Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan W32/Smalldrp.AED


  • Please log in to reply
7 replies to this topic

#1 mavieen

mavieen

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:44 PM

Posted 31 May 2005 - 06:17 PM

Hi! This is my first time posting in this community. I am actually posting on behalf of a friend whose computer is overrun with adware, spyware and at least 1 trojan due to an out of town guest doing things he should not have done. She's running on Windows XP. She bought a virus scanner called Norman and it showed the following:

C:\counter.cab counter.exe
Trojan: W32/Smalldrp.AED

I managed to find this using the virus scanner she purchased, but after that everytime I start her computer I have about 20 seconds before the entire thing freezes up and we have to shut it down. The cursor still moves, but I cannot click on any programs or search for files after the 20+ seconds.

I used to use Windows 98 but switched to Mac OSX over a year ago, and I am not very compitent using Windows XP. Can anyone walk us through what we should do to get rid of this? Would it just be better to take it somewhere to get fixed? Is it fixable?

She said there was also something that kept poping up called AURORA which I am guessing is some kind of spyware. Any way to get rid of that?


Additional info:

*When the computer was running (after we realized there was tons of adware, etc on the PC) we couldn't set a restore point and she has never had a restore point.
*Connecting to the internet became problematic after we realized there was adware, etc. Obviously with 20 seconds to do anything now we can't connect.

Edited by mavieen, 31 May 2005 - 06:27 PM.


BC AdBot (Login to Remove)

 


#2 completealias

completealias

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:44 PM

Posted 31 May 2005 - 07:16 PM

Can you start the PC in safe mode press F8 at startup and then choose safe mode with networking which should allow you to access the internet.

Then download MS anitispyware from http://www.microsoft.com/athome/security/s...re/default.mspx

Adware http://www.lavasoftusa.com/

A2 http://www.emsisoft.com/en/software/free/

Update all these programs.

Ok now right click on my computer / properties / system restore tab and make sure there is a tick in turn off system restore as any nasties can hide in there, yes I know you said it wasn't working but best to make sure it is disabled clean the computer then reenable it and fix it then if it is not working.

Clean out any temporary files on the computer thats temporary internet files open run the disk cleanup ultility found right click c: drive / properties / disk cleanup and from the run prompt type %temp% and this will take you to the temporary folder delete anything you find in here.

Now run a full scan with each of the ulitilies above and the antivirus which I take is Norton. Reboot after each scan thou as they can need to reboot to finish cleaning if the pc will still not boot into windows you may have to do all this from safe mode. Once you have downloaded the above programs then you can just choose safe mode only as you will not need networking.

Clean anything that the above programs find and then try to boot up normally

Good luck

#3 PapaSmurf88

PapaSmurf88

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:12:44 PM

Posted 31 May 2005 - 07:42 PM

Also go to www.trendmicro.com and run there free online virus and spyware scanner. You must do this in IE as it will only work with ActiveX.

Im not familiar with Norman, do you mabey mean Norton. Anyways I would go and download the AntiVir at the following link update that and run a Win32 Heuristic scan this will go through and scan the code of all file on your computer looking for viruses. See directions below.

AntiVir

Directions for running Heuristic Scan
1. Go to Options=>Configuration
2. In the file tree click on Search
3. Select the Radio button for all files on the Right Side
4. Select Repair from the file tree
5. Click the Radio button for Delete without prompt
6. Then click on Heruistic in the file tree
7. Select the box next to Win32 File Heuristic
8. Set the Detection Level to High (this will cause it to take longer but find more viruses)
9. Click Ok
10. Select all Hard Drives
11. Click Scan

Hope this helps you out and you get her computer fixed. Next time her friend comes into town B*tch slap him for doing that on someone elses computer besides his own

Edited by PapaSmurf88, 31 May 2005 - 07:43 PM.

My Specs:

Albatron PX915P4C Pro
Intel P4 3.0 Ghz Processor w/ HT technology
2x 512MB PC3200 Memory
120 GB Western Digital IDE HD
SAPPHIRE X550 256Mb Video Card

#4 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:11:44 AM

Posted 01 June 2005 - 01:04 AM

Just for added info, PapaSmurf88 and completealias, Norman is an Antivirus:
Norman

Norman ASA is one of the leading companies in the field of data security and develops and sells virus control, personal firewall, parental control and protection against spam and spyware. Through its Norman SandBox technology, Norman leads the way in the world of proactive antivirus solutions. The company’s main focus is small and medium sized enterprises.

While focusing on its antivirus technology, the company has formed alliances, which enable Norman to supply a complete range of data security services. Headquartered in Norway, Norman provides virus protection to customers all over the world, with Scandinavia, continental Europe and the UK as key markets.


MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#5 PapaSmurf88

PapaSmurf88

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:12:44 PM

Posted 01 June 2005 - 01:10 AM

Thanks for the information tg1911. So if I'm reading this right its a anti-virus, spyware, and spam program with parental controls and a firewall primarily used in Europe. That must be why I've never heard of it. I'll have to get the trial version tommorow and try it out. Right now its time for bed I gotta be up early tommorow.
My Specs:

Albatron PX915P4C Pro
Intel P4 3.0 Ghz Processor w/ HT technology
2x 512MB PC3200 Memory
120 GB Western Digital IDE HD
SAPPHIRE X550 256Mb Video Card

#6 mavieen

mavieen
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:44 PM

Posted 01 June 2005 - 04:17 PM

Thanks for the help so far, everyone.

Even in safemode with networking I can't get the computer to connect to the internet, thus I cannot access any of the websites you all have mentioned. The virus scanner is Norman. I got it to run in safemode and it got rid of tons of stuff. However, I still can't get the computer to do anything. It is having the same problems it did before running the scanner. I have about 20 seconds before the thing freezes in the regular mode. Is there any way to transfer files to a CD in safemode? I tried burning one thing onto a CD without any luck. Is there another way to figure out what is wrong with this PC?

#7 Uraiser

Uraiser

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX
  • Local time:12:44 PM

Posted 01 June 2005 - 05:01 PM

Turn the computer on in safe mode by pressing F8 at startup like said before. once there disable system restore. This deletes any viruses that have made their way deep into your memory. Run the scan again and clean all that are infected, post back if you need more help. *EDIT*

Also, while in safe mode, go to run, then type MSCONFIG. Close off all un-nessecary programs not needed during the set up. This could stop the freezing problem.

Edited by Uraiser, 01 June 2005 - 05:03 PM.


#8 completealias

completealias

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:44 PM

Posted 02 June 2005 - 07:07 PM

If you still can not get into the pc after trying that then in safe mode again at the run prompt type sfc /scannow have your xp disk to hand incase it is needed this will repair any files that windows needs. Then try to log back in again




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users