Infected with XLoader ?
The XLoader application is described as a downloader Trojan.
This malware is a Trojan downloader application with hidden functionalities that include the download and installation of files from an FTP or Web server. The XLoader program reportedly facilitates the download and installation of potentially hostile files such as dialers into the computer system of the user.
Dialers are capable of making long-distance telephone calls or calling 1-900 or 1-976 numbers without the consent of the user. However, in order for these dialers to function, the computer would have to be connected to the phone line by means of a standard modem or with dialers that are more sophisticated, via DSL.
The XLoader application reportedly uses excessive system resources. It takes a lot of memory space and apparently affects the performance and stability of the compromised computer system. It also congests the Internet connection as well as network connection.
This malware is said to have originated from Germany. Like all Trojan downloaders, this program is capable of establishing a connection with the Internet and downloading files onto the targeted computer.
Unlike other downloader applications that have appeared in a number of variants, the XLoader application's goal is to facilitate the download of a smaller number of applications. These include premium-rate dialers affiliated with the pornographic websites. Dialers can make modifications to the dial-up settings of the user without having to seek for the user's consent. Dialers associated with this program frequently carry the same name.
The following are supposedly the file traces of this program:
* %system%\ clrschp033.exe;
* and %windows%\ digital signature 20031013.htm.
This program, like other Trojan downloaders, is responsible for the execution of applications in the compromised machine. It does this upon the completion of the download process or it could register a run command to the local system requirements.
Its author is unknown.
No website available.
|Threat Level: Severe Risk|
|Records personal data / keystrokes|
|Hijacks internet browser|
|Allows remote influence|
|Downloads unsolicited files|
|Disables programs / system|
|Makes unauthorized phone calls|
|Exploits a security flaw|
|Floods internet connection|
|Tracks browsing activity with installed applications|
|Tracks browsing activity with cookies|
|Installs without user consent|
|Inadequate uninstall procedures|
|Insufficient privacy disclosure and consent|
|Uses excessive system resources|
|Makes fraudulent claims about spyware detection and removal|
|Performs Silent Updates|
Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries.