TROJ_RIMECUD.AJL

TROJ_RIMECUD.AJL is a fake Trend Micro PC security component that installs a Bitcoin miner onto the affected PC. Bitcoin miners exploit the resources of infected computers to generate fraudulent e-currency, and coincidentally also may cause significant problems with system performance – particularly for low-end systems. Unsurprisingly, the actual Trend Micro company was quick to identify this threat and defend their own brand name. Distribution points for TROJ_RIMECUD.AJL haven't yet been analyzed, but SpywareRemove.com malware experts stress that TROJ_RIMECUD.AJL, an EXE file, still needs to be launched – either manually or by another PC threat – before TROJ_RIMECUD.AJL can install its payload. Avoiding malicious download sources and acquiring Trend Micro products only from the original sources will help to evade TROJ_RIMECUD.AJL attacks, and removing TROJ_RIMECUD.AJL's payload can, naturally, be done with any good anti-malware product.

The Big Chill that TROJ_RIMECUD.AJL Puts on Digital Money

TROJ_RIMECUD.AJL is disguised (in terms of its associated file information, such as its Description text) as a fake security product or component from Trend Micro, a well-known PC security company. Along with a randomly-generated file name, these details may trick some PC users into thinking that TROJ_RIMECUD.AJL is a legitimate patch or other update-related file from that company, but SpywareRemove.com malware research team has confirmed that TROJ_RIMECUD.AJL's actual purpose is to be a Trojan downloader.

After TROJ_RIMECUD.AJL is launched (either manually or by other malware), TROJ_RIMECUD.AJL opens a fake Svchost.exe process – the name of a normal Windows file – and then installs a second piece of malware that's identified as HKTL_BITCOINMINE. HKTL_BITCOINMINE, a standard Bitcoin miner that uses your computer's RAM, CPU and other resources to generate fake Bitcoins through repetitive functions. SpywareRemove.com malware analysts note that, while these malicious functions take place in the background and will not show obvious symptoms, they may be somewhat detectable due to their resource usage and the side effects (such as poor PC performance, sluggishness and unresponsiveness) that are characteristic of having low system resources.

How You Can Keep Your Computer from Choking on a Cud of TROJ_RIMECUD.AJL

TROJ_RIMECUD.AJL and HKTL_BITCOINMINE, as malware, will try to avoid giving away their real functions or, in the latter's case, even its presence on your computer. SpywareRemove.com malware researchers strongly encourage the usage of anti-malware products for finding or removing TROJ_RIMECUD.AJL, as well as malware related to TROJ_RIMECUD.AJL attacks. Any significant delay in this allows your PC to be exploited for Bitcoin generation and, potentially, other crimes.

TROJ_RIMECUD.AJL is designed to attack Windows computers, and SpywareRemove.com malware researchers have found compatibility with TROJ_RIMECUD.AJL and more than one version of Windows. Different anti-malware programs may detect TROJ_RIMECUD.AJL by one of many aliases, including Trojan.Win32.Rimecud.ag, W32/Rimecud.gen.dp and Trojan:Win32/Rimecud.A.

Since TROJ_RIMECUD.AJL has been confirmed to be distributed in the wild, you also should take suitable measures to protect yourself from possible TROJ_RIMECUD.AJL infections. SpywareRemove.com malware experts consider freeware sites and sites that offer fake security updates to be the most likely infection vectors for TROJ_RIMECUD.AJL, although other means of ingress (such as spam e-mail) also are possible.

Technical Details