|
SobigF worm
I just want to be the first to thank all you kind people who have sent me this worm in the last three days- i've just had a 20 minute download of over 100 messages, almost all of which are worms.
OTOH I would like to apologise to anyone I've inadvertantly sent it to. Since my virus software says I don't have it I don't understand how I managed it but I'm getting enough returned messages to know that I have. I'm genuinely sorry, and will try not to let it happen again |
Sheila,
Bummer....you sent my DH and I an email in the last three days. Sorry to hear you have "the bug." However, nothing came up on my virus software, nor his firewall at work. Guess I'll just hope for the best. |
More info on the SobigF worm:
http://www.msnbc.com/news/955498.asp http://edition.cnn.com/2003/TECH/int...eut/index.html |
sheila,
Someone in my daughters office had it in her computer and it attached itself to the address book. My daughter ended up getting screamed at by many people for sending them the virus..when she never had it but it came with her email address. Confused emoticon here please~ I got nothing from you though ~ but a hello would be nice :D |
You may be getting replys back saying you have the virus, when in actuality it is just part of the original virus, & if your anti-virus is working, you do not have the virus. It is the virus sending those messages back to you to try & get you to open the email to give you the virus. The virus can & does use forged addresses. When the addresses are forged (or made up) you cannot really tell where they are coming from. The only thing that is being used out of an infected system is the send to addresses out of the infected email contacts.
|
In fact I think that last input is right. I've spent some work on it in the last couple of hours, spurred on by te fact that none of the undelivered messages seemed to have been to anyone in my address book. Incidentally I use an Offline so it would have been hard for it to penetrate the registry.
To cut a long story short, since very virus scan I've run says its not there, I've come to the conlusion taht these undelivered messages are simply part of the worm's behaviour and not evidence I've been sending it out at all... But I will be glad to see the back of this one. |
Hi Sheila,
They didn't do it on purpose. Worms are created to send emls to everything in the address book of the penetrated computer. I forgive you for sending me a worm that my virusscan rejected. :) |
Boy, Sheila...I feel neglected! I didn't get a worm or virus from you and I thought we were friends!!
Ar ar as another friend would say!! |
I'm getting the "undelivered message" error stuff in my mail box for addresses I haven't sent to. Virus filter up to date. I think I'm ok.
|
I have received over 200 'infected' emails in the past 24 hours and my Virus Scan still kept saying there was no virus - thank goodness they have dried up to just 6 today - so far!
|
Now that I think about it, this has been happening at my computer at work.
I keep getting messages that say "undeliverable," "rejected by recipent," or whatever. I have noticed that the email addresses are none that I've sent to. Our tech guy said that it is part of what the worm does, as you said. It basically uses your address from other people's adress book to send on to other computers. You probably don't have it at all, Sheila. At least let's hope not. |
I got 3 "undelivarable" messages today. By the way this my nickname is not registered to that e-mail. Now I wonder if I am infected, if yes, is it at work or at home or both?
|
I know nothing about computers:). But with WebTv (it's not a computer) it's impossible for me to receive a virus or to send one.
Except if it actually got into the WebTv company computer in California. Which has never happened yet. But this virus did cull/spambot my e-mail address from somewhere (I post on UseNet and 3 guidebook travel forums) and sent itself out using my e-mail address. I've only received ~7 undeliverable e-mails due to the receiver's anti-virus program rejecting them. And none of them was anyone I have ever been in contact with. Regards, Walter www.msnbc.com/news/954470.asp |
Just an FYI, [email protected] - Sally, also has this virus. Got an email from her with an attachment. To my recollection, I haven't communicated with her by email in at least 18 months. Luckily, my software virus program acknowledged the virus and deleted the attachment before it was downloaded.
|
I stayed home today and spent a good part of the day planning my vacation. (I posted here quite a bit this morning.) But I spoke to two people from my office this evening and learned that the computer system of our entire state government agency crashed today because of a virus.
|
I'm having the same experience as Gretchen -- several returned "contaminated" emails that were undeliverable. And which, of course, I did NOT send.
The odd thing is that this is all happening only on my hotmail account -- the one I use on fodors and other "public" places (online order confirmations, airline and hotel correspondence, etc). I suspect my address has been grabbed by an infected fodorite. |
WAAAAAAAAAAAaaaa!!!I didn't get sheila
s worm either, Seriously, what are the symptoms? I keep getting daily a window error scream and a NMAIN error? |
Hi Shiela,
Sorry you got hit with one of these things. I can sympathize but at least I get paid to deal with this stuff. I hope you don't mind if I throw out some general stuff I thought might be useful to people posting here. With email worms, the key is to not open them. Unfortunately, that isn't as easy as it sounds. If you use the very common Microsoft Outlook Express which comes with most home Windows based computers OR if you use MS Outlook, Standard Ed. which comes with the MS Office Suite (Word, Excel, PowerPoint, etc) - you can still get the activate the worm (virus). The way email worms is work is by the inclusion of an attachment - either an executable (obvious sign of a bad hack) or as an embedded macro that works upon opening the email. But, the two Microsoft products have the capability of a "Preview Pane" where you can see the contents of an email in a separate pane without actually opening the mail item. Turn this OFF! Seriously, this is a nice feature but a major problem area. First, as soon as you click on the email, even just to delete it without opening it, the contents show in the preview pane and you're toast if a virus is along for the ride. Don't count on Norton Anti-Virus or McAfee to catch everything. I just spent the better part of this week wresting with another virus that spread over hundreds of servers and thousands of PCs. NAV and McAfee didn't have the new virus definitions out until later that day. So, you have to be careful on your own too. Once one of these worms is on your PC, they may run amok or they may just sit quietly and you'd never know. One guy was using thousands other peoples computers, in tandem, to attack corporation servers like IBM with denial of service attacks and the owners of the PCs never even knew. Secondly, have you ever get one of those fancy spam emails that look like a web page? Full of pictures? If so, the spammer just logged the fact that you actually looked at the email, even if it were just in the preview pane. Ah-ha! Live email address. Send many many more. Sell live address to other spam lists. When you see that picture, it's actually living on a server somewhere else. When you run a web site/web server, every file someone accesses over the internet from your machine is logged with their IP number. Even Fodors.com has this capability pretty much by default. Anyway, it behooves you for your sake and your friend's sake to try to head these things off when you can. - Delete suspicious looking emails, people you don't know, etc. - Really look out for anything with an attachment, even from family. - FYI - [email protected] will never send you an email. This is the latest worm going around. - Update your virus software regularly. It's only getting worse. - Look in your c:\windows\system32\wins\ directory. If there are two .EXE files there, you have the [email protected] virus. Trust me on this. - and TURN OFF THE PREVIEW PANE. Here's how, in Outlook Express. View -> Layout and then turn off the preview pane. Uncheck "Show Preview Pane". Click OK and you've got it. |
cigalechanta,
Just wanted you to know that I have let more than one 'window error scream' fly forth when my computer acts up, LOL. But then, who among us hasn't? :) :) |
Hi Clifton - I looked in that directory and it is totally empty!! Whats up with that?? Not even one *.exe file. Hmnn, Babs
|
Clifton, thanks, I just turned off my Preview Pane. :-D
|
leslie, I think the point is that sally probably HASN'T got the worm. Someone else with her address in their address book, does.
I do know that's how it works. But I still think, "good grief, Mel (for, yes, dear, you were one)how could you let that happen?" |
My sister works in an information office in a nespaper. They have very thorough virus protection, she's sure she doesn't have it. But she got over 600 e-mails the other day that were thanks to the virus, and a large number of those returned undeliverables.
So, sheila, as others have said -- you're not the one with the virus, it's somebody who had you in their address book. |
Sorry, nespaper --> newspaper.
|
Outlook express 6 has the option to prevent attachments being opened.
If you go to tools, options, and then click on Security you can tick the box. do not let attachments be opened etc. I echo turning off the preview option. I got caught that way when an attachment opened automatically, but I think Microsoft brought out a patch. Finally viruses can "spoof" so that it appears that they are coming from your address even if you are not infected. |
Clifton:
Could you please tell me how to search for that directory? (I'm not exactly computer "literate"....DOH!) |
Thank you Sheiia for defending my reputation :) It's niced to know I'm in someone's address book -- but do take Clifton's advice to turn off that preview pane :)
BTW there are 2 reasons I couldn't be the soource. I don't use outlook and I don't open attachments. |
I'm curious about turning off the preview pane. Using the preview pane is how I look at emails w/o having to open them. If I turn it off, that will mean I have to open every single email to view it. Won't that enable me to become infected with many more virus' by opening all emails, rather than just view them?
|
Sheila, if you insist on using these daft products you make yourself a target.I recall warning you about this some time ago. Use Eudora instead of outlook express.Relying on antivirus products is feeble.When there are new variants appearing daily, they can't keep up.
I've never had a virus on any of my computers & not likely to.Opt out of viruses! |
Get a MAC, these worms and virus's rarely hit them plus you will be graced with an excellent operating system and a very stable system.
|
To use the preview pane IS, effectively to open the email.
|
So Big F ????? what could that stand for? I guess appropriate for a worm? |
Zippo; I don't use Outlook Express. As I said above I use an offline reader and relatively little gets through. Are you mxing me up with Sylvia?
|
I remember when there was a similar spate of inter-fodorite virus spreading last year (which was when I stopped posting my real name and email address)that Rex said that he used a web-based email account to protect himself from viruses.
However, our IT people at work have recently banned us from using hotmail, yahoo, etc., accounts on our office pc's because they reckon that viruses can get through that route now. Not sure whether they're trying to scare us, or just spoil our fun, but it's worth taking extra care for anyone who posts their web-based email addresses here, in the belief that they are safe. |
Richardab, I'm with you! I'd rather have a Mac myself but I've got a PC husband (remember that episode of Sex and the City--Carrie had Apple and Aidan a PC--you knew their relationship was doomed). Who knows, maybe Steve Jobs is secretly behind all these viruses and worms.
We check all our mail on www.mail2web.com before downloading. We can get rid of the junk and spams/worms without opening or previewing them. |
CLifton - Everything I've read says there is no harm in opening and reading the email. It is opening the attachment that that releases the worm/virus. Our IT people have said the same thing.
|
To add...An excellent website that explains what the virus does. Some of it makes no sense to me, but even I learned alot (esp. why it looks like someone sent you something, when they did not. Their name was just stolen from another computer...)
http://www.symantec.com/avcenter/[email protected] |
Just got this by email:
PC Infected? It Could Try Downloads The SoBig.F virus that made many e-mail users slog through unwanted messages this week could soon give them software they don't need that could cause damage. MORE DETAILS: <http://treets.click2houston.com/svc/...13&t=1> |
Hi Sheila! Here I thought I was so suddenly popular with all those emails! LOL I haven't sent any emails since this last invasion, but that doesn't mean my name won't show up if my address book is used. Oh well. It was fascinating that one of the messages that said to download a MS patch had been deleted as a virus. Sneaky those viruses... or is that viri?
|
BTilke,
I am very curious. How exactly does "mail2web" protect you from the viruses when they say that they don't scan for them. How do you know when to open something or not? Or if it just looks suspicious do you delete it? Thank you Clifton, I diabled the view pane as well. I thought that made me safe because I didn't actually open things that looked "iffy" just deleted them as before opening.... I guess we are never as safe as we think.. DebiC |
| All times are GMT -8. The time now is 09:50 AM. |