Please help have 6 viruses

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.
B

bbyboop1977

Thread Starter
Joined
Nov 23, 2003
Messages
119
I just ran RAV AntiVirus Scan and it came up saying that I had 6 viruses. This is what it found.

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6FHFMHYW\SI3[1].CHM->/si3.htm->(SCRIPT0001) - JS/Psyme.C* -> Suspicious
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\CORFE6Y7\greendayauthority[1].htm->(SCRIPT0008) - JS/Loding.B* -> Infected
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\G9ILMT0T\SI1[1].CHM->/si1.htm->(SCRIPT0001) - JS/Psyme.C* -> Infected
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\KXQBW5EB\SI2[1].CHM->/si2.htm->(SCRIPT0001) - JS/Psyme.C* -> Suspicious
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLY7OH2B\index[8].htm->(SCRIPT0002) - JS/Inor.M* -> Infected
C:\WINDOWS\system32\tropm0.dll - TrojanDownloader:Win32/Rameh.B -> Infected
C:\WINDOWS\system32\Ud3rT0n5.dll - TrojanDownloader:Win32/Rameh.A -> Infected
C:\WINDOWS\system32\xasex.dll - PWS:Win32/Montp -> Infected
C:\WINDOWS\system32\xasui.dll - PWS:Win32/Montp -> Infected

Scanned
============================
Objects: 96534
Directories: 4610
Archives: 17967
Size(Kb): -3687
Infected files: 7

Found
============================
Viruses found: 6
Suspicious files: 2
Disinfected files: 0
Mail files: 193

What do I do know. Do I hit the report button. Will it take care of the viruses and the infected files. Thanks
 
raybro

raybro

Joined
Apr 26, 2003
Messages
5,837
I am not familiar with RAV, but what I would suggest you run a couple of online virus scans for verification.

Go Here ] to do an online virus scan with HouseCalls:


Be sure and put a check in the box by "Auto Clean" before you do the scan. If it finds anything that it cannot clean have it delete it or make a note of the file location so you can delete it yourself.

Go Here to run Panda virus scan.

This may give you more info about your situation.
 
B

bbyboop1977

Thread Starter
Joined
Nov 23, 2003
Messages
119
okay ran housecall and it found
Worm bizex.b C:\WINDOWS\system32\xasex.dll - PWS:Win32/Montp
Worm bizex.b C:\WINDOWS\system32\xasui.dll - PWS:Win32/Montp
JS. INOR.M C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5

I deleted the temporary internet files will that take care of the JS. INOR.M one

Which came up as Non Cleanable.

Now what do I do?
 
raybro

raybro

Joined
Apr 26, 2003
Messages
5,837
Can I assume HouseCalls cleaned out the first 2 items?

Open your TIF folder and see if the JS. INOR.M is gone. Find your TIF folder by opening Internet Options > General tab. Under the TIF heading, click the Settings button . The location of the TIF folder will be shown there.

Run HouseCalls again and see if you are clean. If so, run your resident AV prog (RAV) and see what it says now.

I would also recommend you run the Panda scan too. Can't get to much info about virus.
 
B

bbyboop1977

Thread Starter
Joined
Nov 23, 2003
Messages
119
Okay running scans now. Is there also a scan that you can do to see if there are in keyloggers.
 
B

bbyboop1977

Thread Starter
Joined
Nov 23, 2003
Messages
119
okay housecall and panda came up empty. but then I ran RAV again and it found 2

Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\system32\tropm0.dll - TrojanDownloader:Win32/Rameh.B -> Infected
C:\WINDOWS\system32\Ud3rT0n5.dll - TrojanDownloader:Win32/Rameh.A -> Infected

Scanned
============================
Objects: 72644
Directories: 4624
Archives: 17955
Size(Kb): -175682
Infected files: 2

Found
============================
Viruses found: 2
Suspicious files: 0
Disinfected files: 0
Mail files: 146

How do I get rid of this 2 viruses. Thanks
 
B

bbyboop1977

Thread Starter
Joined
Nov 23, 2003
Messages
119
okay ran both and they both found nothing. So why is it that every other virus scan I did didn't find anything except for the RAV scan. What should I do know? Thanks
 
raybro

raybro

Joined
Apr 26, 2003
Messages
5,837
I cannot give you a qualified answer as I'm not familiar with RAV. But, IMHO, if you are clean with all those online scans and your system is running OK, I wouldn't be to concerned.

I did a search in the Symantec KBase and Kaspersky for Rameh.A and Rameh.B and found nothing. You could delete the files and leave them in the Recycle Bin for a while to see how things go.
 
B

bbyboop1977

Thread Starter
Joined
Nov 23, 2003
Messages
119
I went in and found them in the folder and had Norton scan the two of them and norton said that they were both adware. so I deleted them. I ran some other scans and every single one came up empty. So thank you for the help. Problem solved.

I ran RAV again and it came up empty.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Total: 689 (members: 7, guests: 682)
Top