Malware Removal Instructions

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, 27 December 2011

Remove Trojan Ramage (Uninstall Guide)

Posted on 10:22 by Unknown
Trojan.Ramage, aliases Win32/Ontonphu and Win32/Flooder.Ramagedos, is a Trojan that servers as a back door. It is downloaded and dropped by other malicious programs and can be controlled remotely. This Trojan targets Windows OS. Although, it's not the most sophisticated piece of malicious code, Trojan Ramage may perform a distributed denial-of-service attack (DoS/DDoS) and collect certain information on the compromised computer. It then sends gathered information (operating system version and volume serial number) to a remote server.

When executed, the trojan usually copies itself into the 'Application Data' folder. However, it may drop additional files in Windows system folders as well. Trojan.Ramage creates the following files:
  • %UserProfile%\Application Data\ODBC.exe
  • %UserProfile%\Application Data\Intel.exe
  • %UserProfile%\Application Data\Netscape.exe
  • %UserProfile%\Application Data\Intel.exe
  • %UserProfile%\Application Data\Sysinternals.exe
  • %UserProfile%\Application Data\WinRAR.exe%
  • UserProfile%\Application Data\Policies.exe
  • %Windir%\Sxc\svchost.exe
  • %System%\drivers\svclock.exe
The Trojan adds various keys to Windows registry to runs automatically after a system reboot. Trojan Ramage adds itself to the Windows firewall authorized applications list to avoid anti-virus software detection and by-pass Windows firewall. To remove Trojan Ramage, please scan your computer with anti-malware software. If you need help removing this Trojan, please leave a comment below. Good luck and be safe online!

Share this information with your friends:
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Trojans | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Remove Ask Search and Ask Toolbar (Uninstall Guide)
    Ask Search and Ask Toolbar are very often incorrectly classified as virus/spyware that may cause search redirects. The majority of us pref...
  • Facebook Security and Privacy Best Practices
    Facebook is the most popular social networking site. Nearly all of my friends have Facebook accounts. They log on to Facebook at least a cou...
  • What is wrtc.exe and how to remove it?
    wrtc.exe - by Perion Network Ltd. What is wrtc.exe? wrtc.exe is a part of IncrediMail software, digitally signed by Perion Network Ltd. This...
  • Smartphone Security: Using Your Mobile Phone Safely
    Smartphone is like a little copy of your computer with lots of personal information: photos, text messages, access to e-mail account and oth...
  • Remove ShopperReports (Uninstall Guide)
    ShopperReports is defined as adware or a potentially unwanted program that displays marketing related results in a side pane of the browser...
  • Antispyis.com and other Antivirus Scan related domains
    New additions of misleading websites which promote a rogue security application called Antivirus Scan. antispyis.com afantispy.net softwaree...
  • Trojan.MBRlock, Внимание! Ваш компьютер заблокирован
    Trojan.MBRlock is a very disturbing piece of malicious code which infects the master boot record (MBR) and prevents Windows from starting. ...
  • False Positive: Ikarus and Comodo detecting TDSSKiller as a Trojan horse
    This awkward moment when you realize that your favorite rootkit removal utility is detected as malware. I probably wouldn't even have no...
  • Antivired.com and other Antivirus Monitor Related Domains
    Just a short note about several malicious domains related to the Antivirus Monitor fraud. This rogue anti-virus program reports non-existent...
  • WebCake Adware Removal Guide
    If you’re reading this it is very likely that your computer is infected with WebCake adware which displays extremely obnoxious and intrusiv...

Categories

  • Adware
  • Answers
  • Antivirus software
  • Browser Hijackers
  • Cloud Computing
  • Fake Alerts
  • Giveaways
  • Hoax
  • How-To
  • IaaS
  • Internet
  • Malicious websites
  • Malware
  • PaaS
  • Parental Controls
  • Passwords
  • Phishing
  • Process Information
  • Ransomware
  • Rogue programs
  • Rootkits
  • SaaS
  • Security Advisories
  • Spam
  • Spyware
  • Trojans
  • Viruses
  • Web Browsers
  • Worms

Blog Archive

  • ►  2013 (173)
    • ►  December (6)
    • ►  November (13)
    • ►  October (11)
    • ►  September (20)
    • ►  August (4)
    • ►  July (17)
    • ►  June (31)
    • ►  May (25)
    • ►  April (15)
    • ►  March (17)
    • ►  February (7)
    • ►  January (7)
  • ►  2012 (86)
    • ►  November (2)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (11)
    • ►  June (1)
    • ►  May (5)
    • ►  April (7)
    • ►  March (7)
    • ►  February (17)
    • ►  January (20)
  • ▼  2011 (239)
    • ▼  December (8)
      • Remove "System Check" (Uninstall Guide)
      • Theworld.exe Process Information
      • Remove Trojan Ramage (Uninstall Guide)
      • Remove Ping.exe, 100% CPU Usage Problem
      • Remove Home Security Solutions (Uninstall Guide)
      • How to Remove Security Monitor 2012 (Uninstall Guide)
      • How to Remove Antivirii 2011 (Uninstall Guide)
      • Winxn.exe Process Information
    • ►  November (18)
    • ►  October (21)
    • ►  September (24)
    • ►  August (28)
    • ►  July (32)
    • ►  June (16)
    • ►  May (23)
    • ►  April (15)
    • ►  March (16)
    • ►  February (9)
    • ►  January (29)
  • ►  2010 (2)
    • ►  December (2)
Powered by Blogger.

About Me

Unknown
View my complete profile