Troj/DwnLdr-HXW

Category	Viruses and Spyware
Type	Trojan
What to do	If you've received an alert for a virus or spyware, then follow the instructions for removing the threat.
Prevalence	low high

Summary

Summary
Action
More Information


Affected operating systems	Windows
Protection available since	22 November 2009 03:58:00 (GMT)
Detected by	All Sophos products

Free virus scan
Download the Threat Detection Test

Free virus, spyware, and adware scan
Test your existing anti-virus protection
Find threats your anti-virus missed

Action

Summary
Action
More Information

Please follow the instructions for removing Trojans.

More Information

Summary
Action
More Information

Troj/DwnLdr-HXW is a Trojan for the Windows platform.

Troj/DwnLdr-HXW includes functionality to:

- copy iteslf to the <WINDOWS> folder
- steal confidential information
- access the internet and communicate with a remote server via HTTP

Troj/DwnLdr-HXW communicates via HTTP with the following locations:

perolasfull . com
alonsoalvesempredniments . com
untitledfiles . com
bloqueioconta . com
convitesespeciais . com
perolasorkut . com . br
profillesatuais . com . brcolor . js

When Troj/DwnLdr-HXW is installed the following files are created:

<Program Files>\Internet Explorer\acpi.vxd
<Program Files>\Internet Explorer\pdm2.dll

Get reports about the latest virus and spyware threats delivered to your computer

In this section

Sophos blogs

Troj/DwnLdr-HXW

Summary

Action

More Information