Friday, March 7, 2014

Get Rid of Win64:Dropper-Gen[Drp] Completely

Case one: I tried opening Windows Explorer and got this error:
C:\\Windows\explorer.exe
Operation did not complete successfully because the file contains a virus
So I did a scan with Avast and the results showed:
File name:C:\\Windows\explorer.exe
Severity: High
Status: Threat:Win64:Dropper-Gen[Drp]
The recommmended action was move to chest but i got an error: specified file is read only (6009)
No idea what to do at this point, so looking for help. Thanks.

Case two:So I just booted up my pc and after logging in to the desktop its just black screen with just the mouse cursor.Explorer.exe is gone cant use the start menu, and all I can do is ctrl alt del to open the task manager and run tasks.When I try to open explorer.exe or control panel through the task manager I get an error (C:\Windows\explorer.exe Operation did not complete successfully because the file contains a virus.)I scanned with Mbam and SAS and found nothing but when I quick scanned with Avast it found this:Win64:dropper-gen [Drp].

How harmful Win64:Dropper-Gen[Drp] is?

Here are the malicious tasks that Win64:Dropper-Gen[Drp] will do when it into the target computer.

Win64:Dropper-Gen[Drp] may chisel up a backdoor in the infected PC without user’ permission and knowledge. Other kinds of computer virus will get the chance to invade into this compromised PC more easily with the help of Win64:Dropper-Gen[Drp].

Therefore, Users may definitely be interrupted with other kinds of computer infections. For instance, if the browser hijacker virus sneaks into the PC, it will redirect websites into malicious web pages that contains lots of commercial ads and pornographic contents.

Win64:Dropper-Gen[Drp] will add its files to the startup menu, as a result, it can run automatically when computer users boot the infected PC. And it does not allow users to uninstall it from the control penal.

At the same time, users may notice that their PC is running more and more slowly. And it always shows a high CPU occupation even though they have just run one or two applications on the PC.

Effective methods to get rid of Win64:Dropper-Gen[Drp]:

Method one: Manually remove Win64:Dropper-Gen[Drp]
Method two: Remove Win64:Dropper-Gen[Drp] easily with SpyHunter automatic scan

Detail instruction (please perform all the steps in correct order)

Method one: Manually remove Win64:Dropper-Gen[Drp]

Step one: Disable any suspicious startup items that are made by infections. Press Ctrl+Alt+Delete or Ctrl+Shift+Esc >> Click Task Manager >> More details >> Startup tab >> click on the items that added by the virus >> Click Disable

Step two: Show hidden files and folders in win 8. 1. Start screen >> Control Panel >> Appearance and Personalization >> Folder Options

2. The Folder Options box pops up >> Check Show hidden files, folders, or drives >> Apply
 

Step three: End all the harmful Processes in win 8: Press Ctrl+Alt+Delete or Ctrl+Shift+Esc >> Click Task Manager >> Right click all the harmful Processes >> End task

 

Note: If you want to check the background processes, please click More details. Click the processes you want to end, and click End Task.

Step four: Search the infected PC to find out all the malicious files as below and then delete all of them:
%AppData%\<random>.exe
%CommonAppData%\<random>.exe
C:\Windows\Temp\<random>.exe
%temp%\<random>.exe
C:\Program Files\<random>

Step five: Remove vicious registry entries of Win64:Dropper-Gen[Drp]:

1.Press Win+R to activate the Run window >> Type “regedit” or “regedit.exe” to the search bar >> Click “Ok” if you are asked if you want to open Registry Editor
 

 2.Find out all the harmful keys, right click them and Delete.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wpm
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpUXSrv.exe
If the manual guide is kinda difficult for you, please feel free to download automatic removal tool SpyHunter to drive the self-invited guest away.

Method two: Automatically remove Win64:Dropper-Gen[Drp] with Spyhunter antivirus software:

 

Step 1: click the icon below to download automatic removal tool SpyHunter

 
http://www.pcresolvers.com/spyhunter.php

 

Step 2: follow the instructions to install SpyHunter

 



 

Step 3: run SpyHunter to automatically detect and uninstall OffersWizard

 


Summary: Due to the changeable characters of Win64:Dropper-Gen[Drp], you cannot be too careful to distinguish the harmful files and registries from the system files and registries. If you have spend too much time in manual removing Win64:Dropper-Gen[Drp] and still not make any progress, you can download and install Spyhunter antivirus software here to remove Win64:Dropper-Gen[Drp] automatically for you.

No comments:

Post a Comment