Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Phoenix (800)


Aliases:


Phoenix (800)

Malware
Virus
W32

Summary

The virus uses a complicated encryption method, which complicates detection somewhat.



Disinfection & Removal

Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details


Variant:1226

An earlier variant of the Phoenix virus.


Variant:Proud

A 1302 byte earlier variant.


Variant:Evil

A 1701 byte variant.

So-called "M" and "D" forms of the variants have been reported, but this is actually a misunderstanding. The "D" form is just the decrypted virus and the "M" form is a sample file infected multiple times.







Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.