| Lovgate.AD-1 is a Worm. Worms spread from computer to computer, making copies of themselves over the network. They could spread over email, IM, peer-to-peer networks, or directly over the wire by leveraging vulnerabilities. Lovgate.AD-1 has a file size of 143,360 bytes. Lovgate.AD-1 drops the following files on the hard drive: |
It also changes Windows registry:
- C:\WINDOWS\SYSTEM32\realsched.exe (143360 bytes)
- C:\WINDOWS\SYSTEM32\vptray.exe (143360 bytes)
- C:\WINDOWS\SYSTEM32\hxdef.exe (143360 bytes)
- C:\WINDOWS\SYSTEM32\RAVMOND.exe (143360 bytes)
Lovgate.AD-1 makes the following additional changes to the infected computer:
- Creates value "WinHelp"="C:\WINDOWS\SYSTEM32\realsched.exe" in key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run".
- Creates value "Hardware Profile"="C:\WINDOWS\SYSTEM32\hxdef.exe" in key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run".
It also is executed every time Windows starts.
- Modifies profile key "run"="RAVMOND.exe" in section [WINDOWS] of file C:\WINDOWS\win.ini.