Aliases: Virus.Win32.Pulkfer.a, W32/NGVCK.d, W32/Pulkfer-A, PE_PULKFER.A, Win32/Ngvck.M, Win32.Pulkfer.A
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: Active & Spreading
Spreading: Slow
Geographical info: Some parts of Asia, Europe, North and South America, Africa and Australia
Removal: Easy
Platform: W32
Discovered: 18 Dec 2004
Damage: Medium

Characteristics: W32.Pulkfer was first seen on December 18, 2004. This is a virus that infects all executable files that it finds. This virus mostly affects Windows operating systems, namely Windows 2000, 95, 98, Me, NT, Server 2003 and XP.

More details about W32.Pulkfer

Once W32.Pulkfer is executed, the virus begins to perform several actions. First, the virus infects all .exe files then the infected file displays a message using win32.flu dialog box with the following message: This file has been infected... :P -- pker/pure. Once the dialog box is clicked, the virus has successfully propagated its infection.

The W32.Pulkfer program may open security gaps in the web browser. Reports from anti-virus companies declare that malware software and other potentially harmful files can enter the system through these gaps. Browser Helper Objects (BHOs) may be installed without the user’s consent. Unauthorized users may gain control of the computer remotely through the software. The application may also prevent the Task Manager window from appearing. The Automatic Updates feature of Windows may also be disabled. The malicious software must be installed manually in the computer before it can perform its functions. It may enter the computer through different means. Some Trojan software can download it through backdoors in the computer. It may be attached to worm applications so that it is distributed easily across networks.