Worm:Win32/Rimecud.B
Posted: October 12, 2010
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 5/10 |
|---|---|
| Infected PCs: | 1,672 |
| First Seen: | December 6, 2010 |
|---|---|
| OS(es) Affected: | Windows |
Worm:Win32/Rimecud.B is a variant of a malicious computer worm that stealthily enters the system so that the user remains unaware of its existence. Worm:Win32/Rimecud.B opens a backdoor for devious trojan programs and other malware by downloading a corrupt file and running it on your computer. Worm:Win32/Rimecud.B will try to steal usernames and passwords to send them to a hacker. Once infected, the computer may be rendered defenseless as Worm:Win32/Rimecud.B disables all anti-spyware programs. Show Worm:Win32/Rimecud.B no mercy by terminating it immediately.
Worm:Win32/Rimecud.B
Aliases
Trj/Bredolab.BE [Panda]Generic18.BWLF [AVG]W32/Katusha.MK!tr [Fortinet]Trojan-Dropper.Agent [Ikarus]Backdoor/Win32.Bredolab.gen [Antiy-AVL]Win32/Inject.ZT [eTrust-Vet]Gen:Variant.Kazy.1007 [BitDefender]Trojan-Spy.Win32.Zbot.aqdd [Kaspersky]Win32:MalOb-CS [Cryp] [Avast]Win32/Peerfrag.II [NOD32]Bredolab.gen.z [McAfee]Worm/Generic_r.FE [AVG]W32/Kryptik.ANN!tr [Fortinet]Win32/Palevo.worm.103424.IF [AhnLab-V3]Mal/EncPk-ME [Sophos]
More aliases (838)
More aliases (838)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\RECYCLER\S-1-5-21-5482752060-2884231667-217257206-6595\MsMxEng.exe
File name: MsMxEng.exeSize: 136.29 KB (136294 bytes)
MD5: fd2556a92289f70b80df950ca2544c63
Detection count: 138
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-5482752060-2884231667-217257206-6595
Group: Malware file
Last Updated: April 1, 2011
C:\RECYCLER\S-1-5-21-5909602920-0406704781-601124746-7767\sysdata.exe
File name: sysdata.exeSize: 81.4 KB (81408 bytes)
MD5: 5b68ec9e7b57249106d6813bd970c2f5
Detection count: 76
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-5909602920-0406704781-601124746-7767
Group: Malware file
Last Updated: December 6, 2010
C:\RECYCLER\S-1-5-21-0538194149-5878946227-087073025-2837\sysdate.exe
File name: sysdate.exeSize: 131.58 KB (131584 bytes)
MD5: c08a6fd8a92a225eba454e46eee3533a
Detection count: 73
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-0538194149-5878946227-087073025-2837
Group: Malware file
Last Updated: December 21, 2010
%USERPROFILE%\ctfmon.exe
File name: ctfmon.exeSize: 159.74 KB (159744 bytes)
MD5: f1d91e98581a83572ee027a8ca29b45f
Detection count: 62
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: March 21, 2011
C:\RECYCLER\S-1-5-21-7655066971-1500195913-833206967-0455\MsMxEng.exe
File name: MsMxEng.exeSize: 337.4 KB (337408 bytes)
MD5: 89319ca1238a5c50c418e9ac2f486dbc
Detection count: 61
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-7655066971-1500195913-833206967-0455
Group: Malware file
Last Updated: May 26, 2011
%WINDIR%\S-1-5-21-3908995983-4553403636-508827506-3824\rundll.exe
File name: rundll.exeSize: 163.84 KB (163840 bytes)
MD5: 2c4ab46bd9ba962bd03ead7bc034beeb
Detection count: 56
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\S-1-5-21-3908995983-4553403636-508827506-3824
Group: Malware file
Last Updated: September 14, 2012
C:\RECYCLER\S-1-5-21-9647102302-5140074829-071826681-6522\csisf.exe
File name: csisf.exeSize: 98.3 KB (98304 bytes)
MD5: 18798b6904059c9408888fa05da02fe0
Detection count: 53
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-9647102302-5140074829-071826681-6522
Group: Malware file
Last Updated: March 3, 2011
%USERPROFILE%\vfksuiwrljk.exe
File name: vfksuiwrljk.exeSize: 140.8 KB (140800 bytes)
MD5: 88255b41c25fbaf440be9beea01c5cde
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: December 5, 2011
C:\RECYCLER\S-1-5-21-7716045837-1917243344-646613026-3151\mwau.exe
File name: mwau.exeSize: 137.21 KB (137216 bytes)
MD5: 152b3f26adb6ea1955d4dab84f723d72
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-7716045837-1917243344-646613026-3151
Group: Malware file
Last Updated: December 5, 2011
C:\RECYCLER\S-1-5-21-6467320353-3100469652-458574603-8225\Setupin.exe
File name: Setupin.exeSize: 259.07 KB (259072 bytes)
MD5: 5feaf0278a536cdd1115d1974d9ee4af
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-6467320353-3100469652-458574603-8225
Group: Malware file
Last Updated: May 31, 2011
C:\RECYCLER\S-1-5-21-2698146651-5187462587-336051445-3093\csisd.exe
File name: csisd.exeSize: 82.94 KB (82944 bytes)
MD5: 98bfe16503d3c887cfe801107f9f759c
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-2698146651-5187462587-336051445-3093
Group: Malware file
Last Updated: January 2, 2011
E:\RECYCLER\S-1-5-21-3334112167-4054920604-612434568-9011\mwau.exe
File name: mwau.exeSize: 162.81 KB (162816 bytes)
MD5: a2c6939e1df4b7428f9c35122b571b56
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: E:\RECYCLER\S-1-5-21-3334112167-4054920604-612434568-9011
Group: Malware file
Last Updated: January 16, 2011
%USERPROFILE%\deh3ubd.exe
File name: deh3ubd.exeSize: 133.12 KB (133120 bytes)
MD5: e8c9688639bd7be4ec79ae9d0b00819a
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: June 4, 2012
C:\RECYCLER\S-1-5-21-0159701170-0288577790-280249941-2057\svmgr.exe
File name: svmgr.exeSize: 82.94 KB (82944 bytes)
MD5: 1b94a6d3a720505076db85318268a410
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-0159701170-0288577790-280249941-2057
Group: Malware file
Last Updated: January 9, 2011
%APPDATA%\Defender\Defender.exe
File name: Defender.exeSize: 143.36 KB (143360 bytes)
MD5: 506b8a07a3d3e077ad7a7b57d09a9a2a
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Defender
Group: Malware file
Last Updated: February 28, 2011
C:\RECYCLER\S-1-5-21-9202371887-5551625214-459141844-5493\winmap.exe
File name: winmap.exeSize: 98.3 KB (98304 bytes)
MD5: eb13a66c72160092b5ed70f1591fea0e
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-9202371887-5551625214-459141844-5493
Group: Malware file
Last Updated: December 21, 2010
C:\RECYCLER\S-1-5-21-0196194439-4530585517-755521310-5759\csisf.exe
File name: csisf.exeSize: 98.3 KB (98304 bytes)
MD5: e6477d4249ba8eba67d6c99fb601e51f
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-0196194439-4530585517-755521310-5759
Group: Malware file
Last Updated: January 18, 2011
C:\RECYCLER\S-1-5-21-4020585050-7225961203-422834126-4781\csisf.exe
File name: csisf.exeSize: 98.3 KB (98304 bytes)
MD5: 92d81311ad25892d9b00d1d096d99ada
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-4020585050-7225961203-422834126-4781
Group: Malware file
Last Updated: January 18, 2011
C:\RECYCLER\S-1-5-21-5285765962-3114693602-024274144-3996\mwau.exe
File name: mwau.exeSize: 151.04 KB (151040 bytes)
MD5: e31cfb6b9b669eb8afc0bae4223ced46
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-5285765962-3114693602-024274144-3996
Group: Malware file
Last Updated: January 18, 2011
%SystemDrive%\RECYCLER\S-1-5-21-7923036765-8981205938-067108559-3827\MsMxEng.exe
File name: MsMxEng.exeSize: 295.42 KB (295424 bytes)
MD5: 2b6e390855d7f979d658c7334799837c
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\RECYCLER\S-1-5-21-7923036765-8981205938-067108559-3827
Group: Malware file
Last Updated: July 7, 2011
%SystemDrive%\RECYCLER\S-1-5-21-8157645747-7797130459-466660191-3779\nvapbar.exe
File name: nvapbar.exeSize: 188.92 KB (188928 bytes)
MD5: 4b9763f730f7d6382336706ae8738b39
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\RECYCLER\S-1-5-21-8157645747-7797130459-466660191-3779
Group: Malware file
Last Updated: July 4, 2011
C:\RECYCLER\S-1-5-21-6114086750-4691180846-609748634-9466\winlogon.exe
File name: winlogon.exeSize: 183.8 KB (183808 bytes)
MD5: 634d41daff433dcb4686636e44312742
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-6114086750-4691180846-609748634-9466
Group: Malware file
Last Updated: November 4, 2011
%SystemDrive%\RECYCLER\S-1-5-21-4589794679-2684821042-453488121-2664\sysinfo.exe
File name: sysinfo.exeSize: 103.42 KB (103424 bytes)
MD5: 0e2647772bf52242345b785fbcbb61ca
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\RECYCLER\S-1-5-21-4589794679-2684821042-453488121-2664
Group: Malware file
Last Updated: January 8, 2013
More files
My computer has this virus.
I tried to follow the instructions, but I see no Rimecud process, nor rimecud registry keys.
Avast detects the threat, but cannot move the infected files to the chest.
Could somebody help me to solve it? Thank you.