 |
 |
Flood of incomng virally infected email? does this stop?
|
|
|
|
|
Forum Regular
Join Date: Sep 2002
Status:
Offline
|
|
In the last 2 days I have gotten a flood of emails that probably were generated by some virus somewhere.
The emails come from a wide range of aparent addresses ranging from admin@hotmail.com to particular universities. Many say either "Registration ocnfirmation" or what is likely a server message "your email was blocked" or "mailing error". Almost all of them have clearly had an attachment that was stripped out by a server along the way. Text presumably left by a virus stripping server, says that they removed W32.Sober.O@mm.
I'm getting about 5 an hour. Some are filtered into Junk mail by Entourage. Others arent. Is there anything I am supposed to do or worry about? Is this a sign my computer is at risk? Am I supposed to do something?
I have Virex and it is uptodate. It doesn't think my hard drive is infected.
|
|
G4 1.67 MHz 15" AlBook Rev D
|
| |
|
|
|
|
|
|
|
Forum Regular
Join Date: Jan 2001
Location: An Aussie in Los Angeles
Status:
Offline
|
|
I am getting these emails too. Not as many as you but I have had at least 5 today!
|
|
"The sleeper must awaken"
15" Al Powerbook G4 1.25 Ghz
iBook 800
G4 Flat Panel iMac 700
Airport
10 gig 2nd Gen iPod
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by waterbuck
In the last 2 days I have gotten a flood of emails that probably were generated by some virus somewhere.
The emails come from a wide range of aparent addresses ranging from admin@hotmail.com to particular universities. Many say either "Registration ocnfirmation" or what is likely a server message "your email was blocked" or "mailing error". Almost all of them have clearly had an attachment that was stripped out by a server along the way. Text presumably left by a virus stripping server, says that they removed W32.Sober.O@mm.
I'm getting about 5 an hour. Some are filtered into Junk mail by Entourage. Others arent. Is there anything I am supposed to do or worry about? Is this a sign my computer is at risk? Am I supposed to do something?
I have Virex and it is uptodate. It doesn't think my hard drive is infected.
You're not infected. The virus attachment you are getting only runs under Windows. As far as I know, there are still no viruses that can propagate under OS X.
To those who might be interested: if you are interested in anti-virus software, I suggest checking out the free, open source ClamAV. I always pity those who run out and buy products like Norton Firewall and Norton Antivirus (esp. the former) for the Mac.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Mar 2004
Location: MacNN database error. Please refresh your browser.
Status:
Offline
|
|
Norton A/V for OSX is horrible. Lots of cases where it reads a virus and wipes the entire Mail folder. 100% termination.
As far as viruses go, on the Mac side, all it will do is annoy you. You're safe. About the only thing it can do is you can be a carrier and pass on the virus to Windows users.
|
This is a computer-generated message and needs no signature.
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Jun 2001
Location: Northwest Ohio
Status:
Offline
|
|
Originally Posted by waterbuck
In the last 2 days I have gotten a flood of emails that probably were generated by some virus somewhere.
The emails come from a wide range of aparent addresses ranging from admin@hotmail.com to particular universities. Many say either "Registration ocnfirmation" or what is likely a server message "your email was blocked" or "mailing error". Almost all of them have clearly had an attachment that was stripped out by a server along the way. Text presumably left by a virus stripping server, says that they removed W32.Sober.O@mm.
I'm getting about 5 an hour. Some are filtered into Junk mail by Entourage. Others arent. Is there anything I am supposed to do or worry about? Is this a sign my computer is at risk? Am I supposed to do something?
I have Virex and it is uptodate. It doesn't think my hard drive is infected.
Some of your PC using friends are infected and sending them to you. In addition the virus is using your e-mail address (plucked from your friends' address books) as the return address for some of them. You will get the "mail bounced" messages, too.
Just wait for it to slow down and eventually stop. It may take a few days, though.
|
|
|
| |
|
|
|
|
|
|
|
Administrator  Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Somewhere along the way, your email address was harvested by someone/something, and so you're getting these emails. Sober has no affect on Macs, but it is possible to pass it on to a Windows machine through email, so once you delete those emails, dump the deleted folder as well.
I've been getting spam that may be from a similar source lately, but I dump it with all the rest of the crap, so I haven't been watching it to see what it's coming from.
I don't know about Norton AV for Mac, but Symantec's Client Security has worked great for us. I know, Symantec owns the Norton name, but the Norton product is aimed at a different audience than the Symantec-branded product; maybe that's the big difference. We haven't had a bit of trouble with SCS, and we've received a LOT of virus-infected emails.
|
|
Glenn -----
OTR/L, MOT, Tx
|
| |
|
|
|
|
|
|
|
Forum Regular
Join Date: Sep 2002
Status:
Offline
|
|
2 updates.
First, while I mostly handle email through Entourage (pulled down through an IMAP-equipped Microsoft Exchange Server at work) I sometimes view the same email with a desktop PC that has Outlook. Outlook has been "off"/"shut down" during the time that my flood of SOBER virally infected email started (now about 1 every 4-6 minutes). Also, my employer is very good at scanning and stripping viruses, so it is less likely, perhaps, that anything snuck in through them
I radically reduced the inbox burden by going to Entourage "rules" and making rules to immediately put into "Junk" any email with the word "VIRUS" in the subject or "virus successfully cleaned" in the body. See, all the viral email has already been stripped by servers along the way, which in turn add these catch phrases to the email text. I don't want to see them, and my 2 little rules seem to have rescued me somewhat.
|
|
G4 1.67 MHz 15" AlBook Rev D
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Oct 2000
Location: Edinburgh, Scotland
Status:
Offline
|
|
Originally Posted by besson3c
To those who might be interested: if you are interested in anti-virus software, I suggest checking out the free, open source ClamAV. I always pity those who run out and buy products like Norton Firewall and Norton Antivirus (esp. the former) for the Mac.
Woohoo! It's not very often that I get a chance to make a shameless plug, so here goes! Take a look at clamXav. It's simple, does the job and best of all, to all intents and purposes, it's FREE!
|
|
|
| |
|
|
|
|
|
|
|
Forum Regular
Join Date: Sep 2002
Status:
Offline
|
|
Is it different than Virex? My employer gave me Virex for free, but if clamXav is better I might get it too.
|
|
G4 1.67 MHz 15" AlBook Rev D
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Oct 2000
Location: Edinburgh, Scotland
Status:
Offline
|
|
Is it better? I can't actually answer that question. Not just because I'm biased, but actually because I've never used Virex!
They'll coexist quite happily (as long as one doesn't try scanning a file while the other tries to move it!), so why not install both and see which you prefer. There's an uninstaller on the clamXav download page just in case you don't like it, although if that's the case, I'd appreciate knowing why and what would make it better.
|
|
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by Geobunny
Is it better? I can't actually answer that question. Not just because I'm biased, but actually because I've never used Virex!
They'll coexist quite happily (as long as one doesn't try scanning a file while the other tries to move it!), so why not install both and see which you prefer. There's an uninstaller on the clamXav download page just in case you don't like it, although if that's the case, I'd appreciate knowing why and what would make it better.
[sorry just realizing now that I'm quoting the wrong person, but...]
I don't know much about Virex, but it is my understanding that Norton AV and ClamAV were designed for different reasons.
ClamAV will scan whatever files or folders you point it at. It is modular in design. It can be used to scan incoming messages on a mail server with an interface such as amavisd-new. ClamAV is basically a virus scanning engine.
Norton AV was designed to be a watchdog and keep an eye on everything you are doing to make sure that you don't get infected (this includes monitoring incoming email, removable media, etc.). It is the Microsoft paperclip (Clippy) for anti-viruses... or something.
ClamXAV is a GUI to ClamAV, and it is progressing nicely. Do you have any plans to integrate it with email programs Geobunny? If so, I'd request that you don't make it Norton-like, but more amavisd-new like (i.e. quietly scanning incoming email and dumping quaranteened messages into a folder of your choosing - basically seen but not heard from).
ClamAV seems to be a very popular and solid engine in the Unix world, its virus definitions are updated all the time. Since there are no viruses for OS X yet, having some obtrusive piece of software on the prowl for the easter bunny seems silly to me when something like ClamXAV is available to manually scan files and folders you think may be infected so that you can be a good samaritan to PC users you know.
Plus, Clam is free...
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
