Article: MyDoom Virus & How YOU can help

by Val Burnett


We have been monitoring stories and technical information that
is available on this Virus that is Spreading like Wildfire We believe
that starting Feb 1st, we may see things slow down on the net,
email problems, sites not available etc. We saw it before with
last years big virus, but sources say this new virus is the
worst one yet.

Based on their code, the Mydoom worms are scheduled to launch
denial of service attacks against the SCO Group Inc. and Microsoft
Corp., starting Feb. 1. A DOS attack means the infected computers
are set to overload both companies' web servers with bogus
information, in an attempt to prevent access by legitimate users.

Mydoom.B also prevents infected computers from accessing the web
sites of Microsoft and many antivirus software makers, making it
difficult for the owner of an infected machine to get help.

With hundreds of thousands of infected computers as of Friday and
at the estimated rate of 12,000 per hour systems becoming infected,
this virus is taking over. It has been estimated that now 20 of all
email that is being sent/received is the Mydoom virus and its variants
With this many systems infected and once Feb 1st hits, these infected
systems will start the DoS attacks from all over the world. How will this
affect you?

Email Service could be slowed down, pop3 errors, websites slow to bring
up or not available. Yes, this could very well affect even our sites and

your access to them when the DoS attacks start and there is NOTHING
we can do to prevent this from occurring except educate our members
and provide information on how to protect your system. This virus will
cause so much information to be passed through the nets backbones
that it will cause congestion, packet loss, instability of the major
backbones and services being temporarily denied while major ISPs
attempt to block and prevent further problems due to the DoS attacks
and this virus.

This could turn into a nightmare for many companies that do business
and depend on email, website reliability etc. HOW CAN YOU HELP?

DO NOT OPEN ATTACHMENTS CHECK YOUR COMPUTER FOR THE VIRUS
UPDATE YOUR VIRUS PROTECTION DAILY if NECESSARY If you do not
have an antivirus software installed... DO SO NOW

There is NO reason that anyone on the internet should not have an
antivirus software installed on their computer. The fact that many do
not and many that do not update their software regularly plus opening of

attachments when you do not know who they are from or where not
expecting it This is what is causing the spread of these viruses like
wildfire.

MyDoom Details

Avoid opening attachments from suspicious email messages
Emails sent out by Mydoom.B are generated randomly. The From address
may also be spoofed to appear as though the message is from a different
address.

The subject of the message will include one of the following:

Delivery Error
hello
Error
Mail Delivery System
Mail Transaction Failed
Returned mail
Server Report
Status
Unable to deliver the message


Not all email messages with these subject lines carry the MyDoom.B virus,
some may be legitimate status messages.

The message body will include one of the following:

RANDOMIZED CHARACTERS
test
The message cannot be represented in 7bit ASCII encoding and has been
sent as a binary attachment.
sendmail daemon reported: Error 804 occurred during SMTP session. Partial
message has been received.
The message contains Unicode characters and has been sent as a binary
attachment.
The message contains MIMEencoded graphics and has been sent as a binary
attachment.
Mail transaction failed. Partial message is available.
The attachment will have one of the following filenames:

body
doc
text
document
data
file
readme
message


Attachment:

The attachment may have either one or two file extensions. If it does have two,
the first extension will be one of the following:

.htm
.txt
.doc

The second extension, or the only extension if there is only one, will be one
of the following: .pif .scr .exe .cmd .bat .zip (This is an actual .zip file that
contains a copy of the worm, sharing the same file name as the .zip. For
example, readme.zip can contain readme.exe.)

We have gathered information for you that will help you get an antivirus software
Program, how to check for the virus on your computer and information sites on what
a virus is and how to prevent infection. Please make sure you protect YOUR system
and prevent further spread through computer systems worldwide

Removal Tool for MyDoom
http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.b@mm.html

How Computer Viruses Work http://computer.howstuffworks.com/virus.htm

Tips on Avoiding Computer Worms
http://www.datafellows.com/virusinfo ips.shtml

All users should go to the following site. They provide a
GREAT and FREE Online Virus Scanner. Scan your computer
And make sure you are not infected with a virus
Trend Micro's free online virus Scanner
http://housecall.antivirus.com/housecall/start_corp.asp

AntiVirus Software Get YOURS TODAY

There are other Quite a Few AntiVirus programs out there, some are free, some
offer free trials and some are paid. You need to find one that works for you, the
main thing is GET one if you do not already have one. Then Once you have it,
make sure to keep it UPDATED regularly.

Here are a couple of AntiVirus Programs that many of our members and
Subscribers already use:

Norton AntiVirus 2004 FREE TRIAL
http://nct.digitalriver.com/0001/

AVG 6.0 AntiVirus System AVG 6.0 Free Edition
http://www.grisoft.com/html/us_downl.htm

Mcaffee FREE TRIAL
http://download.mcafee.com/eval/evaluate2.asp

Please make sure you keep your system protected which then will help
protect any one in your address book from receiving a virus from you.
In the end, if we all do our part, we can slow down and possibly even
stop further spread of viruses across computer systems worldwide.

Your Partner In YOUR Success

Val Burnett
MBPAdvertising, LLP





About the Author



Val Burnett is Owner of many responsive marketing programs that include
http://www.ipostad.com http://www.yuhknow.com http://www.thisway.to
And 13 others all found at MBPAdvertising
http://www.mbpadvertising.com "Our business IS our Customers"



Related Resources

Resources