I don't know about Norton but I'm pretty sure most (if not all) AV software can't scan a ZIP file for a virus. As Darrell said...why would ANY admin open an attachment in a message that comes to your admin address knowing that admin mail is NOT screened for viruses? Ask yourself: why would ANYONE be sending you a FILE attachment of ANY sort to your admin address? Also ask yourself if the address "administrator @ rootsweb" sounds like an official RootsWeb address you have ever heard of or from which you have ever received mail. RootsWeb staff addresses would be a person's name or listmaster, etc. @rootsweb.com. Joan In a message dated 1/31/2013 11:56:28 A.M. Eastern Standard Time, darrellm@sprynet.com writes: On 1/31/2013 10:28 AM, Larry M. Weatherly wrote: > > I may be the only fortunate (NOT) one to have received an email > addressed to one of my Iowa lists - though from the cc list I suspect > that there are others out there. > > This email is from: Administrator - and has headers as follows: >> Subject: FW: Company 2013 Report >> >> Signature: Digitally signed by administrator@rootsweb.com >> File Validity: 01/31/2013 >> Company : http://rootsweb.com >> File Format: Office - Excel >> Internal Name: Company Report >> Legal Copyright: ) Microsoft Corporation. All rights reserved. >> Original Filename: 2013 Report.xls > > Since it appeared suspicious to me I scanned the zip file with Norton > and did not receive any errors. However, as soon as I initiated an > unzip Norton jumped in and deleted the z.bot virus in the attachment. > > So - if it appears in your inbox - you know what to do! > > Be well and at peace! > Larry Larry: Why in the world did you ever try to open the .zip file? You had more than adequate evidence that this was not a legitimate message. Everything about it screams, "Go back! It's a trap!!" Doing anything besides deleting the whole thing, UNOPENED, was like testing to see if there are rattlesnakes in your sleeping bag by crawling in. It was only by good fortune that you got away cheaply. If Norton had not yet been updated to recognize that version of z.bot, then your computer would be in a world of hurt. Not that I have an opinion, or anything. Darrell ------------------------------- To unsubscribe from the list, please send an email to LISTOWNERS-request@rootsweb.com with the word 'unsubscribe' without the quotes in the subject and the body of the message

Quite correct Joan, but see the following which I found "AVG FREE Anti-virus 2011 or 2012 are just fine. You do not have a vulnerability with AVG since it will scan any file BEFORE ANY program on your computer can load or read it. What you are over looking is that zip files are compressed. Because they are compressed it is impossible for any anti-virus program to detect virus's contained in them since the data in the files are UN-intelligible. By un-zipping a zip file, all of the files contained in it will be extracted and decompressed and written to disk as individual files. Only then can an a-v program scan them for virus's. The un-zip process itself is not in any danger from any virus's that might be contained in the zip file. By design, AVG a-v FREE always scans files at the time that any program does the open function, before the program itself actually reads the file. That is how all real-time anti-virus programs work. So you are perfectly safe already." Tom On Thu, 31 Jan 2013 12:48:50 -0500 (EST), JYoung6180@aol.com wrote: >I don't know about Norton but I'm pretty sure most (if not all) AV software > can't scan a ZIP file for a virus. As Darrell said...why would ANY admin >open an attachment in a message that comes to your admin address knowing >that admin mail is NOT screened for viruses? Ask yourself: why would ANYONE be >sending you a FILE attachment of ANY sort to your admin address? Also ask >yourself if the address "administrator @ rootsweb" sounds like an official >RootsWeb address you have ever heard of or from which you have ever >received mail. RootsWeb staff addresses would be a person's name or listmaster, >etc. @rootsweb.com. > >Joan > > >In a message dated 1/31/2013 11:56:28 A.M. Eastern Standard Time, >darrellm@sprynet.com writes: > >On 1/31/2013 10:28 AM, Larry M. Weatherly wrote: >> >> I may be the only fortunate (NOT) one to have received an email >> addressed to one of my Iowa lists - though from the cc list I suspect >> that there are others out there. >> >> This email is from: Administrator - and has headers as follows: >>> Subject: FW: Company 2013 Report >>> >>> Signature: Digitally signed by administrator@rootsweb.com >>> File Validity: 01/31/2013 >>> Company : http://rootsweb.com >>> File Format: Office - Excel >>> Internal Name: Company Report >>> Legal Copyright: ) Microsoft Corporation. All rights reserved. >>> Original Filename: 2013 Report.xls >> >> Since it appeared suspicious to me I scanned the zip file with Norton >> and did not receive any errors. However, as soon as I initiated an >> unzip Norton jumped in and deleted the z.bot virus in the attachment. >> >> So - if it appears in your inbox - you know what to do! >> >> Be well and at peace! >> Larry > >Larry: > >Why in the world did you ever try to open the .zip file? You had more >than adequate evidence that this was not a legitimate message. >Everything about it screams, "Go back! It's a trap!!" Doing anything >besides deleting the whole thing, UNOPENED, was like testing to see if >there are rattlesnakes in your sleeping bag by crawling in. > >It was only by good fortune that you got away cheaply. If Norton had not >yet been updated to recognize that version of z.bot, then your computer >would be in a world of hurt. > >Not that I have an opinion, or anything. > >Darrell > > > >------------------------------- >To unsubscribe from the list, please send an email to >LISTOWNERS-request@rootsweb.com with the word 'unsubscribe' without the quotes in the subject >and the body of the message > > >------------------------------- >To unsubscribe from the list, please send an email to LISTOWNERS-request@rootsweb.com with the word 'unsubscribe' without the quotes in the subject and the body of the message