Steve, I read your suggestions with care. I do the things you suggest such as using a firewall, anti-virus, updating daily, scanning for potential viruses on a daily basis. Please tell me how these viruses get into my computer when everything is scanned, both coming in and going out. With the scan, they get deleted so I don't know what they are. What is upsetting is that I have them at all. Thanks. Margaret Miller ________________________________________________________________ The best thing to hit the Internet in years - Juno SpeedBand! Surf the Web up to FIVE TIMES FASTER! Only $14.95/ month - visit www.juno.com to sign up today!

I hate to say it, but some websites have malicious scripts running on them. The sites can be for anything.. lyrics for music, reviews for movies.. anything. I actually had gone to a site searching for recipes and ended up with a browser hijack program. Needless to say, thank goodness I have restore points all over the place. I booted into safe mode and restored my system. Your best bet is to do what you are doing and also run "ad-aware" and "spybot, search and destroy". Both those programs will find and remove malicious items that the other did not catch. Both these programs also have updates that you have to check for as you use them. Also create restore points before you load any new software. This will allow you to roll back the computer should anything strange happen. Your computer should be setup to create restore points automatically throughout the month also. Also, if you can, get behind a router. That gives you a hardware firewall. You can use a router along with software firewalls if you want. With firewall software/hardware you can view log files and those files will show you when someone tries to enter into your computer via the internet. This is especially important if you are on all the time with an instant internet like cable. The log should give you information such as the ip number of the hacker. From there you can find out what ISP "owns" the ip number and send a complaint to that ISP's abuse department. I actually got a malicious program from software that came with a drawing pad I purchased for my computer. The software was one of those freebe's that was included on the CD. From that point forward my motto has been .. "If you don't need to use it, don't load it." Good luck. April Klein > Steve, I read your suggestions with care. I do the things you suggest > such as using a firewall, anti-virus, updating daily, scanning for > potential viruses on a daily basis. Please tell me how these viruses get > into my computer when everything is scanned, both coming in and going > out. With the scan, they get deleted so I don't know what they are. What > is upsetting is that I have them at all. Thanks. Margaret Miller

I hope what you are saying is that your Antivirus program detects and deletes virus infected emails. Not that your computer actually gets infected. If that is the case, then you are protected and everything is working right. The Antivirus program is scanning all incoming email, detecting malicious code and deleting it. That is how it should work. But, If your computer is getting infected, then either the Antivirus or Firewall program isn't configured for the level of security you need, or it doesn't do the job you need done. Why do you get infected emails? Typically, when a computer gets infected, the malicious code reproduces itself and uses the infected computer's email program to spread the infection. It can do this, often without the owner noticing, by sending infected email to every email address in the computer's address book. Or to every address in every email stored on that computer. Or to every address in every incoming email the computer receives. Or all of the above. It can also forge the FROM header information so that the recipient may not know the true source of the infected message. So, if an infected computer has your address in an address book, or a stored email, or an incoming email, then that infected computer may send an infected email to you. It may do this every time a new incoming email from you is received. If one computer in an email group list is infected, it may send infected emails to each person who sends a message to the group list, every time they send an email to the group. Or, it could send infected email to every person who has ever sent a message to the group, if the infected computer has stored all the group email for a long time. Sending, or forwarding, chain emails is another sure way to get your email address into thousands of computers. Chain email increases the likelihood of getting both spam and infected emails. If you send messages to multiple email groups with hundreds of subscribers, it is highly probable that some of those subscribers will have infected computers that will send infected replies. One way to minimize this is to have a BLANK REPLY-TO address in your outgoing email. This technique only helps reduce the volume of infected emails. It won't eliminate them completely. And, it only works when the group list administrator has the Forum configured to insert the group address into emails with blank reply-to lines. This technique works with simple infections that use Reply-To addresses. It won't stop code that picks out the true From address buried in the email header. I have the Forums I manage configured to insert the Forum address when the Reply-To is blank. If an email sent to the Forum has a Reply-To address, then replies go to that address by default. If the Reply-To address is blank, then the mailing list gateway inserts the Forum email address as the Reply-To address. The gateway scans incoming emails and rejects attachments. So, the group members have a level of protection when the replies are routed through the gateway rather than directly back to individuals. It has the downside of people sending "chat" responses to the entire mailing list rather than directly. But, everything is a trade-off. Having a blank Reply-To line doesn't cause problems. By default, email programs send responses to the Reply-To address. If it is blank, then responses are sent to the FROM address. Steve Coker PS Antivirus programs I've used have the ability to log detections and actions. You could use a log to find out what the program has detected and done. But it isn't worth worrying about as long as the infected emails are always deleted and never executed. -----Original Message----- From: Margaret B. MILLER [mailto:[email protected]] Sent: Monday, May 03, 2004 10:32 PM To: [email protected] Subject: Re: [SC] Safe Computing Guidelines Steve, I read your suggestions with care. I do the things you suggest such as using a firewall, anti-virus, updating daily, scanning for potential viruses on a daily basis. Please tell me how these viruses get into my computer when everything is scanned, both coming in and going out. With the scan, they get deleted so I don't know what they are. What is upsetting is that I have them at all. Thanks. Margaret Miller

According to Norton's website the only systems affected by the Sasser Worm are Windows 2000 and XP. I still have Windows 98. I guess there are advantages to having an older computer! Linda A ----- Original Message ----- From: "Margaret B. MILLER" <[email protected]> To: <[email protected]> Sent: Monday, May 03, 2004 10:31 PM Subject: Re: [SC] Safe Computing Guidelines > Steve, I read your suggestions with care. I do the things you suggest > such as using a firewall, anti-virus, updating daily, scanning for > potential viruses on a daily basis. Please tell me how these viruses get > into my computer when everything is scanned, both coming in and going > out. With the scan, they get deleted so I don't know what they are. What > is upsetting is that I have them at all. Thanks. Margaret Miller > > ________________________________________________________________ > The best thing to hit the Internet in years - Juno SpeedBand! > Surf the Web up to FIVE TIMES FASTER! > Only $14.95/ month - visit www.juno.com to sign up today! > > > ==== SCROOTS Mailing List ==== > SCRoots Message Archives > http://archiver.rootsweb.com/th/index/SCROOTS > > ============================== > Gain access to over two billion names including the new Immigration > Collection with an Ancestry.com free trial. Click to learn more. > http://www.ancestry.com/rd/redir.asp?targetid=4930&sourceid=1237 > >