Technical Information

File System Details

Backdoor.Ruskill creates the following file(s):
# File Name Size MD5 Detection Count
1 %APPDATA%bsetter-own.exe 525,312 553c201d3e747497300364189e84b147 1,878
2 %SYSTEMDRIVE%\Users\Javier\Downloads\skymonk_25627708_83.exe\skymonk_25627708_83.exe 3,720,572 cfe6b19f9703cdd6af8e5cd2f73761ed 100
3 %WINDIR%\System32\drivers\etc\xCmdSvc.exe 22,048 174fdc20478ebd625e225edb7093f4f3 16
4 %USERPROFILE%\Start Menu\Programs\Startup\Application.exe 519,168 db505062f8d837cdccefba4ea0375bbc 15
5 %WINDIR%\system32\ptsec.exe 149,654 e7c1f44976cd66f6a0a5efb71e05b893 10
6 %WINDIR%usbmon.exe 998,373 b568b8c0291ed818cb6e2ed119ae0471 9
7 %APPDATA%\Apple Computer\dfrgfat.exe 307,200 0d88c7df2f20c022c95f6aecfa153e9d 9
8 %PROGRAMFILES%\MSB SOFT\msbcheker.exe 2,002,944 ab074a92576b8629eb56e1eb9b935c95 5
9 %PROGRAMFILES(x86)%\Keyword Search\KeywordSearchUpdater.exe 129,536 cc68bbbb298ba1c990bfc4cb87788f98 4
10 %LOCALAPPDATA%\ajrgaopt\iquulxlq.exe 98,020 51f5e9c02a38b6ca244122223a38812f 4
11 %APPDATA%\\3\user\config\soffice.cfg\modules\sdraw\images\comp.exe 331,776 57654bd764fecadcfd8a0b926505d809 4
12 %USERPROFILE%\Local Settings\Application Data\GoogleUpdate.exe 46,592 18552f5fd8a3fbc0c315363c2be055cc 3
13 %TEMP%\_tc\multiunwr1.81.exe 11,264 ce69c7f61cf099f5da6a3bb2e30861b2 3
14 %LOCALAPPDATA%\Skype\qbomexmz.dll 761,344 61a87e00b31bd108010b00c625557665 3
15 %WINDIR%\system32\pgfv.exe 113,664 94e5a5a522ae0ddfc6ec0fe9c2628638 2
16 %LOCALAPPDATA%\Sapro Systems\chznnkyn.dll 770,048 822ded6c454bbe91d8c630a9b06b5bf2 2
17 %LOCALAPPDATA%\Dprfucfbwp\tdvceeap.dll 747,520 e9c33fca8998aff4eb794d6a555c8814 2
18 %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\avcheck.exe 26,112 d81829e6046afd0581458ee68b660e2d 2
19 %APPDATA%Update New 17 Jan 2013 Fullhack.exe 2,008,508 3d74053b94c8c2fb1857b614522a1c95 1
20 %WINDIR%\System32\regsvd.dll 1,799,168 e6889c73e072d9796773982191618f20 1
21 file.exe 393,216 ad28bcc1b25f0599d07897437b8fe15f 0
More files

Registry Details

Backdoor.Ruskill creates the following registry entry or registry entries:
Regexp file mask

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

HTML is not allowed.