Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- April 5, 2004
- Updated:
- February 13, 2007 12:20:51 PM
- Also Known As:
- W32/Lovgate.x@MM [McAfee], I-Worm.LovGate.w [Kaspersky]
- Type:
- Worm
- Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
W32.Lovgate.R@mm is a variant of W32.Lovgate@mm. It is also a mass-mailing worm that attempts to email itself to all the email addresses that it finds on the computer.
W32.Lovgate.R@mm spreads through the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135.
The "sender" of the email is spoofed, and the subject line and message body of the email vary.
This threat is written in the C++ programming language and is compressed with JDPack and ASPack.
Antivirus Protection Dates
- Initial Rapid Release version April 5, 2004
- Latest Rapid Release version January 17, 2012 revision 022
- Initial Daily Certified version April 5, 2004
- Latest Daily Certified version January 17, 2012 revision 033
- Initial Weekly Certified release date April 5, 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Low
- Number of Infections: 0 - 49
- Number of Sites: 0 - 2
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Moderate
Damage
- Damage Level: Low
Distribution
- Distribution Level: High
Writeup By: Yuhui Huang
