Can't Remove SoBig

  • Thread starter Thread starter Greg Evans
  • Start date Start date
G

Greg Evans

Several days before the Sobig became so big in the media, I started getting
e-mails kicked back as undeliverable form several mail servers. The
"undeliverables" were keyed by these mail servers as containing the Sobig
virus (as well a different one or two). I did not send any of the e-mails,
my machine is doing it independently of me. (Symptoms of Sobig, right?)

I use Norton Antivirus. All definitions are kept up to date. A complete
system scan comes back clean. I have also scanned online at Symantec and
McAfee with no viruses detected.

I have additionally run the Sobig removal tool from the Symantec site. It
does not detect the virus.

Driving me crazy.

Any ideas and help would be GREATLY appreciated.

Greg
 
Any ideas and help would be GREATLY appreciated.
Click to expand...


if you would read the multitude of posts regarding this topic, you
would soon understand why you're receiving those emails when your
machine isn't infected.
 
Several days before the Sobig became so big in the media, I started getting
e-mails kicked back as undeliverable form several mail servers. The
"undeliverables" were keyed by these mail servers as containing the Sobig
virus (as well a different one or two). I did not send any of the e-mails,
my machine is doing it independently of me. (Symptoms of Sobig, right?)

I use Norton Antivirus. All definitions are kept up to date. A complete
system scan comes back clean. I have also scanned online at Symantec and
McAfee with no viruses detected.

I have additionally run the Sobig removal tool from the Symantec site. It
does not detect the virus.

Driving me crazy.

Any ideas and help would be GREATLY appreciated.

Greg
Click to expand...
************************ REPLY SEPARATER ***********************
Modern virus's borrow both the FROM: and TO: addresses from files on the
infected computer. It is quite possible that YOU are not infected, but someone
that you know is. If the server rejecting the message returns the message
including the header, you can determine where it actually originated from the
source IP address (the last one). Everthing else supplied by the sender can be
faked.
 
Back
Top