Hello! I've read about this worm: JS/Yamanner recently and it's currently spreading here in Romania. I've seen in version 1.1595 that NOD32 added JS/Yamaihoo.A. Is this the same one? Here's a description of the worm: http://www.avira.com/en/threats/section/fulldetails/id_vir/2128/js_yamanner.html It comes in an e-mail from %collected email email@example.com %collected email firstname.lastname@example.org with the following subject: New Graphic Site One of my friends actually received it and clicked on it and the e-mail was sent to almost evryone in his address book. He uses NOD32 but he saw no warning.