If you receive an email from someone (From: field is forged using a
random address from a victim)  with the following subjects:

Re: Details
Re: Approved
Re: Re: My details
Re: Thank you!
Re: That movie
Re: Wicked screensaver
Re: Your application
Thank you!
Your details

DELETE IT IMMEDIATELY, DO NOT OPEN IT or ITS ATTACHMENT.

This is the Sobig(F) virus, it could have the following text in the
body of the message:

See the attached file for details
Please see the attached file for details.

and one of the following as an attachment:

application.zip (contains application.pif)
details.zip (contains details.pif)
document_9446.zip (contains document_9446.pif)
document_all.zip (contains document_all.pif)
movie0045.zip (contains movie0045.pif)
thank_you.zip (contains thank_you.pif)
your_details.zip (contains your_details.pif)
your_document.zip (contains your_document.pif)
wicked_scr.zip (contains wicked_scr.scr)


The purpose of the virus is to steal confidential information (such as
email addresses) and to make the infected pc available as a SPAM relay
(forwarding email for SPAMMERS to avoid the blocking lists set in place
by system administrators).  More details can be found at:

[log in to unmask]" target="_blank">http:[log in to unmask]


We are trying to locate the infected PC(s).


Michael Ward  Ed.D, R.H.C.E.
Manager of Advanced Technologies
UT Chattanooga - CECA
615 McCallie Ave
EMCS 331D Dept 4324
Chattanooga, TN 37403
423-425-4764
FAX:423-425-4362
[log in to unmask]