Selasa, 05 Juni 2012

Your PC is possessed with pop up virus alert warnings; how to remove Trojan.FakeAlert

You are happily using your PC to surf or read Email. Suddenly your screen is possessed with virus warnings and alerts and maybe a program appears to be scanning your PC or offering to scan for you.
What may have happened is an invasion by Trojan.FakeAlert or some variation of this Trojan horse malware.
What should you do?
What you should do is stop, don't click any buttons, don't agree to a scan. All of those scary messages might be false warnings from a nasty form of malware that pretends to be your own security software. It is a false alert, and anything you consent to or any click you make will likely further embed the malware into your system.
The best thing you can do is to shut your PC down, and get some help. See below for more symptoms and a plan of attack that you can follow to clean out this impostor if it is possessing your PC.

Beware of Greeks (and also some geeks)

The Trojan Horse comes from Greek mythology. The story tells how the Greeks used a trick to enter the walled city of Troy. They built a large wooden horse with space inside for Greek warriors.
The Greeks rolled the wooden horse up to the city's gate and left it there.The Trojans took it as a gift, a peace offering, opened the gate, and rolled the horse inside. The Greeks came out of hiding and the battle was on!.
  • Greeks 1
  • Trojans 0
This led to a saying heard often, "Beware of Greeks bearing gifts" and the use of the Trojan horse phrase to describe somebody slipping in a surprise (often nasty) within an innocent appearing gift.
As Virgil once said, "Do not trust the horse, Trojans. Whatever it is, I fear the Greeks even when they bring gifts," From Virgil's Aeneid, book 2, 19 BC.

Telling the good guys from the bad guys

First of all, you should be familiar with what your own anti-virus protection messages look like. A legitimate anti-virus or anti-spyware program will typically throw up only one alert message at a time. Secondly, it will likely have a recognizable logo or title on any of its messages.
The bad guys put up realistic looking screens, see below. Yet, if looked at for a minute, it is generally possible to see the fakery in the language used.
Look over the following screen shots:
  • Your anti-virus is not named Antivirus 2008, or 2009, or 2010 or anything like that.
  • Your anti-virus has a name something like: AVG or Symantec or Avast or Microsoft Essentials or ...
  • Any security program that asks you to install or scan or click, is likely up to no good.

Symptoms of Trojan Fake Alert

This type of Fake Alert Trojan has been around for years. It keeps getting reinvented, tweaked and re-launched. The fake security program usually exhibits one or more of these symptoms:
  • Puts up a scary message that alerts you to doom, unless you click something for them. Don't click.
  • Often there are several screens that pop-up, sometimes on their own, but sometimes after you click for the bad guy.
  • Some will ask you to click a button to allow them to scan. Don't do it.
  • Some will show you a screen, with files flying by, as it professes to be scanning on your behalf.
  • Some will encourage to to click a button to allow them to install something. Don't do it.
  • Some will offer to scan for a fee, or install a removal tool, for a fee. Save your money.
  • Some will block your ability to run system tools like Task Manager or System Restore.
  • Some will block your ability to un-install programs (especially the fake program).
  • Some will block or disable your anti virus program and prevent you from updating or even run the AV program.
  • Some will block your access to the Internet.

Effects of Trojan FakeAlert

Some of the bad side effects of this type of Trojan are bad enough, but get worse when you make the mistake of clicking for them:
  • Change your system settings.
  • Modify the Windows Registry.
  • Slow down your PC and surfing.
  • Alter your browser homepage or re-direct you to a remote server.
  • Steal confidential data.
  • Delete files or crash your system.

Removing Trojan FakeAlert

Some Fake Alerts can be very difficult to remove, especially if not repaired quickly, or if you help them out by clicking as they direct.
However, often Fake Alerts can be removed with a couple of relatively easy processes:
  1. System Restore
  2. Scan and remove

1. System Restore

Try system restore to get in front of the infection. System Restore is a Windows tool that makes snapshots of the Windows settings periodically. You can got to a time before you had the virus symptoms, and roll back your Windows. This does not affect your data, but you will loose any installations or updates that occurred after the restore point. Often this will get you back running quickly.

  • Restart your PC and bring it up in Safe Mode (F8).
  • Log in as Administrator, if possible.
  • All Programs -> Accessories -> System Tools - > System Restore.
  • Select and run the Restore. Your PC will be rebooted, and if you are lucky today, the virus will be gone.
  • Run a program like MalwareBytes or HitMan Pro to verify and further clean your PC.
  • If OK, run System Restore to create a new restore point.

2. Scan and remove

Run a program like MalwareBytes or HitMan Pro to scan and clean your PC. Both of these programs have worked well with fake alerts.
  • Download the removal tool to your PC.
  • The virus may block this or make it too difficult. If so, download it on another PC and copy the install program to a USB drive and carry it to the infected PC.
  • Restart your PC and bring it up in Safe Mode (F8).
  • Log in as Administrator, if possible.
  • Run the selected virus removal tool and follow the screen prompts to scan and remove.
  • Restart your PC.
  • If OK, run System Restore to create a new restore point.

Useful articles on keeping your PC secure and clean

You can keep your hard drive cleaner and up to speed with a cleaning tool like CCleaner or CleanUp. Spyware removal can be tricky, but many times it can be removed easily by the average user. There are many free and safe scans that can improve and inform your computing life.


Spoiler Untuk lihat komentar yang masuk: