October 1st, 2003, 11:56 AM
How sobig works??
I recently got a bulk of sobig into my yahoo accounts. The from addresses seemed to be known by me. Infact they were of my college friends. Now when I read about the worm on symantec they said it was a mass mailing worm and used the cookies stored on the pc and uses smtp. But we have norton installed on all pcs so all outgoing smtp mails are scanned but i have never noticed any one from this virus..
So if any one knows how this worm works exactly please let me know....
October 1st, 2003, 12:02 PM
this should clear things up. the fact that it uses it's own smtp server, could be why it got around yours as far as your antivirues software, it should have detected/cleaned it if properly updated...
What is it?
W32.Sobig.F@mm is a mass-mailing, network-aware worm that sends itself to all the email addresses it finds. The worm uses its own SMTP engine to propagate from Spoofed address (which means that the sender in the "From" field is most likely not the real sender). The worm may also use the address email@example.com
as the sender.
yeah, I\'m gonna need that by friday...
October 1st, 2003, 01:15 PM
Hi, like tampabay420 said, your AV should have spotted this if it was updated and activated to scan e-mails. It may miss ones that dont use your official SMTP engine?
Might I suggest Mail Control by Yariv kaplan http://www.internals.com
This acts like an e-mail "firewall" and should pick up malware that uses its own SMTP engine.
BTW it is free for private use
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
October 3rd, 2003, 07:23 AM
Thanks for your help guys....
December 9th, 2003, 12:38 PM
Wasn't the sobig virus the virus that sent lots of pointless mail to people as well as duplicates of itself? Or was that another virus,
forgive my ignorant way's
December 11th, 2003, 08:15 AM
hi. if you want to know the technical details of 'Sobig' virus/worm, visit www.trendmicro.com or www.symantec.com. use their search engine and it will give you a technical description of the virus: how it works and how to remove the virus.
Turn on. Tune in. Drop out.