|
Subscribe
to Virus Alert 
|
W32/Deloader.A Worm
W32/Deloader.A is a network worm which also has trojan (backdoor), characteristics. This worm infects Windows systems and spreads through shared network drives. When the worm is executed, it extracts and executes PSEXEC.EXE, which is
a network utility that connects to remote machines in the network. It
modifies the registry at the following location, to load itself during the
next startup. It tries to connect to remote systems as an administrator, using a list
of common passwords. It connects through port 445. If the connection is successful
then it copies itself to the remote system's WINDOWS\SYSTEM folder as
DVLDR32.EXE and executes the same. It also copies and executes a backdoor
component called INST.EXE. The backdoor component allows the remote user to
access the infected computer. This worm also tries to deny access to shared
folders, in Windows XP and 2000 machines.
This worm is also known as W32.HLLW.Deloder, WORM_DELODER.A, W32/Deloder-A
|
About
Protector Plus Antivirus Software Packages:Proland Software is the developer of Protector Plus range of antivirus software packages. Protector Plus is available for Windows Vista, Windows 95/98/Me, Windows XP, Windows NT/2000/2003 servers and workstations, MS-Exchange 2000/2003, MS-DOS and NetWare servers.
 |
Protector Plus range of antivirus products
offer on-line virus detection and removal. All the packages have the ability
to detect and isolate all types of viruses, trojans, worms and other types
of malware. These products are updated on a continuous basis and the latest
upgrades for all the platforms are made available for downloading from
this site.
|
You can download the 30 day evaluation
copy of the
antivirus software free of cost for these platforms:
Copyright ©
2007 Proland Sofrware. All rights reserved.
