rasmed.exe (Win32/Chisnye!Generic)

rasmed.exe (Win32/Chisnye!Generic)
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Antivirus Discussions    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
rasmed.exe (Win32/Chisnye!Generic) Ian B 08-05-2006
Posted by Ian B on August 5, 2006, 5:38 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
My XPPro is behind a router with a firewall, and I run E-Trust Vet antivirus
and Ad-aware, but still something infected the PC,but what is it?
I boot from D:\ and about 30 seconds after login I get a Vet warning of
infections as below.
D:\Windows\system32\com\rasmed.exe (Win32/Chisnye!Generic) - deleted
D:\Documents and Settings\LocalService\Local Settings\Temporary Internet
Files\Content.IE5ABCDEF\drsmartload(1).exe (Win32/Thoog.FB - deleted
C:\dsmartload1.exe (Win32/Thoog.FB) - deleted
In addition I get a CMD.exe error warning that
"D:\windows\System32\com\rasmed.exe" cannot be found (It was deledted in a
Virus scan prior to reboot.
If I now run a virus scan across the system I get the following:
Infected items
D:\Windows\system32\com\rasmed.exe (Win32/Chisnye!Generic)- deleted
D:\Documents and Settings\LocalService\Local Settings\Temporary Internet
Files\Content.IE5\GHIJKLMN\drsmartload(1).exe (Win32/Thoog.FB)- deleted
C:\drsmartload(1).exe (Win32/Thoog.FB)- deleted

In addition I not a file pro3_install.exe is regularly copied into C:\ at
startup and at times when the PC is not in use.
At similar intervals I get the CMD.exe warning as an attempt is made to run
"D:\windows\System32\com\rasmed.exe"

Can anyone help with what it is, how it got there and how I get rid of it?

TIA

Ian B



Posted by =?Utf-8?B?RW5nZWw=?= on August 5, 2006, 10:06 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello Ian,

Try Ewido online scan and clean it for free!:
You can run Ewido in safe mode with network!ng, fwiw.
http://www.ewido.net/en

http://castlecops.com/t137442-CCSP_Ewido_Install_and_Scan_Instructions.html
--
"Ian B" wrote:

> My XPPro is behind a router with a firewall, and I run E-Trust Vet antivirus
> and Ad-aware, but still something infected the PC,but what is it?
> I boot from D:\ and about 30 seconds after login I get a Vet warning of
> infections as below.
> D:\Windows\system32\com\rasmed.exe (Win32/Chisnye!Generic) - deleted
> D:\Documents and Settings\LocalService\Local Settings\Temporary Internet
> Files\Content.IE5ABCDEF\drsmartload(1).exe (Win32/Thoog.FB - deleted
> C:\dsmartload1.exe (Win32/Thoog.FB) - deleted
> In addition I get a CMD.exe error warning that
> "D:\windows\System32\com\rasmed.exe" cannot be found (It was deledted in a
> Virus scan prior to reboot.
> If I now run a virus scan across the system I get the following:
> Infected items
> D:\Windows\system32\com\rasmed.exe (Win32/Chisnye!Generic)- deleted
> D:\Documents and Settings\LocalService\Local Settings\Temporary Internet
> Files\Content.IE5\GHIJKLMN\drsmartload(1).exe (Win32/Thoog.FB)- deleted
> C:\drsmartload(1).exe (Win32/Thoog.FB)- deleted
>
> In addition I not a file pro3_install.exe is regularly copied into C:\ at
> startup and at times when the PC is not in use.
> At similar intervals I get the CMD.exe warning as an attempt is made to run
> "D:\windows\System32\com\rasmed.exe"
>
> Can anyone help with what it is, how it got there and how I get rid of it?
>
> TIA
>
> Ian B
>
>
>

Posted by Ian B on August 7, 2006, 12:58 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Thanks for the suggestion Engel

I downloaded Kaspersky anti-virus which cleaned a large number of items my
existing AV had not found and the problems have disappeared
To be fair to my old AV, many of the items Kaspersky found were
malware/adware items, but some of these can be as big a nuisance as a virus.

Cheers

Ian B

> Hello Ian,
>
> Try Ewido online scan and clean it for free!:
> You can run Ewido in safe mode with network!ng, fwiw.
> http://www.ewido.net/en
>
>
http://castlecops.com/t137442-CCSP_Ewido_Install_and_Scan_Instructions.html
> --
> "Ian B" wrote:
>
> > My XPPro is behind a router with a firewall, and I run E-Trust Vet
antivirus
> > and Ad-aware, but still something infected the PC,but what is it?
> > I boot from D:\ and about 30 seconds after login I get a Vet warning of
> > infections as below.
> > D:\Windows\system32\com\rasmed.exe (Win32/Chisnye!Generic) - deleted
> > D:\Documents and Settings\LocalService\Local Settings\Temporary Internet
> > Files\Content.IE5ABCDEF\drsmartload(1).exe (Win32/Thoog.FB - deleted
> > C:\dsmartload1.exe (Win32/Thoog.FB) - deleted
> > In addition I get a CMD.exe error warning that
> > "D:\windows\System32\com\rasmed.exe" cannot be found (It was deledted in
a
> > Virus scan prior to reboot.
> > If I now run a virus scan across the system I get the following:
> > Infected items
> > D:\Windows\system32\com\rasmed.exe (Win32/Chisnye!Generic)- deleted
> > D:\Documents and Settings\LocalService\Local Settings\Temporary Internet
> > Files\Content.IE5\GHIJKLMN\drsmartload(1).exe (Win32/Thoog.FB)- deleted
> > C:\drsmartload(1).exe (Win32/Thoog.FB)- deleted
> >
> > In addition I not a file pro3_install.exe is regularly copied into C:\
at
> > startup and at times when the PC is not in use.
> > At similar intervals I get the CMD.exe warning as an attempt is made to
run
> > "D:\windows\System32\com\rasmed.exe"
> >
> > Can anyone help with what it is, how it got there and how I get rid of
it?
> >
> > TIA
> >
> > Ian B
> >
> >
> >

The site map in XML format XML site map

Contact Us | Privacy Policy