That is the BadTrans virus, not something you want to open! What the virus does is respond to unread email, quoting a portion of your original message with a line at the bottom that says "Please see to the attachment." This virus has several names for the attachments, so don't rely on the name of the attachment! Here is the technical description from Symantec (Norton): "When the worm is executed, it drops the backdoor Trojan Hkk32.exe in the \Windows folder, and then executes it. It then copies itself into the Windows folder as inetd.exe, adds a run= line to the Win.ini, and displays the following message: "File data corrupt: Probably due to bad data transmission or bad disk access." The next time that the computer is rebooted, the worm will wait for 5 minutes, then it will use MAPI to find all unread email messages and reply to all of them. The worm will attach itself to the email, using one of the following file names:" Pics.ZIP.scr images.pif README.TXT.pif New_Napster_Site.DOC.scr news_doc.scr hamster.ZIP.scr YOU_are_FAT!.TXT.pif searchURL.scr SETUP.pif Card.pif Me_nude.AVI.pif Sorry_about_yesterday.DOC.pif s3msong.MP3.pif docs.scr Humor.TXT.pif fun.pif (More info can be found at http://www.symantec.com/avcenter/venc/data/w32.badtrans.13312@mm.html) Some of these file names would prompt me not to open it anyway! If you have an anti-virus program, update the virus definitions and scan all files on your hard drive. If you don't have an anti-virus program, (I strongly suggest that you get one) then check out the following site: http://www.angelfire.com/or/matney/page1.html There is some good info there as well as a demo program that will remove the virus from your computer. Hope that helps. Best Regards, Angela ----- Original Message ----- From: LINEDEW@aol.com To: OHPERRY-L@rootsweb.com Sent: Monday, May 07, 2001 9:17 PM Subject: Re: [OHPerry] Virus - Enough Said *Sorry but I must ask a question I don't know enough about this to talk about it but please let me share this & maybe get some help. I placed a question on this board & some time later received a couple of responses stating in the Subject that it was in re to my line I was asking about. Excited I hit download & then tried to open it. Under file name it listed - CARD under Save as type - PIF files. It said" file data corrupt, probably due to bad data transmission or bad disc." I don't know if I didn't properly download , if it was a virus, or if I wasn't computer smart enough . I did have reservations about this as it said- Me_nude.AVI. Subject RE: OH. Perry CO. Surname Search . Dated 5-2-01 4:33 p.m. 1st. Boot. It was from graystone@comteck.com (Paul Thomas). It appeared ok to me. Do you know if this could be a regular on OHPERRY-L ? I certainly hope so as I am in need of help on my John Brown line?