Blahr 0 #1 August 19, 2003 FYI I received an e-mail message from an address called "[email protected]" This message contained a virus called W32/Sobig-F Why dont you all get Linux or FreeBSD? The these idiotic Wintendo viruses will stop propogating My external mail gateway caught it and stripped the virus befor delivering the message. The from address is bogus and is created by the virus from looking through files on the infected machine. Since the infected machine is obviously owned by a dz.com member I thought I would toss this warning out there. This message did NOT come from dropzone.com. The virus has its own smtp engine and mails itself directly from the infected PC without using any other MTA. Whoever the real source is, your IP address is 65.41.53.3 I'd suggest checking your IP addresses and be wary of e-mails with the following subject lines: Re: That movie Re: Wicked screensaver Re: Your application Re: Approved Re: Re: My details Re: Details Your details Thank you! Quote Share this post Link to post Share on other sites
kevin922 0 #2 August 19, 2003 to narrow it down more, it appears you use Sprint and you live in FL and you have a DSL connection. Of course the minnuliini user is in finland so who knows Quote Share this post Link to post Share on other sites
hottamaly 1 #3 August 19, 2003 I received one that came from dz.com also. My norton caught it. Skydiving gave me a reason to live I'm not afraid of what I'll miss when I die...I'm afraid of what I'll miss as I live Quote Share this post Link to post Share on other sites
Remster 24 #4 August 19, 2003 Quoteto narrow it down more, it appears you use Sprint and you live in FL and you have a DSL connection. I blame Skymama....Remster Quote Share this post Link to post Share on other sites
Blahr 0 #5 August 19, 2003 Quoteto narrow it down more, it appears you use Sprint and you live in FL and you have a DSL connection. Of course the minnuliini user is in finland so who knows It forges the "from" address using data aquired from the infected users PC. The user "minnuliini" probably has nothing to do with it. Maybe they had sent a message to the infected user at some time in the past. The IP address is really the surest way to track the originating system. I pulled that from my external mail server smtp logs. Quote Share this post Link to post Share on other sites
nigel99 151 #6 August 19, 2003 I think ppl who are in a position to catch a virus might not know how to check their IP address? Linux is great - best anti-virus tool I've got Experienced jumper - someone who has made mistakes more often than I have and lived. Quote Share this post Link to post Share on other sites
skymama 35 #7 August 19, 2003 QuoteI blame Skymama.... And before this I bet you thought my powers were limited to only these forums. Silly man! She is Da Man, and you better not mess with Da Man, because she will lay some keepdown on you faster than, well, really fast. ~Billvon Quote Share this post Link to post Share on other sites
Blahr 0 #8 August 19, 2003 QuoteI think ppl who are in a position to catch a virus might not know how to check their IP address? Linux is great - best anti-virus tool I've got Click start button select "run" from the menu type "command" in the text box and click the "OK" button in the window that opens, type "ipconfig" and hit enter. The result should look similar to the following but with different numbers C:\DOCUME~1\ROOT>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 172.16.12.116 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 172.16.12.115 Thats it Quote Share this post Link to post Share on other sites
