All, I'm sorry to say there will be no update to the Scott Co, TN website for Mar. My computer got hit with a Trojan Horse infection last Friday night that defeated my hardware firewall and Norton Antivirus. Don't worry -- I didn't loose any data. I immediately disconnected my computer from the Internet and I spent several days trying to disinfect my system to no avail. Even spent $30 calling Symantec and talking with one of their experts for a couple hours. Together we could not defeat it. I finally gave up on Thursday morning and reformatted my hard drive. I've been reinstalling software ever since. Once I got my email systems back up (two of them) I started to answer emails. I got 538 emails in less than one week -- that has got to be a record for me. For those "bent" like me, the name of the virus was "Backdoor.Prorat" as cataloged by Symantec. It is written in Delphi (thank-you Borland) - a C++ programming environment and seems to have originated in Turkey. Its great to have NATO allies -- not! The one making the rounds now is a brand new version and significantly enhanced which is why it defeated all attempts to detect and later remove. This thing is too smart. Symantec sent me a program I could use to make a copy of the virus and send to them. As soon as the virus detected what I was up to, it would delete the files I was trying to send Symantec -- even if I tried sending them to someone else first. Fortunately, it was not a destructive virus but it did cause me to change a bunch of account numbers, passwords, etc. Apparently one of you out there has this trojan on your computer or one of the people you correspond with as I received this little surprise in an apparent "JPG" image file from somebody I might have expected to receive a genealogically related image. There is no way to determine who really sent me this fun as email address spoofing is a typical hidding technique. Before you get excited about JPG image files and shut them down. Don't! JPG image files are not executable nor do JPG buffer overflows cause executable code to be run. They just can't be used as vectors for computer viruses.. So how did I get infected with a JPG file. The trojan author calls his infection file something like this: "some image.jpg .scr" "SCR" files are executable. What happens is you double click on the image attachment and your local program asks if you want open the "some image.jpg " file. The dialogue box isn't wide enough to accommodate all 255 characters of an allowable file name. In my case the ".scr" file extension was truncated on display so I never knew I had a ".scr" file. I know better than to open a "SCR" file. The slick part is the guy even displays an image -- a porn one at that. Symantec now has a signature for the trojan to detect pre- and post-infection. Symantec does not yet have a removal scheme post infection until they can lure the virus to a machine they host. I suggest you all download the latest virus signatures from you antivirus provider and run a full comprehensive system scans. ...tim west... Scott Co, TN Coordinator for the TNGenWeb Project http://www.tngenweb.org/scott