Threat Description

Phoenix (800)

Details

Aliases:Phoenix (800)
Category:Malware
Type:Virus
Platform: W32

Summary



The virus uses a complicated encryption method, which complicates detection somewhat.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More

You may wish to refer to the Support Community for further assistance. You also may also refer to General Removal Instructions for a general guide on alternative disinfection actions.



Technical Details




Variant:1226

An earlier variant of the Phoenix virus.


Variant:Proud

A 1302 byte earlier variant.


Variant:Evil

A 1701 byte variant.

So-called "M" and "D" forms of the variants have been reported, but this is actually a misunderstanding. The "D" form is just the decrypted virus and the "M" form is a sample file infected multiple times.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More