Troj/Bckdr-HLO

Category: Viruses and Spyware Protection available since:24 Apr 2006 00:00:00 (GMT)
Type: Trojan Last Updated:24 Apr 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Bckdr-HLO is a backdoor Trojan for the Windows platform.

The Trojan includes functionality to connect to the predefined remote site awaitng for the further remote commands. Troj/Bckdr-HLO is a backdoor Trojan for the Windows platform.

When Troj/Bckdr-HLO is installed the following files are created:

<Temp>\winword.exe
<System>\awext32.dll
<System>\w32time.exe

The file w32time.exe is registered as a service named "W32Time" (repacing any existing services named "W32Time"). Registry entries are created or modified under:

HKLM\SYSTEM\CurrentControlSet\Services\W32Time\

The file awext32.dll is injected into the msmsgs.exe process space and includes functionality to connect to the predefined remote site awaitng for the further remote commands.

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy