Welcome to the Virus Encyclopedia of Panda Security.
It launches Distributed Denial of Service attacks against the websites www.sco.com and www.microsoft.com. It opens a port, allowing a hacker to gain remote access to network resources.
|First detected on:||Jan. 28, 2004|
|Detection updated on:||Dec. 13, 2005|
|Yes, using TruPrevent Technologies
Mydoom.B is a worm that spreads via e-mail in a message with variable characteristics and through the peer-to-peer (P2P) file sharing program KaZaA.
Mydoom.B launches DDoS (Distributed Denial of Service) attacks against the websites www.sco.com and www.microsoft.com by launching GET/ HTTP/ 1.1 requests.
Mydoom.B drops the DLL (Dynamic Link Library) CTFMON.DLL, which creates a backdoor, opening the first available TCP port in the range from 3127 to 3198.
Mydoom.B is easy to recognize once it has affected the computer, as it opens the Windows Notepad and shows junk data: