RE: mydoom
From: pauly [MSFT] (pauly_at_online.microsoft.com)
Date: 01/29/04
- Next message: Tim Newton [MSFT]: "Re: w32.Mimail.l@mm"
- Previous message: Bizzy: "w32.Mimail.l@mm"
- In reply to: Jeff: "mydoom"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Jan 2004 18:38:53 GMT
Hi Jeff,
You should:
1. Restart in Safe Mode
2. Rerun the AV
3. See if it removes the infected file. If it doesn't,
4) While still in safe mode, delete the infected file manually.
MORE INFORMATION:
315222 A Description of the Safe Mode Boot Options in Windows XP
http://support.microsoft.com/?id=315222
For more information on the email-based virus W32/Mydoom@MM,
PREVENTION:
Outlook 2000 post SP2 and Outlook XP SP1 include the most recent updates to
improve the security in Outlook and other Office programs. This includes
the functionality to block potentially harmful attachment types. It can be
configured to block Zip file attachments but does not do so by default.
To ensure you are using the latest version of Office click here:
http://office.microsoft.com/ProductUpdates/default.aspx
By default, Outlook 2000 pre SR1 and Outlook 98 did not include this
functionality, but it can be obtained by installing the Outlook E-mail
Security Update. More information about the Outlook E-mail Security Update
can be found here:
http://office.microsoft.com/Downloads/2000/Out2ksec.aspx
Outlook Express 6 can be configured to block access to potentially-damaging
attachments. Information about how to configure this can be found here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q291387
Outlook Express 5 and all other versions: Previous versions of Outlook
Express do not contain attachment-blocking functionality. Please exercise
extreme caution when opening unsolicited e-mail messages with attachments.
Web-based e-mail programs: Use of an application-level firewall can protect
you from being infected with this virus through Web-based e-mail programs.
TECHNICAL DETAILS:
For additional details on this worm from anti-virus software vendors
participating in the Microsoft Virus Information Alliance (VIA) please
visit the following links:
Network Associates:
http://vil.nai.com/vil/content/v_100983.htm
Trend Micro:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.
R
Symantec
http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a@mm.html
Computer Associates:
http://www3.ca.com/virusinfo/virus.aspx?ID=38102
Sybari:
http://www.sybari.com/alerts/alertdetail.asp?Name=W32/MyDoom.A@mm
For more information on Microsoft’s Virus Information Alliance please visit
this link:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
topics/virus/via.asp
Please contact your Antivirus Vendor for additional details on this virus.
========
This posting is provided "AS IS" with no warranties, and confers no rights.
Windows XP Security Homepage:
http://www.microsoft.com/windowsxp/security/default.asp
Windows 2000 Security Homepage:
http://www.microsoft.com/windows2000/security/default.asp
Top 10 Windows Newsgroups Security Questions:
http://www.microsoft.com/technet/newsgroups/default.asp?url=/technet/newsgro
ups/nodepages/sectop10.asp
=========
Paul Hayes, MCSE
Product Support Services
Microsoft Corporation
pauly@online.microsoft.com
--------------------
| From: "Jeff" <Jeffprw122@hotmail.com>
| Subject: mydoom
| Date: Thu, 29 Jan 2004 09:39:50 -0800
|
| I have deleted the mydoom virus from my computer by using
| the mcafee stinger program. There is still one file
| shimgapi.dll that mcafee says is infected with mydoom but
| is not able to get rid of or correct the file. How do I
| either get rid of this file or correct it. If anyone
| knows email me at Jeffprw122@hotmail.com with the
| subject "Microsoft response."
|
- Next message: Tim Newton [MSFT]: "Re: w32.Mimail.l@mm"
- Previous message: Bizzy: "w32.Mimail.l@mm"
- In reply to: Jeff: "mydoom"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
