Click on screenshot to zoom
Danger level 9
Type: Trojans

Trojan.Rimecud

As always there are extremely dangerous threats to your PC security and privacy to be extra cautious of, and Trojan.Rimecud is definitely one of those. This subversive Trojan is tricky to detect on any PC as it conducts all its behavior in the background, not alerting the user to any of activities.

The Trojan is spread via certain peer to peer applications, such as MSN Messenger, and through systems with vulnerable VNC servers, and VNC servers which don’t need passwords. Removable drives have also been known to spread Trojan.Rimecud of late. This Trojan also contains backdoor functionality which gives access to third parties to the infected PC.

The entire purpose behind Trojan.Rimecud is to unlawfully gain information stored in IE and Mozilla Firefox browsers. It not only obtains confidential data from the user’s browser, but it will send it unidentified persons the user never intended to give access to.

Once Trojan.Rimecud firmly roots itself in the system it will attempt to contact a remote host at update2.helohmar.com, using the port 80. It does this in order to receive configuration settings and other data from the unidentified host, as well as to report the new infection to the author. It will also use this connection to download and execute arbitrary files, which may include additional malware or updates of the malware already present on the PC. The author of the Trojan will also be able to instruct Trojan.Rimecud, and will upload the stolen data from the afflicted PC.

As mentioned earlier it will be difficult to detect and ultimately successfully remove Trojan.Rimecud without some help. Trojan.Rimecud will create a copy of itself in the system folder under the following name:

Msvmiode.exe

Finding this file on the PC would confirm that you are indeed infected with this seditious Trojan.

This certainly paints a dire picture of this Trojan. If you suspect foul play on your PC employ the removal power of a genuine security application which will not only permanently destroy Trojan.Rimecud from your PC but also offer valuable protection against future similar attacks and threats.

Download Spyware Removal Tool to Remove* Trojan.Rimecud
  • Quick & tested solution for Trojan.Rimecud removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan.Rimecud

Files associated with Trojan.Rimecud infection:

ydze.exe
lwzy.exe
506.exe
ygmdrm.exe
mqgka.exe
gwdrive32.exe
eyvkt.exe
dbmvlh.exe
ydwzro.exe
msvmiode.exe
gnja.exe
fswagz.exe
vppg.exe
acxql.exe
uxjj.exe
pnmnwk.exe
rljlz.exe
eliapq.exe
rmotsu.exe
vgwisb.exe
11537.exe
panjxg.exe
ccpep.exe
fhrkmk.exe
indl.exe
ibnzs.exe
jaase.exe
gjzbkt.exe
ultej.exe
ogix.exe
oekx.exe
mmmpc.exe
bowcav.exe
WinPackService.exe
lbisov.exe
fvjwsc.exe
gsyzq.exe
rmhzb.exe
juzjf.exe
culrj.exe
jahcii.exe
otytkf.exe
sjlp.exe
mrpky.exe
nygm.exe
vfnqn.exe
aegvvp.exe
cbzvl.exe
obvwo.exe
nsvb.exe
ltzqai.exe
jvxqnu.exe
bdepdf.exe
vfbu.exe
otytkf.exe
jaase.exe
uxjj.exe
vppg.exe
zmrnig.exe
wnob.exe
qldi.exe
ogix.exe
nygm.exe
lwzy.exe
eyvkt.exe
cbzvl.exe
bgcu.exe
aegvvp.exe
mrpky.exe
mnsyt.exe
ygmdrm.exe
yeawl.exe
ydwzro.exe
xvlof.exe
wlttibd.exe
vfnqn.exe
vfbu.exe
ultej.exe
szdx.exe
sjlp.exe
rmhzb.exe
rljlz.exe
pnmnwk.exe
ohydy.exe
ofajj.exe
oekx.exe
nsvb.exe
mzrp.exe
msvmiode.exe
mmmpc.exe
ltzqai.exe
lbisov.exe
jxiz.exe
jvxqnu.exe
juzjf.exe
jqrim.exe
jahcii.exe
indl.exe
ibnzs.exe
gwdrive32.exe
gsyzq.exe
gnja.exe
fxmdk.exe
fswagz.exe
fhrkmk.exe
eliapq.exe
efntle.exe
bowcav.exe
bdepdf.exe
bbizd.exe
aglfry.exe
acxql.exe
11537.exe
bbizd.exe
ohydy.exe
bgcu.exe
ofajj.exe
wlttibd.exe
qldi.exe
jxiz.exe
zmrnig.exe
xvlof.exe
gtcy.exe
wnob.exe
efntle.exe
aglfry.exe
yeawl.exe
jqrim.exe
mzrp.exe
szdx.exe
fxmdk.exe

Trojan.Rimecud processes to kill:

bowcav.exe
zmrnig.exe
mzrp.exe
fswagz.exe
ibnzs.exe
ultej.exe
jahcii.exe
fhrkmk.exe
gtcy.exe
bgcu.exe
nygm.exe
fvjwsc.exe
rmhzb.exe
sjlp.exe
szdx.exe
wnob.exe
jqrim.exe
ydwzro.exe
mqgka.exe
juzjf.exe
bdepdf.exe
gjzbkt.exe
acxql.exe
mmmpc.exe
aegvvp.exe
ydze.exe
fxmdk.exe
qldi.exe
pnmnwk.exe
bbizd.exe
efntle.exe
ohydy.exe
culrj.exe
jaase.exe
ygmdrm.exe
gwdrive32.exe
mrpky.exe
wlttibd.exe
cbzvl.exe
eliapq.exe
aglfry.exe
gnja.exe
vfnqn.exe
gsyzq.exe
vppg.exe
ofajj.exe
WinPackService.exe
jvxqnu.exe
nsvb.exe
obvwo.exe
vfbu.exe
uxjj.exe
eyvkt.exe
otytkf.exe
xvlof.exe
vgwisb.exe
msvmiode.exe
dbmvlh.exe
indl.exe
oekx.exe
ogix.exe
ltzqai.exe
506.exe
lbisov.exe
yeawl.exe
lwzy.exe
jxiz.exe
otytkf.exe
jaase.exe
uxjj.exe
vppg.exe
zmrnig.exe
wnob.exe
qldi.exe
ogix.exe
nygm.exe
lwzy.exe
eyvkt.exe
cbzvl.exe
bgcu.exe
aegvvp.exe
mrpky.exe
mnsyt.exe
yeawl.exe
ydwzro.exe
ygmdrm.exe
ygmdrm.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
ydwzro.exe
xvlof.exe
wlttibd.exe
vfnqn.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
ultej.exe
szdx.exe
szdx.exe
sjlp.exe
sjlp.exe
sjlp.exe
sjlp.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rljlz.exe
rljlz.exe
rljlz.exe
pnmnwk.exe
ohydy.exe
ohydy.exe
ohydy.exe
ohydy.exe
ohydy.exe
ofajj.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
mzrp.exe
msvmiode.exe
mmmpc.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
jxiz.exe
jxiz.exe
jvxqnu.exe
jvxqnu.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
jqrim.exe
jahcii.exe
jahcii.exe
jahcii.exe
jahcii.exe
indl.exe
ibnzs.exe
gwdrive32.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gnja.exe
gnja.exe
gnja.exe
fxmdk.exe
fswagz.exe
fswagz.exe
fhrkmk.exe
eliapq.exe
efntle.exe
bowcav.exe
bowcav.exe
bdepdf.exe
bdepdf.exe
bdepdf.exe
bbizd.exe
aglfry.exe
acxql.exe
11537.exe
rmotsu.exe
panjxg.exe
ccpep.exe
rljlz.exe
11537.exe

Remove Trojan.Rimecud registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ fesnn3
Disclaimer

Comments

  1. yunnad May 6, 2012

    i would like to know the process of removing those viruses so that i will know how to prevent them from running or transferring to my computer

  2. Pcthreat May 7, 2012

    Download our offered tool and scan your computer. The results will show which, and where the files are situated. Delete those files or avoid transfering them.

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.