Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- March 24, 2003
- Updated:
- February 13, 2007 11:44:49 AM
- Also Known As:
- WORM_LOVGATE.F [Trend], WORM_LOVGATE.G [Trend], W32/Lovgate.f@M [McAfee], W32/Lovgate.g@M [McAfee], W32/Lovgate-E [Sophos], I-Worm.LovGate.f [KAV], Win32/Lovgate.F.Worm [CA]
- Type:
- Worm
- Systems Affected:
- Windows 2000, Windows NT, Windows XP
W32.HLLW.Lovgate.G@mm is a minor variant of W32.HLLW.Lovgate.C@mm. This worm contains mass-mailing and backdoor functionalities. This variant does not properly function under Windows 95/98/Me systems.
To spread itself, the worm attempts to reply to incoming email messages and to email addresses that it finds in HTML files. The subject and attachment of the incoming email are chosen from a predefined list. The attachment will have a .exe, .pif, or .scr file extension.
W32.HLLW.Lovgate.G@mm also attempts to copy itself to all the computers on a local network, and then attempts to infect these computers. The worm also has a backdoor Trojan capability.
NOTE: Virus definitions dated March 24, 2003 may detect this threat as W32.HLLW.Lovgate.C@mm.
Symantec Security Response has created a tool to remove W32.HLLW.Lovgate.G@mm. Click here to obtain the tool.
Antivirus Protection Dates
- Initial Rapid Release version March 25, 2003
- Latest Rapid Release version February 2, 2012 revision 004
- Initial Daily Certified version March 25, 2003
- Latest Daily Certified version February 2, 2012 revision 018
- Initial Weekly Certified release date March 25, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Medium
- Number of Infections: 50 - 999
- Number of Sites: More than 10
- Geographical Distribution: Medium
- Threat Containment: Easy
- Removal: Difficult
Damage
- Damage Level: Medium
Distribution
- Distribution Level: High
Writeup By: Eric Chien
