Virus Encyclopedia
Welcome to the Virus Encyclopedia of Panda Security.
Mywife.D | |
Threat Level Damage Distribution |
 |
Common name: | Mywife.D |
Technical name: | W32/Mywife.D.worm |
Threat level: | Medium |
Type: | Worm |
Effects: | It blocks the computer and deletes files and entries in the Windows Registry belonging to several antivirus programs. It attempts to search and end processes belonging to antivirus and computer security programs. |
Affected platforms:
|
Windows 2003/XP/2000/NT/ME/98/95 |
First detected on: | Sept. 6, 2004 |
Detection updated on: | Sept. 6, 2004 |
Statistics | No |
Proactive protection: | Yes, using TruPrevent Technologies
|
Brief Description | |
Mywife.D is a worm that spreads via e-mail in a message with variable characteristics. A few seconds after it is executed, Mywife.D blocks the computer, as it uses all the processor time available. Mywife.D deletes the files belonging to several antivirus programs, if they are installed in the same directories as the ones specified in the worm's code. It also deletes the entries in the Windows Registry belonging to these antivirus programs, so these applications will not be run automatically the next time Windows is started. In addition, Mywife.D also deletes the entries belonging to other worms, such as Mydoom.A, Mimail.T and several variants of Bagle. Mywife.D attempts to search and end the processes belonging to antivirus and computer security programs. This would leave the affected computer vulnerable to the attack of other malware. |
Visible Symptoms | |
Mywife.D is easy to recognize, as it reaches the computer in a message with the following characteristics: Subject: any of the following: Sinfonma n: 9 de Beethoven Scherzo Historias nuevas Highway Blues Message: see the attached Attachments: it is variable. It will have any of the following names, and a TGZ or ZIP extension: SINFONMA N: 9 DE BEETHOVEN SCHERZO HISTORIAS NUEVAS HIGHWAY BLUES It will also attach the file LIFE.JPG, which contains a pornographic image.
In addition, Mywife.D carries out the actions below once it has affected the computer: |