Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Trojan Dropper {Uneducated) Query

02 Aug 2013   #1

Windows7 home premium 32bit
Trojan Dropper {Uneducated) Query

Software on board / AVG (full) up to date/ Superantispyware (free) /Malwarebytes (free) both up to date.
Started system , updated Malwarebytes and performed quick scan. Notified of Trojan Dropper and Quarantined and deleted succesfully.
Then ran Full malwarebytes scan = NO issues found .
Then ran Full Superantispyware scan=No issues found
Then ran Full AVG scan =No issues found .
My Query is does this mean that the trojan inittially found has been captured and now deleted before it could execute on my system.

My System SpecsSystem Spec
02 Aug 2013   #2
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10

It's hard to say with absolute certainty being that viruses/malware can be quite devious, however there's a high probability that Malwarebytes did it's job & caught the culprit. If you ran a full system scan with those 3 & they showed nothing, your system is probably safe.

If you want to run a couple other tools just to be sure, you can try the following.

AdwCleaner Download

TDSSKiller, just to be certain no rootkits are hiding on your system. (Rootkits are hard to detect with conventional AV software).

Keep an eye on your PC for unusual behavior & hopefully you are indeed virus free.
My System SpecsSystem Spec
02 Aug 2013   #3
Microsoft MVP

Windows 7 Ultimate 32bit SP1


A type of trojan that drops one or more malware onto a system. A typical trojan-dropper is a file that contains other files (its payload) compressed inside its body. In many cases, trojan-droppers also contain innocent files or multimedia files to disguise malicious activities.

When a trojan-dropper is run, it extracts all the files in its payload ad drops the extracted files to a folder (usually a temporary folder) on the system. It then runs all the dropped files simultaneously.

Trojan-droppers are usually created by special programs called 'joiners'. These programs allow the malware author to customize the trojan-dropper's functionalities and to add as many files as needed into the package.
source: How To - Terminology - T | F-Secure
My System SpecsSystem Spec

02 Aug 2013   #4

Windows 7 Home Premium


Please run the following diagnostic tool. It is good at identifying hard to find malware.

Download the Farbar Recovery Scan Tool
Select the version that applies to your system.

Save to the Desktop.
  • Double-click the downloaded file to run it.
  • When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • FRST64 makes a log (FRST.txt) in the same directory from which the tool is run (Desktop).
Please provide the FRST.txt in your reply.

The first time the tool is run, it also makes another log: Addition.txt
Also post the Addition.txt in your reply.
My System SpecsSystem Spec
02 Aug 2013   #5

Windows7 home premium 32bit

Thanks Borg386 and cottonball ,for reply and knowledge ,much appreciated.
Ran several other full scans ,Microsoft,Kasperkey,Adaware and all seems fine .

Cottonball i will run FRST 32bit and report .Logs.

Knowledge is a wonderful thing,some have more others have less ,but we all gain each day!!!!
My System SpecsSystem Spec
02 Aug 2013   #6

Windows 7 Home Premium

Ooooopsss.... My bad!

Please select the version that applies to your system (32-bit).

Good thing your Oldhead is working...apparently, mine is not!!
My System SpecsSystem Spec
02 Aug 2013   #7

Windows 7 Home Premium

Duplicate post.
My System SpecsSystem Spec
06 Aug 2013   #8

Windows7 home premium 32bit

Borg386 & Cottonball
Here is a copy of FARBAR scan for perusal.I cant see anything of real danger at the moment. Appreciate your review of logs .

Attached Files
File Type: txt Addition.txt (16.5 KB, 5 views)
File Type: txt FRST.txt (33.4 KB, 5 views)
My System SpecsSystem Spec
06 Aug 2013   #9

Windows 7 Home Premium

There is a group of empty folders such as:

00000000 ____D C:\Users\Paul\AppData\Local\{5D18D3C8-D736-4A3C-8195-8B369242D15B}

The format of the numbers appears to be a Globally Unique IDentifier (GUID).

Since they are all in "AppData", the folders may be a the result of an installation, and may leave some tracks. If you wish to look at what might be using the GUIDs you can run regedit and do an Edit > Find for each of the GUIDs. There may be a product name that is part of the Registry key the GUID is stored in.

If you do the above, take caution not to make any changes or deletions to the Registry!!

If you don't, they are just empty folders...

Also saw a Registry cleaner. They are a little bit "over-rated". May even do more harm than good.

If you haven't run an online scanner, run the following when you have the time (It may take a while...).

The ESET Scanner is implemented as an ActiveX control, so it is best run on Internet Explorer.
Right click the IE shortcut and select: Run as Administrator

Next, download: Free Online Virus Scanner | ESET

On the ESET website, click on: Run ESET Online Scanner
Click: Start

When asked, allow the add-on to be installed
Click: Start again

On the next prompt, Computer Scan Settings, check: Remove found threats
Next, click on: Advanced Settings

Make sure these options are checked:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
Click: Scan

When the scan is completed, if threats are found, in the Scan Results prompt:
  • Click on: List of threats found
  • Click on: Export to text file
  • Save to the Desktop and name it ESET Scan Results
  • Click on: Back
  • Place a check on: Uninstall application on close
  • Click on: Finish, and close the program.
If anything is found, please provide the ESET report in your reply to determine if any further action is necessary.
My System SpecsSystem Spec
07 Aug 2013   #10

Windows7 home premium 32bit

Many thanks to those who replied ,especially cottonball . Made my day ,now everything is back to normal .
Congrats forum members.
My System SpecsSystem Spec

 Trojan Dropper {Uneducated) Query

Thread Tools

Similar help and support threads
Thread Forum
NSE did not detect the Dropper Trojan
A full scan with SAS just revealed that I had the Dropper Trojan on my system. SAS got rid of it. This despite MSE running all the time and my MSE has all the latest definition updates. Maybe you want to run a full scan with SAS to make sure.
System Security
Postal Service "Package Waiting" Scam.... Trojan Dropper Virus.
My Dad told me that he click on an e mail that was supposedly from the USPS and indicated that he had a package waiting for him that was delayed due to an address confirmation issue. The e mail indicated that he download a address label bring it to the USPS for confirmation. Well luckily my Dad...
System Security
I can't seem to be able to get rid of Trojan.dropper.BCMiner
I'm using Windows 7, Malwarebytes and Microsoft Defender. Recently, my computer started slowing down and I ran the antivirus. Seems it's something called Trojan.Dropper.BCMiner located in Windows/Installer. I can't seem to be able to view Windows/Installer, even when I choose to see...
System Security
SuperAntiSpyware has just caught this trojan when Spybot, Malwarebytes, spyware terminator didnt. Same happened with this guy which got me thinking about SuperAntiSpyware and what its doing that the others arent doing and whether its kosher.
System Security
SuperAntiSpyware detected Trojan.Dropper/Win-NV
I just ran SuperAntiSpyware and it detected the listed threat. I did some searching with Google and it seems this has happened to others and all with similar results that I am having. MSE detects nothing, Malwarebytes detects nothing. :geek: I would like some opinions, please :)
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:56.
Twitter Facebook Google+