Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||CME-164, Mytob.IR, W32.Zotob.B, W32/Zotob.worm, W32/Zotob.worm.b, W32/Zotob-B, Win32.HLLM.MyDoom, Win32.Zotob.B, Win32/Mytob, Win32/Mytob.IR, Win32/Zotob.A, Win32/Zotob.B!Worm, Worm.IRCBot.DL, Worm.Zotob.A, WORM_ZOTOB.B, Zotob, Zotob.B|
It connects to an IRC server in order to receive remote control commands and prevents users from accessing several web pages. It spreads across the Internet by exploiting the Plug and Play vulnerability.
|First detected on:||Aug. 15, 2005|
|Detection updated on:||Jan. 14, 2006|
|Yes, using TruPrevent Technologies|
Zotob.B is a worm that connects to an IRC server in order to receive remote control commands, such as delete, download and run files.
Aditionally, it prevents users from accessing certain web pages, mostly belonging to antivirus companies.
Zotob.B spreads across the Internet, by exploiting the Plug and Play vulnerability.
If you have a Windows 2003/XP/2000 computer, it is highly recommendable to download the security patch for the Plug and Play vulnerability from the Microsoft website.
Zotob.B is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.