Re: virus alert`



Reese, I've had the same problem myself. I thought it was something limited to my Yahoo account. Hopefully, it will run it's course. DR
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I got twice as many as that. I get them all the time lately. Up to every minute or two. I have exceptional spam control but even so my mail box fills from unemptied trash as least 3 times a day now.
Jerry
--
Jerry Irvine, Box 1242, Claremont, California 91711 USA
Opinion, the whole thing. <mail to: snipped-for-privacy@gte.net>
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Jerry Irvine wrote:

I average about 100 legit emails a day(many rocket lists) and NO spam comes through at all. None, nada. But I should mentioned my isp uses Postini.com. Postini rules!
Ted Novak TRA#5512
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:>

Any particular reason?
~Duane Phillips.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I am easily searchable and except for this widespread DOS attack, it has been a minimal hassle to trash mucho spam. Eudora again.
Jerry
--
Jerry Irvine, Box 1242, Claremont, California 91711 USA
Opinion, the whole thing. <mail to: snipped-for-privacy@gte.net>
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Yes.
As a Mac user I am not an originator, only a receiver.
Jerry
--
Jerry Irvine, Box 1242, Claremont, California 91711 USA
Opinion, the whole thing. <mail to: snipped-for-privacy@gte.net>
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Yes, there was a spate of them "returned" to my wife's account about a month ago, but they've stopped.
--
...The Bit Eimer [remove keinewurst to email me]

"My goal in life is to be the kind of person my cat thinks he is"
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
same here reece......they were all headed to my junk mail folder but even that was overflowing..... shockie B)

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
shockwaveriderz wrote:

I've had ot use web mail for my earthlink account or mail2web for general pop account and clear out all the chaff before trying to download all that crap on my slow dial up line.
What a PITA!!!!!!!!!!
Note: Anyone on this list using an older (pre 2001) version of Internet Explorer is a prime candidate for spreading this monster. Please update your systems!!!!
--
snipped-for-privacy@beldenmachine.com
---------------------------
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I have thge same problem., I have emptied 10mb of spam about twice a day for the past 2 days and a bit less before that. I have had a few customers report bounces (caused by a full mailbox).
Unfortunately I canot guard my computer 24/7 (it only seems like it) to empty the spam folder often enough.
And I use an ISP who is spam aware too so this must be using a wide variety of domains and sourcepoints.
Jerry
--
Jerry Irvine, Box 1242, Claremont, California 91711 USA
Opinion, the whole thing. <mail to: snipped-for-privacy@gte.net>
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
--------------060606010604030202010602 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit
Reece Talley wrote:

I just got one from a guy which had a .com extender on the attachment.....didn't seem like it was his kind of email. But it didn't affect me (Mac) and I've asked if he was the sender, he says not. The app rifled through his addy book and I happened to be on it. Ah well, sounds as if he's got some work to do.
Chuck
--

Chuck Rudy

VooDoo Digital Productions
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Norton has some information on it.
I've gotten about 200 a day for the past 2 1/2 days.... gggrrrrrrrrrrr
fortunately, only one of my mail boxes is being targeted. People who write viruses should be *ruined* when caught and forced to compensate for all the cost associated or rot in jail till they *can* compensate.
these slugs aren't worth the air they breath and are too stupid to get real programming jobs. sheesh!
Reece Talley wrote:

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Jim Flis wrote:

Well, I sure appreciate the sentiment (I've been manually telnet-ing into my POP server and deleting the ~150kB "Security Update" messages so I don't have to download them via the modem), but if they can't "compensate" at present, how is confinement going to change the situation?
It would be like our Guantanamo Bay prison camp - no, we haven't "sentenced" anyone to "life imprisonment", they're just being "detained for the duration of the [perpetual] War against Terrorism..."
-dave w
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Jim Flis wrote:

I too got several hundred of these. I don't see why earthlink keeps passing these thru the system. But to their credit they are stoppped in my suspect spam folder. I think an appropriate punishment would be to throw the virus writers in a cage filled with rabid pit bulls on steroids during halftime at the superbowl.
--
As nightfall does not come at once, neither does oppression. In both
instances,there's a twilight where everything remains seemingly
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
From McAfee:
W32/Sobig.f@MM (High Risk)
A new variant of W32/Sobig, W32/Sobig.f@MM is a High Risk mass-mailing worm. It arrives as an email attachment with a .pif or .scr extension. When run, it infects the host computer, then emails itself (using its own SMTP engine) to harvested email addresses from the victim's machine. In addition, when it propagates, the worm "spoofs" the "from: field", using one of the harvested email addresses. So exercise care when opening emails with attachments. An infected email can come from addresses you recognize.
Because it sends so many emails, a worm like Sobig also saps bandwidth and slows network performance. Worse, it can also open up a user's computer port, making it vulnerable to hackers, who can plant dangerous Trojans. These malicious programs often let unauthorized users remotely take over a system, steal personal information or use the infected PC to send spam.
--
...The Bit Eimer [remove keinewurst to email me]

"My goal in life is to be the kind of person my cat thinks he is"
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
I was hit with more than 120... in less than 8 hours... each over 144K... filled up my inbox... legitimate emails addressed to me were bounced by my server because my mailbox was full.
I'm currently receiving one every 6-8 minutes.
All the IP address are spoofed... no way to get a good 'hook'. My ISP can't do anything...
Everyone should go to http://symantec.com/securitycheck and have thier systems checked... it takes a while, but you just might be surprised. :(
I'm using 'MailWasher' to screen the emails at the ISP server level, so I don't have to download the body (or attachements) to my local computer...
Good luck.
Mark

two
one
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
That's what I'm seeing here too (Swen).. I easily got 300 copies today. It uses different sender, subject lines, and message bodies, so it's a bear to filter. About 1/2 of them look like a real email from Microsoft, telling you to run the attached file to close security holes in your system. I think a bunch of people did just that!
I've seen well over 500 of these emails since this whole this started a couple days back -but only to one of my email addresses.. The others have been "swen free".
I sure hope that all the "homeland security" folks understand that jerks that release these worm/viruses are the real terrorists (cyber-terrorists), and not some guy launching rockets!
(While writing this, I got 5 more copies!)

on
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Agree... this virus\worm was was written in 'C', and contains some pretty sophisticated stuff (SMTP engine, etc.) so it's not just some script kiddy at work. This was written by a real butthole.
It's pretty benign, IF one considers turning off zone alarm (firewalls) and anti-virus software benign.
Easy to keep from being infected (would Microsoft REALLY be proactive and send you a patch for FREE? No? Then DON"T click on it!)
... but it's a bugger to get rid of... many file deletions and you have to edit your registry to rid yourself of it. :(
Couriously, many of the emails generated (about 10%?) do not contain the virus...
Ahh... well.
Nine more copies while I wrote this... but, well... I don't type as fast as I once did... ;)

last
dumped
any
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
I know my machines are clean, but even for those not infected, 500 spam/worm/virus emails in a couple days is a RPITA! When I first saw the "MS clone" email, my first reaction was "interesting - where did they get my email address?" and then "Hummm, I'll check the MS site and see what's going on". But I'll bet there are many folks that just installed it - with "it" being the worm!
Well, got another 5.. I need to type faster!

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I got 40mb so far in the past 24 hours, but that was reduced by each time my mailbox was filled to 10mb the remainder bounced.

I bet they are helpless to abate real threats so they pick easy targets. It is what police do. And when they run low on easy targets, they start entraping some with stings.
Jerry
--
Jerry Irvine, Box 1242, Claremont, California 91711 USA
Opinion, the whole thing. <mail to: snipped-for-privacy@gte.net>
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Polytechforum.com is a website by engineers for engineers. It is not affiliated with any of manufacturers or vendors discussed here. All logos and trade names are the property of their respective owners.