February 21st, 2005, 01:18 AM
Haxdoor.BGN or Haxdoor-O or mszx23.exe Backdoor.Haxdoor.D
System = windows 2000 pro (NT)
After Deleting vdnt32.sys
successfully in safe mode
file drct16.dll creates itself
in system32 folder ( 0kb)
which cannot be deleted.
w32tm.exe (returns after delete)
drct16.dll (cannot delete shares attributes with vdnt32.sys)
vdnt32.sys (cannot delete except in safe mode: shares attributes with drct16.dll)
Yes I tried the file in use deleter application, and I also tried Killbox, but no such luck. Anyone know what service proccess causes the return of these 2 files ????
February 21st, 2005, 01:27 AM
Here’s a free site that supposedly scans/removes haxdoor:
Hope that helps.
Connection refused, try again later.
February 21st, 2005, 01:58 AM
thanks i will try and let u know what happens.
February 21st, 2005, 02:22 AM
I downloaded this application and installed it although it does not allow me to run the software for some reason I get an application error.
February 21st, 2005, 11:16 PM
February 21st, 2005, 11:27 PM
And upload a copy of the .exe to your AV supplier if you can.
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
February 22nd, 2005, 09:38 AM
Experience is something you don't get until just after you need it.
February 28th, 2005, 10:31 AM
7 days later and finally I kicked this trojans butt thanks to WebRoot Spy Sweeper 184.108.40.206 Beta Trial Version. It must be the 194 beta version otherwise you won't be able to update ur definition files. It detected haxdoor backdoor trojan right away, and in conjunction with that and Killbox I managed to delete the file that kept coming back in my windows system32 folder.
Safe at last thanks to WebRoot Spy Sweeper.
February 28th, 2005, 11:30 AM
You know, I don't know which I am gladder about ..
The fact that you fixed the problem,
The fact that you came back and reported it letting us know your progress and solutions!
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
March 1st, 2005, 12:18 AM
Well thats one for the good guys. If I can make people aware of malware I will.
Spy Sweeper - 1
Haxdoor - 0