Trojan

I just did a online virus scan with Panda. As the scan is going along - I see:

Trojan horse Downloader.Rameh.E
C:\Windows\System\Atpartner.dll

and then:

Trojan Horse Downloader.Rameh.E
C:\Windows\System\Atpart~1.dll

Now what?

Thanks

 

Scroll to the bottom of this page.

 

Thanks Daizy....When I look for those files in Windows\System I can't find them

I did a search for them and nothing came up. Am I doing something wrong?

Thanks

 

Make double sure, by checking to make sure you've got your computer set to show hidden files and folders. Do your search.....
Then do another scan at Housecall .

 

Hi Kimberlee

Make sure you have "Show hidden files and folders" checked off in "Folder Options ".

1) Open "My Computer "
2) Click on "Tools" in the menu
3) Select "Folder Options "
4) Select "View" tab
5) Make sure "Show hidden files and folders" is selected

If still can't see the files then deselect "Display the contents of system folders" in the same window above.

Sorry Daizy didn't mean to step on you

 

Thank you dobhar
You most certainly did NOT step on me. I should have included those instructions. So, thank you!

 

Since we're on the subject of finding things - if running XP, Agent Ransack is a much better search tool than MS's crippled "dog ".

http://www.mythicsoft.com/agentransack/default.aspx

Regards - Charles

 

My OS is Win98. When I am in folder options - view, it doesn't give me the option to deselect "display the contents of system folders ". It does tell me that I can view hidden files and folders. Also, I have AVG as a virus scanner. The last time my system was in for repairs, my computer guy set it up so that AVG would do a "boot up scan" (this was a couple of months ago). I remember the first time I started the computer and I thought "this is great - it does a scan every time I start up the computer! ". I faithfully do updates on AVG every couple days, but I have never run a full scan

I just did a full scan with AVG now and it tells me there was 1 infected file (the downloader.rehme one) and that it "healed" it. What exactly does this mean? Am I ok now? And since I have you here, does AVG scan for all kinds of pests or just certain ones?

Thanks so much........

 

Hi Kimberlee,

I don't run AVG, but I can make some general comments:

"Healed" here would mean the same, let's say in Norton AV, as repaired - meaning the file was stripped of it's infection.

There should be also a quarantine option which means the AV didn't heal the infected file, but emptied it of it's contents and put that content into a folder where it's inert - can't execute.

There should be a help file explaining this terminolgy in the AVG control panel.

The major AV's do scan for things other than for viruses - someone familiar w/ AVG will have to give you more info or perhaps AVG's web site.

Do you run Ad-Aware & SpyBot for other pests?

http://www.lavasoft.de/software/adaware/ Download for Ad-Aware and do the full scan option.

http://spybot.safer-networking.de/ SpyBot download and look thru this SpyBot thread below on this board http://www.windowsbbs.com/showthread.php?t=31729

Regards - Charles

 

Thanks Charles. I do run Adaware and Spybot as well. Is it not true that these programs do find files, but that the damage is already done?

Thanks

 

That's true of Ad-Aware free. There is a paid version of AAW that runs a resident preventive component - I think its called Pus.

The new SSD - v1.3 - does have two new resident blocking components: SDHelper & Teatimer along w/ the immunize feature from v1.2

Of course, that doesn't mean that something can't get thru. All these features, as with AV's, depend on signiture files of one sort or another. An endless war, I'm afraid.

Regards - Charles

 

This will work for 98, Restart in Dos Mode, and do these command.
deltree C:\Windows\System\Atpart~1.dll
Type a Y that you want to delete.

I believe C:\Windows\System\Atpart~1.dll and C:\Windows\System\Atpartner.dll are the same file. The C:\Windows\System\Atpartner.dll has 9 letters in it's name, and dos is limited to 8 letters, the ~1 is used to make up the 8 letter name.