We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Win32 TrojanDropper virus

Options
2»

Comments

  • System
    System Posts: 178,346 Community Admin
    10,000 Posts Photogenic Name Dropper
    I wonder if Ad aware is faulty? Ive scanned my computor with A-Squared and deleted everything it bought up but Ad aware is still showing the virus.:confused:
    I think i am going to have to admit defeat here and wait for MrJudi to sort it out.

    This wouldnt be the first time Adaware has given me a false positive result.
    This is a system account and does not represent a real person. To contact the Forum Team email forumteam@moneysavingexpert.com
  • Browntoa
    Browntoa Posts: 49,602 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    boot into safe mode

    http://www.pchell.com/support/safemode.shtml

    and then run adaware, it will then be able to fully remove it
    Ex forum ambassador

    Long term forum member
  • albertross_2
    albertross_2 Posts: 8,932 Forumite
    what is the filename and path of the file it finds?
    Ever get the feeling you are wasting your time? :rolleyes:
  • System
    System Posts: 178,346 Community Admin
    10,000 Posts Photogenic Name Dropper
    Ad aware says it is

    Name: Win32.TrojanDropper

    Catagory: Malware

    Object Type: Regkey

    Location: system\controlset\enum\root\legacy_ip6fw\

    Last activity 23-04-2007
    This is a system account and does not represent a real person. To contact the Forum Team email forumteam@moneysavingexpert.com
  • Jzpop
    Jzpop Posts: 216 Forumite
    It may not be anything nasty at all, simply a 'false positive'. The ip6fw reference may be to the ip6fw.sys file that is part of the Microsoft IPV6 firewall, typically installed as part of Windows Defender.

    Unfortunately, there have also been a few Trojans / Rootkits that have tried to mask their presence by using the same or a similar name.


    Unless I missed it, I don't think that you have said what makes you think that you have picked up the W32 Trojandropper virus. can you confirm what first alerted you to this?
  • System
    System Posts: 178,346 Community Admin
    10,000 Posts Photogenic Name Dropper
    Ad aware told me when i did a scan this afternoon. i cant say i am having any problems with my pc though (other than it being a bit slow but i think that is because MrJudi installed Windows Defender on it last week).
    This is a system account and does not represent a real person. To contact the Forum Team email forumteam@moneysavingexpert.com
  • Jzpop
    Jzpop Posts: 216 Forumite
    Is this the first scan since Mr J installed Windows Defender? If so, I would lean towards a false positive.

    If you were to download the free trial of NOD32, disconnect from the Web, uninstall AVG, install NOD32, re-connect and download their latest definitions (should start automatically) and run a full scan, then you will have a second opinion. Feel free to uninstall NOD32 and go back to AVG after if you wish.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244K Work, Benefits & Business
  • 598.8K Mortgages, Homes & Bills
  • 176.9K Life & Family
  • 257.3K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture