Rado

Rado Description

Rado is a backdoor trojan that allows an attacker unauthorized remote access to a compromised computer. Once executed, the threat displays a fake error message containing the text "Incompatible Windows version". Then it registers itself in the system and notifies the intruder by sending him an ICQ message. Rado can terminate running antivirus programs and firewalls. The backdoor runs on every Windows startup.

Technical Information

Registry Details

Rado creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServiceswinupdate.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunwinupdate.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftKernel
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunwinupdate.exe

Related Posts

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.