Jump to content

Trojan.FakeAlert Removal Problems


Recommended Posts

Well, my laptop has been running slow for awhile now, and while I figured it was a virus, Microsoft Security Essentials didn't seem to find anything. Finally, I just wiped everything clean, formatted the drives and re-installed my OS. About a week went by and the problem crept up again so needless to say I was pretty upset. A friend recommended Malwarebytes so I figured I'd try it before I went out and bought a new PC, just in case I could salvage this one (it still runs games pretty well). I ran the full scan and it turns out that I'm infected with a Trojan, specifically FakeAlert, which would account for the lack of performance from my computer. I looked into it a bit and it's apparently supposed to try and scam you with redirects and such but I've experienced no such thing, even before the hard-drive wipe and re-installation (I did not back up and restore my files by the way, Steam is wonderful about switching PCs). Anyway, after the scan I chose to restart the computer and delete the quarantined file. For safe measure, I figured I would scan the system again to make sure there wasn't anything else going on. Unfortunately, I have now performed the full scan four times and I end up with the same results every time, with the same exact infected file. I will post the most recent log below, hopefully it's correct.

The main problem for me is the fact that this computer is acting up so terribly, it's impossible to run any slightly intensive program and even videos on Youtube are laggy. Any help would be very, very appreciated.

Thanks,

Matt

Most recent log:

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.05.17.06

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Games :: MATTHEWS-PC [limited]

5/18/2012 3:04:08 PM

mbam-log-2012-05-18 (15-04-08).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 304276

Time elapsed: 1 hour(s), 5 minute(s), 51 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\winsxs\x86_microsoft-windows-d..ostic-user-resolver_31bf3856ad364e35_6.0.6000.16386_none_c2fe431a08c3eb33\DFDWiz.exe (Trojan.FakeAlert) -> Delete on reboot.

(end)

Link to post
Share on other sites

Hi Matt and :welcome:

C:\Windows\winsxs\x86_microsoft-windows-d..ostic-user-resolver_31bf3856ad364e35_6.0.6000.16386_none_c2fe431a08c3eb33\DFDWiz.exe (Trojan.FakeAlert) -> Delete on reboot.

This is a false positive. Don't worry! Just update your Malwarebytes' Anti-Malware scan to see what is the sutation then.

If you still have a problem or want to find more information check this thread here:

http://forums.malwarebytes.org/index.php?showtopic=110016

Link to post
Share on other sites

I'm fully updated but the problem still persists. The topic you linked did mention DFDWiz.exe, which was the first file quarantined and removed by Malwarebytes. I'm just wondering where this leaves me, because my computer is still running the same as it has been so there must be a problem. It essentially makes every running program and a few services take up much more CPU than needed - any ideas on what I might be experiencing? Nothing else has shown up on the scans.

Link to post
Share on other sites

  • 2 weeks later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.