Trojan.FraudPack Removal Guide

Do you know what Trojan.FraudPack is?

Trojan.FraudPack is a dangerous Trojan horse which can sneak onto unprotected computers in different ways. For example, it can be a spam email attachment or a free application downloaded from an insecure website. In any case, once you find that the Trojan is within the computer, you have to remove it as soon as possible.

The threat can be detected by some anti-virus program or you may learn about its presence through pop-up notifications that promote the full version of some rogue program which you are expected to buy in order to remove various computer infections. The Trojan, which is also known as Trojan.Win32.FraudPack.gen or Downloader.MisleadApp, is known to be associated with such old fake AVs as Antivirus 2009 and Antivirus 2010.

It installs a browser helper object and modifies the registry so that it starts once the system is loaded. Like other malicious programs, the threat also creates a lot different files. For example, one of the files which are associated with Trojan.FraudPack is asam.exe. It can disable Firewall, connect to malicious servers and receive commands from remote attackers. Its location is the %Documents and Settings% folder, and it has no interface. Moreover, the file is able to conceal itself so that security programs cannot detect and remove it from the system.

Another component of the malicious Trojan is svchast.exe. This file can be enabled to record your key strokes and mouse clicks; it can try to read your contact list on Outlook and send spam emails. Moreover, like the files discussed earlier, svchast.exe can hide itself in order not to be detected.

The Trojan can also hijack your Internet Explorer by preventing you from accessing web pages. It can display a drop-down warning which appears below the address box. Additionally, the browser can display a fake warning page:

Internet Explorer Warning – visiting this web site may harm your computer!

Most likely causes:

  • The website contains exploits that can launch a malicious code on your computer
  • Suspicious network activity detected
  • There might be an active spyware running on your computer

The foregoing notification will not be displayed if the user browsers websites which promote rogue applications which can be distributed by the same threat. In any case, do not wait until you cannot change anything and remove the Trojan right now.

Due to the fact that the Trojan alters the registry, creates new files and injects its code to the existing processes, we recommend utilizing our spyware removal tool so that you do not have to remove the infection manually.

In non-techie terms:

Trojan.FraudPack is a dangerous computer infection which can get to the PC without your permission and restrict your access to the Internet. Moreover, it can display misleading warning about computer infections on your PC so that you purchase a non-existent licensed version of the program which supposedly can protect the PC. In order to delete the infection, use our anti-malware program SpyHunter.

Aliases: FraudPack.