Like its predecessors, W32/Lovgate.ad@MM is a Medium Risk
mass-mailing worm hiding inside an email attachment. When
run, the worm:

1. Drops a dangerous backdoor on an infected machine that
can allow a remote hacker to steal information.
2. Infects executable programs.
3. Tries to disable anti-virus and security software.
4. Emails itself to a) stolen contacts or b) as replies
to unread MS Outlook or Outlook Express messages on the
infected machine, spoofing the "from: field".

--> What should I look for?

Subject (examples): hi, hello, Hello, Mail transaction
Failed, mail delivery system

Body (examples): Mail failed. For further assistance,
please contact! The message contains Unicode characters
and has been sent as a binary attachment.

Attachment: Randomly constructed strings with the
following extensions: .EXE, .PIF, .SCR, .ZIP

--> How do I know if I've been infected?

Presence of various .EXE,.DLL or .ZIP archive files on
system. Modified System Registry.

__________________
Forum Rules
"Cat washing IS a martial art."
"Remember Today IS Yesterdays Tomorrow"