this Info help.


Current Virus Alerts 


Several vunrabilities exist in Microsft windows Xp if you have Xp go to windows security center to see how you can protect your PC by enableing your firewall and automatic updates. You can also optain Windows Service Pack 2 here



W32 Beagle

Beagle removal tool

The Beagle virus is a virus that is transmitted by e-mail. Once infected the virus sends it's self out to other recipients in your address book. The virus also changes the return address on the message that was sent to a randomly picked address in your address book in the attempt to hide it's origin. The Beagle also sends an attachment with the e-mail. This attachment is usually a .zip or .rar file, the attachment is also password protected and requires you to type in the password that is given.This virus also states to be from your Internet Service Provider. This is some of the common message type.

From :

management@your ISP
administration@your ISP
staff@your ISP
noreply@your ISP
support@your ISP

Subject :

Account notify
E-mail account disabling warning.
E-mail account security warning.
Email account utilization warning.
Email report
E-mail technical support message.
E-mail technical support warning.
E-mail warning
Encrypted document
Fax Message Received
Forum notify
Hidden message
Important notify
Important notify about your e-mail account.
Incoming message
Notify about using the e-mail account.
Notify about your e-mail account utilization.
Notify from e-mail technical support.
Protected message
Re: Document
Re: Hello
Re: Hi
Re: Incoming Fax
Re: Incoming Message
Re: Msg reply
RE: Protected message
RE: Text message
Re: Thank you!
Re: Thanks :)
Re: Yahoo!
Request response
Site changes
Warning about your e-mail account.


Body Text:

Greeting -

Dear user of ( your ISP name),
Dear user of ( your ISP name ) e-mail server gateway,
Hello user of (your ISP name ) e-mail server,
Dear user, the management of ( your ISP name ) mailing system wants to let you know that,

Main message body - (possible messages)

1. Your e-mail account has been temporary disabled because of unauthorized access.

2. Our main mailing server will be temporary unviable for next two days, to continue receiving mail in these days you have to configure our free auto-forwarding service.

3. Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information.

4. We warn you about some attacks on your e-mail account. Your computer may contain viruses, in order to keep your computer and e-mail account safe, please, follow the instructions.

5. Our anti virus software has detected a large amount of viruses outgoing from your email account, you may use our free anti-virus tool to clean up your computer software.6. Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Welchia virus

The Welchia Virus takes advantage of some of the same flaws in windows that the Blaster Viruse Exploits. If you have Windows XP please download and run this free removal tool, once this is done be sure to do your Windows updates and use a antivirus program to further protect your system. Click here for the free removal tool. and select open to run this tool.


W32.Blaster.Worm is a worm that exploits the DCOM RPC vulnerability using TCP port 135. The worm targets only Windows 2000 and Windows XP machines. We recommend downloading and running the removal tool and patch. Also make sure you have a virus program installed and that it is up to date.

Click here for the removal tool . Click here for the patch to prevent future infection

We also recommend visiting the symantec web site for more info. www.symantec.com


W32 KLEZ was first discovered on April 17 2002. This virus is a variant of the older Klez virus. This virus enters your computer via e-mail. After the initial infection the virus, like many others  looks in your ICQ and address books. After finding recipients it e-mails all a copy of  it's self, and has the ability to randomly add a unique subject line to the e-mails, to make it look harmless, (i.e.: thought you would like this, it's cute). This e-mail will be sent with your return address or from one in  your address book. After reproducing the virus then goes to your program files and begins to infect them. Any files that are infected will not be able to be fixed and will have to be uninstalled and reinstalled. This includes your virus protection program if infected. The most common reason for infection is not having a virus program installed or using out a date definitions. To obtain a free KLEZ removal tool click here

What Is NIMDA?

NIMDA is a complex threat that attacks through many different vulnerabilities, possibly existing on your computer. Once infected, your PC will begin to rapidly infect other machines, causing enormous volumes of traffic over the Internet and impacting the overall system performance of the Internet  and your computer(s).

How Does It Spread?

NIMDA primarily spreads through e-mail and web-browsing activities. Unlike past e-mail viruses, NIMDA can infect your computer if you merely read, or even preview an e-mail with the virus attached. Similarly, your computer can become infected just by browsing to an infected web site. The virus can also spread through shared networked drives, and for computers running Windows NT 4.0 or Windows 2000, through the web server component.

How To Protect Your PC

The common vulnerability that the NIMDA worm exploits lies with certain versions of the Internet Explorer® program. If you use Internet Explorer as a web browser on your computer or use Outlook or Outlook Express, you will need to download the appropriate patch from Microsoft to protect both your system and the Final Communications Network. To update Internet Explorer Version 5.01 and 5.5, follow the link


Note: Internet Explorer Version 5.01 Service Pak 2, Version 5.5 Service Pack 2 and Version 6.0 are not vulnerable. If you are not sure which version you are running, we suggest you download and install the patch as a precaution, or click here to download Internet Explorer 6.

If you are running Internet Information Services (IIS) on Windows 2000 or Windows NT, you should uninstall that component from your system. If you choose not to remove the software, you will need to ensure you have downloaded all the necessary patches. A cumulative patch for IIS 4.0 and IIS 5.0 is available at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-044.asp.

Remember, if you are operating a home network, you should take the steps outlined above on each of your computers, not just the machine used as the internet server.

As always, we  strongly recommends the use of updated anti-virus and personal firewall software on all of your computers.

Please be aware that should your machine become infected and start impacting the performance of the Final Communications  network, will have no choice but to disable your account until problem is remedied.

For more information on the NIMDA worm, please visit:

SANS Emergency Incident Handler at http://www.incidents.org/react/nimda.php

Symantec at http://www.sarc.com/avcenter/venc/data/w32.nimda.a@mm.html

Microsoft at http://www.microsoft.com/security

CERT at http://www.cert.org/current/current_activity.html#port80

The Homepage virus

This virus comes in a attachment labeled homepage.vbs and and has a subject of homepage . The message reads you've got to see this page its really cool.
homepage.HTML.vbs, if clicked on ,  will mass-mail itself to all recipients listed in your Windows address book. The worm then deletes all the sent messages from the Sent folder and the Deleted Items folder with the subject line "Homepage". The worm then modifies your computers  registry as an indicator to itself that the mailing  has been performed:
The Homepage worm then attempts to randomly open one of four x-rated web sites.

While this virus is not intent on doing any damage directly to your computer, it  may cause internet and mail slowdowns and even servers to crash due to the increased traffic and demands it puts on them.


I love you 

If you receive a E-mail  with this as the subject it may be  a virus, this is the most wide spread virus since Melissa a year or so ago . Variants of this have already occurred . This tempts the recipient to open a attachment that is disguised as a love letter. Once opened the virus infects your computer, and proceeds to send itself to all contacts in your Outlook or Outlook express mail program . It can also corrupt files on your hard disk.  Visit http://www.symantec.com for a more detailed description. VBS love letter Fix can be found HERE

Pretty Park.Worm

This worm program behaves similarly to Happy99 Worm. It was originally spread by email spamming from a French email address. The first report of this worm was submitted through our exclusive Scan & Deliver system on May 28, 1999 from France. When the attached program file, PrettyPark.exe, is executed, it may display the 3D pipe screen saver. 

Once the worm program is executed, it tries to email itself automatically every 30 minutes (or 30 minutes after it is loaded) to email addresses registered in your Internet address book.

It also tries to connect to an IRC server and join a specific IRC channel. The worm sends information to IRC every 30 seconds to keep itself connected, and to retrieve any commands from the IRC channel.

Via IRC, the author or distributor of the worm can obtain system information, including the computer name, product name, product identifier, product key, registered owner, registered organization, system root path, version, version number, ICQ identification numbers, ICQ nicknames, victim's email address, and Dial Up Networking username and passwords. In addition, being connected to IRC opens a security hole in which the client can potentially be used to receive and execute files.

It creates a file called files32.vxd in the Windows\System directory and modifies the following registry entry value from "%1" %* to files32.vxd "%1" %* without your knowledge:


Download the Pretty Park.worm removal tool from Symantec . Click Here

Happy 99 

If you receive a E-mail with a attachment called happy 99 don't open it. Most likely its a Worm / Trojan Horse Virus Designed to crash E-mail servers, but has also been noted to cause mail programs on individual machines to crash, lock or not work at all. If you clicked on the attachment  and saw fireworks your probably infected with this virus. One way to check and see if you have this virus it to go to the start button then find and  search for files called *.ska if you find any you have this virus.

Worm Explorer.Zip

Here is another type of Worm / Trojan Horse Virus that is fairly new, this one is similar to the happy 99 virus but will do  damage to  files on your computer or network . It will actively search out files with these extensions and try to destroy them ( .h .c .cpp .asm .doc .xls ) this one usually shows up in your mail  labeled as attached zipped docs.


This is a word macro virus and is  spread thru email also . It does this by sending a infected word macro document . The Subject will appear in the E-mail as

Important message from<name>

And the message will state here is the document you requested , don't show anyone else!!!

These are Just a few that have been going around lately that you should be on the lookout for. 

Remember :  Be wary of clicking on files from people you don't know.

Or suspicious files. Especially ones with the extension .exe . Also use a good virus program , for its ease of use and one button update feature I recommend Norton Anti-Virus version 5.0 or 2000 

For the latest virus info check out 

Click here for a list of virus hoaxes

344 central Ave.
Silver Creek NY. 14136
copyright © Final Communications