Category: Computer Virus
Europe, North and South America, and some parts of Asia and Australia
03 Dec 2005
W32.Feldor.A is a known virus that adds files, modifies as well as generates registry entry and for some critical infections. All platforms of Windows are vulnerable to this worm, may it be Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT and Windows XP. It duplicates itself with several file names usually having an extension of .pif or .com in any of the infected computer. It drops copies of itself in windows directories in windows directory folders such as system, web, fonts, temp, help, windows.exe (on both local and removable drives) and ghost.bat.
W32.Feldor.A Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer virus removal tool to automatically clean W32.Feldor.A from your computer.
More details about W32.Feldor.A
There are also HTML files being named as folder.htt and nethood.htm on both local and removable drives if it is connected. This HTML file exploits the Microsoft Virtual Machine com. User profiles are also being modified when this virus is present. You may see an “admin” profile that adds itself to the administrator group. It also monitors the active Windows Explorer window. If the title bar matches the folder containing the worm, it copies itself to one of the folders and launches a new copy and exits. It may also make use of email messages but not of great value in spreading the virus. This message contains, “Hello!” on its subject and message body. This email message should not be trusted and more importantly be opened.
Just like any other virus, the W32.Feldor.A program is installed without the consent or knowledge of the user. It exploits weaknesses in the system’s security to facilitate the installation of the program into the computer. When the W32.Feldor.A is launched, the hacker can customize the various features of the server program including file name, file path, port number, registry key name, services name and services description. This virus can be used by the hacker to collect personal and critical user information without the latter’s consent. It opens the computer to various risks that degrade the system’s security and integrity. It allows the execution of malicious codes and makes the infected computer a tool for initiating Denial of Service (DOS) attacks.