Factory

· Overview ·
· Origins ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview

Vendor Notes:

 From the doc: '*Easy-to-use GUI. *Drag and drop file capability *Add as many files as you list with any extentions.. (.exe, .bmp) and run them. +Compression -4 Levels of Lzh1 algarythms +Security -MISTY1(C) Encryption algarythm -Password archive feature +Notification -Send ICQ Pager message *note resolves icq.com's pager address automatically +Windows environment -Create a message box on execution of the archive -Execute a file (any extention) +Upcomming features -Look for stub 'ICON change' ability soon! -Registry Write function -INI file write function -'No forms' stub (will greatly reduce stub size) -Create dir option -And more!' aka Zyon Special Edition (New Stub ICO).

Alias:

 destructive program [F-Prot], MultiDropper.cfg [McAfee], MultiDropper-AD trojan, MultiDropper-AM trojan, Trj/Runner.Factory [Panda], Trj/W32.Factory [Panda], Trojan Horse.LC [Panda], TrojanDropper.Win32.Factory, TrojanDropper.Win32.Factory [Kaspersky], TrojanDropper.Win32.Factory.a, TrojanDropper.Win32.Factory.a [Kaspersky], Win32/TrojanRunnerr.Factory!Troj [Computer Associates]

Category:

Trojan Creation Tool: A program designed to create Trojans. Some of these tools merely wrap existing Trojans, to make them harder to detect. Others add a trojan to an existing product (such as RegEdit.exe), making it a Dropper.

Dropper: In viruses and trojans, the dropper is the part of the program that installs the hostile code onto the system.

Trojan: Any program with a hidden intent. Trojans are one of the leading causes of breaking into machines. If you pull down a program from a chat room, new group, or even from unsolicited e-mail, then the program is likely trojaned with some subversive purpose. The word Trojan can be used as a verb: To trojan a program is to add subversive functionality to an existing program. For example, a trojaned login program might be programmed to accept a certain password for any user's account that the hacker can use to log back into the system at any time. Rootkits often contain a suite of such trojaned programs.

Variants:
  • Factory 1.0
  • Factory 1.19 beta
    		•

    Similar Pests:

    		 Trojan Creation Tool · Dropper · Trojan

    Origins

    Author:

    		 Syphillis

    Date of Origin:

    		 Variants from March, 2000 to March, 2004

    Operation

    Storage Required:
  • Factory: at least 1677 KB
  • Factory 1.0: at least 453 KB
    		•

    ScreenShot:

    Factory

    Factory Actions

    Factory Batch Editor

    Factory MultiBinder

    Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.

    Manual Removal:

    		 Follow these steps to remove Factory from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
    Stop Running Processes:

    Kill these running processes with Task Manager:

    Remove Files:

    Remove these files (if present) with Windows Explorer:

    Research

    File Analyses:

    More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 February 28, 2005