Backdoor.Cmder.L
Backdoor.Cmder.L is a virus that is spread by the carrier Trojan. It comes as a dynamic link library (dll) file; the virus divides itself into 3 parts for carrying out different functions. The three functions allocated to the 3 parts are WorkOne, WorkOne_t and SecondWork. WorkOne usually makes sure the virus successfully copies itself into the explorer.exe. Then WorkOne_T is activated to start the Internet Explorer. Next, SecondWork plays the main role of decrypting URL of the remote host, the port and others. The virus gathers information from the infected system and coverts it into html format which is then passed on to attackers.