TROJ_SMALL.FO can't find how to get rid of it or what damage it can do

Discussion in 'Trojan Defence Suite' started by srschulz@execulink, May 1, 2004.

Thread Status:
Not open for further replies.
  1. srschulz@execulink

    srschulz@execulink Registered Member

    May 1, 2004
    London, ON
    Sorry for any mistakes. I'm new at this.

    I just updated my Virus-Scan yesterday. Today I decided to do an overall virus-check and came up with the TROJ_SMALL.FO (at least it looks like a period between the L and F). I have been unable to find this virus listed in the usual places. When I looked for the file that it is in, found several mentions of a similar virus in the same file at this site: WINDOWS/TEMP/XWXLOAD.EXE (I know they should all be backslashes but I have no driver at the moment for my international keyboard and some things just aren't available.)

    Can anyone tell me what this virus might do and especially how I might get rid of it? So far I can't see that it has interfered with anything that I've tried to do. But who knows what's going on in the background. I'm very new at getting rid of viruses, so I'll need very explicit instructions if necessary.

    Thanks to anyone that can help.
  2. dvk01

    dvk01 Global Moderator

    Oct 9, 2003
    Loughton, Essex. UK
  3. Pilli

    Pilli Registered Member

    Feb 13, 2002
    Hampshire UK
  4. Jooske

    Jooske Registered Member

    Feb 12, 2002
    Netherlands, EU near the sea
    Googled around a bit more. I see only trendmicro mentioning that filename in it's definitions at the moment, but no description about it.
    So i googled on your filename too.
    Seems it might be a downloader, eventueally, which we dealth with recently if it is the same kind:, W32/Lowx.A@dl
    (see Gavin's explanation on the other small.ff
    The file is TrojanDropper.Win32.Small.ff, and drops ADWARE known as TrojanDownloader.Win32.Rameh.b - which is related to
    so probably family of it.
    Does the trendmicro description make any sense? Anyway, please first of all post your HJT log so we can see what more to be done and look for.
    And to be sure, please locate the file and zip it and send it to just like Pilli said, there might be more involved reading the trendmicro story IF it is the same.
    Last edited: May 2, 2004
  5. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Feb 10, 2002
    Perth, Western Australia
    Small isn't a family, its a generic name given to trojans, downloaders, droppers, whatever - when they are SMALL in size :)

    Just wait on the ASViewer or HJThis log, all will be revealed. If I get a sample of it I'll let you know just WHAT it does
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.