Worm.Mytob-F Description

Worm.Mytob-F is a mass-mailing worm that spreads in the Internet by email and in local networks by exploiting computers running the Windows operating system with known vulnerabilities. Worm.Mytob-F scans local drives for text and spreadsheet documents, as well as web pages and various programming files. Then Worm.Mytob-F sends e-mail messages to all the addresses it gathers from found files by using own mail engine. Worm.Mytob-F also opens a backdoor providing the attacker with remote unauthorized access to the compromised computer and allowing him to control the system and steal user sensitive information.

Aliases: Backdoor.Surila.Gen, WORM_RITDOOR.A [TrendMicro], W32/Mytob.cw, W32.Mytob@mm [Symantec], Email-Worm.Win32.Mydoom.gen (v) [Sunbelt], W32/Ritdoor-A [Sophos], Worm.Mytob.kr, Net-Worm.Mytob!sd5, W32/Mytob.JL.worm [Panda], Win32/Surila.Y [NOD32], Worm:Win32/Mytob.MI@mm [Microsoft], Worm.Mytob.cw.1 [McAfee-GW-Edition], Artemis!DDD80B8FEC97 [McAfee+Artemis], W32/Mydoom.gen@MM [McAfee] and W32/MyDoom.CW!worm [Fortinet].

Technical Information

File System Details

Worm.Mytob-F creates the following file(s):
# File Name Size MD5
1 taskgmr.exe 135,168 3b4f28adae5625aed4c58bf640786e4c
2 services.exe 37,376 ddd80b8fec975a461a3651bf267d00c5
3 svchost32.exe 462,848 e1e3d67f8c9445dfa0a6dfd3c0ddf510
More files

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.