locked
Ran full scan got a threat message "trojandownloader" press button to have Window Defender take action. Still there when redo a full scan RRS feed

  • Question

  • So this is what happen.  I got one of those annoying message that said my computer has been affected by a virus... and I was just using surfing www.zillow.

    I usually do a full scan about once a month.  And it could be a month since I done a full scan since.  But WD is on continuous scan. 

    So I just shut down my browser and did first a fast scan using Window Defender (the only anti-virus I have at the time).  It came clear.  Then I did a full scan and it said I have one threat.  Trojandownloader. 

    At the end of the full scan I press the take action button and after a while (between 20-40min).  It said I have zero threads and on the history it said it is removed (as shown below)

    So I decided to do another full scan with WD.  However the same thing happen.  It said that I have a thread and I press the take action bottom again.  And then when end of it.  it said it is removed and when I go to history I got the same details as before.  

    I also don't have system restore on.  So it is not an issue of it reproducing itself. 

    I also did a full scan (more than one time) with immunet.  It came clear.  And when I run fast scan with WD it comes clear it is only in full scan that it comes up. 

    Also WD flag the threat between 220k-350K files into a 1.3million file full scan. 

    Is it possible WD gave me a false positive again attached are the details from WD.

    Also I can't seem to find these files or programs on my computer.

    *** The detail message from window defender saids as followes after the full scan and press the take action button (they are cut and past and typed in***

    TrojanDownloader:JS/Jesdow.B!url

    Alert Level:Severe

    Status: Removed

    Date:4/2/218

    Recommended action: Remove threat now.

    Category: Trojan Downloader

    Details:  This program is dangerous and downloads other programs.

    Affected items:

    containerfile: C:\Recovery\Customizations\USMT.PPKG

    file: C:\Recovery\Customizations\USMT.PPKG->\ICB\0\MachineSpecific\File\C$\Program Files (x86)\Lenovo\Power2Go\APREG.url

    file: C:\Recovery\Customizations\USMT.PPKG->\ICB\0\MachineSpecific\File\C$\Program Files (x86)\Lenovo\PowerDVD12\APREG.url

    Monday, April 2, 2018 7:46 PM