high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Characteristics |
|
| Protection available since | 20 January 2006 22:06:34 (GMT) |
| Last updated | 18 July 2006 22:14:58 (GMT) |
| Detected by | All Sophos products |
Sophos beta program
- Endpoint Security and Control 9.0
- Small business solutions 4.0
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/Haxdoor-AS is a Trojan for the Windows platform.
The Trojan steals usernames and passwords and sends stolen data to a remote attacker.
Sophos's anti-virus products include Genotype™ detection technology, which can proactively protect against new threats without requiring an update. Sophos customers have been protected against Troj/Haxdoor-AS (detected as Troj/Haxdor-Fam) since version 3.99. Troj/Haxdoor-AS is a Trojan for the Windows platform.
The Trojan steals usernames and passwords and sends stolen data to a remote attacker.
Troj/Haxdoor-AS copies itself to the Windows system folder as satdll.dll.
The Trojan may set registry entries under:
HKLM\SYSTEM\CurrentControlSet\Control\MPRServices\TestService
<several entries>
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
satdll
The Trojan may also create the file vxdgfx.sys in the Windows system folder.
Sophos's anti-virus products include Genotype™ detection technology, which can proactively protect against new threats without requiring an update. Sophos customers have been protected against Troj/Haxdoor-AS (detected as Troj/Haxdor-Fam) since version 3.99.
|
