Jump to content
yahar

Can't remove Trojan.dropper/sys.explorerfake & WIN-NV

Recommended Posts

Hi,

I am working on a persons dual boot system. It boots Linux Mint 12 and Windows 7. After looking at Windows/update it seems the Windows is a pirated version as it is missing certain information.

This is what I did to scan windows for malware. I used SUPERantispyware, along with other apps on windows itself to scan. None of them detected anything.

I booted into the Linux partiton and installed SUPERantispyware with Wine (Windows program emulator) to scan the Windows 7 partiton from within linux mint. So far it detected and says it has quarintened

1. Trojan.Dropper/Sys-explorerFake

2. Trojan.Dropper/Win-NV

3. Trojan.Dropper/SVCHost-Fake

4. Trojan.SVCHost/Fake

5. System.BrokenFileAssosciation

After rerunning it though it still detects Trojan.Dropper/Sys-ExplorerFake and Tojan.Dropper/Win-NV

Share this post


Link to post
Share on other sites

I just ran it in safe mode but SAS says the system is clean.  I ran Malwarebytes right after it though and this is what it detected.

C:\Windows\System32\EXPLORER.EXE.del (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

C:\Windows\SysWOW64\EXPLORER.EXE.del (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Share this post


Link to post
Share on other sites

Sometimes it can take multiple Scanners to detect and remove these things, however if this person is using counterfeit products then they are going to have to get used to the fact that malware will be a problem.

Is Windows counterfeit or the Office programs ?

Share this post


Link to post
Share on other sites

Due to the nature of Counterfeit Windows some of the MS updates are unlikely to go through leaving them vulnerable no matter how much AV AS they have installed, would suggest they purchase a legit copy otherwise you're going to be the one with the bad reputation, as they will continue to have problems.

If problems persist recommend a clean install.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×