1. Symantec/
  2. Security Response/
  3. W32.Vote.gen@mm


Risk Level 2: Low

September 27, 2001
February 13, 2007 11:46:51 AM
Systems Affected:

W32.Vote.gen@mm is a mass-mailing worm that is written in Visual Basic. When it is executed, it emails itself to all email addresses in the Microsoft Outlook address book. The worm inserts three .vbs files on the system. It also modifies the Internet Explorer home page. W32.Vote.gen@mm is a variant of W32.Vote.A@mm. The main difference is that it inserts three VBS scripts instead of two.

NOTE: Virus definitions dated September 26, 2001 or earlier may detect this as either W32.Vote.A@mm or W32.Vote.B@mm

If the Backdoor.Trojan was successfully installed on the computer, it is possible that your system has been accessed remotely by an unauthorized user. For this reason it is impossible to guarantee the integrity of a system that has had such an infection. The remote user could have made changes to the system, including but not limited to the following:
  • Stealing or changing passwords or password files
  • Installing remote-connectivity host software, also known as backdoors
  • Installing keystroke logging software
  • Configuring firewall rules
  • Stealing credit card numbers, banking information, personal data, and so on
  • Deleting or modifying files
  • Sending inappropriate or even incriminating material from a customer's email account
  • Modifying access rights on user accounts or files
  • Deleting information from log files to hide such activities

To be certain that your organization is secure, you must reinstall the operating system, restore files from a backup that was made before the infection took place, and change all passwords that may have been on the infected computers or that were accessible from it. This is the only way to ensure that your systems are safe. For more information regarding security in your organization, contact your system administrator.

Antivirus Protection Dates

  • Initial Rapid Release version September 27, 2001
  • Latest Rapid Release version August 8, 2016 revision 023
  • Initial Daily Certified version September 27, 2001
  • Latest Daily Certified version August 9, 2016 revision 001
  • Initial Weekly Certified release date pending
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube