Backdoor.WinCE.Brador.a
Description Backdoor.WinCE.Brador.a
Brador.a is a backdoor (a utility allowing for remote administration of the infected machine) for PocketPC based on Windows CE and newer version of Windows Mobile.
It is written in ASM for ARM-processors and is 5632 bytes in size.
After Brador is launched in creates an svchost.exe file in the /Windows/StartUp/ folder, thus gaining full control over the handheld every time it is restarted.
Brador identifies the IP address of the infected handheld and sends it to the virus coder to inform him that the handheld is connected to the Internet and that the backdoor is active. Brador then opens port 2989 and awaits further orders.
The backdoor responds to the following commands:
d - lists the directory contents
f - closes the session
g - uploads a file
m - displays MessageBox
p - downloads a file
r - executes the specified command
Check other viruses! Be aware! Use Antiviral Software
Chips.877
Description Chips.877
Chips.877 is a very dangerous not memory resident parasitic virus. It searches for .COM-files and writes itself to their beginnings. It saves (file_length-1) bytes of file upon infection, it will hang up the computer. Sometimes this infector erases the disk sectors by string "chipshit!!?" and types:
Hej! Tu wirus Chipshit! Co sie stalo z Twoim dyskiem ?
Chloride.480.a
Description Chloride.480.a
It is a harmless memory resident stealth multipartite virus. It hooks INT 13h and writes itself to the header of EXE files that are accessed. The virus also writes itself to the MBR of the hard drive and boot sector of 1.4Mb floppy disks. The virus does not manifest itself in any way.
|