W32/Ramnit.a is a virus that is file infector. It y infects via unsecured network connection and removable drives including including external hard disk drives. W32 Ramnit.a also spreads by infecting file on the system that is shared on a network environment.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista
The virus creates the following files:
%removabledrive%\�RECYCLER\�S-7-1-36-6133081425-6700277004-675130086-4217\�%variable1%.exe
The virus contains a list of addresses.
It can execute the following operations:
Read More..
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista
The virus creates the following files:
%removabledrive%\�RECYCLER\�S-7-1-36-6133081425-6700277004-675130086-4217\�%variable1%.exe
- %removabledrive%\�RECYCLER\�S-7-1-36-6133081425-6700277004-675130086-4217\�%variable2%.cpl
- %removabledrive%\�autorun.inf
- %removabledrive%\�Copy of Shortcut to (1).lnk
- %removabledrive%\�Copy of Shortcut to (2).lnk
- %removabledrive%\�Copy of Shortcut to (3).lnk
- %removabledrive%\�Copy of Shortcut to (4).lnk
The virus contains a list of addresses.
It can execute the following operations:
- capture screenshots
- send gathered information
- download files from a remote computer and/or the Internet
- run executable files
- shut down/restart the computer
- %system%\�dmlconf.dat
- google.com
- bing.com
- yahoo.com
The Removal Instruction
To repair the problem:
- update the anti-virus into it�s latest signature
- Then run a quick scan in your computer
- Run virus to infected external storage device
- Open the external drive
- Delete all files except the drive icon that have no drive letter
- Open the drive icon with no drive letter
- Select all your files and cut or copy
- Open external storage device (that is, flash drive, usb drive, external hard disk or whatever it is)
- Paste your file
- Then, delete the �the drive icon that have no drive letter�