Welcome to the Virus Encyclopedia of Panda Security.
It downloads and installs a backdoor. It ends processes belonging to security tools, and denies access to antivirus update websites.
|First detected on:||Sept. 16, 2004|
|Detection updated on:||Sept. 17, 2004|
Mydoom.AB is a worm that connects to several websites in order to download and install a file belonging to a backdoor on the affected computer.
In addition, Mydoom.AB ends processes belonging to several antivirus programs and firewalls, among other security tools. This leaves the affected computer vulnerable to the attack of other malware.
It also denies access to certain antivirus websites, in order to prevent these programs from being updated or from detecting new threats.
Mydoom.AB spreads via e-mail in a message with variable characteristics, and through the peer-to-peer (P2P) file sharing program KaZaA.
Mydoom.AB is similar to a previous variant, detected by Panda Security as Mydoom.Z.
Mydoom.AB is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.