Several days before the Sobig became so big in the media, I started getting
e-mails kicked back as undeliverable form several mail servers. The
"undeliverables" were keyed by these mail servers as containing the Sobig
virus (as well a different one or two). I did not send any of the e-mails,
my machine is doing it independently of me. (Symptoms of Sobig, right?)

I use Norton Antivirus. All definitions are kept up to date. A complete
system scan comes back clean. I have also scanned online at Symantec and
McAfee with no viruses detected.

I have additionally run the Sobig removal tool from the Symantec site. It
does not detect the virus.

Driving me crazy.

Any ideas and help would be GREATLY appreciated.

Greg

Sorry, should have added....Win 98 SE; Outlook Express; 2 hard drives


"Greg Evans" <fetchitup at vis-info.com> wrote in message
news:(E-Mail Removed)...

>
> Any ideas and help would be GREATLY appreciated.
>
> Greg
>
>

On Sat, 23 Aug 2003 06:27:07 -0500, "Greg Evans" <fetchitup at
vis-info.com> wrote:

>Any ideas and help would be GREATLY appreciated.


if you would read the multitude of posts regarding this topic, you
would soon understand why you're receiving those emails when your
machine isn't infected.

In article <(E-Mail Removed)>, fetchitupatvis-info.com says...
>
>Several days before the Sobig became so big in the media, I started getting
>e-mails kicked back as undeliverable form several mail servers. The
>"undeliverables" were keyed by these mail servers as containing the Sobig
>virus (as well a different one or two). I did not send any of the e-mails,
>my machine is doing it independently of me. (Symptoms of Sobig, right?)
>
>I use Norton Antivirus. All definitions are kept up to date. A complete
>system scan comes back clean. I have also scanned online at Symantec and
>McAfee with no viruses detected.
>
>I have additionally run the Sobig removal tool from the Symantec site. It
>does not detect the virus.
>
>Driving me crazy.
>
>Any ideas and help would be GREATLY appreciated.
>
>Greg
************************ REPLY SEPARATER ***********************
Modern virus's borrow both the FROM: and TO: addresses from files on the
infected computer. It is quite possible that YOU are not infected, but someone
that you know is. If the server rejecting the message returns the message
including the header, you can determine where it actually originated from the
source IP address (the last one). Everthing else supplied by the sender can be
faked.