IT Help Central - Division of Information Technology
Texas Tech University

HELP!!!

IT Help Central

[ Hours of Operation ]
[ Safe Computing ]
[ Customer Survey ]
[ Security Bulletins ]
[ Instructions ]
[ Request Assistance ]
[ Our Team ]
[ Employment ]
[ Strategic Plan ]
[ Site Map ]

Related Sites

[ Texas Tech ]
[ IT Division ]
[ High Tech ]
[ Raiderlink ]
[ Computer Labs ]
[ Training ]
[ TTUHSC Help Desk ]
[ Network Access ]

General Info

[ New Students ]
[ Text-Only Version ]
[ Buying the Right Computer ]

 

ASC
Room 101
2903 4th Street

W32.Mydoom@mm is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip that downloads an executable file and uses its own SMTP engine to send itself to the email addresses that it finds on the infected computer including in the Windows Address Book on the infected computer.

When a computer is infected, the worm sets up a backdoor into the system which can potentially allow an attacker to connect to the computer and use it as a proxy to gain access to its network resources.  In addition, the backdoor can download and execute arbitrary files.

It is recommended that you view the full article related to this vulnerability.

Quick Fix Instructions

  1. Download the FxMydoom.exe file from IT Help Central.
  2. Save the file to a convenient location, such as your downloads folder or the Windows desktop (or the removable media known to be uninfected).
  3. To check the authenticity of the digital signature, refer to the "Digital signature" section.
  4. If you are running Windows Me or XP, disable System Restore. Refer to the "System Restore option in Windows Me/XP" section for additional details.

    CAUTION: If you are running Windows Me/XP, we strongly recommend that you do not skip this step.
     
  5. Double-click the FxMydoom.exe file to start the removal tool.
  6. Click Start to begin the process, and then allow the tool to run.
  7. Restart the computer.
  8. Run the removal tool again to ensure that the system is clean.
  9. If you are running Windows Me/XP, then re-enable System Restore.
  10. Run Live Update to make sure that you are using the most current virus definitions.
  11. Start your Symantec antivirus product and run a full system scan.
Note:   Most Virus removal tools will undo the changes made to the registry by the virus/worm. If you would like more information about this, please contact IT Help Central at 742-HELP(4357).

 For specific details on each of these steps, please follow this link.

 
Call for Help 742-4357
Copyright 2008 Texas Tech University, All Rights Reserved.
Maintained by: Information Technology Division.
TTU Compliance with the Digital Millennium Copyright Act,
TTU Privacy Policy, Texas Public Information Act
Contact: Webmaster.
Updated: February 21, 2005. 		Report abuses using the following links:

Unsolicited Bulk Email (UBE/UCE)/Spam.
Copyright Violations.