Search Solo Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info SRN Micro Privacy Statement

 


RTDX32.EXE PROCESS INFORMATION

Process Name  : rtdx32.exe

Process Path : %SYSTEM%\rtdx32.exe [ C:\Windows\System32\rtdx32.exe ]

Process type    : Trojan

Malware Name : Trojan.Win32.Webber

Alias             : Downloader-DI, TrojanProxy.Win32.Webber, Troj/Webber-A, Trojan.Download.Berbew, W32/Heloc@mm

Threat level : Low

Process Details :

                     Rtdx32.exe process is downloaded by Webber. It is a backdoor Trojan, can be used to steal passwords in the infected system. It arrives as an e-mail attachment. The infected attachment name will be "web.da.us.citi.heloc.pif".

The message subject will be

Re: Your credit application

The message body will be

"Dear sir,

Thank you for your online application for a Citibank Home Equity Loan. In order to be approved for any loan application we pull your Credit Profile and Chexsystems information, which didn't satisfy our minimum needs. Consequently, we regret to say that we cannot approve you for Citibank Home Equity Loan at this time.

*Attached are copy of your Credit Profile and Your Application that you submitted with us. Please take a close look at it, you will receive hard copy by mail withing next few days."

                     When executed, the Trojan connects to a website and downloads the file rtdx32.exe in the Windows system folder. The downloaded file copies to a random file name and drops a DLL file. Then it modifies registry keys to load automatically. Webber Trojan  steals cached password from the infected system and posts them to a pre configured web site. 

How can I protect my system?

                   Solo has incorporated rtdx32.exe in its signature file to protect users from this Trojan attack. Solo antivirus registered users are already protected from this Trojan. Make sure that you have installed registered version of Solo Antivirus to protect your system from all virus threats.

How to remove this Trojan?

                   If you are already infected with rtdx32.exe, you can remove it from your computer using Solo Antivirus software. Use the following link to Download 30 day trial version of Solo antivirus to remove viruses from your computer.

                   Solo anti-virus not only scans for all viruses, it contains a unique System Integrity Checker to protect you from New Internet Worms, Backdoors and malicious VB, Java Scripts. It also effectively removes all existing Internet Worms, File viruses, malicious VB, Java scripts, Trojans, Backdoors, boot sector, partition table and macro viruses.

You can purchase Solo antivirus using the link