Backdoor.BotGet.Ftp?.Gen detects scripts used by some malicious IRC bots (eg: SDBot / RBot) and worms (eg: Lovgate) in propagation from one computer to another.A worm/bot installed on a machine searches for other computers in the same network or even... [More]

Written in Delphi, often packed with various packers: Hmimys, NsPack, Svkp, UPX, AsPack and others.When first executed Hupigon copies itself to other location (usually windows folder) and deletes itself after that.To ensure that it will start every t... [More]

When run, this malware will try to remove the following registry keys:HKLM\Software\Microsoft\CurrentVersion\ShellServiceObjectDelayLoad\Name = JavaViewHKLM\Software\Microsoft\CurrentVersion\ShellServiceObjectDelayLoad\Name = DesktopWinThes... [More]

Has Adware functionality.When launched, copies itself to %WINDIR%\System32 under a random name and registers this file in the system registry to ensurethat the file will be launched each time Windows is rebooted.Downloads a file from a preconfigured... [More]

The malware copies itself to C:\Documents and Settings\\local settings\temp under the name __a00[some-hexa-digits].exeand adds the following registry key:HKCU\Software\Microsoft\Windows\CurrentVersion\Run\A00[some-hexa-digits].exeC:\Docume... [More]

When executed, the trojan drops two files. The first one is the well known rogue program ... [More]

This backdoor has a malicious payload. The program itself is a Windows PE EXE file. The file is approximately 730KB in size. It is written in Borland Delphi. InstallationThe malicious payload consists of a range of options which are defined when the... [More]

This backdoor will give a remote malicious user full access to the victim machine.The program is a Windows DLL file.The file size may vary significantly.InstallationThis backdoor will be installed on the victim machine by another malicious program. ... [More]

This Trojan makes it possible for a remote malicious user to control the victim machine. The program is a Windows PE EXE file 2560 bytes in size. Payload... [More]

This Trojan provides a remote malicious user with access to the victim machine. It is managed via IRC. It is a Windows PE EXE file. It is 32,704 bytes in size. Installation When installing, the backdoor creates a system process, svchost.exe, and inj... [More]