British Columbia, Canada
Wind the link below will answer your questions.
Here is what I know to be accurate:
A new variant of W32/Sobig, W32/Sobig.f@MM is a High Risk mass-mailing worm. It arrives as an email attachment with a .pif or .scr extension. When run, it infects the host computer, then emails itself (using its own SMTP engine) to harvested email addresses from the victim's machine. In addition, when it propagates, the worm "spoofs" the "from: field", using one of the harvested email addresses.
Note: The worm copies itself onto the infected machine as: C:\WINNT\WINPPR32.EXE
Caution: An infected email can come from addresses you recognize and may contain the following information:
WHAT TO LOOK FOR:
Subject: [content varies]
- Your details
- Thank you!
- Re: Thank you!
- Re: Details
- Re: Re: My details
- Re: Approved
- Re: Your application
- Re: Wicked screensaver
- Re: That movie
Body: [content varies]
- See the attached file for details
- Please see the attached file for details
Attachment: [content varies]
If you go to McAfee Security they have a scan you can use to see if you have been infected. Here is what they posted about the virus, and below that is the link to the scan to check your computer for many virus out there. http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100561
Oh, and my son taught me long ago to not open ANYTHING that is an attachment, and do what Toad said, delete it, email the person whom you thought sent it to see if they did in fact send it, and if a picture ask them to insert it - not attach it. So far, touch wood, I have never had a virus, but if I did, I would just call my son, for another computer
[This message has been edited by Mysteria (08-20-2003 03:06 PM).]