Click on screenshot to zoom
Danger level 9
Type: Trojans

Trojan.Rimecud

As always there are extremely dangerous threats to your PC security and privacy to be extra cautious of, and Trojan.Rimecud is definitely one of those. This subversive Trojan is tricky to detect on any PC as it conducts all its behavior in the background, not alerting the user to any of activities.

The Trojan is spread via certain peer to peer applications, such as MSN Messenger, and through systems with vulnerable VNC servers, and VNC servers which don’t need passwords. Removable drives have also been known to spread Trojan.Rimecud of late. This Trojan also contains backdoor functionality which gives access to third parties to the infected PC.

The entire purpose behind Trojan.Rimecud is to unlawfully gain information stored in IE and Mozilla Firefox browsers. It not only obtains confidential data from the user’s browser, but it will send it unidentified persons the user never intended to give access to.

Once Trojan.Rimecud firmly roots itself in the system it will attempt to contact a remote host at update2.helohmar.com, using the port 80. It does this in order to receive configuration settings and other data from the unidentified host, as well as to report the new infection to the author. It will also use this connection to download and execute arbitrary files, which may include additional malware or updates of the malware already present on the PC. The author of the Trojan will also be able to instruct Trojan.Rimecud, and will upload the stolen data from the afflicted PC.

As mentioned earlier it will be difficult to detect and ultimately successfully remove Trojan.Rimecud without some help. Trojan.Rimecud will create a copy of itself in the system folder under the following name:

Msvmiode.exe

Finding this file on the PC would confirm that you are indeed infected with this seditious Trojan.

This certainly paints a dire picture of this Trojan. If you suspect foul play on your PC employ the removal power of a genuine security application which will not only permanently destroy Trojan.Rimecud from your PC but also offer valuable protection against future similar attacks and threats.

Download Spyware Removal Tool to Remove* Trojan.Rimecud
  • Quick & tested solution for Trojan.Rimecud removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan.Rimecud

Files associated with Trojan.Rimecud infection:

mqgka.exe
vgwisb.exe
sjlp.exe
otytkf.exe
bdepdf.exe
nsvb.exe
efntle.exe
gtcy.exe
qldi.exe
wnob.exe
cbzvl.exe
506.exe
ogix.exe
11537.exe
fswagz.exe
ibnzs.exe
dbmvlh.exe
mrpky.exe
wlttibd.exe
vppg.exe
obvwo.exe
ydze.exe
vfnqn.exe
fhrkmk.exe
bowcav.exe
ygmdrm.exe
indl.exe
gsyzq.exe
pnmnwk.exe
vfbu.exe
szdx.exe
msvmiode.exe
gjzbkt.exe
lbisov.exe
jxiz.exe
bbizd.exe
mmmpc.exe
jqrim.exe
fxmdk.exe
jvxqnu.exe
otytkf.exe
jaase.exe
uxjj.exe
vppg.exe
zmrnig.exe
wnob.exe
qldi.exe
ogix.exe
nygm.exe
lwzy.exe
eyvkt.exe
cbzvl.exe
bgcu.exe
aegvvp.exe
mrpky.exe
mnsyt.exe
ygmdrm.exe
yeawl.exe
ydwzro.exe
xvlof.exe
wlttibd.exe
vfnqn.exe
vfbu.exe
ultej.exe
szdx.exe
sjlp.exe
rmhzb.exe
rljlz.exe
pnmnwk.exe
ohydy.exe
ofajj.exe
oekx.exe
nsvb.exe
mzrp.exe
msvmiode.exe
mmmpc.exe
ltzqai.exe
lbisov.exe
jxiz.exe
jvxqnu.exe
juzjf.exe
jqrim.exe
jahcii.exe
indl.exe
ibnzs.exe
gwdrive32.exe
gsyzq.exe
gnja.exe
fxmdk.exe
fswagz.exe
fhrkmk.exe
eliapq.exe
efntle.exe
bowcav.exe
bdepdf.exe
bbizd.exe
aglfry.exe
acxql.exe
11537.exe
ohydy.exe
ultej.exe
gnja.exe
WinPackService.exe
lwzy.exe
yeawl.exe
rmhzb.exe
aegvvp.exe
rljlz.exe
nygm.exe
jaase.exe
panjxg.exe
mzrp.exe
bgcu.exe
gwdrive32.exe
culrj.exe
ltzqai.exe
uxjj.exe
ccpep.exe
ofajj.exe
fvjwsc.exe
jahcii.exe
acxql.exe
aglfry.exe
zmrnig.exe
xvlof.exe
juzjf.exe
eliapq.exe
ydwzro.exe
rmotsu.exe
eyvkt.exe
oekx.exe

Trojan.Rimecud processes to kill:

lwzy.exe
ofajj.exe
gsyzq.exe
ultej.exe
jahcii.exe
panjxg.exe
WinPackService.exe
11537.exe
fhrkmk.exe
szdx.exe
bowcav.exe
gnja.exe
bbizd.exe
acxql.exe
vppg.exe
bgcu.exe
pnmnwk.exe
otytkf.exe
jaase.exe
uxjj.exe
vppg.exe
zmrnig.exe
wnob.exe
qldi.exe
ogix.exe
nygm.exe
lwzy.exe
eyvkt.exe
cbzvl.exe
bgcu.exe
aegvvp.exe
mrpky.exe
mnsyt.exe
yeawl.exe
ydwzro.exe
ygmdrm.exe
ygmdrm.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
ydwzro.exe
xvlof.exe
wlttibd.exe
vfnqn.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
ultej.exe
szdx.exe
szdx.exe
sjlp.exe
sjlp.exe
sjlp.exe
sjlp.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rljlz.exe
rljlz.exe
rljlz.exe
pnmnwk.exe
ohydy.exe
ohydy.exe
ohydy.exe
ohydy.exe
ohydy.exe
ofajj.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
mzrp.exe
msvmiode.exe
mmmpc.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
jxiz.exe
jxiz.exe
jvxqnu.exe
jvxqnu.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
jqrim.exe
jahcii.exe
jahcii.exe
jahcii.exe
jahcii.exe
indl.exe
ibnzs.exe
gwdrive32.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gnja.exe
gnja.exe
gnja.exe
fxmdk.exe
fswagz.exe
fswagz.exe
fhrkmk.exe
eliapq.exe
efntle.exe
bowcav.exe
bowcav.exe
bdepdf.exe
bdepdf.exe
bdepdf.exe
bbizd.exe
aglfry.exe
acxql.exe
11537.exe
qldi.exe
jxiz.exe
juzjf.exe
culrj.exe
indl.exe
eyvkt.exe
ltzqai.exe
ogix.exe
nygm.exe
jaase.exe
msvmiode.exe
vfbu.exe
otytkf.exe
jqrim.exe
rljlz.exe
obvwo.exe
ibnzs.exe
vgwisb.exe
mzrp.exe
oekx.exe
zmrnig.exe
gtcy.exe
fxmdk.exe
efntle.exe
gwdrive32.exe
aegvvp.exe
uxjj.exe
ygmdrm.exe
ccpep.exe
ydwzro.exe
fvjwsc.exe
ohydy.exe
nsvb.exe
506.exe
rmotsu.exe
mqgka.exe
gjzbkt.exe
lbisov.exe
xvlof.exe
yeawl.exe
cbzvl.exe
vfnqn.exe
bdepdf.exe
eliapq.exe
sjlp.exe
wlttibd.exe
wnob.exe
rmhzb.exe
aglfry.exe
ydze.exe
mmmpc.exe
dbmvlh.exe
jvxqnu.exe
fswagz.exe
mrpky.exe

Remove Trojan.Rimecud registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ fesnn3
Disclaimer

Comments

  1. yunnad May 6, 2012

    i would like to know the process of removing those viruses so that i will know how to prevent them from running or transferring to my computer

  2. Pcthreat May 7, 2012

    Download our offered tool and scan your computer. The results will show which, and where the files are situated. Delete those files or avoid transfering them.

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.