Vous êtes dans : Panda Security > Home Users > security-info > overview
Active Scan. Analysez gratuitement votre PC
Download Cloud Antivirus Gratis

Encyclopédie des Virus

Bienvenue sur l’Encyclopédie des Virus de Panda Security.

Gaobot.LTL

Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Gaobot.LTL
Technical name:W32/Gaobot.LTL.worm
Threat level:Low
Type:Worm
Effects:  

It connects to IRC servers in order to receive remote control commands and prevents users from accessing websites belonging to several computer security companies. It exploits the vulnerabilities LSASS and RPC DCOM, among others, in order to spread to as many computers as possible, among other means of transmission.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Jan. 3, 2006
Detection updated on:Jan. 5, 2006
StatisticsNo
Yes, using TruPrevent Technologies

Brief Description 

    

Gaobot.LTL is a worm that connects to several IRC servers in order to receive remote control commands, acting as a backdoor. It can be instructed to obtain computer passwords, launch DoS (Denial of Service) attacks, scan IP addresses, etc.

This worm also prevents the user from accessing websites belonging to computer security companies. This way, among other consequences, the antivirus programs belonging to such companies could not be updated, which would leave the affected computer vulnerable to the attack of other malware.

Gaobot.LTL uses several different means to spread:

  • Across the Internet by exploiting the vulnerabilities LSASS, RPC DCOM, WebDAV and UPnP.
  • Across networks.
  • Through several peer-to-peer (P2P) file sharing programs.
  • Via AOL Instant Messenger (AIM) and IRC.
  • Via email.

 

It is highly recommendable to download the security patches for the vulnerabilities LSASS, RPC DCOM, WebDAV and UPnP from the Microsoft website.

Visible Symptoms 

    

Gaobot.LTL is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.