dropper.small.5.j help!!!!

Discussion in 'malware problems & news' started by New guy, Jul 15, 2004.

Thread Status:
Not open for further replies.
  1. New guy

    New guy Guest

    ok ive looked at the other posts about this but mine is not in the folders they said to go in. mine is in C:\WINDOWS\96WU19RD.EXE AVG pops up and says i can heal it but it never dose and its only happened when i open up windows media player. SOMEONE HELP PLEASE!!!
     
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  3. supermo

    supermo Registered Member

    Joined:
    Jul 16, 2004
    Posts:
    1
    Location:
    charlotte, nc
    I have finally found someone else with my problem!! My AVG detected dropper.small.5.j a week ago and put 96WU19RD.exe into virus vault. Yesterday a shortcut for windows media player appeared on one of the user desktops and was opened. AVG immediately popped up that a virus was detected. I cycled restore settings and rebooted last night. I also ran gfi trojan scanner last night. Nothing. This a.m. I noticed a new folder in documents and settings-- named 'other'-- that contained the same shortcut on its desktop.I searched for 'media player' and found it in hundreds of places on my pc. I have now removed all media players on my hard drive and ran AVG to remove the virus again. I have deleted all the new folders and files that mysteriously appeared this a.m. My system restore is still turned off. When I restart or switch users, the screen goes black for quite a while-- compared to previously. At one point last night it went black and didn't come back. I had to manually turn the cpu off. What does this virus do to the computer anyway?
     
  4. timmyc

    timmyc Guest

    dropper.small.5.j solution

    I cleaned up an XP system today that was infected with this problem. Cycling the System Restore did no good. AVG identifies the file 96WU19RD.EXE and puts it into the vault, but every time the owner tried to open Windows Media Player, the file reappeared in the \windows folder. The WMP shortcut had been highjacked to call the virus named wmplayer2.exe

    I turned off System Restore and then I uninstalled the WMP through Control Panel ... Add/Remove Programs... Windows Components, but to no avail. I eventually went to the registry and removed all references to WMP, deleted the WU... file from \windows (make sure there are no odd folders in the Program Files folder with random character names as there were two in this system which I deleted. I then went to the Windows Update site and downloaded and installed WMP 9.0. The system seems to be perfectly fine now.

    There seems to be no other info regarding this particular behaviour in literature that I researched.
     
  5. timmyc

    timmyc Registered Member

    Joined:
    Jul 18, 2004
    Posts:
    2
    I posted a solution to this problem as a guest but I have now registered. Thank you to the administrator(s) for the opportunity to get this out there. username timmyc
     
  6. (MK)JUGGALO

    (MK)JUGGALO Guest

    i have found how to delete this trojan go to your cookies and delete them very simple

    then when you scan it wont even show up on your virus scan
     
  7. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
  8. james710

    james710 Registered Member

    Joined:
    Aug 2, 2004
    Posts:
    1
    Thanks guys!

    When AVG twigged to this thing a little while ago and then couldn't remove it; I ran to Google and you guys popped up. I turned off System Restore and started the processes described when I saw Juggalo's post.

    Since it was listed as "c:\Documents and Settings/James/0420DHROB.exe"; I thought I'd give it a try. I deleted all cookies from inside Firefox 0.9.2 and then "Scan with AVG"ed it from Windows Explorer. SO far so good. Now I am going to reboot, rescan with AVG and turn System Restore back on (it really saved my bacon a couple of days ago when the updated drivers for my video card broke WMP and Div-X player).
     
Loading...
Thread Status:
Not open for further replies.