80% of the folks that have my new e-mail address are on this board. Someone with my address has the virus.
SoBigF (here’s a cnn article for details: SoBig.F Breaks Virus Speed Records.
I have recieved over 160 infected messages, each about 100k in the last 8 hours. Thats over 16meg in a 30 meg mail box. At that rate my mail box will fill up if I don’t empty it twice a day. This is my private mail box and recieves a only 2 newsletters other than C&F; only about 10 non-C&F folks have the address. So it’s likely that someone here is infected.
Also the above article estimates that about 30 percent of the folks in Britain, US, and China have been hit by this virus.
Also, anyone who sends me anything between 95k-105k, I’ll probably delete your message without reading it. Please resend it in smaller or larger bits if it’s legitimate.
You know the real problem with this whole thing is that it takes away from my time tracking my new whistle (a Harper regular d) that UPS is “transit” ing to my house . I couldn’t pass it up on E-bay, A harper whistle being played by me in my home in Harper’s Mill, MD…
Addendum: I just saw the other post here, <a href=http://chiffboard.mati.ca/viewtopic.php?t=13662>OT: Computer Virus Question. It sounds like others have encountered this little bug. I updated the above with paragraph with a link to symantec’s fix.
Please help me get back to enjoying my music, and here’s hoping this virus leaves you alone and lets you …
It may be someone on the board. I’ve been hit by several dozen attempts, but McAfee caught them all. 'Twas a minor inconvenience in that it really slows down e-mail DLs but otherwise was just a nuisance.
Chuck,
Yep, mine are caught because I don’t use MS-Outlook just web mail for that account. Howerver, since my earlier post (3 hours ago) I’ve had to delete 40 more of the little buggers (4 meg). So I hope folks will check their PC’s.
Several of the mail servers have had anti-virus upgrades to catch these things, but unfortunately not my web account.
Inconvenience and its pricklies are about to be soothed by a little time spent elsewhere, to the place my music will take me while I spend a little time with it.
I’ve been reading about this virus Lee. It has messed up some systems real badly. I’m on AOL for five months now. I have not seen the first email with attachments for the entire time. In the past, for years, I was on AT&T Broadband (now Comcast). That system allowed everything through but the kitchen sink. One virus did get downloaded back then before I got McAfee and I had to have my drive reformatted. Lost everything! Stay vigilant.
I jsut received the virus from LOREN’s old e-mail address so it must find us by way of this board.
On the positive side I have bee nusing a program called mailwasher [www.mailwasher.net] which enables you to see what messages are on the server before you download them and then delete and bounce them as you see fit so you only donwload the ones you want. Works for me. Just bounced 65 messages I didn’t want.
I’ve tried using mailwasher and had all sorts of problems - mainly non-authentication by my ISP’s mailserver, but I’ve also managed to lose a few genuine messages somewhere in the transition from it to Outlook.
However, last night I was having so many problems downloading 162 (!) e-mails that I tried it in desperation and it worked OK. About a third of the messages were evidently virus-generated or infected, and the rest were spam. So I tried it again this evening, and it was back to the old problem of non-authentication. However, I noticed one message from MS with “re your software” in the subject line. Am I right in guessing that this is probably another virus job?
I followed advice and tried to log on to MS for whatever updates are required to deal with the latest problems, but can’t download anything, the machine just times out after a long period of inactivity. Any advice?
That should be quite familiar to all. I certainly do not hope the server is the one sending out all these emails. I have to check my email 2-3 times a day to keep it from overflowing beyond the space limits allowed by Yahoo. The odd thing is it is only my norcalmusician email that is getting hit. Most of these files are being sent to my “Bulk” mail folder, I wonder if there is any way to have them deleted immediately?
Not 100%, perhaps but very close. The trick is to pay for a subscription to a good one such as Norton or McAfee and update it when they advise. That way, the only way you might get hit is if you pick up a brand new one before they get the upgrade out. You want to pay though, simply because it is economically impossible for any free AV to keep up with new nasties. These things are constantly emerging - I’ve literally seen McAfee put out three upgrades in a day - and I remember from the past that Symantec (Norton) was the same way. I will tell you this - in seven years of subscribing to McAfee, both at home and to the corporate version in my past life, I have NEVER seen a successful attack on a McAfee-protected computer.
But it should be reiterated here that NO AV should be relied on religiously without sensible precaution on the user’s part. Never open an unsolicited attachment, even when you know the purported sender. If you get something that you weren’t expecting from a friend , the few hours needed to e-mail them and ask if its valid and what it is are not worth the risk of killing your PC.
Simply not opening the attachment would have pulled most of SoBig’s fangs.
Something really frustrating is the fact that the virus seems to be looking through people’s mailboxes and sends email “from” the addresses it finds. I’ve gotten a ton of mail “bounced” back to me for having the virus attached. . . and the mail was sent from Outlook Express.
I’ve got a Mac, and no Outlook. I’ve scanned my computer with the latest Norton update, and no virus. But I guess other people still have it.
Blech!
This one’s particularly bad; I don’t remember ever getting so much spam from a virus.
Why am I getting the bounce messages even though I have NEVER opened one of the .pif files and my computers at home and at work are protected and check clean? Is it the infected computer(s) not only sending the files to me, but sending them in my behalf from the infected computer as well?
Another question I have is who was it, here I presume, that got it and are they still not aware that they are infected? Or does this thing have a life of its own?
I’ve receieved a number of emails that appear to be the virus. Fortunately I don’t use Outlook and I run Windows 98SE not XP.
I’ve used the Eudora Email program and the grisoft.com 's AVG Anti-Virus the two work well together with very little investment.
[quote="NorCalMusician]Why am I getting the bounce messages even though I have NEVER opened one of the .pif files and my computers at home and at work are protected and check clean? Is it the infected computer(s) not only sending the files to me, but sending them in my behalf from the infected computer as well?
Another question I have is who was it, here I presume, that got it and are they still not aware that they are infected? Or does this thing have a life of its own?[/quote]
The reason you are getting messages bounced back to you about the virus even though you never sent it out is because of how the virus works. When it does get into someone’s computer, it sends itself to everybody in that person’s Contacts list. However, it picks one of those names at random and substitutes that into the “From” field of the messages it sends out. That way, nobody can track who they got it from, so you can’t find out who started the thing in the first place.
I’ve been getting lots of copies of the virus in my inbox (easy to delete without opening), plus even more bounced messages coming back to me saying that I sent the virus, even though I didn’t. Luckily, however, despite all the people who were foolish enough to open the attachment and get infected, the virus is programmed to self-destruct in a couple of weeks (Sept. 10, I believe), so at least it won’t go on beyond then.
The answer is that some of the nastier viruses not only use an infected host computer to shotgun messages with copies of themselves out, but they try to spoof the protective systems by faking their origin to look like they came from someone else. That makes it harder to track them back to the big nasty.
It works like this. Your grandma gets an infected e-mail saying its from Aunt Hetty and has pictures of the kids. Granny, being neither computer-sophisticated nor sufficiently paranoid, opens the nasty and her PC gets the bug. The bug then reads Granny’s address list and sends copies of itself to everyone on the list. To make it even nastier, it doesn’t tell the new round of victims its from Granny, but instead says it’s from one of the other addresses in the address book - yours. The message is caught by the mailer daemon at a savvy ISP and bounced. But since it’s purportedly from you and not Granny, YOU get the bounce message.
Buy a good antivirus, trust your antivirus and don’t open stuff unless you’re dead sure they’re safe and you’ll be OK.
I don’t think I can blame the chiffboard, but some members with your e-mail may indeed have been lax about the anti-virus upgrades. I have one e-mail address listed here (mplank at ladyofthecreek dot com), and it’s not the one that’s been bombarded. My “home” address (mvhplank at something dot something) had been getting maybe 200 infected e-mails a day. However, none of them have actually made it to my computer. Here’s why:
I screen my mail directly from the server via Webmail. Your ISP may or may not offer that option, but it’s a handy way to check up on one e-mail account from a different computer or while on vacation.
My Eudora is set to stop downloading anything over 50k. That’s mostly because I have a dial-up and don’t want to sit through a lengthy download of something that I may not want. I can override it for files or senders I recognize. Since the Sobig is routinely over 100k, it’s never made it to my home computer.
Finally, I contacted the support at my ISP and begged them to find a filter or something to free up my in-box. They located the server responsible for most of the messages and “blocked” it. So sorry, pal, if it’s your computer that’s inundating me, I can’t get legitimate messages from you any more either.
Computer Associates offers an inexpensive anti-virus with a small footprint. It’s only about $25 for the original and $10 for the annual upgrades. You can download updated virus signatures at any time you’re under license. It didn’t take forever to download and rooted out some Klez viruses in my trash can that were waiting to be launched. (http://www.cai.com)
With all due respect, this doesnt really do much good. An annual update isn’t enough when new viruses come out daily. Unless you meant that the annual fee is a subscription renewal, in which case I withdraw my comments.
I have anti-virus, (I run Norton at work and home), and screen my mailbox via web mail. I’ve now rec’d over 500 of these little buggers, that I’ve deleted. The virus expires in 2 weeks. In those message, I did notice a couple of recognizable emails from folk on this board. The fact that it’s my new email address that was just updated to this board last month, inclines me to believe it is someone active on the board that had me in their contact list. I have never been infected. But I think someone has who is active has been infected and gave up a number of our addresses. Unfortunately my ISP is very limited, also very cheeeaaaap for broadband.
Again my real concern is for whoever is infected. There’s some encrypted nasties in this virus that indicate that the person could have real problems if they don’t deal with it now. That’s why I’m hoping this message gets out to some of the newbies to PC’s and they run the little free fix to assure they don’t loose everything. I suspect it may be a computer user who is not a techie thats infected.
Well enough of my Computer Help Desk Analyst persona, I have to do that all day at work. Now back to the the important things…
.
. I couldn’t pass it up on E-bay, A harper whistle being played by me in my home in Harper’s Mill, MD…
old e-mail address so it must find us by way of this board.