Virus Database

Backdoor.SdBot.gen

Description Backdoor.SdBot.gen

This is a family of backdoor malicious programs, which provide the user with remote control over victim machines. This is achieved by sending commands via IRC channels.
Installation
Depending upon the program version, the backdoor either copies itself either to the Windows System directory or to other directories located in the System directory. The program also registers a copy of itself in the system registry, which ensures that it will be executed when Windows is started:
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
The registry value will vary according to which version of the backdoor has infected the machine.
Payload
Backdoor.SdBot connects to a range of IRC servers, then connects with a channel that is hard coded into its body. It is then ready to receive remote commands, such as downloading and executing remote files, acting as an IRC proxy server, joining IRC channels, sending messages via IRC, and sending UDP and ICMP packets to remote computers.

Check other viruses! Be aware! Use Antiviral Software

Piolin.1176

Description Piolin.1176

This is a very dangerous, memory resident parasitic virus. It hooks INT 21h, and writes itself to the end of COM and EXE files that are executed. On October 31st, it corrupts the files instead of infecting them. On October 8th, it erases hard drive sectors, decrypts, and displays the following message:
Virus PIOLIN

Pirate

Description Pirate

It is not a dangerous memory resident boot virus. It hooks INT 13h and infects the MBR of the hard drive and boot sector of floppy disks. Depending on its internal counter the virus decrypts and displays the message:
PIRATE!, you have a virus.

Home