Know Your Malware: Hzdoor removal


Hzdoor is an IRC-controlled backdoor that provides the attacker with unauthorized remote access to the compromised computer. The intruder can download and run arbitrary files, alter the Windows registry, collect system information and run a hidden FTP server. Hzdoor can exploit known system vulnerabilities in attempt to install a server that enables full remote access to the infected computer. The backdoor runs on every Windows startup.

Related files: ccevtmngr.exe, ccsetmngr.exe

Hzdoor properties:
Allows remote user connection
Connects itself to the internet
Hides from the user
Stays resident in background Remove Hzdoor, removal instructions

Linked by shanmuga Friday, 24th March 2006 2:12AM