Fakealert Trojan How To Remove
Fakealert Trojan How To Remove
Manual removal instructions:
You deleting all registry keys and files connected with this software, and also removing it from startup list and unregistering all corresponding DLLs. (Only do the following if you know what you are doing) However you can do the steps that you know how to do - skip the rest. I tried to make it easy by explaining each step carefully.
Deleting Files:
1. Search on your computer and delete these files:
To search, Click Start, then Click Search, then Click Search for files and folders.
notepad.dll
sb_bar.css
sb_bar.htm
sb_config.ini
sb_ep.htm
sclick.exe
sysmonms.exe
uinst.exe
Warning: you should delete only those files which checksums are listed as malicious.
2. Delete the folder named Winmsg:
Click Start, then Click Run, type in
C:/program files
Program files folder will open. Find the folder named Winmsg and delete it.
3. Delete these malicious registry entries and\or values:
Easy instructions to discover how to delete an entry in my other blog post.
If you cannot find an entry skip it.
Key: Sb6.StrangeBho.1
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho.1
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho.1\CLSID
Key: Sb6.StrangeBho
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho\CLSID
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho\CurVer
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-30E3-4C5D-
AD2C-C38724979B4B}
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-
30E3-4C5D-AD2C-C38724979B4B}
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-30E3-
4C5D-AD2C-C38724979B4B}
\ProgID
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-30E3-4C5D-
AD2C-C38724979B4B}
\VersionIndependentProgID
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-30E3-
4C5D-AD2C-C38724979B4B}
\InprocServer32 Value: ThreadingModel
HKEY_CURRENT_USER/SOFTWARE\
Microsoft\Windows\CurrentVersion\
Explorer\Browser Helper Objects\
{0B9B7B2E-30E3-4C5D-AD2C-
C38724979B4B}
Warning: Do delete ONLY the keys listed above. Do make a backup before deleting anything from the registry. We have no responsibility if anything you do goes wrong.
Manual instructions for a registry backup:
1. Click Start, and then click Run.
2. Type regedit, and then click OK.
3. Right click on My Computer and Select Export.
4. In the Save in box, select a location where you want to save the backup file (could be My Documents Folder), type a file name in the File name box, and then click Save.
Then move the file to a floppy disk or on CD if you can - that is extra protection.
1) Insert floppy disk in computer.
2) Click Start, Run. Type in A:/ Hit OK. A floppy disk window will open (blank if floppy disk has no files)
Go to the folder where you saved the backup. Click once on the backup file - drag it to the floppy disk window.
Registry backup instructions from Microsoft for Windows XP users.
Instructions to backup registry automatically:
You can also use a software to do a registry backup. Eusing software will automatically do a registry backup which you save on your computer. The software does other things as well. Including removing registry entries that are BAD or USELESS.
That was manual instructions for removal of FakeAlert Trojan. As always you can scan with both your anti virus and anti adware/spyware software as well -- for automatic removal (if the software find anything at all). Not all trojans can be automatically removed!
Fakealert Trojan How To Remove
Manual removal instructions:
You deleting all registry keys and files connected with this software, and also removing it from startup list and unregistering all corresponding DLLs. (Only do the following if you know what you are doing) However you can do the steps that you know how to do - skip the rest. I tried to make it easy by explaining each step carefully.
Deleting Files:
1. Search on your computer and delete these files:
To search, Click Start, then Click Search, then Click Search for files and folders.
notepad.dll
sb_bar.css
sb_bar.htm
sb_config.ini
sb_ep.htm
sclick.exe
sysmonms.exe
uinst.exe
Warning: you should delete only those files which checksums are listed as malicious.
2. Delete the folder named Winmsg:
Click Start, then Click Run, type in
C:/program files
Program files folder will open. Find the folder named Winmsg and delete it.
3. Delete these malicious registry entries and\or values:
Easy instructions to discover how to delete an entry in my other blog post.
If you cannot find an entry skip it.
Key: Sb6.StrangeBho.1
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho.1
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho.1\CLSID
Key: Sb6.StrangeBho
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho\CLSID
HKEY_CURRENT_USER/SOFTWARE\
Classes\Sb6.StrangeBho\CurVer
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-30E3-4C5D-
AD2C-C38724979B4B}
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-
30E3-4C5D-AD2C-C38724979B4B}
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-30E3-
4C5D-AD2C-C38724979B4B}
\ProgID
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-30E3-4C5D-
AD2C-C38724979B4B}
\VersionIndependentProgID
HKEY_CURRENT_USER/SOFTWARE\
Classes\CLSID\{0B9B7B2E-30E3-
4C5D-AD2C-C38724979B4B}
\InprocServer32 Value: ThreadingModel
HKEY_CURRENT_USER/SOFTWARE\
Microsoft\Windows\CurrentVersion\
Explorer\Browser Helper Objects\
{0B9B7B2E-30E3-4C5D-AD2C-
C38724979B4B}
Warning: Do delete ONLY the keys listed above. Do make a backup before deleting anything from the registry. We have no responsibility if anything you do goes wrong.
Manual instructions for a registry backup:
1. Click Start, and then click Run.
2. Type regedit, and then click OK.
3. Right click on My Computer and Select Export.
4. In the Save in box, select a location where you want to save the backup file (could be My Documents Folder), type a file name in the File name box, and then click Save.
Then move the file to a floppy disk or on CD if you can - that is extra protection.
1) Insert floppy disk in computer.
2) Click Start, Run. Type in A:/ Hit OK. A floppy disk window will open (blank if floppy disk has no files)
Go to the folder where you saved the backup. Click once on the backup file - drag it to the floppy disk window.
Registry backup instructions from Microsoft for Windows XP users.
Instructions to backup registry automatically:
You can also use a software to do a registry backup. Eusing software will automatically do a registry backup which you save on your computer. The software does other things as well. Including removing registry entries that are BAD or USELESS.
That was manual instructions for removal of FakeAlert Trojan. As always you can scan with both your anti virus and anti adware/spyware software as well -- for automatic removal (if the software find anything at all). Not all trojans can be automatically removed!
Fakealert Trojan How To Remove
Click to email this useful post to a friend:
0 Comments on this post. Post your comment :)
