Virus Alert: New variant of Mydoom,W32.Mydoom.M@mm
Systems Affected:
Windows 9.X, ME, NT, 2000, XP, Server 2003
The newest variant of the Mydoom virus, W32.Mydoom.M@mm, is a mass-mailing worm that has its own email engine. Once a computer is infected, the worm will immediately search through all files for email addresses and begin emailing itself out in volume. The virus will also download and install a backdoor program onto the infected machine.
The attachment name may contain a randomly selected domain, which was found on the sender's system. For example, the attachment name could contain fakedomain.com if the address x@fakedomain.com was harvested.
The From field of the email is spoofed. Email may appear to be from an administrator from your ISP or other well known domains.
Subject lines may contain the following:
say helo to my litl friend
click me baby, one more time
hello
error
status
test
report
delivery failed
Message could not be delivered
Mail System Error - Returned Mail
Delivery reports about your e-mail
Returned mail: see transcript for details
Returned mail: Data format error
Solutions:
Run and maintain an antivirus product. It is important for users to update their antivirus software on a regular basis. Many antivirus packages support automatic updates of virus definitions. We recommend using those automatic updates when available. Common antivirus vendors are noted below.
Use extreme cautions opening any email attachments with the extensions: .exe, .pif, .scr, .bat, .com, .lnk, .hta, or .shs. These files have the potential to contain malicious code that may infect the user's PC with a virus or damage the user's system.
Check for security updates for your operating system and email software with the manufacturer.
Install a software firewall that will warn you of software that attempts to gain network access.
Detailed information, including removal instructions can be found below.
Additional Information On This Virus:
http://www.sarc.com/avcenter/venc/data/w32.mydoom.m@mm.html
Antivirus Vendors:
Symantec - http://www.symantec.com/avcenter
McAfee - http://www.mcafee2b.com/avert/virus-alerts/default.asp
Computer Associates - http://www3.ca.com/virus
F-Secure Corp - http://www.fsecure.com/virus-info/
Norman Data Defense Systems - http://www.norman.com
Sophos - http://www.sophos.com
Trend Micro - http://www.antivirus.com/vinfo
© Copyright 2004 CSC Holdings, Inc.
As I have received bogus mail from this website in the past, I want to warn our members that we will never send you an attachment, do not open any attachments in an e-mail with a xxxx@heavyequipmentforums.com return address.
Systems Affected:
Windows 9.X, ME, NT, 2000, XP, Server 2003
The newest variant of the Mydoom virus, W32.Mydoom.M@mm, is a mass-mailing worm that has its own email engine. Once a computer is infected, the worm will immediately search through all files for email addresses and begin emailing itself out in volume. The virus will also download and install a backdoor program onto the infected machine.
The attachment name may contain a randomly selected domain, which was found on the sender's system. For example, the attachment name could contain fakedomain.com if the address x@fakedomain.com was harvested.
The From field of the email is spoofed. Email may appear to be from an administrator from your ISP or other well known domains.
Subject lines may contain the following:
say helo to my litl friend
click me baby, one more time
hello
error
status
test
report
delivery failed
Message could not be delivered
Mail System Error - Returned Mail
Delivery reports about your e-mail
Returned mail: see transcript for details
Returned mail: Data format error
Solutions:
Run and maintain an antivirus product. It is important for users to update their antivirus software on a regular basis. Many antivirus packages support automatic updates of virus definitions. We recommend using those automatic updates when available. Common antivirus vendors are noted below.
Use extreme cautions opening any email attachments with the extensions: .exe, .pif, .scr, .bat, .com, .lnk, .hta, or .shs. These files have the potential to contain malicious code that may infect the user's PC with a virus or damage the user's system.
Check for security updates for your operating system and email software with the manufacturer.
Install a software firewall that will warn you of software that attempts to gain network access.
Detailed information, including removal instructions can be found below.
Additional Information On This Virus:
http://www.sarc.com/avcenter/venc/data/w32.mydoom.m@mm.html
Antivirus Vendors:
Symantec - http://www.symantec.com/avcenter
McAfee - http://www.mcafee2b.com/avert/virus-alerts/default.asp
Computer Associates - http://www3.ca.com/virus
F-Secure Corp - http://www.fsecure.com/virus-info/
Norman Data Defense Systems - http://www.norman.com
Sophos - http://www.sophos.com
Trend Micro - http://www.antivirus.com/vinfo
© Copyright 2004 CSC Holdings, Inc.
As I have received bogus mail from this website in the past, I want to warn our members that we will never send you an attachment, do not open any attachments in an e-mail with a xxxx@heavyequipmentforums.com return address.