1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Windows Defender Fake Trojan (Back-door)

Discussion in 'Virus & Other Malware Removal' started by manganime, Oct 22, 2009.

Thread Status:
Not open for further replies.
  1. manganime

    manganime Thread Starter

    Joined:
    Aug 8, 2003
    Messages:
    53
    Hi all,

    Back with another problem. I am using Vista OS.

    Today I got infected by a highly annoying fake trojan which disguised itself as Windows Defender and kept popping up with fake alerts in an urge for me to purchase the full version of their software. It also created its own shortcut on my desktop and I could see two of its icons sitting in my programs startup menu and when I right clicked on the I could see they were situated in ...C:\Users\(my computer name)\Appdata\Local\Temp\snexracwmo.exe

    Well my AVG kept popping up with warnings also and I removed numerous files and spyware and I ran a full scan on my main drive (1 file refused to be removed), I also removed 2 bad reg entry with Malwarebytes. After this the shortcut and the icons remained, so did the annoying fake alerts.

    As a last resort I ran a system restore (which supposedly failed) but after my laptop rebooted the shortcut and the files in my startup menu were gone and I left it on for a while running Spybot and I didnt get any of the fake alerts. I also had a quick look at my registry and didnt find anything which looked suspicious.

    After an attack by this trojan I would like to ensure it is fully wiped off and no more remains, can anybody suggest how I can do this?

    Thank You very much
     
  2. sjpritch25

    sjpritch25 Malware Specialist

    Joined:
    Sep 8, 2005
    Messages:
    9,113
    Welcome to TSG :)

    [​IMG] Please download Malwarebytes' Anti-Malware from Here.



    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.

    Extra Note:



    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/870829

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice