Welcome to virus encyclopedia of panda security
|Effects:||It allows to get into the affected computer. It generates a large amount of network traffic activity with the consequent consumption of bandwidth. It carries out actions that decrease the security level of the computer. It uses anti-monitoring techniques in order to prevent it being detected by antivirus companies. It spreads , across the Internetand also by being downloaded by other malware.|
|First detected on:||Jan. 2, 2007|
|Detection updated on:||June 19, 2010|
|Yes, using TruPrevent Technologies|
Downloader.MDW is a Trojan, which although seemingly inoffensive, can actually carry out attacks and intrusions.
It reduces the security level of the computer: it notifies the attacker that the computer has been compromised and is ready to be used maliciously; it changes system permissions, decreasing the security level.
It uses several methods in order to avoid detection by antivirus companies:
Downloader.MDW uses the following propagation or distribution methods:
Downloader.MDW allows hackers to get into and carry out dangerous actions in affected computers, such as capturing screenshots, stealing personal data, etc.
It uses the following techniques to impede detection by antivirus companies:
- It terminates its own execution if it detects that it is being executed in a virtual machine environment, such as VMWare or VirtualPC.
It causes a loss of productivity in the local network to which the compromised computer belongs:
- It generates a large amount of network activity and consumes bandwidth.
It reduces the security level of the computer:
- It notifies the attacker that the computer has been compromised and is ready to be used maliciously.
- It changes system permissions, decreasing the security level.
Propagation through the exploits of remote vulnerabilities:
Downloader.MDW carries out the following process:
- It spreads by attacking IP addresses obtained at random or from the network to which the infected computer belongs.
- It tries to access the IP addresses under attack by exploiting an existing vulnerability or through an open port.
- If it does this, it downloads a copy of itself onto the vulnerable computer.
Distribution through other examples of malware:
Downloader.MDW does not spread automatically using its own means. It is dropped on computers by other malware: Autorun.F, Multidropper.RGX, Multidropper.RHQ, Multidropper.RHR, Multidropper.RHS, Multidropper.RHT, Multidropper.RHU, Dropper.YB, Dropper.YL, Multidropper.RJU, Multidropper.RJV, Multidropper.RMO, Multidropper.RNB, Multidropper.RNO, Rustock.G, Hupigon.LDN, Delf.AJF.
Downloader.MDW has the following additional characteristics:
Is my computer infected by Downloader.MDW?
In order to make absolutely sure that Downloader.MDW has not affected your computer, you have the following options:
- Carry out a full scan of your computer using Panda Antivirus, after checking that it is updated. If it isn't and you are a registered Panda Security client, update it by clicking here.
- Check the computer with Panda ActiveScan, Panda Security's free, online scanner, which will quickly detect any possible viruses.
If Panda Antivirus or Panda ActiveScan detects Downloader.MDW during the scan, it will automatically offer you the option of deleting it. Do this by following the program's instructions.
- After deleting this malware by following the specified steps, if your computer runs Windows Millenium, clickhereto find out how to eliminate it from the _Restore folder.
- After deleting this malware by following the specified steps, if your computer runs Windows XP, clickhereto find out how to eliminate it from the _Restore folder.
In order to keep your computer protected, bear the following tips in mind:
- Panda Security'sTruPreventTMTechnologies detected and successfully blocked Downloader.MDW, without prior knowledge of the malicious code.
- Install a good antivirus in your computer. Click here to get the Panda antivirus solution that best suits your needs.
- Keep your antivirus updated. If automatic updates are available, configure your antivirus to use them.
- Keep your permanent antivirus protection enabled at all times.
For more detailed information about how to protect your computer against viruses and other threats, click here.