Malware Removal Instructions

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, 27 December 2011

Remove Trojan Ramage (Uninstall Guide)

Posted on 10:22 by Unknown
Trojan.Ramage, aliases Win32/Ontonphu and Win32/Flooder.Ramagedos, is a Trojan that servers as a back door. It is downloaded and dropped by other malicious programs and can be controlled remotely. This Trojan targets Windows OS. Although, it's not the most sophisticated piece of malicious code, Trojan Ramage may perform a distributed denial-of-service attack (DoS/DDoS) and collect certain information on the compromised computer. It then sends gathered information (operating system version and volume serial number) to a remote server.

When executed, the trojan usually copies itself into the 'Application Data' folder. However, it may drop additional files in Windows system folders as well. Trojan.Ramage creates the following files:
  • %UserProfile%\Application Data\ODBC.exe
  • %UserProfile%\Application Data\Intel.exe
  • %UserProfile%\Application Data\Netscape.exe
  • %UserProfile%\Application Data\Intel.exe
  • %UserProfile%\Application Data\Sysinternals.exe
  • %UserProfile%\Application Data\WinRAR.exe%
  • UserProfile%\Application Data\Policies.exe
  • %Windir%\Sxc\svchost.exe
  • %System%\drivers\svclock.exe
The Trojan adds various keys to Windows registry to runs automatically after a system reboot. Trojan Ramage adds itself to the Windows firewall authorized applications list to avoid anti-virus software detection and by-pass Windows firewall. To remove Trojan Ramage, please scan your computer with anti-malware software. If you need help removing this Trojan, please leave a comment below. Good luck and be safe online!

Share this information with your friends:
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Trojans | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • What is wrtc.exe and how to remove it?
    wrtc.exe - by Perion Network Ltd. What is wrtc.exe? wrtc.exe is a part of IncrediMail software, digitally signed by Perion Network Ltd. This...
  • Remove ShopperReports (Uninstall Guide)
    ShopperReports is defined as adware or a potentially unwanted program that displays marketing related results in a side pane of the browser...
  • Trojan.MBRlock, Внимание! Ваш компьютер заблокирован
    Trojan.MBRlock is a very disturbing piece of malicious code which infects the master boot record (MBR) and prevents Windows from starting. ...
  • False Positive: Ikarus and Comodo detecting TDSSKiller as a Trojan horse
    This awkward moment when you realize that your favorite rootkit removal utility is detected as malware. I probably wouldn't even have no...
  • Remove RiskTool.Win32.BitCoinMiner (Uninstall Guide)
    RiskTool.Win32.BitCoinMiner is a risk tool or potentially unwanted application that may use your computer's resources to generate bitco...
  • Remove Rattlingsearchsystem.com (Uninstall Guide)
    Rattlingsearchsystem.com is a ZeroAccess/Sirefef rootkit-related browser hijacker that redirects users to shady websites while searching on...
  • Remove TR/ATRAPS.Gen2, removal instructions
    Cyber crooks and third parties that buy stolen data are increasingly using more and more sophisticated techniques, in a variety of different...
  • Remove Ask Search and Ask Toolbar (Uninstall Guide)
    Ask Search and Ask Toolbar are very often incorrectly classified as virus/spyware that may cause search redirects. The majority of us pref...
  • How to remove 'TidyNetwork' adware virus from your computer
    As internet users most of us have seen those irritating little pop-up windows that are advertising something that we normally have little or...
  • Remove Windows Attention Utility (Uninstall Guide)
    Windows Attention Utility is a rogue security application that generates misleading warnings about nonexistent viruses and attempts to lure...

Categories

  • Adware
  • Answers
  • Antivirus software
  • Browser Hijackers
  • Cloud Computing
  • Fake Alerts
  • Giveaways
  • Hoax
  • How-To
  • IaaS
  • Internet
  • Malicious websites
  • Malware
  • PaaS
  • Parental Controls
  • Passwords
  • Phishing
  • Process Information
  • Ransomware
  • Rogue programs
  • Rootkits
  • SaaS
  • Security Advisories
  • Spam
  • Spyware
  • Trojans
  • Viruses
  • Web Browsers
  • Worms

Blog Archive

  • ►  2013 (173)
    • ►  December (6)
    • ►  November (13)
    • ►  October (11)
    • ►  September (20)
    • ►  August (4)
    • ►  July (17)
    • ►  June (31)
    • ►  May (25)
    • ►  April (15)
    • ►  March (17)
    • ►  February (7)
    • ►  January (7)
  • ►  2012 (86)
    • ►  November (2)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (11)
    • ►  June (1)
    • ►  May (5)
    • ►  April (7)
    • ►  March (7)
    • ►  February (17)
    • ►  January (20)
  • ▼  2011 (239)
    • ▼  December (8)
      • Remove "System Check" (Uninstall Guide)
      • Theworld.exe Process Information
      • Remove Trojan Ramage (Uninstall Guide)
      • Remove Ping.exe, 100% CPU Usage Problem
      • Remove Home Security Solutions (Uninstall Guide)
      • How to Remove Security Monitor 2012 (Uninstall Guide)
      • How to Remove Antivirii 2011 (Uninstall Guide)
      • Winxn.exe Process Information
    • ►  November (18)
    • ►  October (21)
    • ►  September (24)
    • ►  August (28)
    • ►  July (32)
    • ►  June (16)
    • ►  May (23)
    • ►  April (15)
    • ►  March (16)
    • ►  February (9)
    • ►  January (29)
  • ►  2010 (2)
    • ►  December (2)
Powered by Blogger.

About Me

Unknown
View my complete profile