Protector Plus Download Antivirus
Home
Download Antivirus
Antivirus Products
Order Antivirus


Antivirus Software for Windows XP/2000/2003
Antivirus Software for Windows Me/98
Antivirus Software for Exchange 2000/2003
Antivirus Software for NetWare

W32/Haxdoor.IS Trojan

Name W32/Haxdoor.IS Trojan
Aliases BKDR_HAXDOOR.IS, Haxdoor.KI, Backdoor.Haxdoor.P
Discovered on August 17, 2006

 Virus Information - W32/Haxdoor.IS Trojan:

W32/Haxdoor.IS is a trojan. The trojan will infect Windows systems and spreads through email.

The trojan will arrive as an attachment along with a spammed email.

Upon execution, the trojan drops the following files in Windows System folder.

qo.dll
qo.sys
xdpptp.sys
xopptp.dll
xopptp.sys
yvprgb.dll
ycsrgb.sys

The trojan modifies registry at the following location to load itself during each startup.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xopptp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xdpptp.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xdpptp.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xdpptp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xopptp

It injects xopptp.dll in explorer.exe and executes a remote thread.

Anti virus for Windows Download Now!

Home Page Download Antivirus Antivirus Products Order Antivirus

Copyright © 2006 Proland Software.All rights reserved

antivirus software, anti virus software, anti virus, download antivirus, download anti virus, free antivirus, free anti virus, antivirus, download, free, windows, windows xp, xp, sp2, windows me, windows 2000, 98, 95, nt, me, 2003, netware, anti-virus, virus, worm, trojan, protector, plus, proland, virus software, spyware