[Blue Ruler]

My pc has been doing strange things lately. Slow loading, loading only pieces of pages etc. Now I can only start pc through safe mode.
I run and update norton every day, never open e-mails unless I know the sender or asked for info, update via windows update reguarly.
So yesterday I ran a system scan with norton and everything was clean. I did the same with www.microtrend.com, its free, and low and behold I got 4 hits. So I sent a nasthy note to symantec asking wtf I'm paying for and if they're going to reimburse me for my added costs.

worm sobig,e
worm swen.a
pe dumaru.a
pe bugbear.dam

My pc has an appointment with the local doctor tomorrow for a physical. Ask me if I'm pissed
_________________

[SpeCies]

Try this utility
W32.Blaster.Worm Removal Tool by Symantec. It's strange that your tools did not pick it up

Reformat your drive and do a fresh install. XP will walk you right through it easy as cake

[Lil-Yugi]

Try this website www.pcpitstop.com

[Bright Red Nipples]

That site isn't working for me BR. It opens the page to there site but I cannot do anything there. There links aren't working or something.


Sorry to hear about the finds. That sucks. I hope you get it fixed up before to long. It is kinda longly without my buddy in game
_________________


God Bless You Blue Ruler

[Bright Red Nipples]

OMG!!!! I just did a scan on my hard drive and it found 3!!!!! GG Norton
_________________


God Bless You Blue Ruler

[SpeCies]

Glad I still am using win98se

[Simpleman]

try www.adaware.com this might help out gets rid of all spybots & there search and destroy it also helps with the spyware that adaware don't catch

[Paddyjack]

I also had 4 occurences of worm sobig,e, which my antivirus found today. I don't kow how they came to be, but somehow I'm looking suspisciously at the new update from steam.
_________________
PJ --- ancient IDIOT with a rusty CROWBAR....
but still SWINGING!




Rock2..... JUST SAY NO!!!!!

[Blue Ruler]

[SpeCies]

If so, I would think that the steam forum would be massed with the same complaints.

I recant my previous gloat about Win98 cuz it's a candidate also !

Here is some info on this virus

Due to a decreased rate of submissions, and the hard coded deactivation date, Symantec Security Response has downgraded this threat to a Category 2 from a Category 4 as of September 15, 2003.

W32.Sobig.F@mm is a mass-mailing, network-aware worm that sends itself to all the email addresses it finds in the files that have the following extensions:

* .dbx
* .eml
* .hlp
* .htm
* .html
* .mht
* .wab
* .txt


The worm uses its own SMTP engine to propagate. It also attempts to create a copy of itself on accessible network shares, but fails due to bugs in the code.


Email routine details
The email message has the following characteristics:

From: Spoofed address (which means that the sender in the "From" field is most likely not the real sender). The worm may also use the address, admin@internet.com, as the sender.

NOTES:
o The spoofed addresses and the Send To addresses are both taken from the files found on the computer. Also, the worm may use the settings of the infected computer's settings to check for an SMTP server to contact.
o The choice of the internet.com domain appears to be arbitrary and does not have any connection to the actual domain or its parent company.


Subject:

* Re: Details
* Re: Approved
* Re: Re: My details
* Re: Thank you!
* Re: That movie
* Re: Wicked screensaver
* Re: Your application
* Thank you!
* Your details


Body:

* See the attached file for details
* Please see the attached file for details.


Attachment:

* your_document.pif
* document_all.pif
* thank_you.pif
* your_details.pif
* details.pif
* document_9446.pif
* application.pif
* wicked_scr.scr
* movie0045.pif



NOTES:

* The worm de-activates on September 10, 2003. The last day on which the worm will spread is September 9, 2003.
* The aforementioned de-activation date applies only to the mass-mailing, network propagation, and email address collection routines. This means that a W32.Sobig.F@mm-infected computer will still attempt to download the updates from the respective list of master servers during the associated trigger period, even after the infection de-activation date. Previous variants of Sobig exhibited similar behavior.
* Outbound udp traffic was observed on August 22nd, coming from systems infected with both Sobig.E and Sobig.F. However, the target IP addresses were either not responding, taken offline, or contained non-executable content; that is, a link to an adult site.
* W32.Sobig.F@mm uses a technique known as "email spoofing," by which the worm randomly selects an address it finds on an infected computer. For more information on email spoofing, see the "Technical Details" section below.


Symantec Security Response has developed a removal tool to clean the infections of W32.Sobig.F@mm.

Also Known As: Sobig.F [F-Secure], W32/Sobig.f@MM [McAfee], WORM SOBIG.F [Trend], W32/Sobig-F [Sophos], Win32.Sobig.F [CA], I-Worm.Sobig.f [KAV]

Type: Worm
Infection Length: about 72,000 bytes



Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Systems Not Affected: Linux, Macintosh, OS/2, UNIX, Windows 3.x

[SpeCies]

Just a thought Blue, this site is dead! Maybe by chance they were having problems at the time of your scan ? You have two of the best anti-virus programs around it's hard to believe that both of the two apps failed detection. Try this link it is also free

[Blue Ruler]

Gezz I r t stupido thats what I meant

http://housecall.trendmicro.com/
_________________

[Bright Red Nipples]

[Potato-VS-]

it sounds like what happened to my comp after I got the RAM upgraded... Hope you can get it fixed BR! Computer troubles are so annoying.

<TVB>Potato-VS-

[SpeCies]

That is o.k aixelsyD can happen after a few brews