New computer Virus and how to clean MyDoom

WHAT IS IT?

W32/[email protected] spreads via e-mail. The Microsoft Product Support Services Security Team is issuing this alert to advise customers to be on the alert for this virus as it spreads in the wild. Customers are advised to review the information and take the appropriate action for their environments.

IMPACT OF ATTACK:

Mass Mailing, Denial of Service

TECHNICAL DETAILS(UPDATED):

For additional details on this worm from anti-virus software vendors participating in the Microsoft Virus Information Alliance (VIA) please visit the following links:

Network Associates:

http://vil.nai.com/vil/content/v_100988.htm

Trend Micro:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MYD
OOM.B

Symantec

http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Computer Associates:

http://www3.ca.com/virusinfo/virus.aspx?ID=38114

DETECTION (UPDATED):

Most up to date Antivirus software can detect this virus. If you don't have AV software you can run some third party software to detect it:

http://housecall.trendmicro.com/
http://vil.nai.com/vil/stinger/

For more information on Microsoft's Virus Information Alliance please visit this link:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/topics/virus/via.asp

Please contact your Antivirus Vendor for additional details on this virus.

PREVENTION:

Outlook 2000 post SP2 and Outlook 2002 SP2 include the most recent updates to improve the security in Outlook and other Office programs.

To ensure you are using the latest version of Office click here:
http://office.microsoft.com/ProductUpdates/default.aspx

By default, Outlook 2000 pre SR1 and Outlook 98 did not include these updates, but it can be obtained by installing the Outlook E-mail Security Update. More information about the Outlook E-mail Security Update can be found here:
http://office.microsoft.com/Downloads/2000/Out2ksec.aspx

Outlook Express 6 can be configured to block access to potentially-damaging attachments. Information about how to configure this can be found here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q291387

Outlook Express all other versions: Previous versions of Outlook Express do not contain attachment-blocking functionality. Please exercise extreme caution when opening unsolicited e-mail messages with attachments.

Web-based e-mail programs: Use of an application-level firewall can protect you from being infected with this virus through Web-based e-mail programs.

RECOVERY (UPDATED):

If your computer has been infected with this virus, please contact your preferred antivirus vendor or Microsoft Product Support Services for assistance with removing it.

A potential symptom of infection with the MyDoom.B Virus is that you are you unable to visit your Antivirus vendors website or various Microsoft websites such as support.microsoft.com or windowsupdate.microsoft.com.
If you are experiencing these symptoms please use the following manual commands to enable access to these websites:

Go to Start Run and type cmd to get a command prompt. Within the command prompt, type the following commands:

- del /F %systemroot%system32driversetchosts [enter]
- echo # Temporary HOSTS file >%systemroot%system32driversetchosts
[enter]
- attrib +R %systemroot%system32driversetchosts [enter]

On Windows NT, you must reboot after typing these commands.

On Windows 2000, Windows XP, and Windows 2003, you do not need to reboot. Instead, you must type the following command:

- ipconfig /flushdns [enter]

If you have any questions regarding this alert please let me know.