1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

win32:dropper-gen [drp] virus. Going to need some help here...

Discussion in 'General Software' started by Tekelectric, Jan 23, 2014.

  1. Tekelectric

    Joined:
    Dec 5, 2013
    Messages:
    57 (0.10/day)
    Thanks Received:
    1
    Ok so this is what happened, I was got home, booted up my computer, and opened up Raidcall which is a voice chat primarily used for gaming. When I opened it, my Avast! found this virus win32:dropper-gen [drp]. When this happened, Avast! recommended me to do a boot-time scan. I did it and it found the virus and gave me a few options for fixing, repairing, or ignoring it. I decided to fix it automatically and it moved it to the virus chest and ran another scan. This made my impatient and I skipped the scan so I can boot up. After my computer derping and hanging on the login screen displaying "preparing windows" I restarted to get my computer to login right. After deleting the virus in the chest I decided to run full scans using Avast! and MalwareBytes. I then restarted my computer to make sure and tried to reinstall Raidcall. This is where I get frustrated. I see the virus AGAIN while downloading the program's exe. I decided to go into safe mode and run MalwareBytes's quick scan which found nothing. I went back and deleted anything relating to raidcall which was another exe file I downloaded a few months ago. I redownloaded raidcall's exe and there was nothing to be found. But at this point I'm kinda skeptical. Can someone help me make sure this thing is TRULY gone?
     
  2. micropage7

    micropage7

    Joined:
    Mar 26, 2010
    Messages:
    6,665 (3.46/day)
    Thanks Received:
    1,603
    Location:
    Jakarta, Indonesia
    it looks your antivirus fails to erase some of it so it returns again
     
  3. RCoon

    RCoon Gaming Moderator Staff Member

    Joined:
    Apr 19, 2012
    Messages:
    9,428 (8.04/day)
    Thanks Received:
    5,982
    Location:
    Gypsyland, UK
    go into the "Run" command (Win + R) and type in %appdata%
    most malware/viruses dump a copy of themselves into your local or roaming app data folders, usually labelled as an .exe with a bunch of numbers and/or letters.

    Note: You will need to go into folder options and unhide hidden files and folders
     
  4. puma99dk|

    puma99dk|

    Joined:
    Aug 29, 2005
    Messages:
    3,692 (1.03/day)
    Thanks Received:
    880
    Location:
    Denmark....
    which Malwarebytes program are you trying to run?

    I most of the time run Chameleon that Malwarebytes has made it finds a lot of trojans, and other viruses, and it's small and got it own ff, chrome and ie with it so it can update even your browser may not work properly having a virus/trojan.

    DL: https://www.malwarebytes.org/chameleon/
     
  5. Tekelectric

    Joined:
    Dec 5, 2013
    Messages:
    57 (0.10/day)
    Thanks Received:
    1
    Do I delete the files then?
     
  6. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    8,994 (2.55/day)
    Thanks Received:
    1,619
    TDDS killer and RogueKiller
     
    10 Million points folded for TPU
  7. Tekelectric

    Joined:
    Dec 5, 2013
    Messages:
    57 (0.10/day)
    Thanks Received:
    1
    Ran both of these just now, and RogueKiller found only registry keys to delete. But what was weird is that my Avast! DeepScreen popped up twice while opening RogueKiller's exe, but meh. TDDS Killer found nothing and it was all good for it. Should I be fine now?

    EDIT: Just called Avast! tech support. They said that having Windows Defender and Avast! at the same time is the culprit 0.o they also told me this is an aggressive virus and I may need to pay about a 100 bucks to get it fixed from them...uhhh...I dunno about that. But my computer seems clean at this point. But can you guys evaluate?

    EDIT 2: I redownloaded Raidcall and it had my username saved which was pretty convenient :D So should I be fine at this point?
     
    Last edited: Jan 24, 2014
  8. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    8,994 (2.55/day)
    Thanks Received:
    1,619
    10 Million points folded for TPU
  9. Tekelectric

    Joined:
    Dec 5, 2013
    Messages:
    57 (0.10/day)
    Thanks Received:
    1
    Ok but I dunno if I'm being paranoid but when I booted up my user for this computer had a shortcut for it. Which is kinda sketchy, should I worry about this?
     
  10. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    8,994 (2.55/day)
    Thanks Received:
    1,619
    for hijackthis? Or what?
     
    10 Million points folded for TPU
  11. Tekelectric

    Joined:
    Dec 5, 2013
    Messages:
    57 (0.10/day)
    Thanks Received:
    1
    Nah I just booted up my computer right now and I saw an icon for my user for windows and it led to my files. It was kinda sketchy.
     
  12. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    8,994 (2.55/day)
    Thanks Received:
    1,619
    I don't understand that at all. Pictures, or a better description.


    If you are saying there was an icon on your desktop that led to your documents that is just an option for users in windows to see or not. If you are saying on the login screen your username only takes you to your user files it does have an issue, but most likely a minor one.
     
    10 Million points folded for TPU
  13. Tekelectric

    Joined:
    Dec 5, 2013
    Messages:
    57 (0.10/day)
    Thanks Received:
    1
    There was an icon on my desktop that led to my documents, that's the one.

    EDIT: At this point I'm planning on reinstalling Windows 8, I'm going to do this tomorrow, I guess then we'll see how my computer is.
     
    Last edited: Jan 24, 2014

Currently Active Users Viewing This Thread: 2 (0 members and 2 guests)

Share This Page