Protector Plus Download Antivirus
Home
Download Antivirus
Antivirus Products
Order Antivirus


Antivirus Software for Windows XP/2000/2003
Antivirus Software for Windows Me/98
Antivirus Software for Exchange 2000/2003
Antivirus Software for NetWare

W32/Virut.H Virus

Name W32/Virut.H Virus
Aliases W32.Virut.H
Discovered on March 4, 2007

 Virus Information - W32/Virut.H Virus:

W32/Virut.H is a virus. The virus will infect executable files on Windows systems.

Upon execution, the virus uses the CreateEvent function to create an event name "VT_3" so that only one instance of the virus runs on the infected computer.

The virus hooks some of the following system functions, so that it can infect files when they are accessed or executed:

NtCreateFile
NtOpenFile
NtCreateProcess
NtCreateProcessEx

Then the virus attempts to infect all accessed .exe or .scr files by appending itself to the executable file.

The virus avoids infecting files that contains the following strings:

PSTO
WC32
WCUN
WINC

Then the virus opens a back door by joining the channel #virtu on the IRC server proxim.ircgalaxy.pl through TCP port 65520 allowing a remote attacker to download and execute files onto the infected computer.

Anti virus for Windows Download Now!

Home Page Download Antivirus Antivirus Products Order Antivirus

Copyright © 2007 Proland Software.All rights reserved

download free trial