Too Big
I am sick to death of this damned Sobig.F virus that's spreading around the Net. Reports say it is spreading faster than any computer virus ever seen. I believe it.
I went online Wednesday morning to find all my mailboxes overflowing with messages entitled "Your application" and "Wicked screensaver" and "That movie" and simply "Details." I opened one called "Your application" out of curiosity and because I have been sending out applications. The attachment read "Norton AntiVirus Deleted1.txt." Always bad news. I have the sense to not open attachments, especially such ominous sounding ones.
My response was to go to Google and enter the phrase, "Norton AntiVirus Deleted1.txt." I figured if something was spreading, someone would have something to say about it. Specific, yes, but what are you going to do? I got a handful of hits, mist of which were in foreign languages and a some of which were message board postings which, it appeared, were devoted to actually spreading the virus.
The messages in my RCN mailbox were all 1kb in size. When I opened my Excite mail, however, I found the mailbox had been shut down by excessive messages, all of which were 900kb in size. This was also the case with my Yahoo mailbox. I maintain so many mailboxes for this very reason. When I troll the Net, I use my Excite or Yahoo edress to sign up for various sites, with the understanding that those boxes can collect my spam and I can kill them whenever I want, leaving my RCN and johnbliss.com mailboxes relatively clean. Both webmail boxes were now groaning under a load of infected messages. What became apparent was that Norton Antivirus, bless its little heart, had stripped the offending attachments from the messages and left its calling card, "Norton AntiVirus Deleted1.txt," in their stead. Norton has quarantined email viruses for me in the past, but I didn't/don't recall the substitute attachment. What else was abundantly clear is that despite any advertising, Excite and Yahoo do nothing to scan for viruses.
My next step was to open my Norton Antivirus Quarantine, and there they were, all bright and shiny, a half dozen new viruses called W32.Sobig.F@mm. I returned to Google and entered the phrase "Sobig.F." This time I got … even fewer hits. About two or three. I limited the search to "sobig" and received many more hits, for Sobig.A and Sobig.C and even Sobig.E, I believe. But no Sobig.F.
No matter. I emptied all my mailboxes, dumped the trash and deleted the viruses from quarantine, along with a handful of others that I didn't even know were there. Thanks, Norton!
Thursday, of course, Sobig.F was all over the news. According to MessageLabs Inc., a company that filters corporate email, one in every 17 messages bore the virus. My rate was a bit higher. By comparison, the previous champ, Klez, accounted for only one in every 125 messages at its peak. I continued to receive the occasional infected message until yesterday morning, when it pretty much stopped. One reason this virus spread so quickly is that it's the sixth variation of the Sobig virus, and a bug in previous versions has been repaired. Ironic, ain't it?
If you've been infected, or think you have, Symantec, the manufacturer of Norton Antivirus, has posted a Sobig.F Removal Tool on their website along with instructions for use. If you're clean, it'll let you know; if you're infected, it'll take care of the problem.
By the way, this virus de-activates spreading on September 10, prompting experts to expect the next Sobig variant on or near September 11. Just so ya know.
*****
It strikes me that many of you may not receive today's Reader because of my liberal use of the word "Sobig." So it goes.
I went online Wednesday morning to find all my mailboxes overflowing with messages entitled "Your application" and "Wicked screensaver" and "That movie" and simply "Details." I opened one called "Your application" out of curiosity and because I have been sending out applications. The attachment read "Norton AntiVirus Deleted1.txt." Always bad news. I have the sense to not open attachments, especially such ominous sounding ones.
My response was to go to Google and enter the phrase, "Norton AntiVirus Deleted1.txt." I figured if something was spreading, someone would have something to say about it. Specific, yes, but what are you going to do? I got a handful of hits, mist of which were in foreign languages and a some of which were message board postings which, it appeared, were devoted to actually spreading the virus.
The messages in my RCN mailbox were all 1kb in size. When I opened my Excite mail, however, I found the mailbox had been shut down by excessive messages, all of which were 900kb in size. This was also the case with my Yahoo mailbox. I maintain so many mailboxes for this very reason. When I troll the Net, I use my Excite or Yahoo edress to sign up for various sites, with the understanding that those boxes can collect my spam and I can kill them whenever I want, leaving my RCN and johnbliss.com mailboxes relatively clean. Both webmail boxes were now groaning under a load of infected messages. What became apparent was that Norton Antivirus, bless its little heart, had stripped the offending attachments from the messages and left its calling card, "Norton AntiVirus Deleted1.txt," in their stead. Norton has quarantined email viruses for me in the past, but I didn't/don't recall the substitute attachment. What else was abundantly clear is that despite any advertising, Excite and Yahoo do nothing to scan for viruses.
My next step was to open my Norton Antivirus Quarantine, and there they were, all bright and shiny, a half dozen new viruses called W32.Sobig.F@mm. I returned to Google and entered the phrase "Sobig.F." This time I got … even fewer hits. About two or three. I limited the search to "sobig" and received many more hits, for Sobig.A and Sobig.C and even Sobig.E, I believe. But no Sobig.F.
No matter. I emptied all my mailboxes, dumped the trash and deleted the viruses from quarantine, along with a handful of others that I didn't even know were there. Thanks, Norton!
Thursday, of course, Sobig.F was all over the news. According to MessageLabs Inc., a company that filters corporate email, one in every 17 messages bore the virus. My rate was a bit higher. By comparison, the previous champ, Klez, accounted for only one in every 125 messages at its peak. I continued to receive the occasional infected message until yesterday morning, when it pretty much stopped. One reason this virus spread so quickly is that it's the sixth variation of the Sobig virus, and a bug in previous versions has been repaired. Ironic, ain't it?
If you've been infected, or think you have, Symantec, the manufacturer of Norton Antivirus, has posted a Sobig.F Removal Tool on their website along with instructions for use. If you're clean, it'll let you know; if you're infected, it'll take care of the problem.
By the way, this virus de-activates spreading on September 10, prompting experts to expect the next Sobig variant on or near September 11. Just so ya know.
*****
It strikes me that many of you may not receive today's Reader because of my liberal use of the word "Sobig." So it goes.
posted by John Bliss at
11:07 AM
0 Comments:
Post a Comment
<< Home