backdoor.ruledor.
Webroot Antivirus: The best protection against viruses, spyware data theft and hackers.
Description:
Details
Backdoor.Ruledor.c
This program is part of the backdoor family of malicious programs intended for remote administration.
The victim computer can be remotely controlled and caused to execute the commands described in the file http://sds.cl**ch.com/ie/control.dat. The program downloads this file when starting.
Backdoor.Ruledor.c can also download and install other programs unnoticed.
Some incidents have been detected where a wide range of AdWare and Trojans have been downloaded and installed.
Installation
The program creates the directory ClearSearch in the Program Files folder, copies itself to this directory under the name loader.exe and registers as an autorun key in the system registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Other
When the system is started, the program deletes all Browser Helper Objects (BHO) not installed by the program.
Copyright @2006 backdoor.ruledor.