How to Remove/Block MyDoom

 
 
By Jay Munro  |  Posted 2004-01-27 Print this article Print
 
 
 
 
 
 
 

A powerful mail virus appeared virtually overnight and has blacked out mail systems around the world. Learn what MyDoom is and how to prevent and beat it. Hint: Don't open e-mail attachments!

A powerful worm virus known variously as W32/Novarg.A, W32/Shimg, W32/Mydoom, or W32/Mimail.R is devastating personal and corporate e-mail systems across the globe. This fast-moving mass mailer Internet worm apparently started spreading on the popular peer-to-peer file-sharing application, Kazaa, and has now moved to e-mail. The virus will overwrite certain system files, e-mail itself to every e-mail address it finds on a victims machine, and open a back door to malicious attack. It affects Windows 9x/Me/2000/2003/XP systems. As of Tuesday morning, it was the top virus/worm in North America, and most anti-virus companies had escalated the threat to a high or dangerous level.
Read "MyDoom E-Mail Worm Spreading Quickly."
The message spoofs both the To: and From: address fields, and can have a random subject line. The virus is contained in an attachment that typically has a double extension, such as .jpg.exe, or .txt.scr. The second extension however, like the Dumaru.Y virus that broke over the weekend, has a number of spaces, which may mask the second, dangerous executable extension. The actual message will be one of the following: Mail transaction failed. Partial message is available. The message contains Unicode characters and has been sent as a binary attachment. The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment. To read the full article, including tips on removing and blocking MyDoom, click here.
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel