x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Mytob.ML

Threat LevelHigh threatDamageSevereDistributionNot widespread
Common name:Mytob.ML
Technical name:W32/Mytob.ML.worm
Threat level:Medium
Type:Worm
Effects:  

It connects to an IRC server in order to receive remote control commands, ends several processes and prevents users from accessing several websites. It spreads via email in a message that contains a link.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Jan. 8, 2006
Detection updated on:Jan. 12, 2006
StatisticsNo

Brief Description 

    

Mytob.ML is a worm with backdoor characteristics that connects to an IRC server and receives control commands, which allow the affected computer to be remotely administrated.

This worm ends processes belonging to several security tools, such as antivirus programs and firewalls, among others. It also ends processes belonging to other malware.

Aditionally, it prevents users from accessing certain web pages, mostly belonging to antivirus companies.

In Windows XP computers, Mytob.ML disables the Internet Connection Firewall (ICF) and the Internet Connection Sharing (ICS).

Mytob.ML spreads via email, in a message that contains a link.

Visible Symptoms 

    

Mytob.ML is easy to recognize, as it reaches the computer in an email message with the following characteristics:

  • Subject: one of the following:

    Account Alert
  • Message:
    Dear Valued Member,

    According to our terms of services, you will have to confirm your e-mail by the following link, or your account will be suspended within 24 hours for security reasons.

    After following the instructions in the sheet, your account will not be interrupted and will continue as normal.

    Thanks for your attention to this request. We apologize for any inconvenience.

    Sincerely, Wanadoo Security Department.
  • This message contains the following link:
    http://www./confirm.php?account=wanadoo.fr