Virus Database

Backdoor.WinCE.Brador.a

Description Backdoor.WinCE.Brador.a

Brador.a is a backdoor (a utility allowing for remote administration of the infected machine) for PocketPC based on Windows CE and newer version of Windows Mobile.
It is written in ASM for ARM-processors and is 5632 bytes in size.
After Brador is launched in creates an svchost.exe file in the /Windows/StartUp/ folder, thus gaining full control over the handheld every time it is restarted.

Brador identifies the IP address of the infected handheld and sends it to the virus coder to inform him that the handheld is connected to the Internet and that the backdoor is active. Brador then opens port 2989 and awaits further orders.
The backdoor responds to the following commands:
d - lists the directory contents
f - closes the session
g - uploads a file
m - displays MessageBox
p - downloads a file
r - executes the specified command

Check other viruses! Be aware! Use Antiviral Software

HappyEnd.1536

Description HappyEnd.1536

This is a very dangerous memory-resident encrypted parasitic virus. It hooks INT 21h, and writes itself to the end of COM and EXE files that are executed. The virus does not infect the files: CO*.*, NO*.*, TB*.*, SC*.*, CL*.*, TO*.*, AV*.*, F-*.*.
From the 16 until the 23 of May, the virus formats the hard drive and displays the following message:
Decryption Defenceall
This is Happy End.
Please turn off your computer.

The virus also contains the text strings:
Este sa stretneme...
district Bratislava country , Slovakei
Compiled:A86

HappyNewYear.556

Description HappyNewYear.556

It is not a dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM files that are executed. Depending on the system time and date it decrypts and displays the message:
Happy New Year !

Home