Mytob variant bearing gifts of adware and spyware may begin making the rounds of good and bad computers everywhere.

As security researchers watch more variants of the Mytob worm circulate, indications have been that the variants are pieces of a greater whole. One consultant to antivirus firm Sophos has possibly found hints to the identity of the virus writers, a group called Hellbot.

The various versions of Mytob floating around have been numbered, as if they are iterations of a core release. The consultant, Carole Theriault, made this observation from the UK.

This is the part of the story where the reader should verify the antivirus program on his or her machine has been updated with the most current engine and signature file.

Analysis of the worm shows a great deal of sophistication in its coding. This has given researcher reason to think it is more than just a nuisance creation. One version of Mytob called Mytob.ar has been found to carry spyware elements.

That development could mean a final version of Mytob may be sold as a delivery program to criminals or spammers who want to place malicious code or adware on as many computers as possible.

It’s important for users to be proactive in updating their machines. New variants of Mytob have been coded to prevent a user machine from contacting several common antivirus and security web sites. Subject lines of bogus e-mail messages purport to be legitimate security warning from administrators.

In a corporate environment, users should use their contacts in IT to verify legitimate warnings. Usually those administrators will have processes and policies in place to keep enterprise users alert to threats.

David Utter is a staff writer for webproworld covering technology and business. Email him here.