MADRID, August 3 2004 - Panda's New TruPrevent Technologies combat viruses
and intrusions have also detected and blocked Mydoom.P, without having a
signature file
PandaLabs has detected the presence of Mydoom.P, a new variant of the
well-known Mydoom worm. Incidents involving this new variant have already
been reported.
Mydoom.P spreads via e-mail using its own SMTP engine. Mydoom P opens the
notepad (which is empty).
Mydoom.P might arrive with any of the following subjects:
SN: New secure mail
Secure delivery
failed transaction
Re: hello (Secure-Mail)
Re: Extended Mail
Delivery Status (Secure)
Re: Server Reply
SN: Server Status
Posible attachment file names are: mail, message, attachment, transcript,
text, document, file, readme. It can arrive with the following extensions:
.exe, .zip, -txt.exe, -htm.exe y -txt.scr. More details of the messages that
Mydoom.P uses are available from Panda Software's virus Encyclopedia at
http://www.pandasoftware.com/virus_info/encyclopedia/
PandaLabs detected this new variant using Panda Software's new TruPrevent
Technologies which detected and successfully blocked MyDoom.P as well as
Mydoom.N, without prior knowledge of the malicious code. TruPrevent
Technologies complement traditional antivirus, as they are capable of detect
and block the unknown viruses, like MyDoom.P, using behavioural analysis and
can be used alongside of other companies antivirus solutions.
To prevent incidents involving Mydoom.P, Panda Software advises users to
take precautions and update their antivirus software. Panda Software has
made the corresponding updates available to its clients to detect and
disinfect this new malicious code.
In addition, users can scan their computers online for free with the
ActiveScan solution, available on the company's web page at:
http://www.pandasoftware.com
