I got the virus that W32 and it messed my computer up so bad that I had to reformat my entire computer....I threw away my old virus and went and bought Norton 2002, I still get about 8-10 messages a day from the different rootsweb mailing list.... Heather -----Original Message----- From: Mary Sue Lutz [mailto:[email protected]] Sent: Monday, November 26, 2001 10:44 PM To: [email protected] Subject: [RICHARDSON] virus My computer was OK and then I got messages from you and the virus started up again....it must be from one of your. I had messages from you earlier, too. ==== RICHARDSON Mailing List ==== To use the Richardson Query Board: http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson To review Archived messages: http://archiver.rootsweb.com/RICHARDSON-L

This has been beaten to death on various lists.You cannot get a virus through rootsweb.The virus will have come from a list member BUT it will not have come through rootsweb. -----Original Message----- From: Charline Burress <[email protected]> To: [email protected] <[email protected]> Date: Tuesday, November 27, 2001 3:27 AM Subject: Re: [RICHARDSON] virus >Oh, yes. You can get a virus from these lists. Thered was one on either the Lewis or Bishop list a few months ago. We/They >all shared info and got rid of it. > >Robert Hays wrote: > >> Pray tell Mary Sue ,, just who are you talking to ????????????????? >> I can assure you, you CANNOT get a virus from this list mail ,,, I repeat, virus' CANNOT be transmitted or received >> by/from any mail from this list. For you to catch a virus from an email the incoming email MUST be in HTML format or >> contain an attachment which you then open. Rootsweb will NOT accept either of the two, much less pass them on to everyone >> on the list. ALL (repeat, ALL) list mail is in Plain Text format which CANNOT contain a virus. >> >> If you suspect that you have a virus, contact me off list and I will help you get rid of it. (if you need any help that >> is.) >> Bob Hays >> [email protected] >> Richardson List & Board Owner >> _________________________________ >> ----- Original Message ----- >> From: "Mary Sue Lutz" <[email protected]> >> To: <[email protected]> >> Sent: Monday, November 26, 2001 11:02 PM >> Subject: Re: [RICHARDSON] virus >> >> > I checked it again and again it tells me I have no virus....it isn't doing >> > anything now...so it must not be you..you are the only one of the four who I >> > have heard from...what a mess! I hope this doesn't start yours again...I >> > spoke too soon...it is starting up again... >> > ----- Original Message ----- >> > From: "Mary Sue Lutz" <[email protected]> >> > To: <[email protected]> >> > Sent: Monday, November 26, 2001 8:44 PM >> > Subject: [RICHARDSON] virus >> > >> > >> > > My computer was OK and then I got messages from you and the virus >> > started up again....it must be from one of your. I had messages from you >> > earlier, too. >> > > >> > > >> > > ==== RICHARDSON Mailing List ==== >> > > To use the Richardson Query Board: >> > > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson >> > > To review Archived messages: >> > > http://archiver.rootsweb.com/RICHARDSON-L >> > > >> > >> > >> > >> > ==== RICHARDSON Mailing List ==== >> > To use the Richardson Query Board: >> > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson >> > To review Archived messages: >> > http://archiver.rootsweb.com/RICHARDSON-L >> > >> >> ==== RICHARDSON Mailing List ==== >> To use the Richardson Query Board: >> http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson >> To review Archived messages: >> http://archiver.rootsweb.com/RICHARDSON-L > > >==== RICHARDSON Mailing List ==== >To use the Richardson Query Board: > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson >To review Archived messages: > http://archiver.rootsweb.com/RICHARDSON-L >

You are right about the viruses. I received an email tonight from the Richardson List. It did have an attachment, but I didn't open it. I deleted it. Thank goodness you are all warning us! Jan

Thanks Jan ,,,, I hope you mean "appeared" to be from the Richardson List, if it had an attachment, it was not from RootsWeb. This is a very important distinction to help avoid spreading the false impression that RootsWeb mail is unsafe. Thanks again. Bob Hays [email protected] Richardson List & Board Owner _________________________________ ----- Original Message ----- From: <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 11:15 PM Subject: [RICHARDSON] Re: RICHARDSON-D Digest V01 #148 > You are right about the viruses. I received an email tonight from the > Richardson List. It did have an attachment, but I didn't open it. I deleted > it. Thank goodness you are all warning us! Jan >

OK folks, this sudden rash of virus email is having some adverse effects and we need to get it under control. 1. Members are getting off the list by the hands full (to avoid getting infected I suppose) ,,, poor souls, out of the frying pan & into the fire 2. Continued "Replying" to a single "Subject" is causing some msg.'s to get very, very long ,,,, please delete all responses to that subject below what you are responding to before you send it to the list. 3. As a control measure I am going to temporally Unsub all known infected listers until they have cleaned the virus off their machine. It would be better if you know you are infected to unsub yourself and you have my permission to contact me off-list for information and help if you need it. Bob Hays [email protected] Richardson List & Board Owner _________________________________

Norton and Zone Alarm. ZA is wonderful! ZA catches things before Norton even! Check cnet for it I think or ZoneLabs.com maybe. The program is free, easy to install and works like a charm! Denise ----- Original Message ----- From: "Jim" <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 11:21 PM Subject: Re: [RICHARDSON] virus > I'm not really sure why all this conversation concerning any virus. I use > Norton's and do "Live Updates" weekly and have never received a virus that > Norton didn't give me the choice of "Deleting", "Archiving" or "Fixing". All > a person has to do is keep there Norton's current and use Outlook Express 6 > which has 128bit encryption. If one dose not catch them the other will. > Jim > > > > ==== RICHARDSON Mailing List ==== > To use the Richardson Query Board: > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson > To review Archived messages: > http://archiver.rootsweb.com/RICHARDSON-L > > >

Hi Eleonore ,,,, I don't recall anyone saying not to open any email from RootsWeb Lists ,,,, if they truly are from RootsWeb, then they are safe to open, However; it is your responsibility to make double sure they really are from RootsWeb and not from an infected computer of another list member. I am trying very hard to come up with a reliable way to tell if a msg. is from RootsWeb or sent by a virus and so far about the only thing simple I have come up with is to look at the "To:" line, if it is the list address then it is from RootsWeb, but if it is your personal address, then it is from an individual or sent by a virus. All the virus email I have received has had my address in the "To:" field ,,,, not one has had this list address in the "To:" field. I have a collection of virus' all the way back to April and the same holds true for them also, so for now and until something better comes up, use this as a guide line for determining if a msg. is a true List msg. from RootsWeb. Good luck & stay safe Bob Hays [email protected] Richardson List & Board Owner _________________________________ ----- Original Message ----- From: "Eleonore Crespo" <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 9:50 PM Subject: [RICHARDSON] Re: VIRUS > Hi, if you're not suppose open anything from the rootsweb lists, how does > that work if you get it in "Digest" format? Just delete the entire block of > messages?Thanks,Eleonore

I wish I could give you a good answer but cannot, I have no idea how Yahoo works ,,,, Perhaps someone else who uses Yahoo can answer you. Beware of any email with no Subject nor body. Bob Hays [email protected] Richardson List & Board Owner _________________________________ ----- Original Message ----- From: "Theresa Richardson" <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 10:21 PM Subject: Re: [RICHARDSON] Re: VIRUS > Hi, > I use yahoo for most of my mail instead of Outlook. > Can a virus go through yahoo mail? > I did recieve an email with 're:' for a subject line > with no message. Not sure what that was about. > Thanks, > Theresa Richardson > (searching for Warren Co, IL Richardson's) >

Hi, I use yahoo for most of my mail instead of Outlook. Can a virus go through yahoo mail? I did recieve an email with 're:' for a subject line with no message. Not sure what that was about. Thanks, Theresa Richardson (searching for Warren Co, IL Richardson's) --- Eleonore Crespo <[email protected]> wrote: > Hi, if you're not suppose open anything from the > rootsweb lists, how does > that work if you get it in "Digest" format? Just > delete the entire block of > messages?Thanks,Eleonore > > > ==== RICHARDSON Mailing List ==== > To use the Richardson Query Board: > > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson > To review Archived messages: > http://archiver.rootsweb.com/RICHARDSON-L > __________________________________________________ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1

Hi, if you're not suppose open anything from the rootsweb lists, how does that work if you get it in "Digest" format? Just delete the entire block of messages?Thanks,Eleonore

All this virus conversation is for those not as fortunate as yourself, so please be patient. OE 6 is safer because of its' updated features, all other versions are just as safe as long as they are fully updated with all available upgrades and patches. Weekly AV updates is not good enough for this latest variant of BadTrans ,,,, Norton didn't come out with its' Definition file until late Sat. (24th) . 128 bit encryption has absolutely nothing to do with virus protection. Bob Hays [email protected] Richardson List & Board Owner _________________________________ ----- Original Message ----- From: "Jim" <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 4:21 PM Subject: Re: [RICHARDSON] virus > I'm not really sure why all this conversation concerning any virus. I use > Norton's and do "Live Updates" weekly and have never received a virus that > Norton didn't give me the choice of "Deleting", "Archiving" or "Fixing". All > a person has to do is keep there Norton's current and use Outlook Express 6 > which has 128bit encryption. If one dose not catch them the other will. > Jim > > > > ==== RICHARDSON Mailing List ==== > To use the Richardson Query Board: > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson > To review Archived messages: > http://archiver.rootsweb.com/RICHARDSON-L >

<G> No, not you Ray, as soon as I can get my fingers to slow down I will contact the person Off Line ,,,,, along with several more since that one. Bob Hays [email protected] Richardson List & Board Owner _________________________________ ----- Original Message ----- From: "philip r settles" <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 7:30 AM Subject: Re: [RICHARDSON] virus > Your last message indicated you got a virus from someone. You did not > specify who. Was it me? > > Ray > ________________________________________________________________ > GET INTERNET ACCESS FROM JUNO! > Juno offers FREE or PREMIUM Internet access for less! > Join Juno today! For your FREE software, visit: > http://dl.www.juno.com/get/web/. > > > ==== RICHARDSON Mailing List ==== > To use the Richardson Query Board: > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson > To review Archived messages: > http://archiver.rootsweb.com/RICHARDSON-L >

I hate to disagree with you in public Bob but feel I must, HTML code and any other Executable code is just as deadly Off-Line as it is On-Line ,,,,,, other wise your computer would not work at all. Bob Hays [email protected] Richardson List & Board Owner _________________________________ ----- Original Message ----- From: "Bob" <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 5:54 PM Subject: Re: [RICHARDSON] virus > This is a multi-part message in MIME format. > --------------8314528D335AB0B90D96C779 > Content-Type: text/plain; charset=koi8-r > Content-Transfer-Encoding: 7bit > > Just a thought for everyone. > Try reading your email off line, or delete suspected email off line. > If your off line your system can not be infected. > > Hope this helps someone, > > Regards > > (snip)

Diane ,,,, no one is deliberately messing around with the list mail ,,,, that is the result of the latest BadTrans virus at work. In a nut shell, the virus "Answers" unread email in an infected machine's Inbox and the owner of said machine does not know it is happening. Your message to the infected person failed because of the _ in front of the address, the _ and any space must be removed before you can contact the person. ( the _ was put there by the virus to prevent you from "Replying" to the person) Bob Hays [email protected] Richardson List & Board Owner _________________________________ ----- Original Message ----- From: "Diane Bryant" <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 8:48 AM Subject: Re: [RICHARDSON] Read subject lines carefully > List, someone is playing around with rootsweb list members! Not only are > people on the Richardson-L list getting these messages but some of us who > are on the SCHORRY-L list are receiving infected attachments as well. > > I received a message from someone named Jerri Lynne with Re:[SCHORRY-L > RICHARDSON, Henry L in the subject line. At first glance you would think > that you had received a message from the list with information concerning > someone you have been researching. > > This is NOT from the list!! Someone is using rootsweb lists, however, to > gain access to names and addresses of list members as well as the name of > who they are researching. > > There was no info in the body but this message had two attachments (in my > email as well as other list members): > > ME.NUDE.MP3.SCR > text5.txt > > I did not open the attachments. I emailed this "Jerri Lynne" at the address > provided <[email protected]> and immediately received a "failure to > deliver" notice from the postmaster due to the fact that this address is not > in any directory. > > Someone is playing around with rootsweb mailing list information. It is > wise to read the "sender" and "subject" lines carefully and to not open any > attachments unless you are absolutely sure of and trust the source. > > Diane > > _________________________________________________________________ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp > > > ==== RICHARDSON Mailing List ==== > To use the Richardson Query Board: > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson > To review Archived messages: > http://archiver.rootsweb.com/RICHARDSON-L >

Norton says I am fine...but I keep getting rejected mail due to a virus when I send something... ----- Original Message ----- From: "Jim" <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 2:21 PM Subject: Re: [RICHARDSON] virus > I'm not really sure why all this conversation concerning any virus. I use > Norton's and do "Live Updates" weekly and have never received a virus that > Norton didn't give me the choice of "Deleting", "Archiving" or "Fixing". All > a person has to do is keep there Norton's current and use Outlook Express 6 > which has 128bit encryption. If one dose not catch them the other will. > Jim > > > > ==== RICHARDSON Mailing List ==== > To use the Richardson Query Board: > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson > To review Archived messages: > http://archiver.rootsweb.com/RICHARDSON-L > >

First off Valerie, those two emails are infected, get rid of them ,,, Not knowing how your mail client is set up I hate to tell you to click on them (select them in your Inbox, not open them) because these are the kind that can infect you without opening the attachment, if you have not yet clicked on them, DON'T. To answer your question and safe guard you at the same time is going to take a ton of explaining, so get comfortable. If you use a Microsoft e-mail client, you should have a "Preview" option available in your upper Tool Bar, if it isn't, it should be and can be put there ,, Why ?? ,, because if you are set up to Preview a msg. when you click on it in your Inbox, then that is the same as opening it (the msg., not the attachment) and if any vicious code is contained in the body of msg., then without protection, you are infected. Making the Preview option available in your Tool Bar allows you to turn Previewing On & Off at will (like turning a light On & Off). With Previewing turned off, you can click on any msg. without any fear of infection, this allows you to select certain msg.,s and delete them ,,,, safely. With all the bad guys and spam cleared out of your Inbox, Previewing can be turned back ON . The best way to permanently delete a msg. is to select it/them ,, press Shift+Delete and its' by-by ,, you do not have to chase it/them to your "Deleted Items" folder and delete a second time to be rid of them. Instructions for making Preview available in your Tool Bar: In OE 5 & 5+, you can activate your "Preview" option, which is an ON/OFF switch to turn Previewing ON or OFF. When Preview is OFF, you can click on any msg. without it being opened, thereby activating any URL's, Cookies or viruses that may be embedded within it. Right click anywhere on your Tool Bar ,,, select "Customize" . The "Customize Tool Bar" box will have two windows, the one on the left contains features NOT in your current Tool Bar and the window on the right contains features currently in your Tool Bar. In the left window, find "Preview" and click on it ,,, then click on the "Add" button between the two windows, this will add the Preview option to your Current Tool Bar. The Vertical lines between Icons are "Separators". You can position Icons where you want them in your Tool Bar by moving them UP or Down. If you need to make room for it in the Tool Bar, pick something you seldom or never use and move it over into the left window. To use the "Preview" option : click on the "Preview" button in your tool bar ,, this will turn Previewing off ,, you can now click on any msg. to delete it ,,, click on the "Preview" button again to turn Previewing back on. ******************************************** Your informant is correct, there are a number of virus' that are capable of infecting you without an attachment, all you have to do is open the msg. in your Inbox to read the body of msg., and BINGO ,, instant infection. I am also correct about RootsWeb list msg.'s because they are sent as Plain Text, and Plain Text cannot be executed (Run) ,, Plain Text is not a code, it is nothing more than written words. For a virus to be viable it must be written in an executable code and delivered in a format that will "Run" it when "Opened" ,, this means you must receive the msg. in HTML or RTF format ,, or ,, have an executable attachment that you "Open". RootsWeb will not even accept an email that is in HTML or RTF format or one that contains an attachment ,, they are instantly bounced. The current wave of infections are occurring because people are fooled into thinking that the shown attachment has to be opened for them to get infected, what they don't realize is that the "attachment" is not a true Attachment. It is what is known as an "Inline Attachment", which means that the attachment is not external from the body of msg. but is in reality embedded within the body of msg. but shows up in your Inbox as an external attachment. The only way to tell the difference between an "Inline Attachment" and a true "External Attachment" is to examine the Headers, a true external attachment will clearly state just before the code starts that it is an Attachment ,,,, an Inline Attachment will not. To examine the headers: click on msg.: 1. If previewing is turned ON: press Ctrl+F3 ,, then expand window to full page size. 2. If previewing is turned OFF: right click on msg. ,,, Properties / Details / Message Source button ,, expand to full page size. NOTE: it is safe to view any msg. in this manner. The current virus catching everyone with their pants down so to speak is the W32/BadTrans @MM, also called BadTrans B ,,,, the _ before a persons address is one of its' trademarks. This virus does no harm to your computer but does have the ability to find and extract credit card numbers and Passwords. To determine if you are infected, use the Start / Find and search your disk for these files: KERN32.EXE KERNEL32.EXE KDLL.DLL HKSDLL.DLL If any of them are found, you are infected. Go to http://vil.nai.com/vil/virusSummary.asp?virus_k=99069 to read the whole ball of wax. Norton AV will not detect this virus unless its' Dat files have been updated since this passed week end, and all AV,s MUST be set to scan Compressed files for it to be detected. I hope I have not strayed so far from your queston that my answer is unclear ,,, if I did, please ask again and I will try to be more to the point. Bob Hays [email protected] Richardson List & Board Owner _________________________________ ----- Original Message ----- From: <[email protected]> To: <[email protected]> Sent: Tuesday, November 27, 2001 7:06 AM Subject: Re: [RICHARDSON] virus > Bob: > > One more question. I noticed this morning TWO different e-mails with > attachments that BOTH of them had an underscore as the beginning of the > senders address. (One was [email protected] other one was > [email protected]) > > Anyway, tell me this. IF I should open the e-mail BUT NOT download the > attachment and open it, am I infected. My understanding is that it is ok to > open the e-mail---you cannot become infected that way. You can even DOWLOAD > the attachment (although I wouldn't do that) as long as you don't OPEN it. > The virus is activated upon opening the attachment. IS THAT TRUE? > > Let all of us know---and let us know how sure you are of your information as > there is so much conflicting info going around. > > Valerie > > > ==== RICHARDSON Mailing List ==== > To use the Richardson Query Board: > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson > To review Archived messages: > http://archiver.rootsweb.com/RICHARDSON-L >

By far the best way to avoid a virus is with a good anti virus program. I use Norton bur there are several others that ate very good. usually about 25 to 40 for the disk and 3 to 10 a year for todate support. I catch bout 10 viruses a week including one tonight, haven't had a problem resulting from a virus since i caught "Happy 1999" (in 1999). If your interested write me off list and I will send details/ web site etc. -- The Richardson Memorial CD-Rom at http://www.mindspring.com/~dcrichardson/cd.htm Home page: http://www.mindspring.com/~dcrichardson/ Most useful web sites: http://www.mindspring.com/~dcrichardson/useful_sites.htm David C. and Emma J. Richardson 130 Gingercake Ct. Fayetteville GA 30214-7600 Emma's E-mail [email protected]

I'm not really sure why all this conversation concerning any virus. I use Norton's and do "Live Updates" weekly and have never received a virus that Norton didn't give me the choice of "Deleting", "Archiving" or "Fixing". All a person has to do is keep there Norton's current and use Outlook Express 6 which has 128bit encryption. If one dose not catch them the other will. Jim

This is a multi-part message in MIME format. --------------8314528D335AB0B90D96C779 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Just a thought for everyone. Try reading your email off line, or delete suspected email off line. If your off line your system can not be infected. Hope this helps someone, Regards Robert Hays wrote: > > First off Valerie, those two emails are infected, get rid of them ,,, Not knowing how your mail client is set up I hate to > tell you to click on them (select them in your Inbox, not open them) because these are the kind that can infect you > without opening the attachment, if you have not yet clicked on them, DON'T. > To answer your question and safe guard you at the same time is going to take a ton of explaining, so get comfortable. > > If you use a Microsoft e-mail client, you should have a "Preview" option available in your upper Tool Bar, if it isn't, it > should be and can be put there ,, Why ?? ,, because if you are set up to Preview a msg. when you click on it in your > Inbox, then that is the same as opening it (the msg., not the attachment) and if any vicious code is contained in the body > of msg., then without protection, you are infected. Making the Preview option available in your Tool Bar allows you to > turn Previewing On & Off at will (like turning a light On & Off). With Previewing turned off, you can click on any msg. > without any fear of infection, this allows you to select certain msg.,s and delete them ,,,, safely. With all the bad > guys and spam cleared out of your Inbox, Previewing can be turned back ON . The best way to permanently delete a msg. > is to select it/them ,, press Shift+Delete and its' by-by ,, you do not have to chase it/them to your "Deleted Items" > folder and delete a second time to be rid of them. > Instructions for making Preview available in your Tool Bar: > In OE 5 & 5+, you can activate your "Preview" option, which is an ON/OFF switch to turn Previewing ON or OFF. When > Preview is OFF, you can click on any msg. without it being opened, thereby activating any URL's, Cookies or viruses that > may be embedded within it. > Right click anywhere on your Tool Bar ,,, select "Customize" . The "Customize Tool Bar" box will have two windows, > the one on the left contains features NOT in your current Tool Bar and the window on the right contains features currently > in your Tool Bar. > In the left window, find "Preview" and click on it ,,, then click on the "Add" button between the two windows, this > will add the Preview option to your Current Tool Bar. The Vertical lines between Icons are "Separators". > You can position Icons where you want them in your Tool Bar by moving them UP or Down. > If you need to make room for it in the Tool Bar, pick something you > seldom or never use and move it over into the left window. > > To use the "Preview" option : click on the "Preview" button in your tool bar ,, this will turn Previewing off ,, you can > now click on any msg. to delete it ,,, click on the "Preview" button again to turn Previewing back on. > ******************************************** > > Your informant is correct, there are a number of virus' that are capable of infecting you without an attachment, all you > have to do is open the msg. in your Inbox to read the body of msg., and BINGO ,, instant infection. > I am also correct about RootsWeb list msg.'s because they are sent as Plain Text, and Plain Text cannot be executed > (Run) ,, Plain Text is not a code, it is nothing more than written words. For a virus to be viable it must be written in > an executable code and delivered in a format that will "Run" it when "Opened" ,, this means you must receive the msg. in > HTML or RTF format ,, or ,, have an executable attachment that you "Open". RootsWeb will not even accept an email that > is in HTML or RTF format or one that contains an attachment ,, they are instantly bounced. > > The current wave of infections are occurring because people are fooled into thinking that the shown attachment has to be > opened for them to get infected, what they don't realize is that the "attachment" is not a true Attachment. It is what is > known as an "Inline Attachment", which means that the attachment is not external from the body of msg. but is in reality > embedded within the body of msg. but shows up in your Inbox as an external attachment. The only way to tell the > difference between an "Inline Attachment" and a true "External Attachment" is to examine the Headers, a true external > attachment will clearly state just before the code starts that it is an Attachment ,,,, an Inline Attachment will not. > To examine the headers: click on msg.: > 1. If previewing is turned ON: press Ctrl+F3 ,, then expand window to full page size. > 2. If previewing is turned OFF: right click on msg. ,,, Properties / Details / Message Source button ,, expand to full > page size. > NOTE: it is safe to view any msg. in this manner. > > The current virus catching everyone with their pants down so to speak is the W32/BadTrans @MM, also called BadTrans B ,,,, > the _ before a persons address is one of its' trademarks. This virus does no harm to your computer but does have the > ability to find and extract credit card numbers and Passwords. > To determine if you are infected, use the Start / Find and search your disk for these files: > KERN32.EXE > KERNEL32.EXE > KDLL.DLL > HKSDLL.DLL > If any of them are found, you are infected. > Go to http://vil.nai.com/vil/virusSummary.asp?virus_k=99069 to read the whole ball of wax. > > Norton AV will not detect this virus unless its' Dat files have been updated since this passed week end, and all AV,s MUST > be set to scan Compressed files for it to be detected. > > I hope I have not strayed so far from your queston that my answer is unclear ,,, if I did, please ask again and I will try > to be more to the point. > Bob Hays > [email protected] > Richardson List & Board Owner > _________________________________ > > ----- Original Message ----- > From: <[email protected]> > To: <[email protected]> > Sent: Tuesday, November 27, 2001 7:06 AM > Subject: Re: [RICHARDSON] virus > > > Bob: > > > > One more question. I noticed this morning TWO different e-mails with > > attachments that BOTH of them had an underscore as the beginning of the > > senders address. (One was [email protected] other one was > > [email protected]) > > > > Anyway, tell me this. IF I should open the e-mail BUT NOT download the > > attachment and open it, am I infected. My understanding is that it is ok to > > open the e-mail---you cannot become infected that way. You can even DOWLOAD > > the attachment (although I wouldn't do that) as long as you don't OPEN it. > > The virus is activated upon opening the attachment. IS THAT TRUE? > > > > Let all of us know---and let us know how sure you are of your information as > > there is so much conflicting info going around. > > > > Valerie > > > > > > ==== RICHARDSON Mailing List ==== > > To use the Richardson Query Board: > > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson > > To review Archived messages: > > http://archiver.rootsweb.com/RICHARDSON-L > > > > ==== RICHARDSON Mailing List ==== > To use the Richardson Query Board: > http://cgi.rootsweb.com/~genbbs/genbbs.cgi/surnames/ric/Richardson > To review Archived messages: > http://archiver.rootsweb.com/RICHARDSON-L --------------8314528D335AB0B90D96C779 Content-Type: text/x-vcard; charset=koi8-r; name="just-bob.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Bob Content-Disposition: attachment; filename="just-bob.vcf" begin:vcard n:Binstein;Bob tel;home:818 / 341-7229 x-mozilla-html:FALSE adr:;;;;;; version:2.1 email;internet:[email protected] x-mozilla-cpt:;5952 fn:Bob Binstein end:vcard --------------8314528D335AB0B90D96C779--

Yesterday, I received 5 virus attempts- all appearing to be from different mailing lists I'm on at rootsweb. None of them came directly from rootsweb though- all were RE: [list name] then a subject header. When I tried to hit reply to let the person know they got the virus- the messages were sent back to me- the virus puts a hyphen and space before the e-mail to make it bounce. You have to type a new message to the sender to let them know they are infected. I have up to date virus software- but that doesn't keep you from getting attachments from infected people. I also have a yahoo account which is free and I sometimes forward suspicious e-mail there- it will scan attachments with Norton anti-virus- also for free! Janet