|
-
June 26th, 2003, 09:41 AM
#1
 Heads Up**W32.HLLW.Lovgate.L@mm
Hi Guys,
This has been a busy day for virii ..
Here is the latest.. version of Lovgate, info from Symantec
No information for this version on McAfee at this time.
Listed as Version G with RAV
Appears to be version M on Sophos
Distribution: High
Damage: Medium
Wild: Low
The W32.HLLW.Lovgate.L@mm worm is a variant of W32.HLLW.Lovgate.I@mm. This worm has been repacked to make it difficult for antivirus software to detect it.
For more information about the worm, refer to the W32.HLLW.Lovgate.I@mm writeup.
Also Known As: I-Worm.Lovgate.i [KAV]
Type: Worm
Infection Length: 163,587 bytes
Systems Affected: Windows NT, Windows 2000, Windows XP
Systems Not Affected: Windows 3.x, Macintosh, OS/2, UNIX, Linux
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
June 26th, 2003, 09:25 PM
#2
If you are running Mcafee you might wanna update your engine (if you didn't allready)
Read all about why here : Update Mcafee engine to 4.2.60
I've encountered a problem with the previous engine ... if a server or pc got infected with the Lovgate and the klez virus together .. A key in the registry (wich starts the shield at startup)
would disapear and the virusses would have their way ...
One of our servers got as much as 16000 of those pesty lovgates at 158kb a piece ... you do the math.
Any way  was a bit frustrated with this virus it can do a lot of damage if your company doesn't know much about antivirus...and you have to do everything manualy (300 servers updating by hand because they don't see the advantage of an enterprise edition  )
And then I didn't mntion the 6000 client pc's (yes 6000) ...no way am I gonna do those manualy 
Back when I was a boy, we carved our own IC's out of wood.
-
June 27th, 2003, 09:28 AM
#3
And the fun part of lovgate.. It is network aware.. ie it looks for file shares to spread/update itself.. Cool..huh
Thanks Cemetric for that warning regarding McAfee
Cheers
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
June 27th, 2003, 10:40 PM
#4
And the fun part of lovgate.. It is network aware.. ie it looks for file shares to spread/update itself.. Cool..huh
Thnx Und3ertak3r forgot to mention that ...it does indeed use shares to distribute itself ...
Thanks Cemetric for that warning regarding McAfee
No worries ..I'm here to please 
Greetz
Back when I was a boy, we carved our own IC's out of wood.
-
June 27th, 2003, 10:46 PM
#5
Junior Member
Thanks alot for the heads up. Keep us posted on any developments.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote