Click on screenshot to zoom
Danger level 8
Type: Trojans
Common infection symptoms:
  • Cant change my homepage
  • Connects to the internet without permission
  • Installs itself without permissions
  • Slow Computer
  • Slow internet connection
  • System crashes

Trojan.Reveton.C

Trojan.Reveton.C is a Trojan infection that changes the Internet browser settings in order to connect to predestined servers. It does not prompt the user in any way and the Trojan installation is carried on behind the user's back. Trojan.Reveton.C's files are dropped in to the Start Menu directory together with all the other programs. The exact location of these files might vary, depending on which operating system you have. For example, for Windows XP and 2003, Trojan.Reveton.C drops its files at USERPROFILE\Start Menu\Programs\Startup directory, while if the Trojan infects Windows Vista or 7, its files can be found at USERPROFILE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup.

To avoid being detected and removed from the computer, Trojan.Reveton.C injects its own code into legitimate processes, successfully hijacking them. No browser can escape the hijacking, because the Trojan's code gets injected into chrome.exe, firefox.exe, iexplore.exe and opera.exe process files. Also at the Startup folder you can find a shortcut file called ctfmon.lnk that leads to the copy of Trojan.Reveton.C.

The symptoms of Trojan.Reveton.C are fairly obvious. It modifies the registry to disable the "Protected mode is currently turned off for the Internet zone" message that is displayed in Internet Explorer. Also, it locks the Internet Explorer's toolbar, to prevent the user from undoing the modifications. Then, Trojan.Reveton.C connects to 213.152.172.101 or wilber.com via ports 80 or 443 and contacts the remote hosts to fulfill it's payload.

Usually once the connection is established; Trojan.Reveton.C confirms Internet connectivity and reports that another computer has been infected to the hacker. Then it receives configuration data and performs various actions based on the attacker's plans. It can also download and execute malicious files, infecting your system with other types of malware. Not to mention that it has the ability to collect various system data and then upload it to the remote server.

Since this infection trespasses your system security and slows down your computer, you need to remove Trojan.Reveton.C as soon as possible. For manual removal, refer to the files below this description, and delete all of them from your computer. For automatic removal, acquire a computer security application and allow it to terminate Trojan.Reveton.C for good.

Download Spyware Removal Tool to Remove* Trojan.Reveton.C
  • Quick & tested solution for Trojan.Reveton.C removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan.Reveton.C

Files associated with Trojan.Reveton.C infection:

wgsdgsdgdsgsd.exe
PATCH.exe
conhost.dll
install_0_msi.exe
install_0_msi.exe
0_0u_l.exe
PATCH.exe
0_0u_l.exe
mvy.exe

Trojan.Reveton.C DLL's to remove:

conhost.dll

Trojan.Reveton.C processes to kill:

mvy.exe
install_0_msi.exe
PATCH.exe
0_0u_l.exe
wgsdgsdgdsgsd.exe
install_0_msi.exe
0_0u_l.exe
PATCH.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.