| Port No | 1026 |
| Service Name | Backdoor.RUX |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This remote-access and password-stealing backdoor malware is written in Visual Basic 5.0. It executes only when MSWINSCK.OCX is installed on the infected system. Otherwise an error message is displayed and its execution is stopped. This backdoor program allows a hacker to have access to the vital information on the infected computer. Thus, it compromises network security. |
| Reference Link | BKDR_RUX |
| Attack | Solutions: Click Start>Run, type Sysedit then hit the Enter key. Locate the run entry in the WIN.INI and manually remove the following reference to the backdoor program: run=C:\WINDOWS\SYSTEM\FlyingMarqu.scr Delete the below string that follows the "run=": C:\WINDOWS\SYSTEM\FlyingMarqu.scr Save and exit the file. Restart your System Scan your system with Trend Micro antivirus and delete all files detected as BKDR_RUX.30. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.