investigate the system. Look at the technical details in http://email@example.com then one by one locate if the said entries exists:
1. ninfoie.exe in System32 or System directory
2. "WINDOWS SYSTEM" = "ninfoie.exe"
in the registry subkeys:
3. so on..
Or do this:
Download Process Explorer http://www.sysinternals.com/Files/ProcessExplorerNt.zip
Extract the contents of the compressed (ZIP) file to a location of your choice.
Execute Process Explorer by double-clicking the following:
In the Process Explorer window, locate the process:
Right-click the malware process, then click Kill Process Tree.
Close Process Explorer.
Follow the rest of the instructions from http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FMYTOB%2EEE&VSect=Sn
NAV is alerting because it found something. Your friend should temporary stop the email service until it is "cleared".
This is regarding one of my colleague's computer. That computer has a "Email server" application installed, that receives and sends, to and from all the external email account in our company.
Nowadays, it always has a Norton Anti-virus message popping out, alerting her that one out of 4 attachments of an e-mail sent, contains the W32.Mytob.EE@mm virus. The sender and receiver are always strange (doesn't exist, and ending with our company's domain name).
So after she clicks the Quarantine button, and closes the message, the computer sends another e-mail automatically, and then the same message pops out again, alerting the same virus but with a different e-mail (different sender, title and etc). Then after quarantined and closed, the same message pops out again and again. Sometimes, in the morning, there can be so many emails that are said infected.
We scanned using norton anti-virus and housecall (trend micro), and it didn't detect any virus. And we also tried the symantec removal tool for that virus, and it also didn't find that virus.
Does anyone know what happen and what should I do?