Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Windows 2000 > Re: W32.Sobig.F@mm virus...

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

Re: W32.Sobig.F@mm virus...

Reply to Message Icon

Name: Justin Szczap
Date: August 19, 2003 at 20:01:42 Pacific
OS: Windows 2000 Professional
CPU/Ram: Intel Pentium 3/256 Megs
Comment:

Hi,
I'm beyond certain that I have this virus, also known as Sobig.F [F-Secure], W32/Sobig.f@MM [McAfee], WORM SOBIG.F [Trend]. I checked Symantec's Security Response section, downloaded the fix/removal tool, followed the instructions and my computer is [supposedly] clean. What now? I'm still having "symptoms" of this virus. However, nothing Norton's site claims will be in my registry is there when I check. I'm at a loss here. Any advice???
- JS



Sponsored Link
Ads by Google

Response Number 1
Name: Mike
Date: August 20, 2003 at 05:46:30 Pacific
Reply:

Try doing a Windows update.


0

Response Number 2
Name: Justin Szczap
Date: August 20, 2003 at 13:52:47 Pacific
Reply:

Hi,
I tried, but it didn't help. I'm now assuming that someone in my family with my email address in their address book has this virus. What other explanation could there be?
- JS


0

Response Number 3
Name: Alan56
Date: August 22, 2003 at 00:17:48 Pacific
Reply:

The worm can "spoof" email addresses, i.e. use false sender details. The worm may be sending email out from somebody's else computer, but making it appear that the email comes from you.

If the email you are receiving is a problem, you can use your security software to block emails with certain subject lines.

More info here

http://www.us.sophos.com/support/disinfection/sobigf.html#1

Hope this helps
Alan56



0

Response Number 4
Name: shane
Date: August 22, 2003 at 03:59:49 Pacific
Reply:


The worm will fake the sender's e-mail id. According to Solo Antivirus site
"
The worm spoofs the sender's e-mail id. So it is very difficult to find the infected user. If an infected user contains your e-mail id, Sobig.F will send infected mails using your e-mail id too. So you will receive virus warning messages and undeliverable messages. "

For more details, visit Solo antivirus site at http://www.srnmicro.com/virusinfo/sobigf.htm

Have a nice day



0

Response Number 5
Name: Justin Szczap
Date: August 22, 2003 at 15:34:40 Pacific
Reply:

Hi,
That's exactly the problem. You see, there are two computers in my home, networked. I shut off all services, networking, etc. and checked the registry keys on both computers. I searched for various files, "clues", and used every known removal tool I could find. The virus itself is not actually on either of my home computers. Now, the problem is that I have to contact every friend/family member I know of and ask them to try to do the same on THERE computer(s). This virus is a MAJOR pain in the arse.
Does anyone know of ANY possible ways of getting around the spoofing the virus uses to maybe determine who ACTUALLY has the virus on the computer(s)?
Thanks again...
- JS


0

Related Posts

See More



Sponsored Link
Ads by Google
Reply to Message Icon

Printer Cart. NOTHING PRI... Restricting Internet Acce...



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Windows 2000 Forum Home


Sponsored links
Ads by Google


Results for: Re: W32.Sobig.F@mm virus...
Need Anti-Virus (Email) help ASAP www.computing.net/answers/windows-2000/need-antivirus-email-help-asap/50865.html

W32.Swen.A@mm virus www.computing.net/answers/windows-2000/w32swenamm-virus/52352.html

Console Recovery to fix boot.ini www.computing.net/answers/windows-2000/console-recovery-to-fix-bootini/43569.html