McAfee – Computer Anti-Virus Software and Internet Security For Your PC

W32/Dumaru.y@MM

W32/Dumaru.y@MM is a Medium Risk mass-mailing worm that includes a data-stealing component that can be used for credit card fraud and identity theft.

The worm arrives as an email attachment named MYPHOTOS.ZIP. This contains a file named PHOTOS.JPG (many spaces) .EXE. Users should not be fooled into believing this is an image file -- it is an executable that contains the Dumaru.y worm. When run, it infects the host computer and then emails itself (using its own SMTP engine) to email addresses stolen from the victim's computer.

Worried About Viruses?
Are you protected from the latest viruses & worms?
	Check your PC for viruses
	Get virus protection

The worm can capture keystrokes and steal data from the infected machine, focusing on Web browser sessions related to online banking. Specifically, the worm targets e-gold.com users. Stolen personal data is stored in a log file on the infected computer and emailed back to the hacker(s) using email addresses hard-coded in the worm. The worm also allows a hacker to gain remote access to the worm and issue it commands.

The McAfee VirusScan 8.0 email-scanning component can scan within .zip files and detect W32/Dumaru.y@MM.

What are the common subject lines, attachment names and message content associated with W32/Dumaru.y@MM

Subject:
Important information for you. Read it immediately !

Attachment:
MYPHOTO.ZIP

From:
"Elene" (F (removed) ENSUICIDE@HOTMAIL.COM)

Body:
Hi!
Here is my photo, that you asked for yesterday.

Dumaru.y worm

How do you know if you've been infected?

Existence of the files and Registry key detailed on the Virus Profile page.
a ZIP file (containing the worm) with the filename ZIP.TMP in the following directory:
• %WinDir%\TEMP\ZIP.TMP

How do you clean your system if it’s already infected?

Update your anti-virus software and run a full scan of your system. Always ensure your virus definition DAT files are current. If you do not own anti-virus software, order McAfee VirusScan here.

Looking for more information about the worm?

For a more detailed description of Dumaru.y and its characteristics, visit the Virus Profile page.

New Users: Get Protected Now

	Buy VirusScan

	Buy McAfee Personal Firewall Plus

Existing Users: Make Sure Your Protection Is Up to Date

	Update VirusScan

	Update Personal Firewall Plus

Navigation

Utility Navigation

Global Sites

Section Navigation

Personal Navigation

Advertisement

Sidebar

Current Threats

Virus Search

Related Links

Footer

Footer Navigation