 |
Home
Articles
Spyware Research
Support
Scan Now
Purchase
F.A.Q.
Top 25 Spyware:
Glossary Latest Detections  |
 |
Trojan/BHO/Backdoor/Ruledor.cAlias: Backdoor.Ruledor.c, Spyware/ClearSearch, Win32/Igetnet.A trojan, IGetNet.ClearSearch
Description: An apparently useful and innocent program containing additional hidden code which allows the unauthorized collection, exploitation, falsification, or destruction of data. When this program executes, the program performs a specific set of actions, usually working toward the goal of allowing the trojan to survive on a system and open up a backdoor. Threat type: BHO - A Browser Helper Object (BHO) is a software application that runs automatically whenever you start Internet Explorer. Browser Helper Objects are typically installed by other programs such as toolbar accessories and can track internet usage, create popup windows, display additional information on a viewed page and collect information that is transmitted by you over the internet. Malicious software that exploits this technology can replace banner advertisements with other ads, monitor your actions, change your home page, etc. Backdoor - A Backdoor is an undocumented or secret means that can be used to obtain unauthorized access to your computer, or a malicious program that uses such a means to penetrate a computer system. Backdoor applications exploit vulnerabilities of installed programs or operating system and allow attackers to gain control over your computer system. Backdoor works in the background and hides from the user. It is always a high security risk. Hijacker - A Hijacker is a software application that takes control of your browser's settings. Usually it changes your home page and redirects it to some unknown site or modifies your search settings. It prevents you from changing back your browser's settings. An infected browser usually operates much slower. Trojan - A Trojans or Trojan Horse is any programs that installs itself secretly, quite often with sinister intent. Once installed, the trojan author (hacker) can gain complete control of the infected PC. Trojans are usually designed to steal sensitive information and/or destroy the system. Trojans can be distributed as unsolicited email attachments, or bundled with freeware and shareware programs. Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer or your privacy. Detection: SpyNoMore detects Trojan/BHO/Backdoor/Ruledor.c: Yes Threat risk: High Risk  Very dangerous malware. Can log user's keyboard activity and take snapshots of the user's screen. Uses stealth installation and removal is very difficult. Category includes spyware programs, adware programs and trojans. Symptoms:
Running Process Signatures: N/A File Signatures: %WINDOWS%\system32\ie_clrsch.dll %WINDOWS%\system\csie.dll %WINDOWS%\system32\csie.dll %WINDOWS%\system\ie_clrsch.dll Registered Dll (Dynamic Link Library) Signatures: N/A Folder Signatures: N/A Registry Signatures: HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-0000-0000-0000-000000000240} HKCR\clsid\{947e6d5a-4b9f-4cf4-91b3-562ca8d03313} HKCR\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-0000-0000-0000-000000000221} HKCR\clsid\{00000000-0000-0000-0000-000000000221} HKCR\clsid\{00000000-0000-0000-0000-000000000240} HKCR\software\microsoft\windows\currentversion\explorer\browser helper objects\{947e6d5a-4b9f-4cf4-91b3-562ca8d03313} HKLM\software\classes\clsid\{947e6d5a-4b9f-4cf4-91b3-562ca8d03313} HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-0000-0000-0000-000000000221} HKLM\software\classes\clsid\{00000000-0000-0000-0000-000000000240} HKCR\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-0000-0000-0000-000000000240} SpyNoMore Collected Residual File Signatures: N/A
| | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ||||
|
||||
 |
|
 | ||