Win32/Haxdoor is a family of rootkit-capable backdoor trojans which gather and send private user data to remote attackers. Collected data might include user names and passwords, credit card numbers, bank logon credentials, or other sensitive financial information. Files and processes related to a Win32/Haxdoor infection may be hidden by a kernel-mode rootkit component, detected by Microsoft as WinNT/Haxdoor. Win32/Haxdoor can also disable security-related software and redirect the infected user’s URL connection requests. Depending on the version of the operation system infected, Win32/Haxdoor may perform other malicious actions, such as clearing CMOS settings, destroying disk data, and shutting down Windows unexpectedly.

WinNT/Haxdoor is a family of kernel-mode trojan components affiliated with Win32/Haxdoor. The Win32/Haxdoor family of trojans are rootkit-capable backdoor trojans which gather and send private user data to remote attackers. Collected data might include user names and passwords, credit card numbers, bank logon credentials, or other sensitive financial information. Files and processes related to a Win32/Haxdoor infection may be hidden by a kernel-mode rootkit component, detected by Microsoft as WinNT/Haxdoor. Win32/Haxdoor can also disable security-related software and redirect the infected user’s URL connection requests. Depending on the version of the operation system infected, Win32/Haxdoor may perform other malicious actions, such as clearing CMOS settings, destroying disk data, and shutting down Windows unexpectedly.

VirTool:WinNT/Haxdoor.E is a kernel-mode rootkit-enabled Trojan that allows remote control of the infected machine over the Internet. The Trojan contains instructions that allow it to disable certain antivirus programs and firewall applications, log keystrokes, allow remote connections, lower security settings or perform other unwanted actions. VirTool:WinNT/Haxdoor.E gathers user and system information and sends it to a third party.

Backdoor:Win32/Haxdoor.DK is a backdoor Trojan that allows remote control of the machine over the Internet. The Trojan is rootkit-enabled, allowing it to hide processes and files related to the threat. Backdoor:Win32/Haxdoor.DK lowers security settings on the computer, gathers user and system information and sends it to a third party

Backdoor:Win32/Haxdoor.DK is a backdoor Trojan that allows remote control of the machine over the Internet. The Trojan is rootkit-enabled, allowing it to hide processes and files related to the threat. Backdoor:Win32/Haxdoor.DK lowers security settings on the computer, gathers user and system information and sends it to a third party

VirTool:WinNT/Haxdoor.F is a kernel-mode rootkit-enabled Trojan that allows remote control of the infected machine over the Internet. The Trojan contains instructions that allow it to disable certain antivirus programs and firewall applications, log keystrokes, allow remote connections, lower security settings or perform other unwanted actions. VirTool:WinNT/Haxdoor.F gathers user and system information and sends it to a third party.

Backdoor:Win32/Haxdoor.IF is a backdoor Trojan that allows remote control of the machine over the Internet. The Trojan is rootkit-enabled, allowing it to hide processes and files related to the threat. Backdoor:Win32/Haxdoor.IF lowers security settings on the computer, gathers user and system information and sends it to a third party

Backdoor:Win32/Haxdoor.IF is a backdoor Trojan that allows remote control of the machine over the Internet. The Trojan is rootkit-enabled, allowing it to hide processes and files related to the threat. Backdoor:Win32/Haxdoor.IF lowers security settings on the computer, gathers user and system information and sends it to a third party

Backdoor:Win32/Haxdoor.CX is a backdoor Trojan that opens and listens on three random TCP ports for proxy and remote access purposes.

VirTool:WinNT/Haxdoor.C is a kernel-mode rootkit-enabled Trojan that allows remote control of the infected machine over the Internet. The Trojan contains instructions that allow it to disable certain antivirus programs and firewall applications, log keystrokes, allow remote connections, lower security settings or perform other unwanted actions. VirTool:WinNT/Haxdoor.C gathers user and system information and sends it to a third party.