Free Weekly Tech Newsletter

Donald · 05-06-2005, 03:01 AM

Hi From Texas!
I am so mad. This , so-called. mighty AVG I have had for years, WON'T remove " Trojan Horse Dropper.Small.8.D ! It shows up everytime I do a (updated) Virus check. It won't heal, it want erase, it won't take it to the vault. I thought it was a great Anti-virus software, but I just don't know. Even though I am living off Social Security, I might have to save up, month by month, money to buy a new Anti-virus program..------------------Don

P.S.: I am running ME- with 512 RAM--- HP Pavilion--- 20 gig (4 year old computer)---I think 665 MHz

Rick Hall · 05-06-2005, 04:28 AM

If the trojan is located in an archived file (such as .zip or .rar) AVG will not remove it. You will have to remove the file manually. This is intentional by AVG so that you do not lose information in archives.

Lobos · 05-06-2005, 04:38 AM

does AVG give a loacation of the file that it says is infected

If it does can you provide it

ltmccaul · 05-06-2005, 10:16 AM

Try this

Restart the computer in Safe mode or VGA mode.
Disable System Restore (Windows Me/XP).
Update the virus definitions.
Run a full system scan and delete all the files detected as Trojan.Dropper.

To turn off Windows XP System Restore
Click Start > Programs > Accessories > Windows Explorer
Right-click My Computer, and then click Properties.
Click the System Restore tab.
Check the "Turn off System Restore" or "Turn off System Restore on all drives" check box as shown in this illustration:

Donald · 05-08-2005, 04:19 AM

Hi To All ,
It is a busy Mother's Day weekend.I will try to find the files that are infected. My weak point in learning computers is files and folders. You know, all that .exe .pdf , stuff like that. What does all that mean is what I don't know.I am a surfer of the internet, mainly for information. I will have to be away from the computer and be with Mother and family. Thanks for all posts.------------Don

Lobos · 05-08-2005, 04:28 AM

when AVG alerts you of the virus Trojan Horse Dropper.Small.8.D file copy down the path and the file name

for these two extensions this is what they stand for

.PDF = Portable Document Format
.exe = executable file

Lobos

Donald · 05-09-2005, 07:08 PM

HI Lobos,
Time6:50 PM Monday afternoon. I just now updated my AVG. There are two files it is #1. counter.cab #2. counter.exe------Is all it says on path C:\counter.exe it says C:\counter.cab. . In other words , both paths are C:\counter.cab. No C:\counter.exe path. Since I have the free edition , it doesn't give much more then this. The icon to the left of file C:\counter.cab shows a clamp , I guess it is the file as best as I can see that is clamped. Maybe I can go to the registry, or maybe a run command to rid this. I always make a restore point before taking such action if need be. I now must let Dad use the computer, it will be way late tonight before I am back. 1:30 AM. I love being on the computer late at night and sleep half the day.---Thanks---Don

kev7555 · 05-09-2005, 10:06 PM

No restore points.

Trojans are often located in system restore files. TURN OFF system restore and run AVG from safe mode.

If AVG detects the file but cannot remove it, write down the path and navigate to that location to maually remove.

Update all AV and Antispyware programs and run from safe mode.

If all of this fails, download Hijack this and post a log.

-Kev

Lobos · 05-09-2005, 10:47 PM

ok cant' find much on them except that it is a dialer

First, create a folder for HijackThis in the root folder of your hard drive so it can make proper backups

example

C:/HJT/
C:/hijackthis/

next

Click here to download Hijack This. 1.99.1 Save it to the folder you have just created

Close all open windows and open HIJACK THIS. Click “Scan” . When the scan is finished (it only takes a second), the scan button will change to“Save Log”. Click on“Save Log” and save it to NotePad. Copy the entire log and paste it here.

DO NOT FIX ANYTHING YET , most items that appear in the log are harmless or even needed. Wait for someone to analyze the scan and advise.

we can see a little better whats going on with your computer

***glc*** · 05-10-2005, 09:48 AM

Boot into safe mode and delete c:\counter.cab

Donald · 05-12-2005, 06:50 PM

Hi GLC!
I was going to try the easy one first.Boot into safe mode and delete c:\counter.cab. Like I said , I am very weak in folders and files and how to find them. Where do I go to bring up C:\counter.cab. Do I bring up 'RUN' and type it in.-----------Don
P.S.: I will get rid of this trying ALL of the good guys suggestions. Start with GLC

***glc*** · 05-13-2005, 08:07 AM

NO! Open My Computer, open the C drive, look for counter.cab and delete it.

05-09-2005, 10:06 PM	#8
kev7555 brewer, mostly... Join Date: Jun 2004 Location: Laying on the floor, in the brewery Posts: 1,315	No restore points. Trojans are often located in system restore files. TURN OFF system restore and run AVG from safe mode. If AVG detects the file but cannot remove it, write down the path and navigate to that location to maually remove. Update all AV and Antispyware programs and run from safe mode. If all of this fails, download Hijack this and post a log. -Kev __________________ Symantec-free zone. To stay malware free: AVG antivirus/antispyware, Malwarebytes anti malware, Commodo Pro free firewall, ccleaner, Windows updates. or.... just install Linux Too many computers in this house to list. They are all my builds, some AMD some Intel...

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Need Some Help? Type Your Keywords Here:

Still Need Help? Type Your Keywords Here:

Free Weekly Tech Newsletter

05-06-2005, 03:01 AM	#1
Donald Member (8 bit) Join Date: Jan 2002 Location: Fort Worth Texas Posts: 242	AVG-not remove Trojan Small.8.D Hi From Texas! I am so mad. This , so-called. mighty AVG I have had for years, WON'T remove " Trojan Horse Dropper.Small.8.D ! It shows up everytime I do a (updated) Virus check. It won't heal, it want erase, it won't take it to the vault. I thought it was a great Anti-virus software, but I just don't know. Even though I am living off Social Security, I might have to save up, month by month, money to buy a new Anti-virus program..------------------Don P.S.: I am running ME- with 512 RAM--- HP Pavilion--- 20 gig (4 year old computer)---I think 665 MHz

05-06-2005, 04:28 AM	#2
Rick Hall Member (11 bit) Join Date: Apr 1999 Location: Quebec, Canada Posts: 1,268	If the trojan is located in an archived file (such as .zip or .rar) AVG will not remove it. You will have to remove the file manually. This is intentional by AVG so that you do not lose information in archives. __________________ ------------------------------------------------------------------------- The solutions of today are the problems of tomorrow! ------------------------------------------------------------------------- Intel Motherboard, Antec 300 case, Intel Q8200 CPU, Antec 650w Truepower trio, WD 640 Blue, WD 750 Black, WD 1T Black, Sapphire HD7850 Dual X Graphics card, 14 in 1 card reader, (2X) LG dvd Super Multi, Samsung P2370monitor, Logitech pro 9000 webcam, Logitech MX5500 keyboard and mouse, Intel 2 gigabit Network, Canon IP6600D Printer, HP Photosmart 7525 Printer,Epson V600 Perfection scanner, Linksys WRT54GL router, windows 7, Windows 8

05-06-2005, 04:38 AM	#3
Lobos Member (10 bit) Join Date: Mar 2004 Location: California Posts: 936	does AVG give a loacation of the file that it says is infected If it does can you provide it

05-06-2005, 10:16 AM	#4
ltmccaul Member (6 bit) Join Date: Dec 2004 Posts: 54	Try this Restart the computer in Safe mode or VGA mode. Disable System Restore (Windows Me/XP). Update the virus definitions. Run a full system scan and delete all the files detected as Trojan.Dropper. To turn off Windows XP System Restore Click Start > Programs > Accessories > Windows Explorer Right-click My Computer, and then click Properties. Click the System Restore tab. Check the "Turn off System Restore" or "Turn off System Restore on all drives" check box as shown in this illustration:

05-08-2005, 04:19 AM	#5
Donald Member (8 bit) Join Date: Jan 2002 Location: Fort Worth Texas Posts: 242	Hi To All , It is a busy Mother's Day weekend.I will try to find the files that are infected. My weak point in learning computers is files and folders. You know, all that .exe .pdf , stuff like that. What does all that mean is what I don't know.I am a surfer of the internet, mainly for information. I will have to be away from the computer and be with Mother and family. Thanks for all posts.------------Don

05-08-2005, 04:28 AM	#6
Lobos Member (10 bit) Join Date: Mar 2004 Location: California Posts: 936	when AVG alerts you of the virus Trojan Horse Dropper.Small.8.D file copy down the path and the file name for these two extensions this is what they stand for .PDF = Portable Document Format .exe = executable file Lobos

05-09-2005, 07:08 PM	#7
Donald Member (8 bit) Join Date: Jan 2002 Location: Fort Worth Texas Posts: 242	HI Lobos, Time6:50 PM Monday afternoon. I just now updated my AVG. There are two files it is #1. counter.cab #2. counter.exe------Is all it says on path C:\counter.exe it says C:\counter.cab. . In other words , both paths are C:\counter.cab. No C:\counter.exe path. Since I have the free edition , it doesn't give much more then this. The icon to the left of file C:\counter.cab shows a clamp , I guess it is the file as best as I can see that is clamped. Maybe I can go to the registry, or maybe a run command to rid this. I always make a restore point before taking such action if need be. I now must let Dad use the computer, it will be way late tonight before I am back. 1:30 AM. I love being on the computer late at night and sleep half the day.---Thanks---Don

05-09-2005, 10:47 PM	#9
Lobos Member (10 bit) Join Date: Mar 2004 Location: California Posts: 936	ok cant' find much on them except that it is a dialer First, create a folder for HijackThis in the root folder of your hard drive so it can make proper backups example C:/HJT/ C:/hijackthis/ next Click here to download Hijack This. 1.99.1 Save it to the folder you have just created Close all open windows and open HIJACK THIS. Click “Scan” . When the scan is finished (it only takes a second), the scan button will change to“Save Log”. Click on“Save Log” and save it to NotePad. Copy the entire log and paste it here. DO NOT FIX ANYTHING YET , most items that appear in the log are harmless or even needed. Wait for someone to analyze the scan and advise. we can see a little better whats going on with your computer

05-10-2005, 09:48 AM	#10
*glc* Forum Administrator Staff Premium Member Join Date: May 2000 Location: Joplin MO Posts: 41,189	Boot into safe mode and delete c:\counter.cab

05-12-2005, 06:50 PM	#11
Donald Member (8 bit) Join Date: Jan 2002 Location: Fort Worth Texas Posts: 242	Hi GLC! I was going to try the easy one first.Boot into safe mode and delete c:\counter.cab. Like I said , I am very weak in folders and files and how to find them. Where do I go to bring up C:\counter.cab. Do I bring up 'RUN' and type it in.-----------Don P.S.: I will get rid of this trying ALL of the good guys suggestions. Start with GLC

05-13-2005, 08:07 AM	#12
*glc* Forum Administrator Staff Premium Member Join Date: May 2000 Location: Joplin MO Posts: 41,189	NO! Open My Computer, open the C drive, look for counter.cab and delete it.

Subscribe to THE INSIDER

Need Some Help? Type Your Keywords Here:

Still Need Help? Type Your Keywords Here:

Free Weekly Tech Newsletter