Focus on Virus
Removing traces of the Mytob worm? Feb 14 2007 08:29PM
techgrl (favoriteemail gmail com)

I'm dealing with trying to get rid of what appears to be some traces of the
Mytob worm. Originally, it was downloaded into Outlook, then spotted and
removed by the antivirus solution. I can't find any of the files or registry
keys that would be associated with this worm:
http://www.symantec.com/security_response/writeup.jsp?docid=2005-022614-
4627-99.

That said, the antivirus software continues to detect and remove either the
virus itself or traces of it. The virus seems to be generating .tmp files
everytime the user clicks "send and receive" in Outlook. Is there a registry
key that might be at work here? I'm stumped on this one. It doesn't seem to
be an entirely active virus, as I haven't received any emails from this user
and I am in his address book. Any thoughts on why these temp files are being
generated? They are being generated in the following folder: C:\\WINNT\Temp.

Thanks!
--
View this message in context: http://www.nabble.com/Removing-traces-of-the-Mytob-worm--tf3229429.html#
a8972759
Sent from the Security - Virus mailing list archive at Nabble.com.

------------------------------------------------------------------------
---
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetec
t
------------------------------------------------------------------------
---

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus