W32.Mydoom.G@mm
The W32.Mydoom.G@mm
is a mass-mailing worm that creates a backdoor for
attackers to access your computer and uses your
computer to attack the Symantec website.
| What it does: |
Opens a backdoor
on ports 80 and 1080 on your computer allowing
an attacker to access the computer's resources,
download and execute certain files. Sends
itself to email addresses found on your computer
using a spoofed From: field and a variety
of subjects, contents and attachments. Perform
a Denial
of Service (DoS) attack against www.symantec.com.
|
| |
|
| Systems Affected: |
Windows 95, Windows 98, Windows
ME, Windows NT, Windows 2000, Windows Server
2003 and Windows XP |
| |
|
| Symptoms: |
Notepad opens showing gibberish,
existence of certain files created by the
worm and registry changes. |
| |
|
| For more technical details such
as the subjects, contents and attachments
used in the email, files created and registry
changes, please refer to W32.Mydoom.G@mm. |
| |
|
| Removal Tools: |
W32.Mydoom.G
Worm Removal Tool (Symantec) or zip
version. |
| Important:
Please read the instructions
before using the removal tool |
|
