Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: NSE did not detect the Dropper Trojan

22 Nov 2013   #1
whs
Microsoft MVP

Vista, Windows7, Mint Mate, Zorin, Windows 8
 
 
MSE did not detect the Dropper Trojan

A full scan with SAS just revealed that I had the Dropper Trojan on my system. SAS got rid of it.

This despite MSE running all the time and my MSE has all the latest definition updates.

Maybe you want to run a full scan with SAS to make sure.


My System SpecsSystem Spec
.
22 Nov 2013   #2
UsernameIssues

W7 Pro SP1 64bit
 
 

You did see this thread - right?

MSE worries
My System SpecsSystem Spec
22 Nov 2013   #3
whs
Microsoft MVP

Vista, Windows7, Mint Mate, Zorin, Windows 8
 
 

Quote   Quote: Originally Posted by UsernameIssues View Post
You did see this thread - right?

MSE worries
Thanks for pointing that out. I did not remember that thread.
My System SpecsSystem Spec
.

22 Nov 2013   #4
cottonball

Windows 7 Home Premium
 
 

Which Dropper Trojan did you have on the system?

Did MSE or SAS give you more info than just that name?
My System SpecsSystem Spec
22 Nov 2013   #5
whs
Microsoft MVP

Vista, Windows7, Mint Mate, Zorin, Windows 8
 
 

This is the name in the SAS log " Trojan.Dropper/Gen-NV "
My System SpecsSystem Spec
22 Nov 2013   #6
cottonball

Windows 7 Home Premium
 
 

Any file identified by SAS? It is a good scanner, however, IMO, Malwarebytes is way ahead of the game.

Just to make sure there is nothig 'lurking', let's do the following:

Please go to the Malwarebytes Anti-Malware Download
Save to the Desktop
Double-click the downloaded MBAM file to run it.

When the installation begins, follow the prompts in the setup process.
Do not make any changes to default settings and when the program has finished installing, make sure only the following options are checked:
>Update Malwarebytes’ Anti-Malware
>Launch Malwarebytes’ Anti-Malware
Uncheck:
>Enable free trial of Malwarebytes Anti-Malware PRO
Click on the Finish button.

If an update is found, the program automatically updates itself.
At the program console, on the Scanner tab, and select: Perform Quick Scan

Next, click on the Scan button.

When the Malwarebytes scan is completed, click on: Show Results
When presented with a screen showing the malware detected, make sure everything is Checked, and click on: Remove Selected

When removal is completed, a report opens in Notepad.

Please copy/paste the entire contents of the MBAM report in your reply.

Note: If MBAM encounters a file that is difficult to remove, you are asked to reboot the computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) prevents MBAM from removing all the malware.
My System SpecsSystem Spec
22 Nov 2013   #7
whs
Microsoft MVP

Vista, Windows7, Mint Mate, Zorin, Windows 8
 
 

They look like tracking cookies to me. What do you think ??

Quote:
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 7
HKCR\AppID\{F85FA3F2-D2C8-4D4D-BB1C-3181E691AF2B} (PUP.FaceThemes) -> Quarantined and deleted successfully.
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (PUP.Optional.Iminent.A) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (PUP.Optional.Iminent.A) -> Data: Ìéz—ƒ¯èEžây‚âÕ -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Users\whs\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
Files Detected: 2
C:\Users\whs\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\whs\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
(end)



Attached Thumbnails
-2013-11-22_2017.png  
My System SpecsSystem Spec
22 Nov 2013   #8
cottonball

Windows 7 Home Premium
 
 

PUPs - indicates a Potentially Unwanted Program.
A program that contains adware, installs toolbars, or has other unclear objectives.

You may want to download AdwCleaner to the Desktop.
http://www.bleepingcomputer.com/download/adwcleaner/
•Close all open programs and internet browsers.
•Double-click on AdwCleaner.exe to run the tool.
•Click the Scan button and wait for the process to complete.

If you find entries or programs you wish to keep, please uncheck them.

Click on the Clean button to remove the rest, and follow the prompts.

Once done, press the Uninstall button to remove the program.
If, down the road, you need to use this program again, it is bet to download a new/updated copy.
My System SpecsSystem Spec
22 Nov 2013   #9
whs
Microsoft MVP

Vista, Windows7, Mint Mate, Zorin, Windows 8
 
 

I get those tracking cookies a lot. Sometimesd SAS finds over 100 in 3 day intervals.
My System SpecsSystem Spec
22 Nov 2013   #10
cottonball

Windows 7 Home Premium
 
 

I call SAS the 'Cookie Monster'!!
My System SpecsSystem Spec
Reply

 NSE did not detect the Dropper Trojan




Thread Tools





Similar help and support threads
Thread Forum
Trojan called 'Trojan.Generic.2582177' on my system
Hi, I have Window7 Ultimate 64 bit on my system. I use Bitfender as my antivirus software. This morning it informed me that it has found a file infected with a virus called 'Trojan.Generic.2582177' which it cannot clean. I've contacted Bitfender to see if they know what I should do but haven't...
System Security
Trojan Dropper {Uneducated) Query
Software on board / AVG (full) up to date/ Superantispyware (free) /Malwarebytes (free) both up to date. Started system , updated Malwarebytes and performed quick scan. Notified of Trojan Dropper and Quarantined and deleted succesfully. Then ran Full malwarebytes scan = NO issues found . Then...
System Security
Postal Service "Package Waiting" Scam.... Trojan Dropper Virus.
My Dad told me that he click on an e mail that was supposedly from the USPS and indicated that he had a package waiting for him that was delayed due to an address confirmation issue. The e mail indicated that he download a address label bring it to the USPS for confirmation. Well luckily my Dad...
System Security
I can't seem to be able to get rid of Trojan.dropper.BCMiner
I'm using Windows 7, Malwarebytes and Microsoft Defender. Recently, my computer started slowing down and I ran the antivirus. Seems it's something called Trojan.Dropper.BCMiner located in Windows/Installer. I can't seem to be able to view Windows/Installer, even when I choose to see...
System Security
Trojan.Dropper/Gen
SuperAntiSpyware has just caught this trojan when Spybot, Malwarebytes, spyware terminator didnt. Same happened with this guy which got me thinking about SuperAntiSpyware and what its doing that the others arent doing and whether its kosher.
System Security
SuperAntiSpyware detected Trojan.Dropper/Win-NV
I just ran SuperAntiSpyware and it detected the listed threat. I did some searching with Google and it seems this has happened to others and all with similar results that I am having. MSE detects nothing, Malwarebytes detects nothing. :geek: I would like some opinions, please :)
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 11:49.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App