Note: This page is part of the archive.

This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact if you have any questions about the US-CERT website archive.

Alert (SA04-208A)

New Variant of MyDoom Virus

Systems Affected

  • Microsoft Windows Systems


A new variant of the MyDoom virus is spreading through email. In addition to infecting your computer and emailing itself to other machines, the virus may open a backdoor that could make your machine vulnerable to future attacks.


Avoid opening email attachments

Be sure you know the source of an attachment before opening it. Also remember that it is not enough that the mail originated from an email address you recognize. Many viruses spread precisely because they originate from a familiar email address.

Maintain updated anti-virus software

It is important that you use antivirus software and keep it up to date. Most antivirus software vendors frequently release updated information, tools, or virus databases to help detect and recover from virus infections. Many antivirus packages support automatic updates of virus definitions. US-CERT recommends using these automatic updates when possible.


This variant of MyDoom (known as MyDoom.M or MyDoom.O) is significant because it seems to be conducting searches on addresses it harvests from infected computers. Therefore, not only is email activity affected, response times in many popular search engines may be dramatically slower.


Author: Mindi McDowell. Feedback can be directed to US-CERT -->.

Copyright 2004 Carnegie Mellon University. Terms of use

Revision History

  • July 26, 2004: Initial release

Last updated

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No