Malware Removal Instructions

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, 27 December 2011

Remove Trojan Ramage (Uninstall Guide)

Posted on 10:22 by Unknown
Trojan.Ramage, aliases Win32/Ontonphu and Win32/Flooder.Ramagedos, is a Trojan that servers as a back door. It is downloaded and dropped by other malicious programs and can be controlled remotely. This Trojan targets Windows OS. Although, it's not the most sophisticated piece of malicious code, Trojan Ramage may perform a distributed denial-of-service attack (DoS/DDoS) and collect certain information on the compromised computer. It then sends gathered information (operating system version and volume serial number) to a remote server.

When executed, the trojan usually copies itself into the 'Application Data' folder. However, it may drop additional files in Windows system folders as well. Trojan.Ramage creates the following files:
  • %UserProfile%\Application Data\ODBC.exe
  • %UserProfile%\Application Data\Intel.exe
  • %UserProfile%\Application Data\Netscape.exe
  • %UserProfile%\Application Data\Intel.exe
  • %UserProfile%\Application Data\Sysinternals.exe
  • %UserProfile%\Application Data\WinRAR.exe%
  • UserProfile%\Application Data\Policies.exe
  • %Windir%\Sxc\svchost.exe
  • %System%\drivers\svclock.exe
The Trojan adds various keys to Windows registry to runs automatically after a system reboot. Trojan Ramage adds itself to the Windows firewall authorized applications list to avoid anti-virus software detection and by-pass Windows firewall. To remove Trojan Ramage, please scan your computer with anti-malware software. If you need help removing this Trojan, please leave a comment below. Good luck and be safe online!

Share this information with your friends:
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Trojans | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Facebook Security and Privacy Best Practices
    Facebook is the most popular social networking site. Nearly all of my friends have Facebook accounts. They log on to Facebook at least a cou...
  • How to Remove Easy Scan (Uninstall Guide)
    Easy Scan is a rogue application that pretends to be legitimate software, in this case registry cleaner and hard drive optimization program...
  • Remove Ask Search and Ask Toolbar (Uninstall Guide)
    Ask Search and Ask Toolbar are very often incorrectly classified as virus/spyware that may cause search redirects. The majority of us pref...
  • Show Hidden Files and Folders in Windows
    By default Microsoft Windows hides important files from being seen with Windows Explorer in order to protect these files from being modified...
  • Smartphone Security: Using Your Mobile Phone Safely
    Smartphone is like a little copy of your computer with lots of personal information: photos, text messages, access to e-mail account and oth...
  • Remove ShopperReports (Uninstall Guide)
    ShopperReports is defined as adware or a potentially unwanted program that displays marketing related results in a side pane of the browser...
  • Antivired.com and other Antivirus Monitor Related Domains
    Just a short note about several malicious domains related to the Antivirus Monitor fraud. This rogue anti-virus program reports non-existent...
  • Antispyis.com and other Antivirus Scan related domains
    New additions of misleading websites which promote a rogue security application called Antivirus Scan. antispyis.com afantispy.net softwaree...
  • Fake avast! Antivirus: Avast-antivirus-francais.exe
    Cyber-criminals are attempting to benefit from unexperienced web users who are looking for anti-virus software. We found a couple of mislead...
  • Boxore Adware (Uninstall Guide)
    Today we came across another adware application called Boxore. It's distributed the old-fashioned way: people search for free online mov...

Categories

  • Adware
  • Answers
  • Antivirus software
  • Browser Hijackers
  • Cloud Computing
  • Fake Alerts
  • Giveaways
  • Hoax
  • How-To
  • IaaS
  • Internet
  • Malicious websites
  • Malware
  • PaaS
  • Parental Controls
  • Passwords
  • Phishing
  • Process Information
  • Ransomware
  • Rogue programs
  • Rootkits
  • SaaS
  • Security Advisories
  • Spam
  • Spyware
  • Trojans
  • Viruses
  • Web Browsers
  • Worms

Blog Archive

  • ►  2013 (173)
    • ►  December (6)
    • ►  November (13)
    • ►  October (11)
    • ►  September (20)
    • ►  August (4)
    • ►  July (17)
    • ►  June (31)
    • ►  May (25)
    • ►  April (15)
    • ►  March (17)
    • ►  February (7)
    • ►  January (7)
  • ►  2012 (86)
    • ►  November (2)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (11)
    • ►  June (1)
    • ►  May (5)
    • ►  April (7)
    • ►  March (7)
    • ►  February (17)
    • ►  January (20)
  • ▼  2011 (239)
    • ▼  December (8)
      • Remove "System Check" (Uninstall Guide)
      • Theworld.exe Process Information
      • Remove Trojan Ramage (Uninstall Guide)
      • Remove Ping.exe, 100% CPU Usage Problem
      • Remove Home Security Solutions (Uninstall Guide)
      • How to Remove Security Monitor 2012 (Uninstall Guide)
      • How to Remove Antivirii 2011 (Uninstall Guide)
      • Winxn.exe Process Information
    • ►  November (18)
    • ►  October (21)
    • ►  September (24)
    • ►  August (28)
    • ►  July (32)
    • ►  June (16)
    • ►  May (23)
    • ►  April (15)
    • ►  March (16)
    • ►  February (9)
    • ►  January (29)
  • ►  2010 (2)
    • ►  December (2)
Powered by Blogger.

About Me

Unknown
View my complete profile