Trojan.FakeAlert removal

draftiebrah · Apr 14, 2013

Hi i have followed the Vista & Windows 7 malware removal guide and I seem to have one lingering issue which is Trojan.FakeAlert.
Logs are attached.

TimW · Apr 15, 2013

Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab and locate these detections:

[RUN][SUSP PATH] HKCU\[...]\Run : invffcge (C:\Users\christos\AppData\Local\Temp\mqgfxsaoj\vrmdmwcyhsn.exe) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-3862662375-632059080-3990702108-1000[...]\Run : invffcge (C:\Users\christos\AppData\Local\Temp\mqgfxsaoj\vrmdmwcyhsn.exe) [x] -> FOUND

Place a checkmark each of these items, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)
Do not reboot your computer yet.

Now rerun Hitman and have it remove those PUP's/

Reboot and rescan with both RogueKiller and Hitman and attach those new logs as well.

draftiebrah · Apr 16, 2013

Thanks again and here are the two reports. Funnily enough doing the scans i couldn't find the threats anymore unless i missed it??

TimW · Apr 16, 2013

Just rerun Hitman and have it delete those PUP's. Then tell me how things are running.

Log in or Sign up

Trojan.FakeAlert removal

draftiebrah Private E-2

Attached Files:

hijackthis.log

TDSSKiller.2.8.16.0_14.04.2013_19.34.54_log.txt

RKreport[1]_S_04142013_02d1903.txt

MBAM-log-2013-04-14 (19-25-59).txt

HitmanPro_20130414_1952.log

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

draftiebrah Private E-2

Attached Files:

HitmanPro_20130416_1931.log

RKreport[2]_S_04162013_02d1908.txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member