The file RUIRTBI.DLL is identified as the Trojan Program that is used for stealing bank information and users passwords.
To delete RUIRTBI.DLL we suggest you should use UnHackMe:
http://www.unhackme.com
Malware Analysis of RUIRTBI.DLL
Full path on a computer: %Common Appdata%\Mozilla\ruirtbi.dll
Detected by UnHackMe:
Item Name: mnashbk
Author:
Current Setting: C:\DOCUME~1\ALLUSE~1\APPLIC~1\MOZILLA\ZPVCKRD.EXE
Type: Scheduled Tasks
Item Name: AppInit_DLLs
Author:
Current Setting: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla\ruirtbi.dll
Type: List of Injected DLLs
Item Name: mnashbk.job
Author:
Current Setting: %WinDir%\TASKS\MNASHBK.JOB
Type: Unwanted Software Files
Removal Results: Success
Number of reboot: 1
RUIRTBI.DLL is known as:
Trojan.Injector, Trojan.Injector.agcm, Trojan.Agentb.bqboxr, Vundo.EAFH, Trojan.Agentb.aacm, Trojan.Agent.58IzJrctXKc, Trojan.Mods.1, TR.Rogue.16902, Trojan.Agentb.edv, Trojan.Agentb, Troj.Agentb.aa.(kcloud), VirTool.Injector.EE, W32.Trojan.IQCE-0339, Trojan.Baky, SScope.Malware-Cryptor.Carberp.2313, a variant of Win32.Injector.AGCM, Virus.Injector, W32.Agentb.AACM.tr, Inject.NDW
RUIRTBI.DLL hash:
- MD5: e35c633543b333b22c6a385a8b343c8b
Clik here to view.
Registry:- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla\ruirtbi.dll”
Clik here to view.
Files:- %Common Appdata%\Mozilla\ruirtbi.dll
- %Common Appdata%\Mozilla\zpvckrd.exe
- %WinDir%\Tasks\mnashbk.job
