[Dshield] Sobig Help
haled at pionet.net
Wed Aug 20 17:28:28 GMT 2003
What makes you think that she is infected? Is she getting emails that say
that her email sent to someone was rejected contained the Sobig Virus? If
she is, this does not necessarily mean that she is infected. It probably
does mean that someone that she emails who has her in their address book is
infected. Check her sent items - is there indication that she indeed did
send an email to everyone in her address book. Check to see if any of the
telltale signs are there:
If any of this things exist you need to look for infection, if not then
chances are her machine is not infected. It probably is an email buddy that
got infected. I have actually gotten calls from several people with the
same concern and have found that they are fine, someone they email aren't.
Hope this helps.
Deborah F Hale
Certified Business Continuity Professional/Computer Security Specialist
BCP Enterprise, Inc
Telephone: (712) 252-0361
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Allan Liska
Sent: Wednesday, August 20, 2003 10:28 AM
Subject: [Dshield] Sobig Help
-----BEGIN PGP SIGNED MESSAGE-----
I know this sounds silly, but I could really use some help from the list.
It appears my mother-in-law was infected by one of the Sobig variants. As
of right now, Norton has not been able to detect it, so do you all know what
files I should look for and delete to remove the virus (no one on the
network I manage has been infected -- everything is blocked at the server --
so I have not had to dissect one of these worms yet).
Any help you can provide will go a long way toward saving my marriage ;).
allan at allan.org
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
More information about the list