rfkampig.exe - Dangerous
rfkampig.exe
Manual removal instructions:
Antivirus Report of rfkampig.exe:
rfkampig.exe
Trojan.Gipma is a Trojan horse program that displays obscene messages and makes the desktop and task bar invisible.
Displays the %Windows%\pig.htm file in Internet Explorer. This page contains an obscene, anti-American message.
Moves itself to %System%\fkampig.exe.
Copies itself as %windows%\retime.exe.
Creates a file named %windows%\pig.htm.
Sets the value: "retime" = "%windows%\retime.exe"
in the registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
Sets the value: "Windows-TCP-IP" = "%system%\rfkampig.exe"
in the registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Sets the value: "StartPage" = "%windows%\pig.htm"
in the registry keys:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
HKEY_USERS\.Default\SOFTWARE\Microsoft\Internet Explorer\Main
so that the obscene message is the default start page for Internet Explorer.
May leave behind a file in the root of the C: drive, named killme.bat.
Use RegRun Startup Optimizer to remove it from startup.
| rfkampig.exe | Malware |
| rfkampig.exe | Dangerous |
| rfkampig.exe | High Risk |
Displays the %Windows%\pig.htm file in Internet Explorer. This page contains an obscene, anti-American message.
Moves itself to %System%\fkampig.exe.
Copies itself as %windows%\retime.exe.
Creates a file named %windows%\pig.htm.
Sets the value: "retime" = "%windows%\retime.exe"
in the registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
Sets the value: "Windows-TCP-IP" = "%system%\rfkampig.exe"
in the registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Sets the value: "StartPage" = "%windows%\pig.htm"
in the registry keys:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
HKEY_USERS\.Default\SOFTWARE\Microsoft\Internet Explorer\Main
so that the obscene message is the default start page for Internet Explorer.
May leave behind a file in the root of the C: drive, named killme.bat.
Use RegRun Startup Optimizer to remove it from startup.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.