The Stinger tool now protects against Beagle.M (detects it as Bagle-n) and
the local and remote versions are available at:
FYI, the very newest Beagle virus out today, called W32.Beagle@mm!rar,
comes with .rar (rather than .zip) attachments. I have asked TSG if we
block against .rar attachments at the email gateway because I honestly
cannot remember, and I am waiting for a response. Someone who receives an
infected .rar attachment would still need to open the .rar, type in the
password given in the email, then open the .exe inside of it. Obviously,
no one should do this so please don't follow the instructions.
Problems or questions regarding Beagle.M or W32.Beagle@mm!rar should be
directed to CIT Helpline at [log in to unmask] or 6-2604. TSG or I will
update this group with the answer about the .rar files, although I
personally will be away from email for several hours today.
On Sat, 13 Mar 2004, Stefanie Ploof wrote:
> Beagle.M was discovered by antivirus organizations sometime earlier today
> as a level 2/low threat, but due to increased prevalence it has been
> upgraded to a level 3/medium alert.
> I have forced beta virus definitions onto the central servers since live
> update/intellgent update definitions are not yet published. This means if
> you are using a computer with the on-campus/managed version of SAV you
> will have to wait for the central servers to push virus definitions to you
> because you won't be able to live update successfully.
> More information about Beagle.m (aka *Bagle-n*) can be found at:
> [log in to unmask]" target="_blank">http:[log in to unmask]
> Stand-alone removal tools are not yet available from any of the reputable
> antivirus organizations, however a full scan using SAV with 3/13/2004
> virus defs should detect and clean up after Beagle.M. I will update the
> list if/when a tool becomes available.
> Questions or problems regarding Beagle.M should be directed to CIT
> Helpline at [log in to unmask] or 6-2604.