SoBig.F - Undeliverable Mail

  Jester2K II 16:50 20 Aug 2003
Locked

I can't get my head around this.

I have up to date AVG 6.

I have scanned my PC with Stinger 1.8.4.

My Firewall has reported nothing.

Nothing is starting up with the PC i don't know about.

So why am I getting "Mail Undeliverable Due To SoBig.F Virus" messages? Been about 32 so far?

I understand that the virus scan spoof the address but this e-mail address is known to me only. Its a Hotmail account and has hardly been used.

I set it up to see how long it would take an un-used Hotmail account to be spammed. I put a hidden link on a web page to see if Spam-Bots would pick it up.

So how is my address being used to send this virus to so many? If it was one of my other "public" (ie known) accounts then i could understand but its not known (unless someone went through the source code of the web page)

Usually i can follow how a virus works and obtains its to and from addresses but not this time...

  alcudia 17:02 20 Aug 2003

Strange one this. You can try running this [email protected]" title="http://securityresponse.symantec.com/avcenter/venc/data/[email protected]" TARGET="_new">click here to see if you actually have it. However you are probably aware of this. I think this is third posting today about sobig. It's becomming a bit of a nuisance. There is hope though, I think it will expire on Sept 10th.

  Wes Tam ;-) 17:10 20 Aug 2003

Jester2K II The w32.Sobig worm uses a built in e-mailer engine to send out copies of itself to addresses it collects from the infected PC.

Can it be that you were infected via your normal mail account and then it found your hotmail address?

  Jester2K II 17:16 20 Aug 2003

"Can it be that you were infected via your normal mail account and then it found your hotmail address? "

Nope. Not been infected and the address being used is not stored anywhere on the PC except for the web page i put it in. Seeing as i've not been infected it can't have got it from there....

Outlook 2002 (XP) will also warn me if another application tries to send mail out without my permission.

  Jester2K II 17:36 20 Aug 2003

click here

AVG 6 says No SoBig.

All i can guess is that the virus has picked up my address from a cached webpage on someone elses PC.

  Ben Avery 11:00 22 Aug 2003

Just to confirm your thoughts about it using cached pages, read this

click here

BA

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

HP Envy x2 review: Hands-on

Iconic New York graphic designer Milton Glaser on his uplifting new subway posters

New iMac Pro release date, UK price & specs rumours

Comment suivre le parcours du père Noël ?