Trojan horse Dropper Small.4.AG

***hi!r u using the avg free edition? also,did avg clean both trojan horses found on ur pc?thanks!

 

hi!what is/are the effects of this trojan horse?im using the avg free edition and my OS is win xp.also,what is a TDS?i had this trojan horse yesterday and the avg cannot heal it..help please?

 

Puzzling. I don't find a definition for that as given even on AVG's site. No Google results for that name, either. Is the name given ( Dropper.Small.4.AG ) spelled and punctuated correctly? Exactly as presented by AVG? Pete

 

I'm really losing my trail here:
you guys post in the TDS forum, Trojan Defence Suite, the infection you write about is in the TDS primaries and thus can detect it just fine and you can delete it.
But to be sure find your infection, zip it and send it to submit@diamondcs.com.au so Gavin can look for you if you might have a new version.
BUT: when you are going to scan with TDS: first open your AVG GUI and uncheck all scan options, the resident protection everything, you'll see the AVG systray icon grey out and then with your fully updated TDS and all unnecessary programs closed you do your TDS scan.
For those who write in the TDS forum without knowing nor having TDS installed yet get your free evaluation copy at the DiamondCS site
http://tds.diamondcs.com.au/index.php?page=download
install, go back to that page to get your last update manually, reboot the system and make sure the AVG is closed (and other scanners you might have) and start TDS, and it's Full system Scan with all scanoptions selected and worm slider on the second page to highest sensitivity.
If you know about any files AVG did detect and TDS not, please be so kind as to locate those files and (preferable zipped) send them in to submit@diamondcs.com.au , if TDS sees something "suspicious" other then double filename extensions send them to the same address or in the TDS bottom console rightclick the file and press submit (for this you need to have your proper email address in the Configuration upper left)
When scanning is finished rightclick on one of the finds and save the finds as text, a scandump.txt will popup which you can select and post here for us to look at it.

See also up in this thread the urgent question to PLEASE go to the HijackThis forum to post your log there, as is exactly explained in that place how to do it.
Hope this helps; looking forward to your postings.

 

My Trojan horse Dropper.Small.4.AG is nested in my C:\System Volume Information

AVG and Norton cannot pick it up during full system scans, neither can TDS.
I posted a HiJack This thread.

Nothing appears to be working.

 

If you scan:
open the AVG console uncheck all scan options so it is really closed completely.
now open norton and close that all completely, so none of the two has a resident protection running either.
Now you can scan with TDS.
If TDS is not actively scanning you can leave that up if you start your scan with ONE of the other scanners and that one you close if you scan with the other. Only one of those two can be set for resident protection.
If TDS detects that individual file in your system restore, guess a file like _a123456.exe, send it to the lab with a rightclick on it before you delete it.

Now you say it's in your system-restore -- only there? for something in the system restore must have been or is also somewhere else on your system --
just disable system restore, reboot enable system restore and make manually a new restore point and all the older points have gone. Complete with your infection.
Make it a ruleif you cleaned out infections in future to do this again or that system restore puts the infections back each time.
Wished the windows creators had thought of possibilities to have system restores cleansed out as well, but that was not yet in their concept, for the current situation keeps bringing users into the same trouble over and over again completely unnecessary.
Anyway, after this clean restore operation post your hijackthis log please!