1. /


Risk Level 1: Very Low

October 24, 2008
October 29, 2008 3:48:55 PM
Also Known As:
Troj/Gimmiv-A [Sophos], Trojan-Spy:W32/Gimmiv.A [F-Secure], Win32/Gimmiv.A [Computer Associates], Gimmiv.A [Panda Software], Win32/Gimmiv.B [Computer Associates], Spy-Agent.da [McAfee], WORM_GIMMIV.A [Trend], Troj/Gimmiv-Gen [Sophos]
Infection Length:
397,312 bytes
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP
CVE References:
CVE-2006-3439, CVE-2008-4250
Trojan.Gimmiv.A is a Trojan horse that opens a back door, attempts to exploit remote vulnerabilities, and may steal information from the compromised computer.

Note: Definitions before October 24, 2008 may detect this threat as Infostealer.

Antivirus Protection Dates

  • Initial Rapid Release version pending
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version October 24, 2008 revision 024
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date October 29, 2008
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Opens a back door.
  • Releases Confidential Info: Gathers confidential information.
  • Degrades Performance: May exploit remote vulnerabilities which degrades performance.


  • Distribution Level: Low
Writeup By: Elia Florio
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver