[Opensource] [OT] W32 Sobig Virus

Wed Jan 15 18:16:50 PST 2003

Hey All,

Ok, since I've been getting about 30 of these a day coming into my inbox, I 
figure its time to post a warning at least here.

There is a mass mailing virus out there called W32.Sobig.A.  To catch it is 
very simple, its 'from' address is big at boss.com

So if you get something from that email address... delete it!  Simple! :)

To see if you're infected, run Regedit and check the registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

If you're infected, you'll see the line:

                         WindowsMGM %Windir%\Winmgm32.exe

Removal details can be found at the symantec link below.

Full details can be found here:
http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.a@mm.html

Thanks!
                                                 -Mike