Threat Database Backdoors Rado

Rado

By GoldSparrow in Backdoors

Translate To:

Rado is a backdoor trojan that allows an attacker unauthorized remote access to a compromised computer. Once executed, the threat displays a fake error message containing the text "Incompatible Windows version". Then it registers itself in the system and notifies the intruder by sending him an ICQ message. Rado can terminate running antivirus programs and firewalls. The backdoor runs on every Windows startup.

File System Details

Rado may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	winupdate.exe
Name: winupdate.exe Type: Executable File

Registry Details

Rado may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServiceswinupdate.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunwinupdate.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftKernel

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunwinupdate.exe

Related Posts

Trojan.Radonskra screenshot

Trojan.Radonskra

November 28, 2019

Search.lavradoor.com

Browser Hijackers

July 4, 2018

Search.lavradoor.com may be shown to PC users as their default new tab page and search handler when they install a browser extension called 'Lavradoor Downloader' via freeware bundles. Users have...

Win32.Krado screenshot

Win32.Krado

November 28, 2019

'wisperado@india.com' Ransomware

February 27, 2017

The 'wisperado@india.com' Ransomware is an encryption ransomware Trojan that is part of a large family of ransomware known a Dharma. The 'wisperado@india.com' Ransomware was first observed towards...

ArtraDownloader

August 27, 2019

BITTER is an APT (Advanced Persistent Threat) which has been active since 2015. Experts believe that the BITTER hacking group likely originates from Southern Asia as most of their victims are...

'Seu windows foi sequestrado' Screen Locker

February 6, 2017

The 'Seu windows foi sequestrado' Screen Locker is a screen locker that is targeted toward Portuguese-speaking victims. The 'Seu windows foi sequestrado' Screen Locker is a Trojan, which is...

Trending

Rzfu Ransomware

September 4, 2023

The Rzfu Ransomware is a perilous strain of malware specifically engineered to encrypt files stored on a targeted computer system. When the Rzfu Ransomware is triggered, it conducts a comprehensive...

Safe Search Eng

Potentially Unwanted Programs, Browser Hijackers

June 20, 2023

The Safe Search Eng is a type of browser extension that manipulates the search functionality of users' Web browsers, redirecting their searches to an undesired search engine. This intrusive...

Findtheirreport.com

August 9, 2023

Most Viewed

Is Lookmovie.io Safe? screenshot

Is Lookmovie.io Safe?

August 3, 2021 28,531 5

Lookmovie.io is a video streaming site. The problem is that the content there is being offered for streaming illegally. In addition, the site generates monetary gains via rogue advertising...

How To Fix 'Printer Driver is Unavailable' Error

June 29, 2021 22,094

Printers are notorious for refusing to do their job whenever the user needs it the most. Luckily, if your printer is displaying the Printer Driver is Unavailable' error, then there are a couple of...

Discord Shows Black Screen when Sharing Screen screenshot

Discord Shows Black Screen when Sharing Screen

June 21, 2021 21,497

When it first launched, Discord was a VoIP platform geared toward the gaming community. However, in the following years, it expanded its scope, added numerous new features, and became one of the...

Loading...