High Alert - W32/Mydoom@MM mass-mailing worm
Dear Client, A high number of copies of a mass-mailing worm, W32/Mydoom@MM, have been intercepted. The mass-mailing worm arrives in an email message as follows: From: (spoofed) Subject: (Random) Body: (Varies, such as) The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment. The message contains Unicode characters and has been sent as a binary attachment. Mail transaction failed. Partial message is available. Attachment: (varies [.exe, .pif, .cmd, .scr] - often arrives in a ZIP archive) (22,528 bytes) Attachment size: 22,528 bytes The icon used by the file tries to make it appear as if the attachment is a text file. Upon executing the virus, Notepad is opened, filled with nonsense characters. This file tries to spread via email and by copying itself to the shared directory for Kazaa clients if they are present. The mailing component harvests addresses from the local system. Files with the following extensions are targeted: wab adb tbb dbx asp php sht htm txt Additionally, the worm contains strings, which it uses to randomly generate, or guess, addresses. For more information please visit: www.messagelabs.com/intelligence. Regards, Client Services

In other words...whoever the mail "says" its from. It isn't. Email 101 for some people I know.

Cheers,
Jim

This is another instance where having antivirus software is more necessary than ever. These unforgiving creeps that proliferate the "www" are becoming more shrewed each day.

Keep that software up to date!

Yeah - these guys should turn their creative energies to scale modeling!

Gunnie

Gunnie,
I picture some 36 year old guy sitting in his parent's basement eating Cheetos and yelling "OWNED!!!" when he send his virus to the net... You are right, these guys need to do something else.

Shaun

/heads to the basement to have a couple of beers and work on a model/

#:-) #:-)

Hi there

This delightful little critter has hit Armorama_UK and, seemingly, latched onto Staff urls posted there.

I've received e-mails with .exe attachments including one with a subject:

Virus infection alert.! Hi ...

IF YOU GET ANYTHING ALONG THESE LINES - DON'T OPEN IT

Rowan

P.S. I've edited this post - it originally included some urls - one of which proved to be another victim...

Yeah,
Just recieved a 22kb .zip file at work with "hello" as the subject. I was all over it. Thanks for the heads up everyone. Of course, half the people in the front office will open the attachment when they get in...

Shaun

This thing got on my computer despite having up to date virus protection. To get rid of it I downloaded and ran something called FxNovarg. It did the trick in a couple of minutes thank goodness.

A little bit of common sense says: if you get an e-mail with an attachment from someone you do not know, DO NOT OPEN IT! If the e-mail appears to be from someone you do know but who never sends you attachments, DO NOT OPEN IT! without first contacting that person. Of course all this discussion about viruses should be a non-issue if people would only keep their anti virus software up to date.

Here's a link to a free removal tool:

http://www.f-secure.com/download-purchase/tools.shtml#Mydoom

The thing about this virus was that my anti virus software is up to date but it didn't detect it. I did 2 full scans with Norton when I suspected I had a nasty on my machine, it didn't find anything. It was only when I downloaded a specific detection tool that it got the thing and removed it. I never opened any attachments from the junk e-mails I received but I do get a few from people I know so it could have been in one of them. I contacted everyone on my contacts list to warn them about it in case it was from one of them so that they could remove it.