Backdoor.Orcus is a Remote Access Trojan (RAT) that is being sold on underground forums.
Backdoor.Orcus often creates Scheduled Tasks to gain persistence. The Scheduled Tasks have names like Orcus Respawner.job or Orcus.job.
Backdoor.Orcus offers a lot of configurability options. Installing a keylogger is one of these options.
Malwarebytes protects users from Backdoor.Orcus by using real-time protection.
Malwarebytes can removes Backdoor.Orcus without further user interaction.
Users of affected computers should take precautions against the consequences of stolen information.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Orcus Respawner