Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||W32/Mydoom.ap@MM, W32/Moom-AA, I-Worm.Mydoom.AE|
It prevents users from accessing websites belonging to several antivirus companies, and ends processes belonging to antivirus programs.
|First detected on:||Jan. 15, 2005|
|Detection updated on:||Jan. 17, 2005|
|Yes, using TruPrevent Technologies
Mydoom.AE is a worm that modifies the HOSTS file, in order to prevent the user from accessing websites belonging to several antivirus companies.
Mydoom.AE ends processes belonging to several antivirus programs, which leaves the affected computer vulnerable to the attack of other malware. Mydoom.AE also ends processes belonging to certain malware threats.
Additionally, it attempts to download a file from the Internet.
Mydoom.AE spreads via e-mail, in a message with variable characteristics, and through peer-to-peer (P2P) programs.
Mydoom.AE is easy to recognize once it has affected the computer, as it opens Notepad and displays a text that consists of random characters when it is run.