ADMIN : CAREFULL - was Servicios de Microsoft

February 24, 2006

Dear all,

Please check your computers ! The Avast AV has just found that the above

mentioned message is INFECTED when re-sent to us through the following mail

address : tr_moorthy2004@....

In fact, while being the moderator of this list, I've never received the

first e-mail to which you were several to answer. Certainly destroyed by my

AV during the night. And this morning, I found it in my in-box, with the

alert : Infected, but it was sent not through M_T, but straightly to my

address.

So, destroy it, DON'T OPEN IT and don't reply to it, of course.

For safety reasons, I'll destroy immediately messages related to this one in

the M_T website.

Thank you for your attention and understanding

Please, don't forget that you must never trust messages coming with

" Microsoft " in the header.

Moderator

February 24, 2006

Hello

I'd like to endorse what you said

>Please, don't forget that you must never trust messages coming with

> " Microsoft " in the header.

on the basis of my own experience.

The only time our Oxfam Group's YahooGroup had a virus insinuate itself was

via one of these purported Microsoft messages. I never understood how it

got through to the Group circulation as it was at a time when I personally

approved every application for membership. It was a real nuisance dealing

with it.

So to repeat what you said for everyone's benefit - Be very very wary of

messages with " Microsoft " in the header.

Owen

Owen Beith

Translations FR/SP/PT>EN

70 Sewardstone Road, London E2 9JG

+44 (0) 20 8981 9879

If you're having problems e-mailing me at beithowen@... try

opbeith@... (but ring and tell me).

****************************************************************************

*********************

The situation in Darfur remains desperate - conflict continues and the

situation for refugees and displaced persons in the camps is grim.

http://www.oxfam.org.uk/what_we_do/where_we_work/sudan/emergency/update01060

5.htm

****************************************************************************

*********************

The Medical Foundation for the Care of Victims of Torture provides care and

rehabilitation to survivors of torture and other forms of organised violence.

http://www.torturecare.org.uk/

--

No virus found in this outgoing message.

Checked by AVG Anti-Virus.

Version: 7.1.375 / Virus Database: 267.15.11/264 - Release Date: 17/02/2006

February 24, 2006

Hi,

I also have the Avast antivirus and it didn'y warn me of anything :-(

I received the email and read it in the preview of the Outlook Express, without

fully opening it. Is there any danger in that?

Please let me know.

Thank youuuuuu

Estela

" Sometimes majority only means all the fools are on the same side. "

=======================

Estela D. Bohbouth

Traductora Pública - Inglés

15 4424 4611

=======================

ADMIN : CAREFULL - was Servicios de Microsoft

Dear all,

Please check your computers ! The Avast AV has just found that the above

mentioned message is INFECTED when re-sent to us through the following mail

address : tr_moorthy2004@....

In fact, while being the moderator of this list, I've never received the

first e-mail to which you were several to answer. Certainly destroyed by my

AV during the night. And this morning, I found it in my in-box, with the

alert : Infected, but it was sent not through M_T, but straightly to my

address.

So, destroy it, DON'T OPEN IT and don't reply to it, of course.

For safety reasons, I'll destroy immediately messages related to this one in

the M_T website.

Thank you for your attention and understanding

Please, don't forget that you must never trust messages coming with

" Microsoft " in the header.

Moderator

URL: http://groups.yahoo.com/group/medical_translation

In case of any problem with this list, you can reach the moderator at

cgtradmed@..., or at cgtradmed@....

The FAQs of our list are available at :

http://groups.yahoo.com/group/medical_translation/files/M_T-FAQS.doc

The NEW FREE " Medical Translators Database " (MTDB, the most reliable assistant

to find the ideal Medical Translator, is available at

http://cgtradmed-com.ifrance.com/cgtradmed-com/MedicalTranslators.htm.

To unsubscribe, please send an *empty* message to

medical_translation-UNSUBSCRIBE

February 25, 2006

Deat Estela,

If you read my previous message without panick, you'll see that I have

decided to delete from our archives, for safety insurance, every trace of

this message, BUT I said that the real danger was when some of us have

received privately (i.e. straightly to our own individual addresses) an

apparently perfect copy of it - which was contaminated -. This one is the

true danger. This one must not be open. Logically, you must never open a

message the header (subject line) of which contains the word " Microsoft " . In

98% of the cases, this kind of message is polluted either originally, or

secondarily. This is the first basic rule to know (every AV site will teach

you that, even the official Microsoft sites !). Why ? To make it short,

everytime the word Microsoft appears in a message header on the air, it's

like opening a door to hackers.

This said, I've sent an alert to Yahoo, saying that if the lists themselves

could be considered (with some limits - see Owen's message) as safe, however

some " bad " people have used our directories of members (plural, because

several lists homed by Yahoo had been the recipients of the primary message

then exploited by the hackers) on Yahoo, supposed to be confidential, to

make a mess.

So, the conclusions :

1) Please use your AV(s) in a permant manner, insisting particularly on

e-mails (what some AVs don't do systematically)

2) Never, NEVER, open a message containing " Microsoft " in the header (the

most basic rule for any MS user !!!)

And we all be safe

Thank you !

Moderator

ADMIN : CAREFULL - was Servicios de Microsoft

Dear all,

Please check your computers ! The Avast AV has just found that the above

mentioned message is INFECTED when re-sent to us through the following

mail

address : tr_moorthy2004@....

In fact, while being the moderator of this list, I've never received the

first e-mail to which you were several to answer. Certainly destroyed by

my

AV during the night. And this morning, I found it in my in-box, with the

alert : Infected, but it was sent not through M_T, but straightly to my

address.

So, destroy it, DON'T OPEN IT and don't reply to it, of course.

For safety reasons, I'll destroy immediately messages related to this one

in

the M_T website.

Thank you for your attention and understanding

Please, don't forget that you must never trust messages coming with

" Microsoft " in the header.

Moderator

URL: http://groups.yahoo.com/group/medical_translation

In case of any problem with this list, you can reach the moderator at

cgtradmed@..., or at cgtradmed@....

The FAQs of our list are available at :

http://groups.yahoo.com/group/medical_translation/files/M_T-FAQS.doc

The NEW FREE " Medical Translators Database " (MTDB, the most reliable

assistant to find the ideal Medical Translator, is available at

http://cgtradmed-com.ifrance.com/cgtradmed-com/MedicalTranslators.htm.

To unsubscribe, please send an *empty* message to

medical_translation-UNSUBSCRIBE

February 25, 2006

Exusez- moi, mais je ne crois pas être " hystérique " quand je gère MA liste.

Nous avons été plusieurs à être contaminés en privé en fonction des

différentes listes auxquelles était adressé le message original.

J'apprécie votre participation, mais soyez aimable d'arrêter le style

" donneur de leçon " , en particulier systématiquement en réponse à chacun de

mes messages.

Je ne refuse pas la contestation, la preuve : j'accepte de publier vos

messages, alors qu'ayant soucrit à notre liste depuis seulement une semaine,

chacun de vos messages est soumis à mon autorisation ( " moderated " ). Ce que

je n'accepterai certainement pas, c'est d'être traitée de " hystérique " quand

je veille bénévolement à la sécurité de mes colistiers, dont j'ai la

responsabilité.

Guilliaumet - France

Moderator of the Medical_Translation mailing-list for Professionals.

Re: ADMIN : CAREFULL - was Servicios de Microsoft

> English Translations wrote:

>

> Hi all,

>

> Just to add my ha'penny to the matter :

> If you look at the source of original message, I mean, the message as it

> was sent and retransmitted by the mail user agent (MUA) and yahoo mail

> transport agent (MTA), and that was delivered via the list server, you

> can see that it was actually already screened by Avast antivirus and

> classed as being clean, i.e. non-viral. However, the fact that the

> message headers contained a reference to Avast may have activated the

> Avast alarm on some of your PCs, although this shouldn't strictly

> happen, since Avast is supposed to be intelligent enough to know its own

> header injection system.

>

> So, in reality, the message didn't contain a virus at all, or if it did,

> it was scrubbed and flagged as clean. The problem with e-mails like this

> is that if a machine is infected, then the e-mail can be made up of a

> variety of elements, none of which enable a traceback to the emitting

> machine to be made because :

> - the sender identity and machine address has been faked or stolen;

> - the recipient address has been taken from the Windows address book,

> Exchange server address book, or any other HTML, or Microsoft formatted

> document containing e-mail addresses, or where the machine is networked

> locally, from any of those other networked machines;

>

> all of this of course being perpetrated by the virus which has infected

> the machine and which is programmed to do all of these unpleasant things.

>

> So before we all jump up and down about virally loaded messages, t'would

> be better to analyse the source of the mail (all good mail clients let

> you read the source of the mail with the various headers) and see what

> is really inside. Of course, if the default behaviour of your mail

> client is to accept and open HTML mails and any attachments therein,

> then you are putting yourself at extreme risk. These default options can

> be turned off in Outlook Express and Outlook, at least you will increase

> security locally, even if the products are still inherently insecure

> (although they have got better in recent versions).

>

> Sorry for the rant, but people do tend to get a bit hysterical when it

> comes to whether mails are viral or not, and there is a way to limit the

> damage they can cause.

>

> Have a nice day,

>

> URL: http://groups.yahoo.com/group/medical_translation

>

> In case of any problem with this list, you can reach the moderator at

> cgtradmed@..., or at cgtradmed@....

> The FAQs of our list are available at :

> http://groups.yahoo.com/group/medical_translation/files/M_T-FAQS.doc

> The NEW FREE " Medical Translators Database " (MTDB, the most reliable

> assistant to find the ideal Medical Translator, is available at

> http://cgtradmed-com.ifrance.com/cgtradmed-com/MedicalTranslators.htm.

>

> To unsubscribe, please send an *empty* message to

> medical_translation-UNSUBSCRIBE

>

February 25, 2006

Dear ,

I can't make a " private and out of list " comment when you are suggesting

publicly on this list that some members, even the moderator (i.e. " me " ),

are " hysterical " (sic) when contaminated by a virus sent by some people

using the said " confidential " Yahoo directories. One of my responsabilites

is to guarantee the safety of " ALL " our members, with no sequelae of a

possible infection of the list. I repeat, I'm a benevole (not sure of the EN

term, I mean " not paid " ), doing her best, even if my English is bad.

Have a nice week-end.

Re: ADMIN : CAREFULL - was Servicios de Microsoft

> cgtradmed wrote:

>> Exusez- moi, mais je ne crois pas être " hystérique " quand je gère MA

>> liste.

>> Nous avons été plusieurs à être contaminés en privé en fonction des

>> différentes listes auxquelles était adressé le message original.

>> J'apprécie votre participation, mais soyez aimable d'arrêter le style

>> " donneur de leçon " , en particulier systématiquement en réponse à chacun

>> de

>> mes messages.

>> Je ne refuse pas la contestation, la preuve : j'accepte de publier vos

>> messages, alors qu'ayant soucrit à notre liste depuis seulement une

>> semaine,

>> chacun de vos messages est soumis à mon autorisation ( " moderated " ). Ce

>> que

>> je n'accepterai certainement pas, c'est d'être traitée de " hystérique "

>> quand

>> je veille bénévolement à la sécurité de mes colistiers, dont j'ai la

>> responsabilité.

>> Guilliaumet - France

>

> ,

> Je suis conscient du fait que mes messages passent par votre modération,

> et loin de moi de me permettre de vous accuser d'être hystérique. Mes

> commentaires n'avaient rien de personnel, et je suis un peu étonné que

> vous les ayez perçus ainsi, auquel je vous en demande pardon.

>

> Simplement, il y a une tendance généralisée, qq soit la liste de

> discussion, et comme vous, j'en suis abonné de plusieurs, comme j'en

> modère d'autres, de crier aux virus ou aux attaques alors que ce n'est

> pas forcément le cas si on prend le temps de regarder ce qui était

> réellement dedans. Cela ne veut pas dire que je nie le risque, ni que je

> méprise ceux qui ne savent pas, mais l'alarmisme est parfois pire que le

> mal initial.

>

> Encore une fois, si vous vous sentiez visée à titre personnel, je vous

> en demande pardon, ce n'était pas du tout mon intention, d'ailleurs, si

> jamais je devais faire un commentaire personnel quelqu'il soit, ce

> serait toujours hors liste et en privé.

>

> URL: http://groups.yahoo.com/group/medical_translation

>

> In case of any problem with this list, you can reach the moderator at

> cgtradmed@..., or at cgtradmed@....

> The FAQs of our list are available at :

> http://groups.yahoo.com/group/medical_translation/files/M_T-FAQS.doc

> The NEW FREE " Medical Translators Database " (MTDB, the most reliable

> assistant to find the ideal Medical Translator, is available at

> http://cgtradmed-com.ifrance.com/cgtradmed-com/MedicalTranslators.htm.

>

> To unsubscribe, please send an *empty* message to

> medical_translation-UNSUBSCRIBE

>

February 25, 2006

English Translations wrote:

Hi all,

Just to add my ha'penny to the matter :

If you look at the source of original message, I mean, the message as it

was sent and retransmitted by the mail user agent (MUA) and yahoo mail

transport agent (MTA), and that was delivered via the list server, you

can see that it was actually already screened by Avast antivirus and

classed as being clean, i.e. non-viral. However, the fact that the

message headers contained a reference to Avast may have activated the

Avast alarm on some of your PCs, although this shouldn't strictly

happen, since Avast is supposed to be intelligent enough to know its own

header injection system.

So, in reality, the message didn't contain a virus at all, or if it did,

it was scrubbed and flagged as clean. The problem with e-mails like this

is that if a machine is infected, then the e-mail can be made up of a

variety of elements, none of which enable a traceback to the emitting

machine to be made because :

- the sender identity and machine address has been faked or stolen;

- the recipient address has been taken from the Windows address book,

Exchange server address book, or any other HTML, or Microsoft formatted

document containing e-mail addresses, or where the machine is networked

locally, from any of those other networked machines;

all of this of course being perpetrated by the virus which has infected

the machine and which is programmed to do all of these unpleasant things.

So before we all jump up and down about virally loaded messages, t'would

be better to analyse the source of the mail (all good mail clients let

you read the source of the mail with the various headers) and see what

is really inside. Of course, if the default behaviour of your mail

client is to accept and open HTML mails and any attachments therein,

then you are putting yourself at extreme risk. These default options can

be turned off in Outlook Express and Outlook, at least you will increase

security locally, even if the products are still inherently insecure

(although they have got better in recent versions).

Sorry for the rant, but people do tend to get a bit hysterical when it

comes to whether mails are viral or not, and there is a way to limit the

damage they can cause.

Have a nice day,

February 25, 2006

Hi ,

As a long time user of Avast!, I can vouch for the fact that you are entirely

right, but you also have to put yourself in 's shoes as list manager -

más vale prevenir que curar and I think pig Latin will help us all to get this

into our own languages esp. as it happens to be a medical background saying! )

Best

Dee

Thurgood wrote: