Author Topic: Win32:Dropper-gen (Drp)  (Read 47772 times)

0 Members and 1 Guest are viewing this topic.

Offline Interista

  • Sr. Member
  • ****
  • Posts: 332
Re: Win32:Dropper-gen (Drp)
« Reply #30 on: January 02, 2013, 07:38:40 PM »
Btw, out of interest, what was the infection?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89205
  • No support PMs thanks
Re: Win32:Dropper-gen (Drp)
« Reply #31 on: January 02, 2013, 07:51:26 PM »
The user friendly name for WSCSVC is 'Security Center'
The user friendly name for WUAUSERV is 'Windows Update'
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Dropper-gen (Drp)
« Reply #32 on: January 02, 2013, 08:12:53 PM »
It was not an infection as such but definitely an unwanted programme

Offline Interista

  • Sr. Member
  • ****
  • Posts: 332
Re: Win32:Dropper-gen (Drp)
« Reply #33 on: January 02, 2013, 08:15:28 PM »
The user friendly name for WSCSVC is 'Security Center'
The user friendly name for WUAUSERV is 'Windows Update'

Thanks, I found the security centre, but still can't find windows update, is it windows installer by any chance?

In my opinion, the internet speed problem is resolved - its working faster and steadier than it has in weeks.

Thanks very much!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Dropper-gen (Drp)
« Reply #34 on: January 02, 2013, 08:19:15 PM »
I am not on my XP at the moment but it should be windows updates

One other way to do this is open security centre and turn it on there


Offline Interista

  • Sr. Member
  • ****
  • Posts: 332
Re: Win32:Dropper-gen (Drp)
« Reply #35 on: January 02, 2013, 08:32:39 PM »
I am not on my XP at the moment but it should be windows updates

One other way to do this is open security centre and turn it on there

Seems to be on there.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Dropper-gen (Drp)
« Reply #36 on: January 02, 2013, 09:43:03 PM »
Could you try to update windows and let me know what happens

Offline Interista

  • Sr. Member
  • ****
  • Posts: 332
Re: Win32:Dropper-gen (Drp)
« Reply #37 on: January 02, 2013, 09:59:02 PM »
Visiting the Microsoft Updates site, it tells me its set to update when I look in Control Panel - Systems Update.

However, Avast has just signalled another dropper in the file system scan shields log, this time...

C:\System Volume Information\_restore{F7149EC7-4FA5-4148-81FA-2F7A6348FD9A}\RP74\A0058302.dll which seems to be related to the one found by Malwarebytes which was an .exe file. I tried to check this file on virustotal earlier but when I restored it from the malwarebytes chest I couldn't find it. I'm currently running Malwarebytes again to find it again, which I think it just did, perhaps triggering Avast to find it.

This time, however, Avast moved it straight to the chest.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Dropper-gen (Drp)
« Reply #38 on: January 02, 2013, 10:00:20 PM »
OK that is in system restore, I will clear all that at the end

Were you able to update windows ?

Offline Interista

  • Sr. Member
  • ****
  • Posts: 332
Re: Win32:Dropper-gen (Drp)
« Reply #39 on: January 02, 2013, 10:10:26 PM »
OK that is in system restore, I will clear all that at the end

Were you able to update windows ?

Trying to do it via the website it tells me...

Thank you for your interest in obtaining updates from our site.

To use this site, you must be running Microsoft Internet Explorer 5 or later.

To upgrade to the latest version of the browser, go to the Internet Explorer Downloads website.

If you prefer to use a different web browser, you can obtain updates from the Microsoft Download Center or you can stay up to date with the latest critical and security updates by using Automatic Updates. To turn on Automatic Updates:

    Click Start, and then click Control Panel.
    Depending on which Control Panel view you use, Classic or Category, do one of the following:
        Click System, and then click the Automatic Updates tab.
        Click Performance and Maintenance, click System, and then click the Automatic Updates tab.
    Click the option that you want. Make sure Automatic Updates is not turned off.


When I check in system - automatic updates it tells me its set to do it automatically at 20:00 each day.

I'm not sure avast automatic updates is set though - it shows me an exclamation mark in an amber circle where it says virus definitions version - the number is 130101-0 and it has a tab saying update. It also tells me its not connected with any avast account. I'm not sure are these problems, its just I'm looking at things in more detail now.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89205
  • No support PMs thanks
Re: Win32:Dropper-gen (Drp)
« Reply #40 on: January 02, 2013, 10:12:27 PM »
I am not on my XP at the moment but it should be windows updates

One other way to do this is open security centre and turn it on there

I was on my win7 system when I checked this out and it was definitely there, but for some reason it isn't there on my XP Pro system.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Dropper-gen (Drp)
« Reply #41 on: January 02, 2013, 10:17:55 PM »
Download and install IE8 from here http://windows.microsoft.com/en-US/internet-explorer/downloads/ie-8
Then run the fixit on this page http://blogs.technet.com/b/srd/

Do a manual update of Avast and let me know if that works

Offline Interista

  • Sr. Member
  • ****
  • Posts: 332
Re: Win32:Dropper-gen (Drp)
« Reply #42 on: January 03, 2013, 12:36:18 PM »
MBAM found that .exe again in System Restore and quarantined it.

Avast seems to be updating on its own again. It tells me it had the current version and it told me that it had updated.

I ran both of those things with Internet Explorer 8 and also the fixit but when I try to do Windows Update on IExplorer I get this problem from the site...

The website has encountered a problem and cannot display the page you are trying to view. The options provided below might help you solve the problem.

I'd be willing to gamble that the internet connection speed issue has been resolved though; everything is going well and is stable.
« Last Edit: January 03, 2013, 12:37:58 PM by Interista »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Dropper-gen (Drp)
« Reply #43 on: January 03, 2013, 03:18:43 PM »
Did windows updates give an error code

Offline Interista

  • Sr. Member
  • ****
  • Posts: 332
Re: Win32:Dropper-gen (Drp)
« Reply #44 on: January 03, 2013, 03:32:23 PM »
No, just the website.