[ Home  |  FAQ-Related Q&As  |  General Q&As  |  Answered Questions ]


    Search the Q&A Archives


I have a virus Named: Trojan horse Dropper.Vb.BQ I cannot...

<< Back to: Computer Virus FAQ for New Users

Question by Joe Miller
Submitted on 12/11/2003
Related FAQ: Computer Virus FAQ for New Users
Rating: Rate this question: Vote
I have a virus Named: Trojan horse Dropper.Vb.BQ   I cannot get it off my computer with GRISOFT AVG ANTI-VIRUS FREE EDITION.
How,Why,What Where can I get it off, and what is it. I have had it for 2 weeks.


Answer by dthwraith
Submitted on 1/16/2004
Rating:  Rate this answer: Vote
me too!! need some help here soon.

 

Answer by luva
Submitted on 1/21/2004
Rating:  Rate this answer: Vote
people say that if you go to
  www.housecall.com/antivirus
and check your computer,
then have your AVG Anti-Virus system check again,
that it works. =)  
i have had the virus too
and i tried it and
      YES! =D it worked. lol

 

Answer by person
Submitted on 1/21/2004
Rating:  Rate this answer: Vote
Im having the same problem and checking it out but the website is actually : http://housecall.antivirus.com/

 

Answer by dthwraith
Submitted on 1/23/2004
Rating:  Rate this answer: Vote
I got rid of it by clearing out all of my temp files and del. my cookie files.

 

Answer by the brains of commys
Submitted on 1/25/2004
Rating:  Rate this answer: Vote
well if ur a computer technichian like me u'll know how to take virus's of ur computer won't u. so why don't u learn and take 'em off like me r u'll be like that till u think about something when its too late

 

Answer by The One and Only
Submitted on 1/28/2004
Rating:  Rate this answer: Vote
With horrible typing like that, it's hard to belive you're a day over 12, let alone a tech.

 

Answer by Humili4t3d
Submitted on 2/4/2004
Rating:  Rate this answer: Vote
If I Uninstall AVG I know it wont get rid of the virus but will it get rid of the error message!

 

Answer by DemolitionDoener
Submitted on 3/18/2004
Rating:  Rate this answer: Vote
oh yea, i have a similar problem and probably the same virus just with another name.
its the Trojan horse Dropper.Se.A and he uses to be in a subfolder my System Volume Information folder in a file named as A0010362.exe.
even more interesting is that i am using AVG Free Edition aswell and the most interesting fact might be that AVG Shield is able to see it but AVG Scanner is not.
Referring to Humil4t3d and to Norton Antivirus that didnt see the virus either the feeling about a bug beginns to raise. maybe its a bug from the shield.. i did not find any information to the might-be-virus yet.  well, i'llcontinue searching but i suppose there's nothing to take care about. but i'llalso try housecall.com. whatever it maybe.
so thanks for help, maybe i i could make you feel more relaxed again;).

 

Answer by debbishadows
Submitted on 3/28/2004
Rating:  Rate this answer: Vote
I am also having the same problem. I can't seem to get it off my computer, and Yes i have tried everything everyone had said on this website. I need help, becuase it is slowing down my computer very bad. I have road runner for God's sake. i need help

 

Answer by monsignor
Submitted on 4/1/2004
Rating: Not yet rated Rate this answer: Vote
I'd tried housecall - <Trend> and I still find that it is recurring. With XP Pro I disabled system restore and still have it...  

;(

 

Answer by wood chip
Submitted on 4/8/2004
Rating:  Rate this answer: Vote
I bet if you BUY the full AVG virus program,
it would get rid of it. It's probably was put on our computers by the free version as a way to generate sales.

 

Answer by Aluli
Submitted on 4/12/2004
Rating:  Rate this answer: Vote
I ended up having to reformat. Norton wouldnt fix, delete, or quarantine it. I had no choice.

 

Answer by Gman
Submitted on 4/12/2004
Rating:  Rate this answer: Vote
On my system AVG "healed" the bug, yet failed to remove it from the backup files (F:\System Volume Info....etc."). After disabling the Win XP restore feature, I lost all my restore points. Whoa! Well, at least that move also deleted the viron (yup, viron is singular for virus, which is the plural). But no, my system still continued to cycle whenever I attempted to shut down. Was "dropper" still in my system, or was the shutdown problem residual damage?

Now for the really bad news: the "Trojan horse dropper.small.4.AG" viron can also hide in a memory stick! Struth!!! What utility can find it there? By the time I learned about the latter possibility, I had already rebuilt my HD. But I would think that removing all the memory for a few minutes would starve the bug of its pestilent life (in such event, make sure you touch a shiny part of the case before handling a mem stick, so you don't fry it). Now if the viron manages to get into the firmware, the CMOS battery will need to come out; and, if the manual requires it, the firmware terminals may need to be shorted.

A friend of mine is guessing that much of these virus is generated by countries unfriendly to America for the purpose of  undermining our economy. Yeh, I guess we are at war. But if its just another overgrown local brat, we ought to bring back the stock! Amen. Pardon the verbosity folks.  

 

Answer by realtech
Submitted on 4/15/2004
Rating:  Rate this answer: Vote
I am a real tech and I am dealing with the same trojan and I use AVG Professional for my business clients and free edition for others. I cannot say more good things about AVG, so I don't think it is a bug. The one I am cleaning has it in boot sector so it is a real problem.
Try these two things. Reboot,hit F8 to get to safe mode and see if you can delete the file. If not try a DOS prompt, go to the directory where it is and delete it and hopefully you are using WIN98 because WINXP is not real DOS. So, anyway, hope it helps.

 

Answer by potter
Submitted on 4/16/2004
Rating:  Rate this answer: Vote
its a key logger it automatically copies itself many and many times wen u double click it wat did you download to get it?? the easiest way to get rid of it is reformatting... i have 1 atm hes probably listening to me talk to use guys\girls.. why do people do that?

 

Answer by John
Submitted on 4/17/2004
Rating:  Rate this answer: Vote
what is my names?

 

Answer by -ADS-Reaper
Submitted on 4/21/2004
Rating:  Rate this answer: Vote
First of all I think that AVG isnt that good! but anything is better than Norton Anti Virus. Dont ask me who i am thats a secret but basically this Trojan is impossible to get rid of. One way to get rid is to totaly re-install ur OS. But the chances are you will get it again. Hey dont take my word for it ask any decent proggrammer i have and 19 out of 23 say its impossible to get rid. I hate viruses and would like to make an ultimate anti virus program if any one would like to help i meen people that know how please could you mail me at thomo129@hotmail.com this will be a damn good programm which would incoperate every single virus program out there meaning that the virus will be gone. BTW I am 13 so please dont expect any payment unless it gets out there and makes some revenue. You do this wanting to help get rid of these viruses out there. so anyway more details at thomo129@hotmail.com put the subject as VIRUS SOFTWARE bye for now

 

Answer by passerby
Submitted on 4/23/2004
Rating:  Rate this answer: Vote
A virus will hid in the memory stick but the secret is shutting down the PC after you format.  It clears the stick of resident memory.
My system is dual booted so I use my backup OS to access the infected files and remove them.  I can also replace the files that have been infected.

One other thing you could consider is using Virtual Pc.  After you load your main OS you run Virtual PC and it creates a Virtural OS in a widow and you run everything in there.  If you get a virus you just close it and create a new OS image in minutes and away you go!

 

Answer by Dizzy
Submitted on 5/5/2004
Rating:  Rate this answer: Vote
Okay, I have the same virus and have downloaded all kinds of anti-virus programs and trojan remover programs and nothing is helping.  I am rescanning as I type with AGV and I have turned off system restore.  I hope this works.  If not, I'm going to reboot the whole OS.  How do you use virtual pc?  Can you tell me more about this?

 

Answer by Blue
Submitted on 5/5/2004
Rating:  Rate this answer: Vote
haha u guys are funny !re-install os?Format?
What the F*ck?
1removing that so cald trojan is realy no  
Big deal yo.Close gates,search&destroy  
('s what my granny used to say...)
1 tip doh, !DO NOT! shut of pc until trojan s removed.
2XP still uses Dos!even longhorn uses it.pretty coverd'up but they still use it!
3create the ultimate anti-virus haha u guys are killing me :p,There are over 300 different programming languages.and that number is growing by the day.languages you'v never seen before,created by us (hacking community) Ya Can't do a damn thing about it.
4Norton is realy the best ya can get , but who needs antivirus?
Got to keep an eye on those gates dudes&dudettes ;)

Greetz Blue

Info@:  265.02.31.44

 

Answer by Abbie
Submitted on 5/6/2004
Rating:  Rate this answer: Vote
i have a trojan called trojan horse dropper.small.4.AG
can anyone tell me how toi get rid of it? i cant install or download anything my computer is going slower than normal and keeps crashing. AVG dosnt seem to be of any help either. what is it and how can i get rid?

 

Answer by Abbie
Submitted on 5/6/2004
Rating: Not yet rated Rate this answer: Vote
i have a trojan called trojan horse dropper.small.4.AG
can anyone tell me how toi get rid of it? i cant install or download anything my computer is going slower than normal and keeps crashing. AVG dosnt seem to be of any help either. what is it and how can i get rid?

 

Answer by jeffers
Submitted on 5/13/2004
Rating:  Rate this answer: Vote
That Blue Guy is a right Prick ! he thinks he so bloody clever...... wrong if you was clever you would have a real job and a real life, instead of messing with peoples PC's, your no better than Bin Liner :-)

 

Answer by benny
Submitted on 5/15/2004
Rating:  Rate this answer: Vote
He seems to have spelling errors too...isnt that what the 'check spelling' is for :S anywho AVG seems to have spotted it(woo!) n healed it but don't think there's a 100% sure way you can tell its gone.
^ My humble opinion
-benny

PS: BLUE GET OUT MORE! YOU'LL NEVER GET ANYWHERE IN LIFE DOING THE SAD STUFF YOU DO

 

Answer by Donna
Submitted on 5/19/2004
Rating:  Rate this answer: Vote
I had the Trojan Horse dropper.small.4 and I use the free AVG and I got rid of it. I had to put it into the vault first and I also had to delete 2 items out of my add/remove programs before I could delete the Trojan off my computer.

Check your add/remove programs and see if there is anything there that doesn't belong.

 

Answer by vectorjohn
Submitted on 5/24/2004
Rating:  Rate this answer: Vote
I also have a trojan like this, and i dont think i'm getting it with avg/housecall.  I also have the cool side effect of sending over 4 billion packets when i connect to a network.  cool huh?  
(Note:  viron is a word unrelated to virus.  Viruses is the plural for virus.  http://dictionary.reference.com/search?q=virus and http://dictionary.reference.com/search?q=viron  )

 

Answer by Arielle
Submitted on 5/27/2004
Rating:  Rate this answer: Vote
Finally I got that stupid  Trojan horse Dropper.small.4.AG off my computer, go to your start menu then click on search then cut and paste this in to the search bar      C:\System Volume Information\_restore{A5569FBE-362C-45DE-9FCB-AE53ABEA8A6F}\RP179\A0942894.exe        it's probably in that folder. And there be some type of application in the and most likely its the virus but do a virus scan on it to see if it is it, *the right click virus check*. If it's not in that folder the when that AVG sheild pops up then copy the exact name of that folder and copy that and paste it into the search bar in start. And that folks is how I finally remove that damn virus!

 

Answer by maxkat
Submitted on 6/1/2004
Rating: Not yet rated Rate this answer: Vote
I have the Horse Dropper. I am using the free AVG with heuristics checked. I have gotten 'popup' warning box. Ran AVG and it did not find anything. I figured another ghost virus, seeing as how McAfee did not find it.
Last night I could not get on to the web, via Netscape, so I rebooted. This has fixed the problem before. And yes everything is running slower and the web harder to use. When the PC came up it could not find the OS. I finally got to an A: prompt with a DOS restart disk. Switched to C: and it is empty.
Any suggestions on how to pull a file off such a disk?

 

Answer by aleshad
Submitted on 6/6/2004
Rating: Not yet rated Rate this answer: Vote
why are you her blue guy.Get a life.lol

 

Answer by jasperisu
Submitted on 6/7/2004
Rating:  Rate this answer: Vote
it seems the reason that a virusprogram can detect a virus, yet can't erase it, is because it has no access to the C:\systemVolumeInformation\_restore....etc.. SO, disable the "system restore" in your computer, and you WILL have access to remove the virus (by running a normal virusscan). After that: put the system restore back as it was, to prevent damage.
See http://service1.symantec.com/SUPPORT/nav.nsf/pfdocs/2000092513515106?Open on how to do it.  God bless our processors :p

 

Answer by dmmathis
Submitted on 6/9/2004
Rating:  Rate this answer: Vote
I have the same problem. Housecall did not find anything on my computer, nor did Norton Anti-virus. The only thing I have found that has been able to find the Trojan on my computer is eAcceleration software. I can't remember where I found it but I searched on yahoo and it came up in my search results. It found everything on my computer and I haven't had anymore problems since.  You have to purchase the software for it to clean the virus off of your computer, but it shows you the files that are infected. Instead of buying the software, you can search for the files yourself on your computer and delete them yourself. This way you don't have to spend the money on the software. You can just use the free version.

 

Answer by jk
Submitted on 6/10/2004
Rating: Not yet rated Rate this answer: Vote
Add one more here... on my mom's computer it's called "Dropper.Small.5.E"; since she's caught it, her internet connection settings seem to have disappeared.

 

Answer by realtech's answer for dropper.small.4.bm
Submitted on 6/10/2004
Rating: Not yet rated Rate this answer: Vote
I did exactly what realtech said to from safe mode and it removed the virus. I run AVG and PC-CILLIN. PC-Cillin kept catching a virus called revop.f and revop.c and Ezula
AVG kept catching dropper.small.4.bm
                  downloader.apropo.d

Every time I cleared the files with the virus software they came back.
I am listing the files that they were hidden within for anyones interest. These files were all hidden within c:\windows\system

ai_loader.exe
tv_b5.exe
gfleogl.exe

The only way to permenately delete these is from safemode.When you restart your computer then again run the virus software and you should come away clean. It is a giant pain in the butt but it is the only way to kill them. I now am running McAfee fire wall and adaware. I am fairly certain that some of these viruses came in on spyware. I wish anyone with these buggers the best of luck in getting them off of the hard-drive. Thank you so very much for all of the postings. And thank you REALTECH you save me a lot of time and energy. Good luck with the one you are fighting!!


Sincerely
Cursed by Computers in Washington.

 

Answer by flux
Submitted on 6/12/2004
Rating:  Rate this answer: Vote
I solved destroying the "wintools" virus by booting into safe mode and taking control over "denied access" files and folders. There is a certain feature in safe mode where you can take control over denied access to folders and file, even when you are administer, and delete all the incriminating files.. go into safe mode and explore all the new functionality.. it's really pretty cool. I'm using Windows XP.




 

Answer by flux
Submitted on 6/12/2004
Rating:  Rate this answer: Vote
If you go through all your running processes in win XP and look at their running directories it will clear up much of the confusion especially with multiple runnings of svchost.exe and things like lsass and the different spellings of explorer.exe Iexplore.exe etc... Just open task manager and look at all the running processes and their paths. Go into safe mode and take control over denied access files that were suspect and delete them. I think this only works in Win XP safe mode.


 

Answer by Wick
Submitted on 6/12/2004
Rating:  Rate this answer: Vote
Earlier this week, a member of my family foolishly opened an e-mail from an unknown source and downloaded Dropper.Small.  AVG Scanner immediately found it (but did not prevent it from parking on my hard drive) and I "healed it" (in that I put it in the vault and deleted the file).  Within a couple of hours, though, the AVG Resident Shield showed the trojan had also parked itself in the System Volume Information folder (used for restore points).  

Since my understanding of viruses and malware is rather rudimentary I ran a Google on Dropper.Small and found this page.  One thing I noticed was that the Dropper item has been removed differently by different users, implying the virus itself acts differently on different systems.  In my case, I was unable to access/delete the specific .exe file in my SVI folder, nor was I able to set a restore to a date prior to the download (my gut tells me that inability was the work of the virus).  

Eventually, I read in my Windows help files that turning off System Restore will clear out the SVI folder and tried that option.  (In XP:  Start - Accessories - System Tools - System Restore - click box to turn it off - Apply - click OK on "Are you sure.." box - close out window and reboot).  Then do the same thing, but turn on the System Restore.  Since doing this yesterday, I have yet to get the AVG RS notice about Dropper.Small.  I am sure the code for the virus is still on the hard drive, but it is probably now dormant since it has no usable access point in the SVI folder (all restore points in that folder began last night).  It is VERY IMPORTANT to note that trying this option will delete ALL PREVIOUS RESTORE POINTS on your system.  You need to make sure you have backed up all your significant files and programs before trying this.  

If you have similar symptoms to what I experienced, the System Restore option will probably work.  If you have different symptoms, your solution will probably depend upon where the virus has parked.  

 

Answer by j8unk
Submitted on 6/20/2004
Rating:  Rate this answer: Vote
"gates" meaning...........

disable system restore-reboot-enable system restore.  

I had trojan horse dropper.small.4.AG

 

Answer by majorgeek
Submitted on 6/24/2004
Rating:  Rate this answer: Vote
to get rid of this trojan just go to http://cc.emsisoft.com download the program and update and run it. it will find and clean this and any other Trojans you might have. I know because I have used it successfully to remove them from my system and several of my friends

 

Answer by Quendi
Submitted on 6/26/2004
Rating: Not yet rated Rate this answer: Vote
Awesome.
I restarted my computer in safemode,
and deleted the necessary files.
Thanks a RealTech. :)
The nasty Trojan/virus is gone!

 

Answer by tori
Submitted on 6/27/2004
Rating: Not yet rated Rate this answer: Vote
i have had the Dropper.Small.5.E on my pc, after about 4 scans with AVG free it finally moved it to the vault, i was beginning to worry, altho it did not seem to be affecting the running of my pc,it seems it cannot be deleted completely tho as it is in WINDOWS\SYSTEM32 and the files cannot be deleted apparently! any ideas anyone?

 

Answer by Alan
Submitted on 6/27/2004
Rating: Not yet rated Rate this answer: Vote
I had Dropper Small 4 BM which is a browser hijacker that kept taking me to msn.com and reinstalling itself when I went online. I finally got rid of it with a free program called "Hijack This" designed just for this sort of virus. My AVG deleted it 20 times in 4 days but some sub-program kept re-installing it

 

Answer by ed
Submitted on 6/28/2004
Rating: Not yet rated Rate this answer: Vote
I recently got this virus, in fact immediately after downloading software from download.com.
What is spooky is that it keeps directing me to Kazaa, the exact same site that is on download.coms home page.

Comments?

 

Answer by RocCkin_RusheR
Submitted on 7/2/2004
Rating:  Rate this answer: Vote
dude i might sound a little dumb but can anyone give me a copy of the virus?
Plz...dude.....i really need to have one copy of it...

 

Answer by pinchie
Submitted on 7/4/2004
Rating:  Rate this answer: Vote
Would just like to thank e1's input  going to try e1's suggestions to get rid of trojan horse small dropper virus .nothing i have done has worked  hope something does  ty again  ....  =-) pinchie

 

Answer by dda
Submitted on 7/6/2004
Rating: Not yet rated Rate this answer: Vote
I have a friend with Trojan Dropper Virus problem.
I went to the cc.emsisoft.com site mentioned by majorgeek.  It requires user email address, etc.  Would like to hear from others who have tried this site to know if it is safe to use.
Also would like to know where to get a copy of the "Hijack this" mentioned by Alan.
Finally, saw much more mention here of AVG than Norton and very little said about McAfee.  Is AVG really better than these?
thanks, Dave

 

Answer by Gisterose
Submitted on 7/6/2004
Rating:  Rate this answer: Vote
Ive been looking in my registry files in:

HKEY_LOCAL_MACHINE/SOFTWARE/Windows/Run

to get here go to Start then Run then type regedit.

In here i found a very suspicious file called:

nwiz   and the data information for this file is:
nwiz.exe \install

This looks to me as though everytime the file is executed it is set to install each time. Maybe this is one of the files to be looking for.



 

Answer by AwwwMan
Submitted on 7/9/2004
Rating:  Rate this answer: Vote
i have Dropper.small.5.e, Dialer,Downloader.small.7.ak,Dialer7.b, and Revop.c . Is that alot of viruses at one time, i wouldnt know Because i am not a  computer guy.
I have spybot-search&destroy, Ad-ware 6.0, AVG 6.0, and i have HiJackThis. Since i dont really know how to work hijackthis i dont no if it will kill them or not. All of the other programs i have wont kill any of the virsus i have. From what i think HijackThis was based of a hacking program? But someone figured out how to use it to find hackers and virsus.I don'tknow thought.

If someone here knows how to use hijackthis please tell me because i really want these viruses gone.
.

 

Answer by Screwymom
Submitted on 7/15/2004
Rating: Not yet rated Rate this answer: Vote
OK OK OK .... SO I'm not the sharpest pencil in the box!... I forgot to post the link. Here it is:
http://www.pchell.com/support/spyware.shtml

 

Answer by Stormz1
Submitted on 7/18/2004
Rating:  Rate this answer: Vote
As many people here have discovered, running your antivirus program may or may not do anything to this virus except to identify it. Many here have tried to either heal or delete the virus with little or no success, as the virus seems to replicate itself almost as fast (or faster) than you can remove it.

While this solution may not work for everyone, its seems to have worked for me. I will try to go through everything I did to remove this "bug", with hopes that it will assist somebody here with its removal.

First off, I've got AVG running on my Windows XP Professional system. I ran a full-system scan and found 3 instances of Dropper.Small.5.BQ (otherwise known as "w32_ss.exe") and discovered that I couldn't remove them from the system. I found this forum and followed some of the possible solutions, of which I found that very few did much good. What I did seems to have worked so far and it didn't require having to go into MS-DOS, but it still took a while.

1.) Go to "C:\Windows\system32" (minus the quotation marks, of course) and look for a program file called"w32_ss.exe". Right Click, go to Properties and click on the radio button denoting "read only". Click "Apply". Click "OK". Right-click again, go to Properties, select Rename and rename to file to "w32_ss.txt". (This may or may not work for some folks).

2.) Open an IE window, go to Tools, click on Internet Options and in the section for Temporary Internet Files, delete Cookies, Files and Offline Files. Click "OK"

--REBOOT--

3.)After your system reboots, go to C:\Windows\system32\ and locate the w32_ss.exe (or the renamed w32_ss.txt) read-only file and delete it.

4.) Open AVG, update your .DAT files and rerun a full system scan. If you are as unfortunate as I was, my AVG found 26 instances of Dropper.Small.5.BQ in my restore files. However, because the primary w32_ss no longer was accessible, AVG was able to heal the restore files. The scan also discovered BackDoor.Agent.2.B (system restore) and JS/Psyme (1 html file and 1 text file). These last 3 I had to delete as they could not be healed.

5.) After all this, I ran Spy Sweeper v.2.6.1 and checked for anything that my A/V might have missed and safely removed what it found off my system.

6.) Finally, I right-clicked on my trash can and deleted everything within it.

As of today, I've not had any problems.

Stormz1


 

Answer by lloydster55
Submitted on 7/21/2004
Rating: Not yet rated Rate this answer: Vote
got that trojan horse dropper cant get rid of it rebooted my computer installed avg spyware and zone alarm bit it still gets back my computer has only been online 1 day and my zonealarm intrusin count is at 58 thousand 700 high rated dont know much about them get me a rough idea please plus the ip adresses of the intrusons claim 2 b from bt. r they  

 

Answer by grubby
Submitted on 8/4/2004
Rating: Not yet rated Rate this answer: Vote
I tried everything but Spy Sweeper got rid of it.  go to

http://www.webroot.com/wb/products/spysweeper/index.php

 

Answer by somer
Submitted on 8/7/2004
Rating: Not yet rated Rate this answer: Vote
I had trojan horse downloader.rameh.e.  It was also detected by AVG anti-virus and was located in my System Volume Information folder.  Since I turned off system restore and all of my backup files were deleted, it seems to have been wiped out.  It was only today that I wiped it out, but AVG no longer detects the virus.

 

Answer by Roonis
Submitted on 8/11/2004
Rating: Not yet rated Rate this answer: Vote
All you have to do (even according to AVG) is right click on "My Computer" and select "Properties".  Then you click on the "System Restore" tab, put a check mark in the "Turn of System Restore" box, and click "Apply" then "OK".  After you do this, you restart your computer, and repeat the above steps, only this time un-check the box!  I have not received this pop-up ever since!!!!!!

READ IT YOURSELF AT:

http://www.grisoft.com/faq/us_faqtext.php?id=180&sid=26

HOPE THIS HELPS!!!

 

Answer by kseggio
Submitted on 8/19/2004
Rating: Not yet rated Rate this answer: Vote
guess what..you get the dropper horse trojan virus... JUST stop what your doing... STOP surfing ..go directly to internet options..delete temp files and cookies.., after another beer, Then you should run a spybot or ad-ware program..  all you geeks out there are making more out of the situation then what needs to be done.

 

Answer by weldboy
Submitted on 8/20/2004
Rating: Not yet rated Rate this answer: Vote
i got Trojan horse dropper Small ,avg 6 found it placed it in vault and deleted no probs now -fingers crossed

 

Answer by Jade
Submitted on 8/26/2004
Rating: Not yet rated Rate this answer: Vote
I have trojan horse dropper. small. 6.L I cant figure out how to get rid of it. I have AVG but when it finishes scanning and finds it, I click "move to virus vault" the program locks up on me. My computer has never locked up on me. I dont know what to do. I dont think it has slowed my computer down yet. I have a new computer and DSL. Maybe its a matter of time? I dont know. Any suggestions would be appreciated.

Jade

 

Answer by Paul
Submitted on 8/29/2004
Rating: Not yet rated Rate this answer: Vote
Hi ermm I am really struggling too. no matter what i use i cannot get rid of trojan horse dialer.7.B and the trojan horse downloader.small.7.AK. I have used AVG, adaware  however it wont let me install any trojan horse removers so its obviously the viruses stopping it. I am not totally into all this virus thing and how to get rid of em if your anti virus doesnt work!lol. Also another thing that comes up is when avg says it has detected a virus named TMP.DLL but cannot delete it and its obviously in the system files. Please could someone be kind enough to help me. Either leave your message on here or email me at
eye_ball_paul152@hotmail.com

Thank you everyone!! and hope to hear from you soon!!

 

Answer by Hershey
Submitted on 8/31/2004
Rating: Not yet rated Rate this answer: Vote
I am running the free version of AVG6.0 and I have the JS/Psyme virus which is in my temporary internet files.  Deleted the files, though for some reason, after I ran AVG I could still see it scanning the temporary internet files.  The virus is not in the virus vault, the status says "still infected".  I have not seen any info on how to get rid of this virus for someone who is running Windows98.  Please help.

 

Answer by no name
Submitted on 9/2/2004
Rating: Not yet rated Rate this answer: Vote
hey i have a virus and it keeps trying to connect me to some site and it has changed my homepage to some search page!!! help please

 

Answer by otto53p
Submitted on 9/7/2004
Rating: Not yet rated Rate this answer: Vote
I found virus Trojan Horse Small Dropper.6.BN in side my Note book, which is apparently appear after I updated my AVG anti virus data.
Please give me some assistance in order to overcome / get rid of this virus.

TKU

Otto

 

Answer by kylersgothangel
Submitted on 9/15/2004
Rating: Not yet rated Rate this answer: Vote
How do you know if you have the virus.Smiley Central Download puts it on your computer,i think.A red sreen came up ,when i went there to download smileys,and it said virus Trojan Horse Dropper and it said proceed or do not attempt.What does that mean?i clicked proceed

 

Answer by faxman
Submitted on 10/1/2004
Rating: Not yet rated Rate this answer: Vote
Well, I also had the Dropper.Small.5...
And I ran AVG.  It removed it. However after reading all of these posts and seeing the various names it uses and places it hides, I decided to go and search its remains out!

Lo!  I found NOTHING nAdA, Zilch!

Now, I started putting the pieces together from all the fine posts here that you folks have worked hard to compile through hard work at solving this problem.  

I deduce that many of you have found the masquaraded file in your system folder of the restore area.  I also noticed that some had good results by turning off restore and eliminating the bug.  Well...I have never had the restore feature on because I notice it simply eats too much drive space.  I use partition backups to dvd (you can use cd) regularly.  I keep these images updated so if I need to I can restore from there.  I feel that from what you all have said that this bug utilizes the feature of restore points in xp and goes in there (IF IT CAN..IF ITS ON) and thus the way many have gotten rid of it is through various renames deletions etc of files in that folder.  If you can, turn of the restore and use an image backup program to make rescue disks periodically.  It serves the same purpose and you get to keep lots of xtra disk space.  Oh..do not dl any symantec norton junk.  I got my virus twice from two different p2p clients downloading Norton Ghost.  AVG caught it both times as it came in.  AVG is Good, but do not let a trojan get into the restore folder!  SHUT DOWN RESTORE.

As the virus was making its move during the dl, AVG cut in just as this trojan was making an effort to invade the restore folder.  XP even gave a brief BLUE SCREEN OF DEATH, but
AVG worked quick.

Keep your AVG monitor ON, and oh..UPDATE AVG REGULARLY.  Not just the virus signatures, but update the program too!  A previous version I had did not cure the DROPPER, but the one I got the other day DID.

Well, I thank all of you for all of your various ideas and cures, and I believe that each one of you have added a piece to a puzzle.  Keep up the great work!  And Stay away from NORTON SYMANTEC junk.  They put this stuff in dummy progs for the sake of screwing you up when you try to hack off a free copy.  They leave it on servers and serve it via many different p2p clients...the reason I know this is that I saw there website listed in a p2p for the warez I dl, not even thinking it strange...though it is kinda strange eh?  What is Symantec doing on a p2p client.....waiting to mess you up!

OK..hope this was helpful, and again thanks you all for your input.

FAXMAN

 

Answer by Eva
Submitted on 10/15/2004
Rating: Not yet rated Rate this answer: Vote
Just go to www.securiyresponse.symantec.com and follow the instuctions .

 

Answer by mike
Submitted on 10/25/2004
Rating: Not yet rated Rate this answer: Vote
I had a trojan horse dropper 7.5 in my documents and settings folder. I'm running XP Pro and I couldn't manually remove it. I did the undo system restore, redid it, ran AVG, ran Spybot and ran Adaware. AVG would say that I had it, but wouldn't find it when I ran the program.

Nothing worked. Then I ran downloaded the latest Adaware program, turned off system restore. Adaware 1.05 found it, I deleted it, rebooted turned on system restore again and it was gone.

Hopefully this info will save you some hours.

 

Answer by rudi
Submitted on 11/16/2004
Rating: Not yet rated Rate this answer: Vote
I had trojan horse dropper since I installede AVG free.
Most of the people here also have AVG so....

 

Answer by simone
Submitted on 11/24/2004
Rating: Not yet rated Rate this answer: Vote
i use avg free edition and love it.if i want to be extra careful i go online and use trend housecall.for problem bugs that cant be deleted i scan in safe mode with avg.i also use spybot search and destroy,adaware and dont mind spysweeper.i found that i need to use more than one program for the spyware problems because there is that much out there that one program cant find it all.everytime i go online i check for updates because new bugs are being created everyday so it is impossible to be update for the new bugs until a solution is developed.if u arent sure what something is look it up on the internet,if u cant use your computer use someone elses.and last but not least be careful of the antispyware and antivirus programs you install,cause sometimes they actually infect your computer not protect it.pc world.com is a good site that tells you about programs that will help you keep your computer running smoothly.(p.s have also used the system restore disabled-reboot-enable method successfully).Good luck to everyone

 

Answer by PrOwLa
Submitted on 12/27/2004
Rating: Not yet rated Rate this answer: Vote
Well, I am much of a computer Techy myself, and i just got done reading all that has been posted. My dad so kind like  got a TrojanDROPPER.SMALL.7.Av  onto my moms computer --- playing games --
and this has done nothing but be a nightmare --- She cannot type when she does her XP locks up ---This is the only Main problem -- considering the only way she can type is c/p from a messaging service --- if anyone can help me would be greatly appreciated --- i will try some of the things i read here --- to see if i can get them to clean it out --- tis a mean and nasty trojan, hurts whats used the most --- OH and it EVEN LOCKS UP THE ON-SCREEN Keyboard!

THanx's


-Prowla

 

Answer by meandonlyme
Submitted on 1/27/2005
Rating: Not yet rated Rate this answer: Vote
I have small.8.BC on mine but I am running my virus scanner and it found  of them so I hope it works sence I just updated my virus scanner 2 days ago.

 

Answer by BeadedDrum
Submitted on 1/28/2005
Rating: Not yet rated Rate this answer: Vote
I too have the Trojan Horse virus Dropper Small 5- I am pretty sure I got it from ZDNet Downloads, trying to download a Waterfall Screensaver- go figure- anyways, upon installment of the saver, AVG picked up the Dropper horse, moved it to the virus vault, but, as everyone else, am unable to remove it. I have AOL, so, contacted there live tech help (no help) but, went to there AOL download center, installed a free trail thing of a program called AntiVirus and Trojan- it found a virus called pchschd.exe, ginst_001_1234_4209.exe, and xhrmy.exe....This program does ask if you want to remove the exe files, and was able to kill the ginst, and xhrmy files....  If I ever find out how to remove these, Ill repost. Oh, Im on Windows ME as well....

 

Answer by SlyFoxy
Submitted on 2/17/2005
Rating: Not yet rated Rate this answer: Vote
Hello,I would just like to say Stormz1, i dont even have a file like that in my C:\Windows\system32 file. The problem im having w/ this Trojan horse Dropper.Agent.2.R shows as this-C:\WINDOWS\TEMP\RANDRECO.EXE and is infected. the pc is moving slow at times,but it just is not being picked up w/ a scann from AVG, im not sure it has to do w/ some spyware
Alexa Related-What's related link-C:\WINDOWS\Web\RELATED.HTM

DSO Exploit-Data source object exploit-HKEY_USERS\DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\\1004!=W=3
I don't know much about pc's im hardly ever online but i use it for college and i cant afford to lose it..anyone got any ideas thanks..and directions.Slyfoxy

 

Answer by brt4ce
Submitted on 3/1/2005
Rating: Not yet rated Rate this answer: Vote
first of all with ANY virus or trojan you MUST shut down any processes that are running, if your not sure which process is related to the virus or trojan, then shut down everything using ctrl-alt-delete. Any critical system services won't allow you to close them so no worry. Also leave the svhosts alone and any explore processes. Next turn off your system restore since it will always harbor copies of the virus or trojan. Next scan your system either with your pc'svirus program or use any of the free many online ones available. Also this would be a good time to run ad-aware to check your system as well. Then restart your system. Rescan again and if nothing is found, turn your system restore back on.Best of luck!
Brt4ce

 

Answer by rjb
Submitted on 4/7/2005
Rating: Not yet rated Rate this answer: Vote
I have trojon horse dropper.small.15.AH
AVG has picked it up but can't heal. Any help would be appreciated.     Thanks

 

Answer by tyler
Submitted on 4/16/2005
Rating: Not yet rated Rate this answer: Vote
I have trojan horse i dont understand nething about comps how do i get rid of it!

 

Answer by louise
Submitted on 5/27/2005
Rating: Not yet rated Rate this answer: Vote
I have about seven of these trojan horse dropper on my computer, and also know five or six people who also do. EVERY single person I know who has it has for the AVG free edition, so as someone mentioned, do you think it's a technique used by AVG to force us to buy the free edition? I haven't met anyone who has the virus and who doesn't have AVG free either, which leads me to think this is possibly the only solution.

And as for trying to get rid of them, I have tried all the ideas people have posted on here and even re-formatted my computer. However, three hours later, it was back. It has no serious effect, but I keep getting the "VIRUS DETECTED" box come up from AVG which is driving me insane.

However, I have Windows ME and so most of the ideas you have all suggested does not work for me. Has anyone found a way to get rid of it that I could try? Bearing in mind I'm only 16 so am not really very clued up when it comes to technical language.

 

Answer by George
Submitted on 7/23/2005
Rating: Not yet rated Rate this answer: Vote
Yeah well umm I have the Trojan horse IN.9 I don't know what it is I tryed AVG free and well it found it but didn't delete it so well I tryed everything everybody said.. The worst thing is that my internet is not working to! So please help me

 

Answer by George
Submitted on 7/23/2005
Rating: Not yet rated Rate this answer: Vote
yeah well I got trojan horse IN.9 I don't know what it is just I can't delete it... I did whateveryone said I tryed AVG free.. The last thing I can do is re format or buy a new computer.. I have the newest Trojan horse virus so I don't think anyone knows what to do...

 

Answer by mr awesome
Submitted on 7/28/2005
Rating: Not yet rated Rate this answer: Vote
i had those viruses on my computer too, and i got them off by hitting the details button on the avg scan for each file, then hitting go to file, then putting it in the recycling bin, and deleting off of their took it completely off my computer

 

Answer by dion
Submitted on 7/29/2005
Rating: Not yet rated Rate this answer: Vote
oh and with regards to "With horrible typing like that, it's hard to belive you're a day over 12, let alone a tech." that is an insult to all 12 year old

 

Answer by help me
Submitted on 8/4/2005
Rating: Not yet rated Rate this answer: Vote
i have a question,
trojan horse dropper small.23.0 its in the AVG virus vualt does this mean that the virus can not distory my computer i dont know could someone please help me and soon!!!

 

Answer by scoobydoo
Submitted on 8/19/2005
Rating: Not yet rated Rate this answer: Vote
I don't know how to get my AVG working, it has been working fine but I think that I have a virus possibly trojan.I have tried several suggestions and I'm still stuck with the same problem....short of throwing my computer away I don't know what to do or how to get rid of it!!!!

 

Answer by claire
Submitted on 8/30/2005
Rating: Not yet rated Rate this answer: Vote
i have scanned my PC on avg and put my virus in the vault!!!!
how do i delete this from the vault

 

Answer by jass
Submitted on 9/8/2005
Rating: Not yet rated Rate this answer: Vote
i`ve winxp on my pentium machine. recently i spotted a dos program file named 'Ghost' in all of my folders and along with this file a folder gets created with exactly the same name it is residing in. for example in a folder name Songs there is another folder been created named Songs too. it does not open. till now no damage has been done to my pc but i want to know what is this program and how to remove it. Thanx for the help

 

Answer by equinox
Submitted on 9/16/2005
Rating: Not yet rated Rate this answer: Vote
anbody heard of onekill.exe?

 

Answer by spiky
Submitted on 10/18/2005
Rating: Not yet rated Rate this answer: Vote
hey people where is the add/ remove prograames.
i am only 9 so can u just tell me plz plz plz. :-)

 

Answer by zero cool
Submitted on 12/1/2005
Rating: Not yet rated Rate this answer: Vote
1010101010101010111111010101101001010100100101010010101010101010100101010101010110101101011011        [ACCESS DENIED]

 

Answer by Sturks
Submitted on 12/10/2005
Rating: Not yet rated Rate this answer: Vote
What does a trojan horse actaully do, in human terms?

 

Answer by PotchtheTech
Submitted on 12/15/2005
Rating: Not yet rated Rate this answer: Vote
have any of you tried to remove the Files Via Safe mode? to enter safemode reboot your computer, once the computer is starting to boot up keep hitting tapping F8 that will bring you to a couple of options, you would most likely want to select the option to boot up with command prompt once you enter safe mode you can delete files that wouldn't allow it in regular mode. Just be careful what you delete

 

Answer by TechnicalTibb
Submitted on 12/18/2005
Rating: Not yet rated Rate this answer: Vote
I see this problem on a regular basis on computers brought in by customers.  The process of removing these virus' vary depending on the type.  These are backdoor virus' that will inhabit locations on your computer that you do not normally access or that most people do not know how to access.  The best way I have found to remove these, which has worked 95% of the time for me, is by first pressing ctrl-alt-delete and press the processes tab.  If it says your cpu is running at 100% at the bottom of the window, select the process using up the most (note:  System and System Idle Process are exceptions to this, DO NOT TURN THESE OFF) and end those processes.  You will want to turn off your system restore as well, as this allows files (virus') to be deleted that would normally be protected.  If you remember the day and time you got the virus, do a search, entering nothing in the file name field and selecting the date modified tab.  Enter the date you recieved the virus and press search.  It should bring up a list of files showing you which files were created/modified.  Scroll over the files and a balloon should pop up saying the date and time it was created/modified.  Delete all files created/modified and the date and time you recieved the virus.  There often is quite a few files.  After that process i like to run Hijack this!, a free program that is available (google search should bring up a link).  Run a scan with this program and select and fix all files that are malicious.  Be careful THIS WILL BRING UP SOME SAFE FILES that should not be deleted.  If you are unsure, select the file and click the file info button.  When you are finished, turn off your computer for 30 seconds and turn it back on.  Don't forget to delete any quarantined virus' before you shut it down.  And remember to turn your System Restore back on after starting it back up.  GOOD LUCK!  I hope I was of some help.  

 

Answer by TechnicalTibb
Submitted on 12/18/2005
Rating: Not yet rated Rate this answer: Vote
I can be reached at wilforknowledge@yahoo.com if anyone has any questions about this process.  Also, I forgot to note that hijackthis also has a shredder you can drag files to and it will delete them more efficiently than the recycle bin.

 

Answer by anniekins
Submitted on 1/3/2006
Rating: Not yet rated Rate this answer: Vote
I have just come on this page - fascinating reading!  Got a similar problem with BackDoor.SdBot.PMS and wondered if anyone came across a fix for this, as I do NOT want to format my hard drive (the thought of taking off all the rubbish on it onto DVDs....

 

Answer by GEEKHELP
Submitted on 2/3/2006
Rating: Not yet rated Rate this answer: Vote
LISTEN TO WISDOM AND LEARN THAT GOD CAN HELP US ALL. FIRST BELIEVE THAT YOU CAN GET RID OF THESE MONSTERS AND THE SAD PEOPLE WHO WE SHOULD SUE FOR THESE VIRUS ATTACKS UNTIL THEY REALISE THAT PEOPLE ARE STRONG TOGETHER.

NOW DOWNLOAD EACCELARATOR AS RECOMMENDED, DELETE SYSTEM MECHANIC 6 FROM PC AND BINGO IT GOES, MAY TAKE TWO RESTARTS, BUT UNLESS YOU REMOVE SYSTEMS MECHANIC OR ANY INFECTED SPYWARE FROM YOUR PC, FURTHER DOWNLOADS FOLLOW AS FAKE UPDATES. DO NOT ACCEPT ANY DOWNLOADS ONLY AEACCELARATOR WORKS! WORK WITH IT AND YOU DO NOT NEED TO FORMAT. I DID IT AND SAID A PRAYER AGAINST THESE EVIL PEOPLE AND FORGIVE THEM!  TRY IT!

 

Answer by GEEKHELP
Submitted on 2/3/2006
Rating: Not yet rated Rate this answer: Vote
IT COSTS 20 BUT WORTH EVERY PENNY. HONEST I HAD 5 INFECTED FILES BY AVG, BUT STOP FROM EACCELARATOR FOUND 7 AND ON THE NEXT SCAN 5 SPYWARES. DELETING STUFF TAKES TIME, SO SAY YOUR PRAYERS AND WAIT. IT TOOK AWAY THE FILES, BUT THEY RETURNED, DUE TO SYSTEMS MECHANIC BEING INFECTED AND A FAKE DOWNLOAD PUT 7 MORE FILES ON THE PC AND 5 MORE SPYWARE. IT INFECTED THE WINDOWS TOOLBAR.EXE WITH TROJAN DOWNLOADER 6734 AND WINDOWS WINSYSUPS5 EXE. YOU NEED LOTS OF PATIENCE, SO DO NOT PANIC AND THINK ABOUT WHAT IS HAPPENING. IF YOU ARE HAVING YOUR DAIL-UP COMING ON WITHOUT ASKING, IT MEANS IT WANTS TO GET OUT! DISCONNECT BY RIGHT CLICKING THE TWO SYMBOLS OF PCS ETC. IF YOU GET ANY GENUINE LOOKING DOWNLOADS NOT FROM STOP-SIGN, THE SOFTWARE YOU NEED THEN DELETE THEM IMMEDIATELY, OR ELSE YOU NEED TO RESCAN AND REPEAT FOR SPYWARE.
GOD BLESS AND BELIEVE YOU CAN WIN!!!!

 

Answer by GEEKFRIENDS
Submitted on 2/4/2006
Rating: Not yet rated Rate this answer: Vote
TAKE YOUR TIME AND GET "STOP" ANTIVIRUS BY EACCLERATION VIA YAHOO. IT WORKS AND IT TAKES THREE DAYS OF CHECKING. REMOVE ANY ANTI SPYWARE SOFTWARE AS THESE ARE FIRST TARGETS TO CONTAMINATE AND REMAIN BEHIND!
DO NOT ACCEPT DOWNLOADS FROM ANTISPYWARE SOFTWARE AS THESE ARE FAKES! I HAD SYTEMS MECHANIC 6 AND A FAKE DOWNLOAD PLANTED MORE INFECTIONS ON THE PC, FORTUNATELY I WAS SCANNING AGAIN AND I MANUALLY REMOVED THE WHOLE PROGRAM. CHECK WITH STOP EACH TIME ONLINE FOR ABOUT A WEEK. DROPPER INFECTS WINDOWS EXPLORER SO DO KEEP CHECKING. EVEN NOW I AM CHECKING AS I WRITE, SO YOU KNOW YOU CAN WIN....

 

Answer by davidjrjr89
Submitted on 2/4/2006
Rating: Not yet rated Rate this answer: Vote
hey how do you reboot your computer

 

Answer by Cian
Submitted on 2/14/2006
Rating: Not yet rated Rate this answer: Vote
Guys what i did was keep it in the AVG Virus Vault. I t infected a system file so i didn't delete it. it might have shut down the computer. Keep it in AVG virus vault and it can't spread or damage the computer. I got the Trojan Dropper of a DVD PC UTILITIES.

 

Answer by 5mIgMAjxcg
Submitted on 2/17/2006
Rating: Not yet rated Rate this answer: Vote
rGECWa9lJlTFgf i7tseMHJUZSI6w CpneByT2k7

 

Answer by SUNSHINE
Submitted on 2/21/2006
Rating: Not yet rated Rate this answer: Vote
My system had the win32:Trojano-3419 virus and Norton didn't pick it up.  I used Avast (free by the way) and now it's gone.  This virus puts your computer into a continual cycle of reboot.  I had to reintall the OS into a directory called c:\wins and ran avast - and it cured it.  Anyone experience where this virus came from?  I can't find any real information on it.

 

Answer by ricedragon
Submitted on 3/17/2006
Rating: Not yet rated Rate this answer: Vote
just reformat the god damn computer!

 

Answer by tjpahrump
Submitted on 5/18/2006
Rating: Not yet rated Rate this answer: Vote
Took a chance & it worked
I had trojan horse dropper small on c: & d: drives. AVG fixed c: drive but couldn't fix D:  (restore files). The trojan was in D:\i386\apps files, so i disabled D;system restore & deleted i386 on D; drive. Then copied i386 from C: to D: and turned system restore back on in D: drive. Trojan is now gone and all is fine.

 

Answer by dennis    jenkins
Submitted on 5/26/2006
Rating: Not yet rated Rate this answer: Vote
O.K.  THANK   YOU

 

Answer by raven
Submitted on 6/15/2006
Rating: Not yet rated Rate this answer: Vote
need to be fix

 

Answer by lcmike
Submitted on 7/24/2006
Rating: Not yet rated Rate this answer: Vote
  The problem is they are running in your registry. Download http://siri.urz.free.fr/fix/smitfraudfix.zip
and extract all the files to your desktop. A folder named SmitfraudFix will be created on your desktop.  Open the SmitfraudFix folder and double-click smitfraudfix.cmd. The one with the small gear drive on it.Your firewall may try to block the program. Just hit allow.   Select option #2 Clean by typing 2 and press enter. Wait for it to finish.  You will be prompted " Registry cleaning-Do you want to clean the registry?"  Hit "Yes"  If a clean version of wininet.dll is found you will be prompted to replace wininet.dll. Answer "Yes"  REBoot your computer.
Then download Http://WWW.ewido.net/en/download/
install it and update but do not run wait to run it until you restart your computer in safe mode. Then run it.

 

Answer by lcmike
Submitted on 7/24/2006
Rating: Not yet rated Rate this answer: Vote
I posted this but i am not sure it went through the first time. So here goes.

Print out or save to notepad these instructions as we will need to do most steps offline and in SAFE MODE (so you won't have this window open to see the instruction from)

2. Download SmitfraudFix (by S!Ri) to your Desktop (Win2k/WinXP only!).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Extract all the files to your Destop. A folder named SmitfraudFix will be created on your Desktop.

3 Download, install, and update Ewido AntiMalware (get the free trial version)
http://www.ewido.net/en/download/

a. Install Ewido AntiMalware

b. Launch Ewido, there should be a big yellowE icon on your desktop, double-click it.

c. The program will prompt you to update click the OK button

d. The program will now go to the main screen

e. On the left hand side of the main screen click on Update

f. Click on Start. The update will start and a progress bar will show the updates being installed.

g. Do not scan yet. We'll do that later in SAFE MODE. After updating close Ewido and any open programs.

4. Reboot into Safe Mode
How to start the computer in Safe mode
http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam

5. Once in safe mode, start Ewido AntiMalware

a. Click on scanner

b. Click on *complete system scan*

c. Let the program scan the machine.

d. While the scan is in progress you will be prompted to clean the first infected file it finds. Choose Remove, then put a check next to Perform action on all infections in the left corner of the box so you don't have to sit and watch Ewido the whole time.
Checkmark the box: *Create encrypted backup in the quarantine* (recommended)

Click OK.



6. Open the SmitfraudFix folder and double-click smitfraudfix.cmd

Select option #2 - Clean by typing 2 and press Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter.
The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.

A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually.
........................
7. Reboot back to normal mode.

8. Get a free online AV scan at Panda's ActiveScan
Let it remove any infected files found, and when it finishes save the log at the end to post back here. Y

Panda's Active Scan
http://www.pandasoftware.com/activescan/co...n_principal.htm














--------------------

 

Answer by Jackie
Submitted on 8/25/2006
Rating: Not yet rated Rate this answer: Vote
Hi people I tried everything to take this trojan out, I downloaded the avast it took out 4 viruses but didn't take the trojan dropper out what helped me was the spyboot, download it and try it on

 

Answer by accpass
Submitted on 10/12/2006
Rating: Not yet rated Rate this answer: Vote
DD;Davon;f;logjam's'f,'v,'f,b

 

Answer by bluerover
Submitted on 10/18/2006
Rating: Not yet rated Rate this answer: Vote
Try download virus checker "ewido" was free but now bought by AVG Grisoft
Ewido found dropper virus and then deleted it for me. Told me where file was so I looked for it and deleted that also. No Probs

 

Answer by buzz
Submitted on 11/11/2006
Rating: Not yet rated Rate this answer: Vote
avg got rid of it, just 10,000 infected files later

 

Answer by TheImmortalVampire
Submitted on 11/21/2006
Rating: Not yet rated Rate this answer: Vote
Ladies and Gentlemen (and/or Children) - One of the main reasons that a Virus Scanner cannot remove an infected, yet detected, file is that said file is in USE by windows, and thus, cannot be deleted. Such files load at startup. You may be able to shut some of them down from the task manager. Others, you may be able to keep from loading by RUNning MSCONFIG.EXE and disabling anything that you do NOT recognize. Then, run your scan. By the way, NO virus scanner will EVER be able to detect ALL KNOWN VIRUSES AND VARIANTS. There are just too many. Norton's will find some that AVG won't and vice versa and the same goes for all virus scanners out there. As for  AVG - A complete scan tends to find more viruses than a right-click context menu scan. Also, the idiots on here posing as hackers do not have a clue. COMPLETE IDIOTS IN NEED OF A DICTIONARY and a fundamental understanding of the english language. Go back to school, learn a real trade and do something useful rather than destructive. Take a hint from Kevin Mitnick and GET A REAL LIFE!

 

Answer by TheImmortalVampire
Submitted on 11/21/2006
Rating: Not yet rated Rate this answer: Vote
As a side note, much of these Trojans and other malware are transmitted via file-sharing applications. If you need to download software, do so from a reliable source. File-sharing used for the purpose of piracy is a guaranteed route to viral infection. Hackers of the evil sort and virus writers tend to understand one of the fundamental flaws of human nature - WHY PAY FOR IT WHEN I CAN DOWNLOAD IT FOR FREE - and so they will INFECT POPULAR COMMERCIAL SOFTWARE with the fruits of their EVIL programming talents, and it will find it's way to the hard drive of an unsuspecting soul who only wanted something for nothing. SIGH! Buy your software friends, save yourselves the hassles of piracy whether it be LEGAL, VIRAL OR OTHERWISE!

 

Answer by Dell_Boy2020
Submitted on 12/1/2006
Rating: Not yet rated Rate this answer: Vote
I have a Trojan Dropper and when i hit heal or clean file my computer get the blue screen of death, and im forced to restart. I have AVG, Avast, and Windows Live OneCare. What the hell do i do?

 

Answer by Mcaffee
Submitted on 1/3/2007
Rating: Not yet rated Rate this answer: Vote
dude use mcafee anti virus i cleared  all my cookies, used spyware doctor and then i used mcafee antivirus scan and i deleted the keylogger i had on my comp! man im soo happy

 

Answer by Pablo (Dj Breakdown)
Submitted on 1/3/2007
Rating: Not yet rated Rate this answer: Vote
Hey I've had alot of viruses/bug like that.
My antivirus (AVG) could detect them but couldn't get rid of them.
So I decided to teach myself how to get rid of them.I made alot of research on the internet about the virus,and figured out that when a virus first gets into a compurer, it creats a hidden folder,puts it self in it, and changes its name.
So the first thing you'll gotta do, is find what name the virus names that hidden folder.
When you find that name, click on START, go to SEARCH, ALL FILES AND FOLDERS, MORE ADVANCED OPTIONS, an check all the boxes that open, scroll back up, and on the first bar, type the name of that Hidden Folder,
right click it and select DELETE.
But whatch out if its an important SYSTEM32 driver.
If it is find that driver on the internet, save the new driverinto a cd/floppy disck/or a memory unit, then DELETE the infected driver and isntall the new one.

IF ANYTHING GOES WRONG, DO A SYSTEM RESTORE FOR WINDOWS.

And never fully trust on antivirus sftwares/programs.
LEARN FOR YOUR SELF.
TEACH YOUR SELF.
EXPERIMENT WITH YOUR COMPUTER.
THAT'S WHY WINDOWS GIVES YOU THE OPORTUNITY TO ALWAYS GO BACK AND FIX ANYTHING YOU MISSED UP IN.

RESTORE POINTS ARE THE BEST!!!

THANKS TO MICROSOFT WINDOWS.

 

Answer by PooR BoY
Submitted on 7/8/2007
Rating: Not yet rated Rate this answer: Vote
well seems some got helped some not
for me its more complicated
i dunno wat d virus is!
i used every single anti-virus mentioned
and although formatted
it stil cant help
1stly i cannot show my hidden files
somehow lik tat~~
its so stubborn when i press show hidden files and ok.... nothing happen
and when i open the folder option again it goes back 2 do not show hidden files
and once i start to online
virus pop-up~~~
there is something 4 sure
i tried many many format disc ady
how to find the SOURCE of all these rubbishs???

 

Answer by Dave
Submitted on 7/20/2007
Rating: Not yet rated Rate this answer: Vote
try this link ,worked for me.
http://www.viruslist.com/en/viruses/encyclopedia?virusid=40683

 

Answer by Dave
Submitted on 7/20/2007
Rating: Not yet rated Rate this answer: Vote
p.s. AVG Spyware(not antivirius)found it quarantined it and deleted it also

 

Your answer will be published for anyone to see and rate.  Your answer will not be displayed immediately.  If you'd like to get expert points and benefit from positive ratings, please create a new account or login into an existing account below.


Your name or nickname:
If you'd like to create a new account or access your existing account, put in your password here:
Your answer:

FAQS.ORG reserves the right to edit your answer as to improve its clarity.  By submitting your answer you authorize FAQS.ORG to publish your answer on the WWW without any restrictions. You agree to hold harmless and indemnify FAQS.ORG against any claims, costs, or damages resulting from publishing your answer.

 

FAQS.ORG makes no guarantees as to the accuracy of the posts. Each post is the personal opinion of the poster. These posts are not intended to substitute for medical, tax, legal, investment, accounting, or other professional advice. FAQS.ORG does not endorse any opinion or any product or service mentioned mentioned in these posts.

 

<< Back to: Computer Virus FAQ for New Users


[ Home  |  FAQ-Related Q&As  |  General Q&As  |  Answered Questions ]

© 2008 FAQS.ORG. All rights reserved.