Backdoor.Win32.Ruskill.gd
The Backdoor.Win32.Ruskill.gd Trojan is an extremely dangerous malware infection. Most of the Backdoor.Win32.Ruskill.gd infections have been localized in South American countries. Backdoor.Win32.Ruskill.gd has the ability to steal online banking information, create a breach in the infected computer's security protection, connect to an IRC server, and block access to websites associated with computer security. Backdoor.Win32.Ruskill.gd also has rootkit capabilities that allow Backdoor.Win32.Ruskill.gd to hide from detection and use native Windows processes in order to mask its activities. ESG security researchers advise the complete removal of Backdoor.Win32.Ruskill.gd with a fully-updated anti-malware tool.
Table of Contents
Main Features of Backdoor.Win32.Ruskill.gd
Backdoor.Win32.Ruskill.gd has several different characteristics that work together to turn Backdoor.Win32.Ruskill.gd into an integrated threat. Some of Backdoor.Win32.Ruskill.gd's features work as a way to defend itself and others are designed to steal a computer user's personal information, and this Trojan is also able to allow a hacker to install additional malware on the infected computer. Listed below are some of the characteristics of Backdoor.Win32.Ruskill.gd:
- Backdoor.Win32.Ruskill.gd has rootkit capabilities that allow Backdoor.Win32.Ruskill.gd to protect itself. It uses native Windows file processes, such as svchost.exe, to operate undetected by Task Manager. Backdoor.Win32.Ruskill.gd also protects itself by altering Internet Explorer settings, in order to block computer security websites and the normal execution of legitimate security programs. This Trojan also has the capacity to make changes to the Windows Registry and System files that make Backdoor.Win32.Ruskill.gd's detection and eradication problematic.
- Backdoor.Win32.Ruskill.gd attempts to connect to an IRC server. Similar malware usually connects to an IRC server in order to receive additional files or instructions from a hacker or from an automated source. In the case of Backdoor.Win32.Ruskill.gd, this connection may be associated with the installation of a remote access tool and the integration of the infected computer into a botnet.
One of the features that differentiate Backdoor.Win32.Ruskill.gd from similar malware is its capacity to steal online banking passwords. This harmful Trojan contains a long list of websites associated with South American online banks. Whenever an infected computer attempts to access any of these websites, Backdoor.Win32.Ruskill.gd is able to spy on the computer user's online activity and record its victim's online banking account numbers, personal identification numbers, and passwords. This information can then be used to commit fraud or steal a victim's money.
SpyHunter Detects & Remove Backdoor.Win32.Ruskill.gd
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | %AppData%\2.exe | ||
| 2. | %AppData%\Mcxaxm.exe | ||
| 3. | %AppData%\1.tmp | ||
| 4. | file.exe | ba4614e5ad30bbd2abf6d55102342ffe | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.