Click on screenshot to zoom
Danger level 9
Type: Trojans

Trojan.Rimecud

As always there are extremely dangerous threats to your PC security and privacy to be extra cautious of, and Trojan.Rimecud is definitely one of those. This subversive Trojan is tricky to detect on any PC as it conducts all its behavior in the background, not alerting the user to any of activities.

The Trojan is spread via certain peer to peer applications, such as MSN Messenger, and through systems with vulnerable VNC servers, and VNC servers which don’t need passwords. Removable drives have also been known to spread Trojan.Rimecud of late. This Trojan also contains backdoor functionality which gives access to third parties to the infected PC.

The entire purpose behind Trojan.Rimecud is to unlawfully gain information stored in IE and Mozilla Firefox browsers. It not only obtains confidential data from the user’s browser, but it will send it unidentified persons the user never intended to give access to.

Once Trojan.Rimecud firmly roots itself in the system it will attempt to contact a remote host at update2.helohmar.com, using the port 80. It does this in order to receive configuration settings and other data from the unidentified host, as well as to report the new infection to the author. It will also use this connection to download and execute arbitrary files, which may include additional malware or updates of the malware already present on the PC. The author of the Trojan will also be able to instruct Trojan.Rimecud, and will upload the stolen data from the afflicted PC.

As mentioned earlier it will be difficult to detect and ultimately successfully remove Trojan.Rimecud without some help. Trojan.Rimecud will create a copy of itself in the system folder under the following name:

Msvmiode.exe

Finding this file on the PC would confirm that you are indeed infected with this seditious Trojan.

This certainly paints a dire picture of this Trojan. If you suspect foul play on your PC employ the removal power of a genuine security application which will not only permanently destroy Trojan.Rimecud from your PC but also offer valuable protection against future similar attacks and threats.

Download Spyware Removal Tool to Remove* Trojan.Rimecud
  • Quick & tested solution for Trojan.Rimecud removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan.Rimecud

Files associated with Trojan.Rimecud infection:

otytkf.exe
jaase.exe
uxjj.exe
vppg.exe
zmrnig.exe
wnob.exe
qldi.exe
ogix.exe
nygm.exe
lwzy.exe
eyvkt.exe
cbzvl.exe
bgcu.exe
aegvvp.exe
mrpky.exe
mnsyt.exe
ygmdrm.exe
yeawl.exe
ydwzro.exe
xvlof.exe
wlttibd.exe
vfnqn.exe
vfbu.exe
ultej.exe
szdx.exe
sjlp.exe
rmhzb.exe
rljlz.exe
pnmnwk.exe
ohydy.exe
ofajj.exe
oekx.exe
nsvb.exe
mzrp.exe
msvmiode.exe
mmmpc.exe
ltzqai.exe
lbisov.exe
jxiz.exe
jvxqnu.exe
juzjf.exe
jqrim.exe
jahcii.exe
indl.exe
ibnzs.exe
gwdrive32.exe
gsyzq.exe
gnja.exe
fxmdk.exe
fswagz.exe
fhrkmk.exe
eliapq.exe
efntle.exe
bowcav.exe
bdepdf.exe
bbizd.exe
aglfry.exe
acxql.exe
11537.exe

Trojan.Rimecud processes to kill:

otytkf.exe
jaase.exe
uxjj.exe
vppg.exe
zmrnig.exe
wnob.exe
qldi.exe
ogix.exe
nygm.exe
lwzy.exe
eyvkt.exe
cbzvl.exe
bgcu.exe
aegvvp.exe
mrpky.exe
mnsyt.exe
yeawl.exe
ydwzro.exe
ygmdrm.exe
ygmdrm.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
yeawl.exe
ydwzro.exe
xvlof.exe
wlttibd.exe
vfnqn.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
vfbu.exe
ultej.exe
szdx.exe
szdx.exe
sjlp.exe
sjlp.exe
sjlp.exe
sjlp.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rmhzb.exe
rljlz.exe
rljlz.exe
rljlz.exe
pnmnwk.exe
ohydy.exe
ohydy.exe
ohydy.exe
ohydy.exe
ohydy.exe
ofajj.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
oekx.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
nsvb.exe
mzrp.exe
msvmiode.exe
mmmpc.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
ltzqai.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
lbisov.exe
jxiz.exe
jxiz.exe
jvxqnu.exe
jvxqnu.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
juzjf.exe
jqrim.exe
jahcii.exe
jahcii.exe
jahcii.exe
jahcii.exe
indl.exe
ibnzs.exe
gwdrive32.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gsyzq.exe
gnja.exe
gnja.exe
gnja.exe
fxmdk.exe
fswagz.exe
fswagz.exe
fhrkmk.exe
eliapq.exe
efntle.exe
bowcav.exe
bowcav.exe
bdepdf.exe
bdepdf.exe
bdepdf.exe
bbizd.exe
aglfry.exe
acxql.exe
11537.exe

Remove Trojan.Rimecud registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ fesnn3
Disclaimer

Comments

  1. yunnad May 6, 2012

    i would like to know the process of removing those viruses so that i will know how to prevent them from running or transferring to my computer

  2. Pcthreat May 7, 2012

    Download our offered tool and scan your computer. The results will show which, and where the files are situated. Delete those files or avoid transfering them.

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.