NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove Litmus. Description and removal instructions

 
Title: Litmus
Type: Backdoors
Severity scale:Litmus severity is 72  (72 / 100)
 
Litmus is a dangerous backdoor that gives the attacker remote unauthorized access to a compromised computer. The parasite is controlled through IRC chat network. It allows the intruder to manage files, download and execute arbitrary files, reconfigure backdoor settings and steal system and network information. Litmus also attempts to collect user login names, various passwords and other confidential data. The parasite secretly runs on every Windows startup.

FORUM:
Discuss Litmus in
spyware removal forum

Litmus properties:
• Allows remote user connection
• Connects itself to the internet
• Hides from the user
• Stays resident in background

Automatic Litmus removal:

remover for Litmus

Litmus manual removal:

Kill processes:
blah.exe, erm.exe, image32.exe, mgdoll.exe, mm.exe, msgsrv16.exe, svchost.exe, winsys.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\LTM2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\WIN2
HELP:
how to remove registry entries

Delete files:
blah.exe, erm.exe, image32.exe, mgdoll.exe, mm.exe, msgsrv16.exe, svchost.exe, winsys.exe
HELP:
how to remove harmful files

Delete directories:
C:\Windows\Appsvc
C:\Winnt\Appsvc
C:\Windows\img32b
C:\Winnt\img32b
C:\Windows\Litmus
C:\Winnt\Litmus
C:\Windows\Random
C:\Winnt\Random
C:\Windows\Winsys
C:\Winnt\Winsys
Misc:
Exact file location:
blah.exe - C:\Windows\VxD or C:\Winnt\VxD
erm.exe, mm.exe, mgdoll.exe msgsrv16.exe - C:\Windows\Litmus or C:\Winnt\Litmus
image32.exe - C:\Windows\img32b or C:\Winnt\img32b
svchost.exe - C:\Windows\Random, C:\Winnt\Random or C:\Windows\Appsvc, C:\Winnt\Appsvc
winsys.exe - C:\Windows\Winsys or C:\Winnt\Winsys

Other programs to remove Litmus:

• Malwarebytes Anti Malware - Review - Download
• Malwarebytes Anti Malware - Review - Download
• Windows Defender - Review - Download

Information added: 19/03/04
Information updated: 27/09/05

Additional resources related to Litmus:

Attention: If you know or you have a website or page about Litmus removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about Litmus parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:

Latest spyware news:
Similar parasites:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.