Welcome to the Virus Encyclopedia of Panda Security.
It blocks the computer and deletes files and entries in the Windows Registry belonging to several antivirus programs. It attempts to search and end processes belonging to antivirus and computer security programs.
|First detected on:||Sept. 6, 2004|
|Detection updated on:||Sept. 6, 2004|
|Yes, using TruPrevent Technologies
Mywife.D is a worm that spreads via e-mail in a message with variable characteristics.
A few seconds after it is executed, Mywife.D blocks the computer, as it uses all the processor time available.
Mywife.D deletes the files belonging to several antivirus programs, if they are installed in the same directories as the ones specified in the worm's code. It also deletes the entries in the Windows Registry belonging to these antivirus programs, so these applications will not be run automatically the next time Windows is started.
In addition, Mywife.D also deletes the entries belonging to other worms, such as Mydoom.A, Mimail.T and several variants of Bagle.
Mywife.D attempts to search and end the processes belonging to antivirus and computer security programs. This would leave the affected computer vulnerable to the attack of other malware.
Mywife.D is easy to recognize, as it reaches the computer in a message with the following characteristics:
Subject: any of the following:
Sinfonma n: 9 de Beethoven Scherzo
Historias nuevas Highway Blues
Message:see the attached
Attachments: it is variable. It will have any of the following names, and a TGZ or ZIP extension:It will also attach the file LIFE.JPG, which contains a pornographic image.
SINFONMA N: 9 DE BEETHOVEN SCHERZO
HISTORIAS NUEVAS HIGHWAY BLUES
In addition, Mywife.D carries out the actions below once it has affected the computer: