MyDoom: DoNotOpenAttachments

From: Blondie (anonymous_at_discussions.microsoft.com)
Date: 01/28/04 

Date: Wed, 28 Jan 2004 10:32:38 -0800

Email Message from Rogers ISP

Dear Rogers Hi-Speed Internet Customer

You may receive an Email message with an infected
attachment. This virus called W32/Mydoom@MM, disguises
itself as a text file Email attachment and if opened, can
make copies of itself and send infected Email (without
your knowledge) to everyone in your address book. The
virus also appears to have 'backdoor' capabilities that
may cause your computer to attack other computers or
Websites on the Internet.

The infected e-mail is difficult to detect as the 'FROM'
and 'SUBJECT vary.
The infected attachment attempts to disguise itself as a
Text File.
As a result, we strongly recommend that you use an
updated virus protection software package and be
EXTEREMELY cautious when opening text file Email
attachments.

IF YOU RECEIVE THIS EMAIL MESSAGE, DO NOT OPEN THE
ATTACHMENT.
DELETE THE EMAIL IMMEDIATELY.
FOLLOWING ARE DETAILS ON THE EMAIL MESSAGE CONTAINING THE
VIRUS:
------------------------
TO: This message has been sent to numerous Email users
all over the Internet
DATE SENT: (Varies)
FROM: (Varies)
SUBJECT: (Varies)
BODY OF THE EMAIL MESSAGE: Varies - but may contain one
of the following body messages:
- Mail transaction failed. Partial message is available.
- The message contains Unicode characters and has been
sent as a binary
attachment.
- The message cannot be represented in 7-bit ASCII
encoding and has been sent as a binary attachment
------------------------
DETAILS:
- The message will appear to come from someone you know
(Or from someone who has you listed in their address book)
- The virus should not infect your computer unless you
have opened the attachment.
- The virus may attempt to open NOTEPAD and display
random characters

HOW DO I KNOW IF I HAVE BEEN INFECTED?
- Contacts from your Email Address Book claim that you
have sent them a strange Email message.
- The Windows Notepad program opens and displays random
characters

-------------------------------------------
STEPS ON CLEANING THE W32/Mydoom@MM VIRUS
-------------------------------------------
IF YOU HAVE OPENED THE INFECTED ATTACHMENT:
* McAfee has released a stand-alone virus removal tool
which can remove this virus. Their free 'Stinger' virus
removal tool can be downloaded from their Website:
http://vil.nai.com/vil/stinger/

1. If you do not already own a virus protection software
package, Rogers, in conjunction with McAfee will be
launching an Internet Security Solution which includes
virus protection at the beginning of February 2004.
Rogers will provide details in the upcoming days.

NOTE: Even if you own a virus scanning software package,
it is very important that you download the latest virus
definition file so that your software can clean this new
virus.

2. Run your virus scanning software which will detect the
virus and offer to clean it from your system. Select the
option that cleans it from your system.

3. Read through the steps in the Surf Safe section on our
Customer Support Website to keep your computer safe. The
Surf Safe section can be found at:
http://rogers.home.com/help/content/how/surf_safe/

IF YOU HAVE RECEIVED THE EMAIL, BUT HAVE NOT OPENED THE
INFECTED ATTACHMENT:

1. Delete the Email Message.

2. Empty your deleted Email folder.

3. Update your existing Anti-Virus Software.

4. Read through the steps in the Surf Safe section on our
Customer Support Website to keep your computer safe. The
Surf Safe section can be found at:
http://rogers.home.com/help/content/how/surf_safe/

Please note that although our Network Security team
monitors viruses on the Rogers network, we strongly
recommend that you consistently scan your Email
attachments and downloaded files to protect your personal
computer, no matter how trusted the source. This advice
applies to all Email messages, not just the one discussed
in this message.

Please rest assured that the Rogers Network Security Team
will continue to monitor the situation.

Thank you,
Rogers Network Security

Relevant Pages

  • Re: Virus check of incoming e-mail
    ... I read that and the referring Symantec article on outbound scanning with NAV v2002. ... from from the body of the email message. ... Group post is virus free. ... Even the most well-known anti-virus programs have | exhibited this problem from time to time. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Thoughts about finding viruses in email inboxes
    ... I'm not having trouble with clamav telling me what FILE a virus is in. ... virus in my IMAP inbox, what good does that do me? ... so it can provide better information about which email message ...
    (Ubuntu)
  • Re: email virus from microsoft.com
    ... you'll find all info and you can download zipped exe to remove that palyh ... > I just received an email message with an attachment. ... > contained a virus. ... > and how someone could get a microsoft email address to ...
    (microsoft.public.security)
  • Ime Being Targeted.... Need Advise/Help
    ... Virus "spoofs" sender by using infected PC's windows ... the "from" header of an email message that was sent to ... Enable Virus Protection in Outlook (Tools->Options- ...
    (microsoft.public.windowsxp.security_admin)
  • Re: computer virus usegroups
    ... New Virus Stealing Information from Computer Users ... You can infect ... attempt to download from a Russian website. ... Internet Explorer to protect users of its Internet Explorer browsers ...
    (sci.med.diseases.lyme)