Prevx Research Division
RBX.EXE
Cloaked MalwareYour PC may be infected. The presence of a file called RBX.EXE is a possible sign of infection.
You should urgently check your PC to make sure it is not infected. The free version of Prevx will scan your PC in less than two minutes and check for millions of spyware and malware infections including RBX.EXE. Don't put your confidential data, or your identity at risk, check your PC now with Prevx.
Associated Malware Groups
The unsafe files using this name are associated with the malware groups:
- Cloaked Malware
- Malware Dropper
File Behavior
RBX.EXE has been seen to perform the following behavior:
- Adds products to the system registry
- Adds a Registry Key (RUN) to auto start Programs on system start up
- Writes to another Process's Virtual Memory (Process Hijacking)
- Executes a Process
- Hooks the WININET.DLL function allowing it to read or copy Http and Https web page content and session information
- This process creates other processes on disk
- Creates or uses a background service to access the Internet using HTTP protocols
- Injects code into other processes
RBX.EXE has been the subject of the following behavior:
- Created as a process on disk
- Added as a Registry auto start to load Program on Boot up
- Executed as a Process
- Has code inserted into its Virtual Memory space by other programs
- Terminated as a Process
Country Of Origin
The filename RBX.EXE was first seen on Aug 21 2007 in the following geographical regions of the Prevx community:
- The United States on Aug 21 2007
- Argentina on Apr 30 2010
- The United Kingdom on Apr 30 2010
- France on Aug 13 2010
- Brazil on Aug 13 2010
File Name Aliases
RBX.EXE can also use the following file names:
- QJR.EXE
- TNX.EXE
- KJX.EXE
- LDD.EXE
- SXR.EXE
- SXU.EXE
- NTR.EXE
- LDG.EXE
- LDJ.EXE
- LDM.EXE
- DMJ.EXE
- DMK.EXE
- DMN.EXE
- DMQ.EXE
- RBJ.EXE
- DTM.EXE
- CLD.EXE
- CLG.EXE
- CLJ.EXE
- DDX.EXE
- RCF.EXE
- RCC.EXE
- CZH.EXE
- ZQL.EXE
- WZL.EXE
- VQR.EXE
- IJV.EXE
- LCE.EXE
- LCC.EXE
- HNL.EXE
- CGW.EXE
- UNL.EXE
- KVX.EXE
- XDE.EXE
- RCX.EXE
- RCZ.EXE
- NSD.EXE
- FFY.EXE
- FKD.EXE
- SBD.EXE
- SBI.EXE
- QCK.EXE
- PGG.EXE
- SLL.EXE
- YWU.EXE
- DSL.EXE
- GND.EXE
- TXX.EXE
- HHR.EXE
- ZWL.EXE
- DPR.EXE
- CFL.EXE
- BNL.EXE
- SNL.EXE
- TSH.EXE
- QFX.EXE
- BZK.EXE
- BZH.EXE
- BZL.EXE
- IKD.EXE
- LGD.EXE
- VWH.EXE
- WSN.EXE
- HQX.EXE
- RJR.EXE
- CWJ.EXE
- WQR.EXE
- DAVID.EXE
- UMD.EXE
- XTD.EXE
- UMG.EXE
- XWL.EXE
- VWK.EXE
- MV1.EXE
- JH1.EXE
- EK1.EXE
- QH5.EXE
- HH1.EXE
- IG1.EXE
- SK1.EXE
- RN5.EXE
- RN6.EXE
- RN7.EXE
- TX3.EXE
- DK3.EXE
- YC1.EXE
- UJ3.EXE
- QF1.EXE
- VD1.EXE
- FF0.EXE
- RC2.EXE
- TZ7.EXE
- WS1.EXE
- YJ1.EXE
- UH5.EXE
- UW1.EXE
- UW4.EXE
- PT1.EXE
- PJ1.EXE
Filesizes
The following file size has been seen:
- 16,384 bytes
- 200,192 bytes
- 151,552 bytes
- 157,696 bytes
Vendor, Product and Version Information
Files with the name RBX.EXE have been seen to have the following Vendor, Product and Version Information in the file header:
- Microsoft; RubyConsole; 1.0.0.0
- ApexDC++ Development Team; Apex; 0, 1, 2, 0
File Type
The filename RBX.EXE is used by multiple object types including objects,executable programs.