Ruland
Ruland is a dangerous mass-mailing worm that uses Microsoft Outlook mail application to send e-mail messages with links leading to infected files. Once the user clicks on such a link, the spyware installs itself to the computer. Ruland downloads a predetermined file from the Internet and drops several trojans, which steal bank account details and give the remote attacker unauthorized access to a compromised PC. The worm automatically runs on every Windows startup. Its activity results in user privacy violation and computer instability.
File System Modifications
- The following files were created in the system:
# File Name 1 accwizz.exe 2 accwizzz.exe 3 iexplore.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunaccwizz.exeHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunaccwizzzHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunacwizzz.exeHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunmeuprogramaHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunwinlogon32_
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.