Proland Software  Download Antivirus software now!

Home
Anti virus products
Download Anti virus Software
Order On-line
Support
Email
Protector Plus Anti virus Software for
Anti virus Software for Windows XP and 2000
Antivirus Software for Windows Vista
Antivirus Software for Windows Me and 98
Anti virus Software for Exchange
Anti virus Software for NetWare
Protector Plus Console
Buy Anti virus software now!


SpamChoke Antispam
Software

Subscribe to Virus Alert
Mailing List

Enter your Email
 (Ex : john@company.com)






Download Anti virus software

W32/Mytob.AM Worm

Blueball Information about the W32/Mytob.AM Worm:

W32/Mytob.AM is a worm. This worm is a variant of W32/Mytob.A. The worm will infect Windows systems and spreads through email.

The infected mail 'From' address will be any one of the following;

contact@symantec.com
support@yahoo.com
admin@fbi.gov
contact@cia.gov
postmaster@fbi.gov
contact@microsoft.com

The subject of the infected mail will be any one of the following;

Is that your password?
It's you!?
read it immediately
Re: Approved document
Hello
Re: Your document
Re: Administration
Congratulations!
approved
Bonjour

The infected attachment will be any one of the following;

document
details
data
important information
your_doc
message
body

with any one of these extensions;

pif, scr, exe, bat.

The body of the infected mail will be any one of the following;

The original message was included as an attachment.

I have attached your informations.

The message contains Unicode characters and has been sent as a binary attachment.

Your document is attached.

For more details see the attachment.

Upon execution of the infected attachment, the worm copies itself as taskgmr.exe in the Windows System folder

The worm modifies registry at the following location to load itself during each startup.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

To propagate itself, the worm scans the files having the following extensions and collects all the available email addresses from the infected system.

adb, asp, dbx, htm, php, pl, sht, tbb, wab

It also collects email addresses from the Temporary Internet Files folder.

The worm attempts to locate SMTP server by appending the following prefixes to the domain names collected from the infected system. On successful SMTP server access it mails itself to the collected email addresses.

mx.
ns.
relay.
mail1.
mxs.
mx1.
smtp.
mail.
gate.


This worm first appeared on 22nd April, 2005.

Blueball Other names of W32/Mytob.AM Worm:

This Worm is also known as W32.Mytob.BJ@mm, W32/Mytob.gen@MM, Net-Worm.Win32.Mytob.al.

Click here to download a 30 day Evaluation Copy of
Protector Plus anti virus software for your operating system

Blueball About Protector Plus Antivirus Software Packages:

Proland Software is the developer of Protector Plus range of antivirus software packages. Protector Plus 2007 is available for Windows Vista, Windows 95/98/Me, Windows XP, Windows NT/2000/2003 servers and workstations,
MS-Exchange 2000/2003, MS-DOS and NetWare servers.

Anti virus for Windows

Download Now!

Protector Plus range of antivirus products offer on-line virus detection and removal. All the packages have the ability to detect and isolate all types of viruses, trojans, worms and other types of malware.

These products are updated on a continuous basis and the latest upgrades for all the platforms are made available for downloading from this site.

Click here to order
Protector Plus anti virus software 

 Buy Anti virus software now!


You can download the 30 day evaluation copy of the
antivirus software free of cost for these platforms:
Anti virus Software for Windows XP and 2000 Anti virus Software for Windows Me and 98 Anti virus Software for Exchange Anti virus Software for NetWare


HomeAnti virus productsDownload Anti virus SoftwareOrder On-lineEmail

Copyright © 2007 Proland Sofrware. All rights reserved.


Download Anti virus software