PC S.O.S.! Live Computer Technical Support, Computer Help and Online Tutorials - msvcp60.dll, ws2_32.dll, dll
Sobig Worm (All variants)

The w32.Sobig worm uses a built in e-mailer engine to send out copies of itself to addresses it collects from the infected PC.  It arrives in email messages with the 'subject' field containing one of the following:

·         Re: Movies

·         Re: Sample

·         Re: Document

·         Re: Here is that sample

with one of the following attachments:

·         Movie_0074.mpeg.pif

·         Document003.pif

·         Untitled1.pif

·         Sample.pif

Messages usually sent from "big@boss.com"

Once the worm arrives, it writes itself to several locations on the infected PC and then configures itself to start whenever Windows starts.  The worm connects to one of several websites and downloads / runs malicious code from the website.  This code attempts to email out sensitive data such as passwords, as well as gives access to hackers and allows other viruses to get on board.

The Sobig worm is also known as W32.Sobig.A@mm, W32/Sobig, Worm_Sobig.A, W32/Sobig-A, W32/Sobig@mm, Virus Sobig, W32.Sobig.B@mm, Worm Sobig, Sobig.A, W32/Sobig.A, Worm Sobig.A, Win32/Sobig@mm, Worm_Sobig.A, Sobig virus, Sobig-A, Sobig.A Virus, Virus Sobig.A, W32/Sobig-A, Worm_Sobig, Big Boss Virus, Big Boss Worm

 

Symptoms of Sobig infection:
Presence of Winmgm32.exe file in the 'C:\Windows' folder (on PC's with Windows 95, 98, ME, XP)

Presence of Winmgm32.exe file in the 'C:\Winnt' folder (on PC's with Windows NT & 2000)

Download the SobigRemover utility or the ComboRemover utility here

>>> Back to Antivirus Main Page

BREAKDOWN S.O.S. HOTLINE

Tel.: + 44 (0)207 720 8550 ; + 44 (0)7961 980 184 ; + 44 (0)7888 638 033

PC S.O.S.
Copyright © 1995 - 2012. All rights reserved.