Aussieveedubbers - Powered by GaiaBB

sobig virus?

type82e - September 4th, 2003 at 07:34 AM

I'm being bonbatded with theis virus everytime I open my e-mails theres 30 of these suckers in there and I'm constantly quaratining them with nortons anti - virus now every minute or so its getting very annoying
waht can i do can I block theyre address or something?
marcel

[Edited on 5-9-2003 by vanderaj]

squizy - September 4th, 2003 at 08:48 AM

Have you advised the people that you're getting the emails from that they have the virus? You can clean as much as you like from your end, but if the people with you in their mail lists don't clean, then you will keep getting them.

Squiz.....

jenz58 - September 4th, 2003 at 08:50 AM

Wah!!!! How did they hook onto you??

Sounds like you have a parasite in the system directing them to you

Hotmail sends a lot of unwanted emails

Luckily I haven't had any of the emails containing virus sent to me

decked dubby - September 4th, 2003 at 09:01 AM

I got them this morning, 89 new messages. All contain a link (which i haven't opened) and are from about 4 differnt e-mail addresses.

What a pain in the arse this is. :mad: :mad: :mad:

jenz58 - September 4th, 2003 at 09:10 AM

Have a look at what your using on the puter, a site your've registered on probably

Can't be us cos I'm not getting any:kiss

Used to get a lot of crap emailed when someone in the house was using a chat program

HotRodMatt - September 4th, 2003 at 09:25 AM

The problem is it isn't necessarily the sender that is sending the mail to you...

It spoofs addresses from the hosts.

Your ISP isn't doing the right thing. Virii of this kind should be pulled by their mail servers. Ring 'em and give 'em serve...

68AutoBug - September 6th, 2003 at 02:04 AM

I receive approx 3 viruses a day...
Bugbear & KLEZ usually.
Mostly these are , from what I can tell,
sent from someones Computer that has a Virus and is sending Viruses out to everyone in their computers address book or in the memory.
My biggest problem at the moment is SPAM .. usually sex related... I use
POP UP stopper for these but popup stopper stops Me from opening some websites such as the CBA netbanking etc.
I have to turn it off to access these websites and thats when I am bombarded
with the sex site advertisements... I don't know what I would do without My pop up stopper ..... and thanks to the kind VW forum female that put Me onto pop up stopper... much appreciated... Lee

fatboy - September 6th, 2003 at 11:03 AM

If your getting lots of popups go into Add / Remove programs and make sure you dont have "stbar" or "msaupdate" installed if you have uninstall them :thumb

haugmichael - September 6th, 2003 at 02:19 PM

I am receiving a great deal of unexplained email or delivery failure messages. Is my computer infected?

Not necessarily. W32/Sobig-F can 'spoof' email addresses, i.e. use false sender details. The worm may be sending email out from some other person's computer, but has made it appear that the email comes from you. This can happen on any type of computer with an email account, not just on Windows computers.

If the email you are receiving is a problem, you can use security software to block emails with certain subject lines.

How do I avoid infection in the future?

Update your anti-virus software now so that you can detect and prevent the W32/Sobig-F worm. If you do not have procedures for rapid updates, implement them now, because you are sure to need them again.

If possible, block all Windows programs at your email gateway. Some email applications can be configured to do this. It is rarely necessary to allow users to receive programs via email. There is so little to lose, and so much to gain, simply by blocking all mailed-in programs, regardless of whether they contain viruses or not.

Additional information on W32/Sobig-F

W32/Sobig-F uses the Network Time Protocol (NTP) to access one of several servers in order to determine the current date and time.

If the time returned by the NTP server is between 19:00 and 22:00 UTC+0 (which is 8pm-11pm UK time) on any Friday or Sunday, W32/Sobig-F sends a UDP packet to port 8998 of a remote server. This feature could be used to download and run a Trojan or additional worm components.

If the date is 10 September 2003 or later the worm stops working.

To prevent malicious code from being downloaded by W32/Sobig-F, configure your Firewall so outgoing connection attempts to UDP port 8998 are blocked.

Customers should consult their firewall documentation, or contact their firewall provider for assistance in implementing this configuration change.