Dmitry Sokolov recommends UnHackMe!
UnHackMe is a powerful tool against malware.UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!
VirusOrg.Win32.Ramnit.G also known as Gen:Variant.Kazy.8782, Gen:Variant.Kazy.8782, Win32.Ramnit.A.
Malware Analysis of VirusOrg.Win32.Ramnit.G – FILEMGR.EXE
Created files:
%LOCAL APPDATA%\MICROSOFT\VAULT\4BF4C442-9B8A-41A0-B380-DD4A704DDB28\POLICY.VPOL
%TEMP%\36ACC673201609ABCCEBA535EA70B3B4.JSON
%TEMP%\FILEMGR.EXE
%TEMP%\O4UTEMKF
%STARTUP%\OWEEAXCE.EXE
Autostart registry keys:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Client update: “”%Program Files%\svchost\svchost.exe” -a /a”
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\Client update: “”%Program Files%\svchost\svchost.exe” -a /a”
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\USERINIT: “%SYSDIR%\USERINIT.EXE,,%PROGRAM FILES%\GTPRQKGN\OWEEAXCE.EXE”
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\UPDATE\SVCHOST.EXE.LNK ”
Detected by UnHackMe:
FILEMGR.EXE
DEFAULT LOCATION: %TEMP%\FILEMGR.EXE
Dropper hash(md5): 7b4b9a90da1b3df62869c4b748baebd0
UnHackMe
removes malware invisible for your antivirus!
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.