Win32: Dropper-gen (Drp).dll and.exe

[e.harvey]

Ah, sorry! A wifi connection. The Alice box is right next to the computer. Actually we are having problems with our phone too - this wouldn't have anything to do with it would it??

[REDACTED]

Would be prudent to reboot the router - turn it off (unplug from the electricity if needed), wait for a couple of seconds and turn on.

[e.harvey]

Actually the phone seems to be fine now. We've been having loads of electrical storms, so the router has been unplugged a lot lately - maybe that was all it was. Do I need to scan in IE or will Firefox or Chrome be ok?

[REDACTED]

I prefer IE because you have reported issues with it. I'd like to send you back from here without any issues

If IE will be still misbehaving, please inform me.

[e.harvey]

But I can't actually get IE to go to the Eset link to download it!

[REDACTED]

Provide me a secondary report from this tool.


Scan with MiniToolBox

Please download MiniToolBox by Farbar and save it to your desktop.

• Right-click on icon and select Run as Administrator to start the tool.
  
• In the main window please checkmark the following checkboxes:
• Flush DNS;
• Report IE Proxy Settings;
• Reset IE Proxy Settings;
• Report FF Proxy Settings;
• Reset FF Proxy Settings;
• List content of Hosts;
• List IP configuration;
• List Winsock Entries;
• List last 10 Event Viewer log;
• List Installed Programs;
• List Devices (Only problems);
• List Users, Partitions and Memory size;
• List Minidump Files.

• Click Go and wait paiently.
  
• Upon completion (a reboot may be needed) a file called Result.txt will be saved on your desktop.

Please include the content of that file in your next reply.

[e.harvey]

Here it is ...

[REDACTED]

Tell me if there is any improvement with accessing the web after running MiniToolBox.

Are you able to perform the scan with ESET?

[e.harvey]

There seems to be no difference - I still can't access Eset

[REDACTED]

OK, let's try something another.


Scan with Panda Cloud Cleaner

Please download Panda Cloud Cleaner and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Install the scanner by right-click on icon and select Run as Administrator.
  
• It should start itself automaticaly after the installation.
• In the main console click Accept and Scan.
  
• This scan won't take long, about several minutes (depending on your system specs). Let it run uninterrupted.
• At the last stage you will see a couple of messages about veryfying & analyzing results. Wait patiently.
• Upon completion you will see detections window. Enter one of them and click there View Report at the bottom right side.
  
• A notepad window named PCloudCleaner.log will open. Save it to your desktop.
  
• Please include the contents of that file in your next reply.

In any case don't remove on your own anything that is found! Any removals will be done manually after careful analysis of the scan results!
Don't forget to re-enable your switched-off protection software!
After we're done you may uninstall Panda Cloud Cleaner from your machine, if you wish to.

[e.harvey]

Ok, here we go...report attached

[REDACTED]

Hi

I'm afraid that the internet connection issues may be related to HP Network Devices, but it's not my area of expertise and I don't want to confuse you. I think that you should seek for help with that issue in some typically technical board (not malware related).

For now let's remove the Panda findings.

Scan with ZOEK

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
  
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:

Code: [Select]

createsrpoint;
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ZSUYJHN1.TXT;f
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\D7O3BJEN.TXT;f
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Z2TXIVT1.TXT;f
emptyalltemp;
[-HKLM\SYSTEM\CurrentControlSet\Services\HPSLPSVC];r
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\7M94D45G.TXT;f
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\TO5O54PV.TXT;f
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CX4GCHQE.TXT;f
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WF1POEVV.TXT;f
:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SZVWRWZ4.TXT;f
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\32JOZLX1.TXT;f
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\STPQ2WVV.TXT;f
C:\USERS\ELIZABETH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\QO8PW04D.TXT;f
[HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND];r
@="C:\Program Files\Internet Explorer\IEXPLORE.EXE";r
[HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED];r
"SUPERHIDDEN"=dword:00000000;r
[HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED];r
"HIDEFILEEXT"=dword:00000000;r
[HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM];r
"DISABLEREGISTRYTOOLS"=-;r
[HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM];r
"DISABLEREGISTRYTOOLS"=-;r
"DISABLETASKMGR"=-;r
[HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED];r64
"SUPERHIDDEN"=dword:00000000;r64
[HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED];r64
"HIDEFILEEXT"=dword:00000000;r64
Reboot;


• Make sure that Scan All Users option is checked.
  
• Push Run Script and wait patiently. The scan may take a couple of minutes.
  
• When the scan completes, a zoek-results logfile should open in notepad.
  
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!


Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

• Right-click on icon and select Run as Administrator to start the tool.
  
• Follow onscreen instructions inside the black box. This scan won't take long.
• Soon a notepad document called checkup.txt will open automaticaly.
  

Please include the content of that document.

[e.harvey]

Reports attached. Outlook Express is now really slow to open and keeps getting stuck!?

[e.harvey]

I have been considering uninstalling IE and re-installing it to see if that would help - though I am sure you would have advised this already if it was a good idea. Looking at all my programs in the control panel - I can't even see Internet Explorer listed there to uninstall it - only the Google toolbar. When I use IE, even with it's limits, it is like something is missing - only certain pages I have saved in my favourites bar, work and I can get as far as putting in a search phrase, but when I click on a any search link, nothing happens. Like I say, it's as if half of what is needed to make IE work, is missing. Does this suggest anything to you?

[Asyn]

You can't uninstall IE, it's part of the OS.