x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Mytob.LX

Threat LevelHigh threatDamageSevereDistributionNot widespread
Common name:Mytob.LX
Technical name:W32/Mytob.LX.worm
Threat level:Medium
Type:Worm
Effects:  

It opens a port in order to connect to an IRC server and receive remote control commands, ends several processes and prevents users from accessing several websites. It spreads via email in a message that contains a link.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Dec. 5, 2005
Detection updated on:Dec. 9, 2005
StatisticsNo

Brief Description 

    

Mytob.LX is a worm with backdoor characteristics that opens a TCP port in order to connect to an IRC server and receive control commands, which allow the affected computer to be remotely administrated.

This worm ends processes belonging to several security tools, such as antivirus programs and firewalls, among others. It also ends processes belonging to other malware.

Aditionally, it prevents users from accessing certain web pages, mostly belonging to antivirus companies.

Mytob.LX spreads via email, in a message that contains a link.

Visible Symptoms 

    

Mytob.LX is easy to recognize, as it reaches the computer in an email message with the following characteristics:

  • Message:
    Dear Valued Member,

    According to our terms of services, you will have to confirm your e-mail by the following link, or your account will be suspended within 24 hours for security reasons.

    After following the instructions in the sheet, your account will not be interrupted and will continue as normal.

    Thanks for your attention to this request. We apologize for any inconvenience.

    Sincerely, Buysoft Security Department.
  • This message contains the following link:
    http://www./confirm.php?account=buysoft.co.kr