Welcome to the Virus Encyclopedia of Panda Security.
|Effects: ||It ends processes belonging to system monitoring, antivirus and firewall applications|
|First detected on:||Sept. 1, 2003|
|Detection updated on:||March 16, 2005|
|Country of origin:||MEXICO|
Mapson.D is a dangerous worm that spreads via e-mail, through peer-to-peer (P2P) file sharing programs, across networks and via IRC channels.
Mapson.D ends many processes belonging to system tools and antivirus and firewall programs. By doing this, the worm leaves the infected computer vulnerable to the attack from other viruses and worms.
Mapson.D sends information on the infected computers to the creator of the virus: system date, user name, version of the operating system, IP address, etc.
On Windows NT computers, it starts a Telnet session with the user GEDZAC, who is given local administrator rights by the worm. This allows Mapson.D to validate on the IP addresses received.
It is difficult to know if Mapson.D has reached your computer, as the e-mail message or P2P files carrying the worm have variable characteristics.
On Windows NT computers, it starts a Telnet session, which increases traffic on the port 23.