Information on this page: Latest Virus Alerts Last Updated Tue Nov 30, 2004 @ 12:13 pm On other pages: General Virus Information

Your Browser is:

Sober (W32/Sober.j@MM/W32.Sober.i@mm) Computer security experts are warning users to be cautious of opening unsolicited e-mail attachments as a new Sober-I variant have begun to appear. The virus places two small files into the memory of any machine that it infects, if either one of these files are manually deleted, its partner will resurrect the missing file. The virus also cleverly adds text to the messages it travels in that claims the e-mail has been scanned and found clean by anti-virus programs. Once a machine is infected the mass mailing virus searches a Windows machine for addresses and then uses its own built-in e-mail software to send itself to potential new victims. What to do if you suspect you may have the virus? 1. Provided the attachment has not been opened, the mail should be ignored and deleted. 2. If you think you may have accidentally opened the attachment, we would recommend that you check you are using the latest virus definitions for your antivirus software and then manually scan your system for viruses. Mail messages seen so far have been identified containing the following subject lines (although these are random so may change) Fwd: Mail delivery_failed <1881> Fwd: Re: Registration confirmation Fwd: Mail_Delivery_failure FwD: Confirmation Details Registration Confirmation Your mail password invalid mail Mail delivery_failed Re: Delivery_failure_notice Re: illegal signs in your mail Your Password The body of the message is also randomly generated, with around half containing a ’*-*-*’ string toward the end. For example... *-*-* Mail_Scanner: No Virus *-*-* VAXXINE- Anti_Virus Service *-*-* http://www.vaxxine.com *Free Removal Tools: McAfee has developed a removal tool (called Stinger) to clean the infections of Sober as well as other well known infections Symantec Security Response has developed a removal tool to clean the infections of Sober. *Note: While Symantec and McAfee make these removal tools available for free, they are by no means a substitute for full anti-virus protection. If you choose to use the removal tools above, be careful to follow the instructions for using these tools exactly. If you don't understand how to use them, you could potentially make your system unstable or worse, unusable! If you have any doubts, call Vaxxine to have your system repaired BEFORE you endeavour to fix it yourself. Depending on the extent of your infection, Vaxxine can usually remove the problem for a modest fee. If you attempt to fix it yourself and fail, repair afterwards may prove to be a more costly option. Please call Vaxxine Tech Support to make an appointment at 905-685-1539 (select option 3). More detailed information about this virus is available from Symantec and McAfee web sites

VIRUS HELP! If you require professional assistance eradicating potentially destructive viruses from your system, simply call tech support at 905-685-1539 (select option 3) and make an appointment to bring your computer in to Vaxxine. For a modest fee, we will run a scan and rid your machine of all virus files. *(Some limitations may apply depending on the virus and amount of damage)