Infected with Xorpix Trojan ?
The Xorpix Trojan software is a backdoor Trojan application.
Anti-virus companies warn that the Xorpix Trojan program has the ability to allow remote attackers to access the user's computer. As soon as it enters the victim's computer, it creates a backdoor that renders the computer vulnerable to hacking. Backdoors provide an entry point through which files are transferred to and from the computer while avoiding detection.
The infected computer may become the hacker's tool in attacking other computers and servers. Certain programs may suddenly open or close without the user's initiation. Anti-virus programs and firewall may especially be targeted to give the hacker more freedom to navigate within the machine. The computer itself may shut down or simply crash without warning.
The most dangerous aspect of remote intrusion is the possibility that hackers may have access to the user's files. They may copy confidential files. Remote intruders may steal the victim's personal information such as financial details. They may also delete core system files in order to crash the system. Hackers can activate external devices such as webcams to start monitoring the user's actions in real time. The Xorpix Trojan application is especially known for flooding the Internet connection, making it slow.
The Xorpix Trojan software first enters the system as the file tcp.exe. It then proceeds to hide other components of itself in folder placed in the Windows directory. This maneuver allows the Xorpix Trojan application to be re-installed after it has been removed. It also ensures that the user has difficulty pinpointing the exact files that enable the Xorpix Trojan program to operate. Research indicates that some of these files may include:
* and winsys2f.dll.
To complete the deception, the Xorpix Trojan software changes several registry keys by adding additional values to them. This gives the Xorpix Trojan program a legitimate appearance. It also launches the Xorpix Trojan application during startup.
The Xorpix Trojan program may be known among anti-virus companies as either Troj/Xorpix-F or Trojan-Proxy.Win32.Xorpix.
|Threat Level: Severe Risk|
|Records personal data / keystrokes|
|Hijacks internet browser|
|Allows remote influence|
|Downloads unsolicited files|
|Disables programs / system|
|Makes unauthorized phone calls|
|Exploits a security flaw|
|Floods internet connection|
|Tracks browsing activity with installed applications|
|Tracks browsing activity with cookies|
|Installs without user consent|
|Inadequate uninstall procedures|
|Insufficient privacy disclosure and consent|
|Uses excessive system resources|
|Makes fraudulent claims about spyware detection and removal|
|Performs Silent Updates|
Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries.