Malware Removal Instructions

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, 27 December 2011

Remove Trojan Ramage (Uninstall Guide)

Posted on 10:22 by Unknown
Trojan.Ramage, aliases Win32/Ontonphu and Win32/Flooder.Ramagedos, is a Trojan that servers as a back door. It is downloaded and dropped by other malicious programs and can be controlled remotely. This Trojan targets Windows OS. Although, it's not the most sophisticated piece of malicious code, Trojan Ramage may perform a distributed denial-of-service attack (DoS/DDoS) and collect certain information on the compromised computer. It then sends gathered information (operating system version and volume serial number) to a remote server.

When executed, the trojan usually copies itself into the 'Application Data' folder. However, it may drop additional files in Windows system folders as well. Trojan.Ramage creates the following files:
  • %UserProfile%\Application Data\ODBC.exe
  • %UserProfile%\Application Data\Intel.exe
  • %UserProfile%\Application Data\Netscape.exe
  • %UserProfile%\Application Data\Intel.exe
  • %UserProfile%\Application Data\Sysinternals.exe
  • %UserProfile%\Application Data\WinRAR.exe%
  • UserProfile%\Application Data\Policies.exe
  • %Windir%\Sxc\svchost.exe
  • %System%\drivers\svclock.exe
The Trojan adds various keys to Windows registry to runs automatically after a system reboot. Trojan Ramage adds itself to the Windows firewall authorized applications list to avoid anti-virus software detection and by-pass Windows firewall. To remove Trojan Ramage, please scan your computer with anti-malware software. If you need help removing this Trojan, please leave a comment below. Good luck and be safe online!

Share this information with your friends:
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Trojans | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Remove ShopperReports (Uninstall Guide)
    ShopperReports is defined as adware or a potentially unwanted program that displays marketing related results in a side pane of the browser...
  • Remove RiskTool.Win32.BitCoinMiner (Uninstall Guide)
    RiskTool.Win32.BitCoinMiner is a risk tool or potentially unwanted application that may use your computer's resources to generate bitco...
  • How can I get rid of dosearches.com on Chrome, Firefox and IE?
    Dosearches.com (DO SEARCHES) is a browser hijacker that hijacks your homepage, display ads and also very possibly tracks your web searchers....
  • Remove Adware.StartPage (Uninstall Guide)
    Adware.StartPage pretends to be a valid program but actually it is an adware that modifies the Internet Explorer home page without the user...
  • PC Health Boost Review and Removal Instructions
    A few days ago I was giving my laptop its regular once over and making sure that it was in optimal working order by getting rid of unwanted ...
  • Remove Ask Search and Ask Toolbar (Uninstall Guide)
    Ask Search and Ask Toolbar are very often incorrectly classified as virus/spyware that may cause search redirects. The majority of us pref...
  • Remove Chitka pop up ads, removal instructions
    Chitka pop up ads are truly annoying, lots of people have this issue, but the worse part is that these frequent intrusive pop-ups are caused...
  • Windows Live Re-activate your account Phishing
    Phishing attempt against Windows Live users. This phishing email appears to be from Microsoft, however, the return email address clearly ind...
  • How to remove ScorpionSaver adware (Uninstall Guide)
    ScorpionSaver is adware installed by Adpeak. It can be installed on your computer without your knowledge when it is included with other soft...
  • Qvo6 Removal, How To Uninstall
    This page contains step by step removal instructions for the Qvo6 browser hijacker/adware. At first glance it may look like a typical browse...

Categories

  • Adware
  • Answers
  • Antivirus software
  • Browser Hijackers
  • Cloud Computing
  • Fake Alerts
  • Giveaways
  • Hoax
  • How-To
  • IaaS
  • Internet
  • Malicious websites
  • Malware
  • PaaS
  • Parental Controls
  • Passwords
  • Phishing
  • Process Information
  • Ransomware
  • Rogue programs
  • Rootkits
  • SaaS
  • Security Advisories
  • Spam
  • Spyware
  • Trojans
  • Viruses
  • Web Browsers
  • Worms

Blog Archive

  • ►  2013 (173)
    • ►  December (6)
    • ►  November (13)
    • ►  October (11)
    • ►  September (20)
    • ►  August (4)
    • ►  July (17)
    • ►  June (31)
    • ►  May (25)
    • ►  April (15)
    • ►  March (17)
    • ►  February (7)
    • ►  January (7)
  • ►  2012 (86)
    • ►  November (2)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (11)
    • ►  June (1)
    • ►  May (5)
    • ►  April (7)
    • ►  March (7)
    • ►  February (17)
    • ►  January (20)
  • ▼  2011 (239)
    • ▼  December (8)
      • Remove "System Check" (Uninstall Guide)
      • Theworld.exe Process Information
      • Remove Trojan Ramage (Uninstall Guide)
      • Remove Ping.exe, 100% CPU Usage Problem
      • Remove Home Security Solutions (Uninstall Guide)
      • How to Remove Security Monitor 2012 (Uninstall Guide)
      • How to Remove Antivirii 2011 (Uninstall Guide)
      • Winxn.exe Process Information
    • ►  November (18)
    • ►  October (21)
    • ►  September (24)
    • ►  August (28)
    • ►  July (32)
    • ►  June (16)
    • ►  May (23)
    • ►  April (15)
    • ►  March (16)
    • ►  February (9)
    • ►  January (29)
  • ►  2010 (2)
    • ►  December (2)
Powered by Blogger.

About Me

Unknown
View my complete profile