Trojan warning persists after removal

Status
Not open for further replies.
C

cottage

New Member
Thread author
Mar 11, 2023
5
0
2
I'm running Win 10 Pro X64 and Windows defender.

I downloaded a shareware program and scanned it before installing. I got a trojan warning from Windows defender and permanently deleted the shareware program (Shift + Delete). However, Windows Defender still displays the Trojan warning. Even though I deleted the offending program, I asked Defender to remove the trojan but the warning persists.

I then did a full scan with Malwarebytes and it did not pick up any problems.

I have rebooted the computer as well as run a second Win Defender full scan but the problem persists.

I have attached screen clips of the warning as well as a shot of the screen after Win Defender attempted to remove the program.

Any suggestions?
 

Attachments

  • def 2.jpg
    def 2.jpg
    66.3 KB · Views: 18
  • def 1.jpg
    def 1.jpg
    48.2 KB · Views: 18
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Let's see what we can find to help you.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Attach Files.
Navigate to the location of the File.
Click the file. It will appear in the reply section.
Click the Post Reply button.

Please post the logs for my review.

Let me know what problems persists.

Wait for further instructions
 
Thank you nasdaq,
I'll do as you recommend but first, I want to ensure that my post wasn't misleading.

I don't believe that my computer is infected with the trojan.
  • I scanned the shareware program immediately after download (trojan identified)
  • I didn't install the program.
  • I deleted it immediately after the virus scan (Shift+ Delete)
  • The trojan waring remained in Windows Defender
  • I instructed Win Defender to delete the trojan even though the shareware program had already been deleted but the warning remained.
  • I ran Malwarebytes and the scan was clear
  • I looked at all running applications and services (Task Manager). There was nothing running and there were no suspicious services loaded.
  • I looked at task scheduler and there was nothing unusual scheduled to run.
Therefore, I'm assuming that I'm not infected. It's just that Win Defender didn't clear the warning.

Is my reasoning inaccurate?
 
nasdaq said:
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Let's see what we can find to help you.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Attach Files.
Navigate to the location of the File.
Click the file. It will appear in the reply section.
Click the Post Reply button.

Please post the logs for my review.

Let me know what problems persists.

Wait for further instructions
Click to expand...
After double clicking to run Farbar, you say click Yes to the disclaimer. Is this the disclaimer?
 

Attachments

  • dis.jpg
    dis.jpg
    26 KB · Views: 13
Update.....
I deleted the Windows Defender protection history and the Trojan warning has disappeared.

To be sure, I did a subsequent full scan and it is clear.
 
Hi,

That usually work. The additional.txt that would have been created had you executed the Farbar program would have reported it.

Good work.

I will keep tis topic open for 6 days in case you need to return to it.
 
nasdaq said:
Hi,

That usually work. The additional.txt that would have been created had you executed the Farbar program would have reported it.

Good work.

I will keep tis topic open for 6 days in case you need to return to it.
Click to expand...
Thank you for your assistance.
 
Status
Not open for further replies.

You may also like...