Need help with Dropper.Small.5.J Trojan Horse

I have the trojan horse - dropper.small.5.j on my computer, detected with AVG, but it can't get rid of it. please help.

Adrian

 

Sorry im new here, im not sure what TDS-# is, so no probably not. I ran the scan twice, first time it found it in C:\Program Files\PWTAY.EXE and it just found it in C:\System Volume Information\_restore{B37680B2-BAQA-4E5D-BF30-83E44C588624}\RP302\A0021205.EXE

Thank you

Adrian

 

When I tried to move the first file (PWTAY.EXE) to the virus vault, my virus scan froze, so im not sure if it got there. I'm assuming it did however as now it is only detecting the one in the System Restore folder. So do you suggest I carry on with cycling System Restore?

 

Thank You, I'll try that and see if it works, and I'll get back to you soon.

 

It seemed to work AVG isn't picking it up anymore, thank you!!!

Adrian.

 

solution for Dropper.Small.5.J Trojan Horse

I cleaned up an XP system today that was infected with this problem. Cycling the System Restore did no good. AVG identifies the file 96WU19RD.EXE and puts it into the vault, but every time the owner tried to open Windows Media Player, the file reappeared in the \windows folder. The WMP shortcut had been highjacked to call the virus named wmplayer2.exe

I turned off System Restore and then I uninstalled the WMP through Control Panel ... Add/Remove Programs... Windows Components, but to no avail. I eventually went to the registry and removed all references to WMP, deleted the WU... file from \windows (make sure there are no odd folders in the Program Files folder with random character names as there were two in this system which I deleted. I then went to the Windows Update site and downloaded and installed WMP 9.0. The system seems to be perfectly fine now.

There seems to be no other info regarding this particular behaviour in literature that I researched.

 

I also have this trojan. Ran the AVG and still there. It is lodge at C:\Documents and Settings\Preferred\Local Settings\TEMP\NETPAL.EXE:\AESS3.exe

I need help on how to remove this. Thanks

 

what is your operation system?

if you have win xp use the task manager to kill the process C:\Documents and Settings\Preferred\Local Settings\TEMP\NETPAL.EXE:\AESS3.exe
press CTRL+ALT+DEL to launch task manager, select the processes tab , right click the process and select end process

then locate the file C:\Documents and Settings\Preferred\Local Settings\TEMP\NETPAL.EXE:\AESS3.exe and delete it, or rescan with AVG

 

I also have this trojan horse, but I have windows 2000 and can't find the system restore option (and even if I did, would not know how to disble it). Can someone help please!!!! AVG says it's at atgames.exe, but I can't seem to find that file.

 

Hi pampeerey,

You have a thread with replies over here: https://www.wilderssecurity.com/showthread.php?t=45508

Please follow up in that thread.

Regards,

snap

 

greetings! i have the same problem. now another trojan is attackig.. the same source, paltalk.com. dropper.small.5.1 and tvm_b5.exe were found in the paltalk folder in my system. how do i prevent this? i tried delete and new download of paltalk. the new trojan appeared with the dropper.

 

Hi Stella Starr, welcome to Wilders, see the following thread for more info:

https://www.wilderssecurity.com/showthread.php?t=45508

Post number 7

Hope this helps...

Let us know how you go...

Cheers

 

Please help!!

I just got the Dropper.Small.5.J Trojan Horse virus on my computer. AVG says that the infected file is in my Temporary Internet Files folder. I tried "Move to Virus Vault" but AVG said it could not be removed. I'm running Windows 2000 and am not even sure whether it's better to keep the computer off or if restarting it later will cause the virus to spread??

Thank you so much for your help!!

 

Hi alexis_1025

Welcome to Wilders.

Try deleting you're temp files.

Instructions here,

http://support.microsoft.com/default.aspx?scid=kb;en-us;260897

Try another scan after that.



snowbound

 

Make sure u Delete all offline content also.

It's in the instructions in that link.



snowbound

 

Re: Please help!!

Hi Alexis, welcome to Wilders, see the following thread for more info:

https://www.wilderssecurity.com/showthread.php?t=45508

Post number 7

Hope this helps...

Let us know how you go...

Cheers

 

I deleted the temp internet files and the virus scan is coming up clean now. Will continue to scan once in a while just in case. You guys are awesome, thanks again!

 

Good to see...

Cheers

 

I get this virus pop-up 3 times a day during AVG active scans. But when I run Complete test It finds no Virus threat?

 

Hi Atarihero, welcome to Wilders, see post number 7 in the following thread https://www.wilderssecurity.com/showthread.php?t=45508

Hope this helps...

Let us know how you go...

Cheers

 

Hi,

I am wondering if someone could help me out.

I am infected with Trojan Horse Dropper Small.5.J today. I have been very careful but I am still infected. It not only changed my homepage but also my google toolbar into some wierd toolbar.

Does anyone know what it will do except those mentioned above?

I am using Windows xp. I have AVG (free version) and it detects the virus for me but unable to clean it.

Location of the virus: C:\\WINDOWS\System32\SG.exe:\03kd97fg.exe

Thanks. Any help is appreciated.

An

 

Hi And.

Welcome to Wilders.

Did u try to follow Blackspear's link in post #15?

Here is an updated version of his removal instructions,

https://www.wilderssecurity.com/showthread.php?t=50662



snowbound