Virustotal
What it does:
Creates four shortcuts at the root directory of your external drive. Make multiple copies of the malware at the RECYCLER folder
Creates a file at the Startup folder. Starts with Windows.
Manual Removal
This strain of ramnit launches itself via the default browser
1. Terminate the browser's running process using System Explorer
2. Go to the Autoruns tab and delete the startup entry
3. Delete the ramnit shortcuts as well as the RECYCLER folder.
4. Perform a full scan using an updated antivirus
No comments:
Post a Comment