New Virus in town...

vishal sharma's Avatar, Join Date: Jul 2004
Ambitious contributor
The W32.Mydoom.M@mm mass-mailing worm:
Uses its own SMTP engine to send itself to all the email addresses that it finds from an infected system.
The email has an attachment with a .bat, .cmd, .com, .exe, .pif, .scr, or .zip extension.
The attachment may have a second extension, which will either be .doc, .txt, .htm, or .html.
The attachment name may contain a randomly selected domain, which was found on the sender's system.

For example, the attachment name could contain fakedomain.com if the address x@fakedomain.com was harvested.


The From field of the email is spoofed.
Downloads and executes a backdoor, which is detected as Backdoor.Zincite.A, on port 1034/tcp.
Is packed by UPX.


system it affects: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
alok's Avatar
Ambitious contributor
thank for information,
i will not going to open any attchment for 10 days,till then i think my antivirus company provide me with patch to save me from this virus
vishal sharma's Avatar, Join Date: Jul 2004
Ambitious contributor
you can get a patch on http://www.symantecstore.com/dr/sat3...CACHE_ID=74456
vishal sharma
alok's Avatar
Ambitious contributor
Re thanks
i will download the patch as soon as possible.i think my company will apreciate this work :d
vishal sharma's Avatar, Join Date: Jul 2004
Ambitious contributor
dont mention, that why we all are here, to help eachother

vishal sharma
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
Thanks for info and virus information in news is quite helpful.