Archive A Reconstructed © MegaSecurity Database

• a
• b
• c
• d
• e
• f
• g
• h
• i
• j
• k
• l
• m
• n
• o
• p
• q
• r
• s
• t
• u
• v
• w
• x
• y
• z
• other

AFX Windows Rootkit 2003

This software generates a system patch that will hide processes, files, folders
registry keys and netstat entries from Windows 95/98/ME/NT/2k/XP/2003. Information
is withheld based on 4 lists of mask strings. This enables you to apply wildcards to
hiding functions such as hiding files based on "*.exe" or netstat entries based on
"*TCP*:80*" to hide http traffic.

The "example.exe" include is preconfigured to hide all processes/files and keys matching
"~~*" and all "*TCP*" traffic. The installer copies itself to the system directory and
extracts 2 DLL files from it's resources. It saves the files as "iexplore.exe" and
"explorer.exe". The first dll is loaded into "explorer.exe" which then installs hooks
contained in "explorer.dll".

To configure a custom rootkit run "RootKit.exe" and click "Help" and make sure to
compress your installer!

Aphex

This archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.