MAC-NETHow toNetwork SecurityVirus ProtectionSpyware ProtectionDownloadReferenceContact
 

Do more with FirefoxNEW

What is a computer virus?

Alert: Computer Virus Outbreak

AVG Alternative Update URL

AVG Anti-Virus 7 FE

AVG Anti-Virus 7.5

AVG Email Server Edition

AVG File Server Edition

How to - Avoid Getting Infecte

How to - Disabling System Rest

How to - Put Windows in Safe M

MAC OS X Anti-Virus

Removal of Trojan

Removing File Locked by OS

Stop the virus Ping-Pong

The real thing !

Viruses: Email-borne

Viruses: On-line Scanners
Home » Virus Protection » Alert: Computer Virus Outbreak » Mytob Computer Virus » 

MYTOB CN Variant

Mytob-CN is a mass-mailing internet worm and IRC backdoor Trojan. It copies nec.exe into the system folder and then adds a startup registry entries to run nec.exe.

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ RunServices

It then modifies the value Start = 4 in the key:

HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ SharedAccess

in the Windows registry to deny access to run the other programs when windows starts.

The base code for the MYTOB family is a blending of MYDOOM and BOT viruses. Instead of using a single file compression algorithm, MYTOB variants utilize a combination of three different algorithms (including the new Yoda Protector 1.4 and PEncrypt 4.0, and the relatively well-known UPX-compression algorithm), to avoid antivirus scanners.

commentPost your comment 
Mail this pageMail this page

MAC-NET Secures IT | internet toolkit

© 2004-2008. All Rights Reserved.