Trend Micro Virus Alert: WORM_MYTOB.JX

WORM_MYTOB.JX is a non-destructive, memory-resident worm that propagates by sending a copy of itself as an attachment to an email message, which it sends to target recipients using its own Simple Mail Transfer Protocol (SMTP) engine.

Using its own SMTP mail engine makes it easier for this worm to send out email messages, while maintaining transparency on the affected system. This worm is currently spreading in-the-wild and infecting systems running Windows NT, 2000,
and XP.

This worm also propagates by dropping a copy of itself in accessible network shares. It accesses an affected system by logging on using the account of the currently logged-on user. It also propagates across networks by taking advantage of the Windows LSASS vulnerability discussed in detail in Microsoft Security Bulletin MS04-011.

This worm has backdoor capabilities that open a random port, which allows a remote user to perform malicious commands on the affected machine. This routine provides remote users virtual control over affected systems, thereby compromising system security.

If you would like to scan your computer for WORM_MYTOB.JX, or thousands of other worms, viruses, Trojans and malicious code, visit HouseCall, Trend Micro's free, online virus scanner at: http://housecall.trendmicro.com/

WORM_MYTOB.JX is detected and cleaned by Trend Micro pattern file #2.796.06 and above.