Trojan "downloader.rameh"

Discussion in 'Software' started by Boccemon, Mar 17, 2004.

  1. Boccemon

    Boccemon First Sergeant

    This morning I updated both AdAware and my AVG to version 631. I first ran the AdAware and it found one registry key, one registry value, and one file for "Claria". I had them removed and quarantined. I then ran AVG and it showed that I was infected with "downloader. remeh" trojan. It then told me that it could not be healed by cleaning and that it could not remove it. I then went to TrendMicro Housecall and had an online scan done and it showed that my harddrive was clean.
    I then Googled for "downloader.remeh" and found one entry which was another forum. They advised CWShredder, spybot, AdAware. I stared in Safe Mode.I disabled System restore, did the CWS (it found nothing), ran AdAware, (found nothing), and then ran AVG, which found the "downloader. remeh trojan, and told me that it could not be healed or removed. It shows it in C\_restore\temp\A0011800.cpy. So I then went to Symantec to learn more, and found nothing. Oddly, AVG is finding this and there is nothing in Grisodt's database that I could find. So here I sit (at work, not on the infected machine) scratching my head and hoping that one of you marvy geeks can give me some direction. Please. I also restarted the puter, ran AVG again, and it is still there. Thanks for any help...:confused:
    Compaq 5000US
    WinME
    512 SDRAM
    750 mhz AMD Doron
    06E4h mobo
     
    Boccemon, Mar 17, 2004
    #1
  2. G.T.

    G.T. R.I.P February 4, 2007. You will be missed.

    It may be a false positive (it happens). But if it's only in your Restore folder, you can remove it simply by turning off Restore, which will dump all restore information. That's a protected folder, and AVG can't access anything in it. Try that and retest with AVG, and it should be gone. If it's ONLY in that restore folder, you shouldn't be infected, as that's just archived data there.
     
    Last edited: Mar 17, 2004
    G.T., Mar 17, 2004
    #2
  3. DanTekGeek

    DanTekGeek Master Sergeant

    i think avg is probably getting a false reading, try downloading avast and scanning with that if you want to be sure
     
    DanTekGeek, Mar 17, 2004
    #3
  4. Boccemon

    Boccemon First Sergeant

    I had System restore disabled while in safe mode and restarted the computer, and then after that I scanned with AVG again, and it showed still there.:confused:
     
    Boccemon, Mar 17, 2004
    #4
  5. Boccemon

    Boccemon First Sergeant

    Just found it

    This is a fairly new trojan. PestPatrol finds it, PestPatrol killed it :) . Had my son do it at home. He said it worked peaches. Thank you for your help. :D
     
    Boccemon, Mar 17, 2004
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds