Also known as Win32/Wisdoor.L trojan, Backdoor.Wisdoor.h, Backdoor.Domwis
It is an IRC backdoor Trojan that allows a malicious user remote access to an infected computer.
When first run, the Trojan copies itself to the Windows folder as a hidden file named RUND11.EXE.
Sets the following registry entry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Kaspersky Antivirus = \RUND11.EXE
This trojan can delete, download and execute remote files on the infected computer.
Also, it can be used to send files to other IRC users.
The Trojan can be used to flood other computers with internet traffic.
To evade detection, the Trojan can spoof the IP address of the infected computer.
Can steal system information, log keystrokes, create screen and webcam captures and send them to a malicious user.
The Trojan can be used to scan other computers for open ports and for vulnerabilities in web and database servers.
Remove it with antivirus (also check How To Remove section)