Xanadu 1.1 on Spyware-Net

Xanadu 1.1 - Process Information

Description of Xanadu 1.1 :
Once installed, Xanadu opens port 1031 as a backdoor to allow a remote attacker to gain entry to your computer. This server file allows the attacker to log all your keystrokes, record passwords, access data stored on your hard drive, and eventually lock you out of your system.

Recommendation for Xanadu 1.1 :
This is a severe threat. It is recommended that this be removed from your system immediately.

Trusted: No
Trojan: No
Chronic: No
Adware: No
Carrier: No
Browser Hijacker: No
Dialer: No
Commercial Keylogger: Yes
Remote Administration Tool: No
Suspected: No

Company Name: The ExCon
Platforms Affected:
Methods of Distribution: Xanadu may be found in hacking websites. The server file that is used to launch the attack may have been sent to you as a non-malicious setup file.
Variants/Versions:
Release Date: 1999

Spyware-Net features:

ZeroSpyware v3.4

Remove PC History
Permanently get rid of temporary files, application and internet history.

Download Internet Accelerator
Block advertisements and accelerate the PC's online speed.

Gator	Virtumonde	Altnet Download Mngr	CoolWebSearch
SurfSideKick	SpyFalcon	Abetterinternet Shared	CashBack
Cydoor	ISTBar	BargainBuddy	nCase
IE Plugin	HuntBar	W32.Puper	Dummy Software 3
The Spyware Detective	AdBars	DirectUpdate	All-In-One Keylogger
Spytech Shadow	IsMyMateCheatingOnline	Zsearch Toolbar	Trojan.Haxdoor-AX
Spy-Keylogger	Regifast	Sigster	HotBar
Daemon Tools	ISTBar	TitanShield Antispyware	AskYaya
AtHoc Toolbar	SpySoldier	Froggie Scan	Trojan Small.BA
Apophis	WinFixer	EarSpy	Trojan Comet
FastFind.Subsearch	CWS.AboutBlank	Doly 2.0	Actions Monitor
008 Key Logger Remote	W32.Bugbear	Comload	Dialarm

svchost.exe	wo.exe	mssearchnet.exe	ssk.exe
Save.exe	service.exe	Buddy.exe	bridge.exe
bridge.dll	java.exe	istsvc.exe	GMT.exe
se.EXE	optimize.exe	sk51_demo.exe	0.exe
ipwu.exe	istdownload[1].exe	shdocapi.exe	vqdtcstp.exe
MsMovies.exe	VIDEOINST.EXE	wfxcwr.exe	NCTAudioCDGrabber2.dll
ETRAPN.exe	UERTcw.exe	thnall1l.exe	Updater.exe
hmmatm.dll	wtoolst.dll	trustin.dll	eee2.exe
cpu.exe	msccn32.exe	hpfc3e.tmp	wintective.exe
systime.exe	PrevAdServ.exe	exlorer_.exe	cool.exe
win32clt.exe	TimeSynchronize.exe	log.dll	eiv2rblw.exe
IESERVICE.DLL	unins000.exe	addfn32.dll

Google Earth	Yahoo! Messenger	iTunes	Windows Media Player
Skype	WinRAR	WinAMP	Microsoft Word
Mozilla	Adobe Photoshop	Mozilla Firefox	Music Match
Microsoft Outlook	Google Toolbar	Macromedia Flash	Euro Conversion Tool
Microsoft Windows Printer Spooler	DVD Region+CSS Free	InstallShield Engine Application	CamFrog Video Chat
Digisoft AntiDialer	IncrediMail	Regmon	MRU-Blaster
MS Windows HyperTerminal	RM-X PSP Video	Virtual CD	MS Office Fast Search Utility
WinTOTAL	Startup Monitor	ASUS Device Drivers	Sonique
Anti Trojan Elite	MWSnap	Aladdin Systems Internet Cleanup	SmartSMS
Edit Buddy	Nikon View	Microsoft Office Hotfix	Pimpfish
ExtendScript Toolkit	Steganos AntiSpyware	BitTorrent	Eicon's ADSL Modem
Justdo Software

svchost.exe	alg.exe	ccapp.exe	jusched.exe
lsass.exe	csrss.exe	ctfmon.exe	wuauclt.exe
nwiz.exe	mdm.exe	nprotect.exe	smss.exe
services.exe	wmiprvse.exe	hkcmd.exe	WABMIG.EXE
ips680mi.dll	ChMCcfg.dll	msvcp60.dll	mcplug.dll
ObexHeaderServiceDll.dll	vdetector2004demo.exe	rnathchk.exe	dxplayer.exe
OfcNotify.dll	Bhossafe.dll	fsavres.dll	tmCfwApi.dll
QTOLibrary.dll	PhishGuardHelper.dll	vcl680mi.dll	hpoapm08.exe
apdproxy.exe	uwinapi.dll	UPDATE.EXE	mmjbloc.dll
appautoshutdown.exe	GoogleUpdater.exe	forgeSetup.exe	libspdif_mixer_plugin.dll
CoolHttp.dll	cvs.exe	TmpeUrlF.dll	NetWiz.exe
wfcomrc.dll	hpzrcv01.exe	captlib.dll	MaxSync.exe

File Name
client.exe