How to Get Rid of New Sobig.F Virus?

As you know, this time the virus under the name Sobig.F has wreaked quite havoc! No doubt, many of us have suffered from this recent virus outbreak.

According to an online poll conducted by CNN: 32% of respondents were infected with this malicious virus. At the pick, each of every 17 emails contained sobig.F! Internet service provider AOL says it scanned 40.5 million emails and found the virus in more than half of them. Sobig accounted for 98 percent of all viruses found in these emails.

What is Sobig.F virus?

This is a worm type of virus. Which means it is an executable program that installs enhancement to your Windows operating system. The 'F" implies that it is the sixth of the family of Sobig viruses. The first one was launched in the beginning of this year. The latest attack was started on August 19.

According to some experts, Sobig.F was first posted to a porn Usenet group and spread from there. It is timed to deactivate itself on September 10. The pre-built deactivation mechanism itself is a worrisome factor. Most experts think this means there are more to come!

How it works?

Sobig.F comes along with an email with subject headers like Your details, Thank you!, Re: Thank you!, Re: Details, Re: Re: My details, Re: Approved, Re: Your application, Re: Wicked screensaver or Re: That movie. The body of the message is quite short and usually contains either "See the attached file for details" or "Please see the attached file for details."

Once the file is opened, Sobig.F resends itself using a built-in mailing program to e-mail addresses from the infected computer. As a sender is address it shows one of the e-mails randomly selected from the computer's address book. The worm was also supposed to attempt to retrieve an URL from a predetermined list of 20 master servers on a certain date and time. The content of that URL was to be downloaded and executed on the infected machines. Luckily those servers were identified right away and shut down.

How to protect yourself against it?

If your computer is infected or you have doubts, first thing you should do is: to check and clean up your computer from this virus. Although, it is set to deactivate on September 10, which means it will no longer multiply itself, however, left untouched, it might attempt to update itself, once the newer version of the virus comes out.

Suggestion One:

1. If you do not have latest version of anti-viruses installed, go to the Symantec's following page: http://www.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html,

2. Down load the Sobig.F removal tool for completely free of charge.

3. Install and run it by strictly following the steps described on the page.

Suggestion Two:

Download the latest security patches for your version of Windows and install them.

Suggestion Three:

If you are using Microsoft Outlook, follow the steps below to stop them appearing in your inbox:

- Open Outlook

- Click on "Tools" from main menu

- Choose Rules Wizard from the drop down menu

- On the page "Apply changes to this folder": Click on "New"

- Select "Start creating a rule from Templates"

- Choose "Move messages based on content"

- Click on " specific words" link from the box at the bottom

- A small window will appear, add each and every phrase scrupulously

from the list below:

Re: Thank you!

Thank you!

Your details

Re: Details

Re: Re: My details

Re: Approved

Re: Your application

Re: Wicked screensaver

Re: That movie

And

your_document.pif

document_all.pif

thank_you.pif

your_details.pif

details.pif

document_9446.pif

application.pif

wicked_scr.scr

movie0045.pif

- Once finished click on "OK" to close the window.

- Click on the link "specified" at the same box

- Open a new folder by clicking on the "New" button under the

name "Virus Spam"

- Click on "OK"

- Click on "Finish"

- From now on all emails with the above mentioned phrases and

attachments will be moved to the "Virus Spam" folder.

- All you have to do is delete the emails, which will appear there.

A few more cautions:

Don't open any executable attachment in an email, unless you are hundred percent sure that this is a legitimate file that you have been expecting.

Install an anti-virus program and update it on time, at the end, this might be the best possible solution to protect ourselves from these ugly online creatures!

Nowshade Kabir is the founder, primary developer and present CEO of Rusbiz.com - a Global B2B Exchange with solutions to create e-catalog, Web store, business process management and other features to run a business online. You can read various articles written by Nowshade Kabir at http://ezine.rusbiz.com.