Toolkit
Story: Sobig.F is 'worst variant yet'
Posted by: Anonymous (Thursday 21 August 2003, 11:55 AM)
I believe I have been infected with sobig.F virus. Eventhough, I have never opened a .pif file.
At first, I was submerged with an abnormal amount of email. All of them were coming from a Denmark IP. They all came from different email address although the IP was the same. The message was always the same: "Please see the attached file for details." but the subject could vary and the attached file, always a .pif, could vary also. I have never opened one of these files.
On a second stage, I received a lot of undelivered mail. They were sent with my email address and they contained the virus. How could this be possible if I didn't open the attached .pif file? I believe this virus was (or is still) activated through P2P. I used recently Kazaa and eDonkey or was included in a freeware I recently installed (Foxmail, Hotpop, Mozilla Thunderbird, GRL Real Hidden, iOpus SEA).
I have checked (online scans) with Mcafee (didn't find anything. Online scan and Stinger), Panda (found the infected attachments) and others and I couldn't find any trace of the Sobig.F virus in the registry.
I have the bitter sensation that somebody is taking control of part of my computer.
Full Talkback thread
Story: Sobig.F is 'worst variant yet'
-
Attacks through P2P networks?
Hmm, strange. Can w... Ihate Allcheats -
I believe I have been infected with sobig.F virus.... Anonymous -
If you use the preview pane in Outlook Express, yo... Anonymous
-
The worm uses false e-mail addresses when he copie... Lisa Ogden
-
do you use a preview paine?, not too sure on my fa... Chris White
Back to: Sobig.F is 'worst variant yet'
