The Web    Google
5/20: Mytob-EU Worm Drops Copy

5/20: Mytob-EU Worm Drops Copy
May 20, 2005

Upon execution, Worm_Mytob.EU drops a copy of itself in the Windows system folder as T4SKGMR.EXE. It also drops the component file HELLMSN.EXE in the root folder (usually C:\). This component file further creates the following copies of this worm in the root folder:

  • MY_PHOTO2005.SCR

    Trend Micro detects HELLMSN.EXE as WORM_MYTOB.J.

    This worm exploits the following Windows vulnerabilities:

  • LSASS vulnerability

    Technical information can be found at Trend Micro page.

  • New China Security Fragments Wi-Fi Future
  • 10/29: Singu-B Allows Remote Access
  • Network Intelligence Upgrades Security Alert Manager
  • Shaving Time From The Virus Race
  • Protecting Data While Protecting Your Job
  • FTC: Identity Theft, Fraud on the Rise
  • 4/29: Kelvir-D an IM Worm
  • WiFi Security Concerns Easing
  • 5/2: Oscarbot Virus Spreads a Hyperlink
  • Bush Seeks IT Security Advice
  • Simplify File Recovery with Volume Shadow Copy Service
  • Discussion on Security Camera