INFORMATION RECEIVED FROM SYMANTEC

Keep your computer safe from W32.MyDoom.M@mm

Threat level: Category 4 - Severe

Outbreak Type: Worm

   Protection Update

As of (July 26, 2004), protection updates are available via LiveUpdate™ or the Security Response Website. For more information on Symantec Products containing the LiveUpdate feature, click here.

   How does it affect me?

The W32.Mydoom.M@mm mass-mailing worm:

- Uses its own SMTP engine to send itself to all the email addresses that it finds from an infected system.
- The email has an attachment with a .bat, .cmd, .com, .exe, .pif, .scr, or .zip extension.
- The attachment name may contain a randomly selected domain, which was found on the sender's system.

For example, the attachment name could contain fakedomain.com if the address x@fakedomain.com was harvested.

- The From field of the email is spoofed.
- Downloads and executes a backdoor, which is detected as Backdoor.Zincite.A, on port 1034/tcp.
- Is packed by UPX.

For more technical details on W32.MyDoom.M@mm, please see the Symantec Security Response write-up.

   Next Steps?

All users of Norton AntiVirus™, Norton™ Personal Firewall, Norton Internet Security ™ or Norton SystemWorks™ who do not have up-to-date virus protection should immediately run LiveUpdate for protection from W32.Mydoom.M@mm.

What action can be taken from here?

Run LiveUpdate™

Virus Definitions are available via the LiveUpdate or the Security Response Website.

Removal Tool

If your computer has already been infected, click here to use our virus removal tool now.

Upgrade Customers

If you have an older version of Norton AntiVirus or a suite containing Norton AntiVirus and would like to upgrade to Norton AntiVirus 2004 or Norton Internet Security 2004, please click here.

New Customers

For more information on how to protect your system from threats such as the MyDoom worm and its varients, please click here.

Unsubscribe Privacy Policy Legal Policy

Symantec Corporation 20330 Stevens Creek Boulevard Cupertino CA 95014

[ Home ] [ Up ] [ Contents ] [ Services ] [ Downloads ] [ Products ] [ Contact Us ]

INFORMATION RECEIVED FROM SYMANTEC

Send mail to webmaster@ti-group.net with questions or comments about this web site. Copyright © 2002 Technology Implementation Group, Inc. Last modified: May 31, 2003

Send mail to webmaster@ti-group.net with questions or comments about this web site.
Copyright © 2002 Technology Implementation Group, Inc.
Last modified: May 31, 2003