emails saying infected with sober.g in email

T

Thorny

I keep getting emails saying that I am infected with sober.g virus but
neither AVG nor Panda has been able to say that I am infected. AVG is
the free version and is up to date. I can't find any automated
removal for sober.g nor can I be certain that the messages are true or
bogus. Anyone know anthing about this? Help is appreciated.

I will attach the message.

Thorny




VIRUS ALERT

Our virus checker found
virus: Worm.Sober.G
in your email to the following recipients:

(... large list of email addresses snipped out...)

Delivery of the email was stopped!

Please check your system for viruses,
or ask your system administrator to do so.

For your reference, here are headers from your email:
------------------------- BEGIN HEADERS -----------------------------
Received: from jthornburg.net (unknown [10.0.0.228])
by ethoserver.ezone.net (Postfix) with SMTP
id A070859435; Sun, 16 May 2004 11:56:15 -0500 (CDT)
From: (e-mail address removed)
To: (e-mail address removed)
Date: Sun, 16 May 2004 16:53:56 GMT
Subject: error in dbase
Importance: Normal
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="40f271967d53"
Content-Transfer-Encoding: 7bit
-------------------------- END HEADERS ------------------------------
 
F

Frederic Bonroy

Thorny said:
I keep getting emails saying that I am infected with sober.g virus but
neither AVG nor Panda has been able to say that I am infected. AVG is
the free version and is up to date. I can't find any automated
removal for sober.g nor can I be certain that the messages are true or
bogus. Anyone know anthing about this? Help is appreciated.
Click to expand...

Sober.G forges the sender adddress. Sober.G probably sent itself from
another computer using your address in the "From" field. Then it was
caught by a badly configured AV on a server (badly configured in that it
sends back warnings to the forged sender address).
 
T

Thorny

Sober.G forges the sender adddress. Sober.G probably sent itself from
another computer using your address in the "From" field. Then it was
caught by a badly configured AV on a server (badly configured in that it
sends back warnings to the forged sender address).
Click to expand...

Thank you -

My ISP says they do not show any virus-like activity from my account,
so between what you said and what they say it looks like I am OK.
Thanks again.

Thorny
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Worm. Sober.P-zip 4
headers from NETSKY_P email 1
Help please have I got a Virus 4
new doom varient? 3
Email Virus - False Alarm? 3
Help decode header 7
Ping IP number 213.84.28.220 (xs4all.nl) 5
Help with finding the email sender's originial IP address 3

Top