MyDoom.M / MyDoom.O
Zafi.B / Erkez.B
From the Symantec website:
"W32.Mydoom.M@mm is a mass-mailing worm that drops and executes a backdoor, detected as Backdoor.Zincite.A, that listens on TCP port 1034. The worm uses its own SMTP engine to send itself to email addresses it finds on the infected computer."
NOTE: Sopris Surfers provides the above information as a convenience. We do not under any circumstances provide support for the use of tools, removal, or incidental damage caused by the worm or the removal tools.
"W32.Erkez.B@mm is a mass-mailing worm that sends itself to the email addresses found on an infected computer. It also copies itself to the folders that are likely to be shared on file-sharing networks.
When this worm infects a computer, it attempts to overwrite .exe files. The files that it targets are usually executables that belong to security products, including Symantec products. However, in some cases, the worm may overwrite .exe files that belong to other programs.
If the worm does overwrite .exe files, some programs or operating system functions may no longer work correctly."NOTE: Sopris Surfers provides the above information as a convenience. We do not under any circumstances provide support for the use of tools, removal, or incidental damage caused by the worm or the removal tools.
