Virus

  Southernboy 16:58 22 Aug 2003
Locked

I opened my Email today and discovered three "returned by Daemon" Emails. I had not sent them and, checking one, I noticed it was headed "Wicked Screensaver", which I believe is the Blaster virus.

I have Norton Internet Security 2003 with Live Update, so how did this get past it? I have done a Norton Virus Scan, which reported no virus infection.

I NEVER open any Email attachment unless I am certain I know who it is from. Is it somehow possible that this virus could "pass through" my PC without infecting it and access my AOL Address Book?

  bremner 17:18 22 Aug 2003
  bremner 17:19 22 Aug 2003
  jazzypop 18:09 22 Aug 2003

click here for information about sobig, as well as a removal tool (note the important information about disabling System Restore).

Sobig is a worm, not a virus. In simple terms, a worm is a tiny program that aims to spread itself across a network (in this case, the Internet) by 'posting' itself from PC to PC. It does this by actively searching for open ports (holes) in firewalls.

A virus checker tends to look for viruses that are attached or embedded in files.

Sobig did not arrive via an email attachment, it sent itself to you over an open network connection (broadband or dialup internet access).

A properly setup firewall would have stopped it from entering, as would have using the Windows Update facility regularly.

  suzie005 18:17 22 Aug 2003

why did my firewall not stop it ? as far as i'm aware it's set up ok.

  Gaz 25 19:33 22 Aug 2003

"Wicked Screensaver", which I believe is the Blaster virus.


No it is the Sobig.F virus.


why did my firewall not stop it? It does not protect from e-mail viruses only hackers.

click here for information on Sobig, Welchia and Blaster!

  Southernboy 16:21 23 Aug 2003

Your link was "not found".

Thanks for the replies. From the newspaper today I now realise it was the Sobig.F virus, or is it a worm? What is the difference? Surely, Norton Internet Security 2003 should deal with both, whatever they are called? Are you saying that NIS cannot stop this infection? I am astonished, that is what I bought it for. As far as I know, NIS 2003 includes a Firewall, so why did it not stop it? I find myself confused....

The bottom line is, what has this done to my PC? Do I have a problems?

  Southernboy 16:24 23 Aug 2003

None of the "click here" work - is this part of the virus?

  Southernboy 16:26 23 Aug 2003

Those posted by Bremner appear black. Those posted by Jazzypop and Gaz 25 are blue but do not go anywhere.

  DieSse 16:45 23 Aug 2003

bremners link is incorrectly made,

Gaz 25 link gives "page not found",

jazzypops link should be fine, and is correctly linked to the Symantec web site that explains about the worm.

  Jester2K II 16:46 23 Aug 2003

The secret is in the bit about ""returned by Daemon" Emails"

YOU do NOT have the virus. Someone who has your e-mail address does and it is being sent out from their PC. Unfortunately the virus spoofs the address it comes from - i.e. it uses someone else's address. In this case yours.

The messages get rejected at the server because they have a virus in them and then return them to you because you're address was used by the virus as the return address.

This has happened to thousands of people world wide.

Do not worry- you don't have the virus. All you can do is just keep deleting the messages.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

OnePlus 5 review

50 best online Adobe XD tutorials

iPad Pro 10.5in (2017) review

Comment connecter un MacBook à une TV ?