This virus (Sobig-F)has been running rampant on the net for the past few days. As I understand it, the virus scavenges the net searching websites for e-mail addresses (possibly the si-list archives). Once it has harvested a bunch of addresses is sends out bogus messages using the addresses harvested in the earlier step as the return address and target addresses. Then if some unsuspecting person who receives one of the messages happens to run the attachment (usually a .pif file) it installs a backdoor onto your system that may allow the originator of the virus to access your system. There may be other actions it performs such as searching your disk for credit card numbers and then e-mailing back to the virus originator. Apparently there are at least several versions of this thing going around. Purportedly it deactivates after Sept. 10, 2003. It only effects Windoze based platforms, so if you are running unix, linux, a Mac or something else other than MS Windoze you are immune from everything except the annoyance of multitudes of viral messages. -Ray si-list admin >Hi > >Sorry for the broadcast. I believe at least one person on this list has = >the Sobig-F virus. =20 > >It makes it LOOK like it somes from someone, but it actually comes from s= >omeone else. Our IT dept has so far blocked over 100 return e-mails back= >=20to me. However, it was just my address being used from someone's addr= >ess book. > >Time for someone to do a scan! > >Cheers, >Richard > ------------------------------------------------------------------ To unsubscribe from si-list: si-list-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field or to administer your membership from a web page, go to: //www.freelists.org/webpage/si-list For help: si-list-request@xxxxxxxxxxxxx with 'help' in the Subject field List archives are viewable at: //www.freelists.org/archives/si-list or at our remote archives: http://groups.yahoo.com/group/si-list/messages Old (prior to June 6, 2001) list archives are viewable at: http://www.qsl.net/wb6tpu