Click on screenshot to zoom
Danger level 9
Type: Trojans

Trojan.Rimecud

As always there are extremely dangerous threats to your PC security and privacy to be extra cautious of, and Trojan.Rimecud is definitely one of those. This subversive Trojan is tricky to detect on any PC as it conducts all its behavior in the background, not alerting the user to any of activities.

The Trojan is spread via certain peer to peer applications, such as MSN Messenger, and through systems with vulnerable VNC servers, and VNC servers which don’t need passwords. Removable drives have also been known to spread Trojan.Rimecud of late. This Trojan also contains backdoor functionality which gives access to third parties to the infected PC.

The entire purpose behind Trojan.Rimecud is to unlawfully gain information stored in IE and Mozilla Firefox browsers. It not only obtains confidential data from the user’s browser, but it will send it unidentified persons the user never intended to give access to.

Once Trojan.Rimecud firmly roots itself in the system it will attempt to contact a remote host at update2.helohmar.com, using the port 80. It does this in order to receive configuration settings and other data from the unidentified host, as well as to report the new infection to the author. It will also use this connection to download and execute arbitrary files, which may include additional malware or updates of the malware already present on the PC. The author of the Trojan will also be able to instruct Trojan.Rimecud, and will upload the stolen data from the afflicted PC.

As mentioned earlier it will be difficult to detect and ultimately successfully remove Trojan.Rimecud without some help. Trojan.Rimecud will create a copy of itself in the system folder under the following name:

Msvmiode.exe

Finding this file on the PC would confirm that you are indeed infected with this seditious Trojan.

This certainly paints a dire picture of this Trojan. If you suspect foul play on your PC employ the removal power of a genuine security application which will not only permanently destroy Trojan.Rimecud from your PC but also offer valuable protection against future similar attacks and threats.

Download Spyware Removal Tool to Remove* Trojan.Rimecud
  • Quick & tested solution for Trojan.Rimecud removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan.Rimecud

Files associated with Trojan.Rimecud infection:

ydwzro.exe
jxiz.exe
otytkf.exe
panjxg.exe
gtcy.exe
gnja.exe
fhrkmk.exe
sjlp.exe
efntle.exe
otytkf.exe
jaase.exe
uxjj.exe
vppg.exe
zmrnig.exe
wnob.exe
qldi.exe
ogix.exe
nygm.exe
lwzy.exe
eyvkt.exe
cbzvl.exe
bgcu.exe
aegvvp.exe
mrpky.exe
mnsyt.exe
ygmdrm.exe
yeawl.exe
ydwzro.exe
xvlof.exe
wlttibd.exe
vfnqn.exe
vfbu.exe
ultej.exe
szdx.exe
sjlp.exe
rmhzb.exe
rljlz.exe
pnmnwk.exe
ohydy.exe
ofajj.exe
oekx.exe
nsvb.exe
mzrp.exe
msvmiode.exe
mmmpc.exe
ltzqai.exe
lbisov.exe
jxiz.exe
jvxqnu.exe
juzjf.exe
jqrim.exe
jahcii.exe
indl.exe
ibnzs.exe
gwdrive32.exe
gsyzq.exe
gnja.exe
fxmdk.exe
fswagz.exe
fhrkmk.exe
eliapq.exe
efntle.exe
bowcav.exe
bdepdf.exe
bbizd.exe
aglfry.exe
acxql.exe
11537.exe
rmotsu.exe
ygmdrm.exe
cbzvl.exe
vgwisb.exe
culrj.exe
ultej.exe
bbizd.exe
qldi.exe
vppg.exe
jvxqnu.exe
ccpep.exe
wnob.exe
gwdrive32.exe
juzjf.exe
acxql.exe
jaase.exe
uxjj.exe
ltzqai.exe
ogix.exe
mmmpc.exe
gjzbkt.exe
506.exe
gsyzq.exe
lwzy.exe
aglfry.exe
WinPackService.exe
oekx.exe
rmhzb.exe
nygm.exe
nsvb.exe
fswagz.exe
ydze.exe
lbisov.exe
vfbu.exe
szdx.exe
11537.exe
ibnzs.exe
bgcu.exe
ofajj.exe
fxmdk.exe
indl.exe
jahcii.exe
rljlz.exe
mqgka.exe
zmrnig.exe
msvmiode.exe
mzrp.exe
vfnqn.exe
xvlof.exe
yeawl.exe
eyvkt.exe
aegvvp.exe
pnmnwk.exe
obvwo.exe
wlttibd.exe
jqrim.exe
bowcav.exe
bdepdf.exe
eliapq.exe
dbmvlh.exe
fvjwsc.exe
mrpky.exe
ohydy.exe

Trojan.Rimecud processes to kill:

panjxg.exe
ogix.exe
otytkf.exe
aegvvp.exe
11537.exe
sjlp.exe
pnmnwk.exe
obvwo.exe
jvxqnu.exe
wnob.exe
506.exe
gnja.exe
gwdrive32.exe
otytkf.exe
jaase.exe
uxjj.exe
vppg.exe
zmrnig.exe
wnob.exe
qldi.exe
ogix.exe
nygm.exe
lwzy.exe
eyvkt.exe
cbzvl.exe
bgcu.exe
aegvvp.exe
mrpky.exe
mnsyt.exe
yeawl.exe
ydwzro.exe
ygmdrm.exe
ygmdrm.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
ydwzro.exe
xvlof.exe
wlttibd.exe
vfnqn.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
ultej.exe
szdx.exe
szdx.exe
sjlp.exe
sjlp.exe
sjlp.exe
sjlp.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rljlz.exe
rljlz.exe
rljlz.exe
pnmnwk.exe
ohydy.exe
ohydy.exe
ohydy.exe
ohydy.exe
ohydy.exe
ofajj.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
mzrp.exe
msvmiode.exe
mmmpc.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
jxiz.exe
jxiz.exe
jvxqnu.exe
jvxqnu.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
jqrim.exe
jahcii.exe
jahcii.exe
jahcii.exe
jahcii.exe
indl.exe
ibnzs.exe
gwdrive32.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gnja.exe
gnja.exe
gnja.exe
fxmdk.exe
fswagz.exe
fswagz.exe
fhrkmk.exe
eliapq.exe
efntle.exe
bowcav.exe
bowcav.exe
bdepdf.exe
bdepdf.exe
bdepdf.exe
bbizd.exe
aglfry.exe
acxql.exe
11537.exe
lwzy.exe
gtcy.exe
rmhzb.exe
ygmdrm.exe
vfbu.exe
eliapq.exe
mrpky.exe
bgcu.exe
gjzbkt.exe
jqrim.exe
vppg.exe
dbmvlh.exe
vgwisb.exe
fswagz.exe
zmrnig.exe
aglfry.exe
mmmpc.exe
wlttibd.exe
cbzvl.exe
fxmdk.exe
rmotsu.exe
rljlz.exe
indl.exe
ltzqai.exe
lbisov.exe
szdx.exe
vfnqn.exe
fhrkmk.exe
qldi.exe
WinPackService.exe
jaase.exe
ohydy.exe
ydze.exe
juzjf.exe
bdepdf.exe
oekx.exe
ibnzs.exe
jahcii.exe
bbizd.exe
yeawl.exe
gsyzq.exe
uxjj.exe
ccpep.exe
mqgka.exe
bowcav.exe
nsvb.exe
fvjwsc.exe
jxiz.exe
culrj.exe
nygm.exe
acxql.exe
mzrp.exe
ofajj.exe
xvlof.exe
efntle.exe
eyvkt.exe
msvmiode.exe
ydwzro.exe
ultej.exe

Remove Trojan.Rimecud registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ fesnn3
Disclaimer

Comments

  1. yunnad May 6, 2012

    i would like to know the process of removing those viruses so that i will know how to prevent them from running or transferring to my computer

  2. Pcthreat May 7, 2012

    Download our offered tool and scan your computer. The results will show which, and where the files are situated. Delete those files or avoid transfering them.

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.