Discussion
I keep getting e-mails (and returned mails that I haven't sent) from people telling me that I have the Mydoom worm. I have the latest definitions downloaded on my Norton Antivirus (which keeps successfully intercepting incoming virus's) and I've downloaded the detection and removal tool from Symantec's website. However, when I run this it tells me that my computer is not infected. What do I do now?!!
When the virus attached email is sent it spoofs someone elses email (in this case yours) making the recipient think it has come from your email address.
I have had loads of these due to my domain www.planet-TVR.co.uk I have had emails apparently sent from julia@Planet-tvr.co.uk, dan@, dave@ etc....endless. None of these email addresses exist though. Your's has probably been farmed from somewhere off the net or from someone elses address book that you have sent an email to (they will have the virus, not you).
I have had loads of these due to my domain www.planet-TVR.co.uk I have had emails apparently sent from julia@Planet-tvr.co.uk, dan@, dave@ etc....endless. None of these email addresses exist though. Your's has probably been farmed from somewhere off the net or from someone elses address book that you have sent an email to (they will have the virus, not you).
Also.... MyDoom not only looks in the address book of an infected computer, but also in the temporary internet files. Additionally, not only does it spoof mails to/from the addresses it finds, but also maks up additional addresses at the domains in the addresses it finds. IIRC, it also has some domains (aol, hotmail and the like) built in.....
MyDoom and Novarg are similar if not the same, and my NAV has shot dozens of them in the last fortnight. Like you I've installed the latest updates and scanned, so I'm happy it's not me.
However, the constant alerts can get wearisome (eg 16 out of 18 e-mails were infected), so I used 'message rules' to delete the prefixes sam@, dave@, jo@ (domain) etc from the server.
Interestingly the level of spam increased at about the same time as the viruses did - I presume these are connected?
However, the constant alerts can get wearisome (eg 16 out of 18 e-mails were infected), so I used 'message rules' to delete the prefixes sam@, dave@, jo@ (domain) etc from the server.
Interestingly the level of spam increased at about the same time as the viruses did - I presume these are connected?
simpo two said:
MyDoom and Novarg are similar if not the same, and my NAV has shot dozens of them in the last fortnight. Like you I've installed the latest updates and scanned, so I'm happy it's not me.
MyDoom and Novarg are the same. Sometimes different AV companies name the same thing with different names (!).
simpo two said:
However, the constant alerts can get wearisome (eg 16 out of 18 e-mails were infected), so I used 'message rules' to delete the prefixes sam@, dave@, jo@ (domain) etc from the server.
Interestingly the level of spam increased at about the same time as the viruses did - I presume these are connected?
Dunno if its related I'm afraid.
The really important thing, which I cannot stress enough, is that if you don't purchase any other software for your computer, make sure you get an AV product and keep it up to date. There is no point having AV software that is out of date by even as much as 1 week. You may as well not bother! We check for updates for our commercial scanners every 10 mins!
For the interested, we've stopped more than 36 million copies of MyDoom.a (the one that attacks SCO) since it kicked off!
>> Edited by TheHobbit on Sunday 8th February 21:12
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff