How to Remove Trojan.FakeAlert Manually

Before we get started, you should backup your system and your registry, so it’ll be easy to restore your computer if anything goes wrong.

To remove Trojan.FakeAlert manually, you need to delete Trojan.FakeAlert files. And I’ll show you. Otherwise, go ahead and…

Remove Trojan.FakeAlert processes:

rpnqrdnm.exe

runsrv32.exe

tcpservice2.exe

susp.exe

users32.exe

Remove Trojan.FakeAlert registry values:

HKEY_CLASSES_ROOT\clsid\{60e2e76b-60e2e76b-60e2e76b-60e2e76b-60e2e76b}

Unregister Trojan.FakeAlert DLLs:

zserv.dll

wstart.dll

winflash.dll

udpmod.dll

runsrv32.dll

questmod.dll

pynix.dll

jao.dll

bridge.dll

Detect and Remove these Trojan.FakeAlert files:

bridge.dll

jao.dll

pynix.dll

questmod.dll

rpnqrdnm.exe

runsrv32.dll

runsrv32.exe

susp.exe

tcpservice2.exe

udpmod.dll

users32.exe

winflash.dll

wstart.dll

zserv.dll

Note: In any Trojan.FakeAlert files I mention above, “%UserProfile%” is a variable referring to your current user’s profile folder. If you’re using Windows NT/2000/XP, by default this is “C:\Documents and Settings\[CURRENT USER]” (e.g., “C:\Documents and Settings\JoeSmith”). If you have any questions about manual Trojan.FakeAlert removal, go ahead and leave a comment.

How Do You Remove Trojan.FakeAlert Files?

Need help figuring out how to delete Trojan.FakeAlert files? While there’s some risk involved, and you should only manually remove Trojan.FakeAlert files if you’re comfortable editing your system, you’ll find it’s fairly easy to delete Trojan.FakeAlert files in Windows.

How to delete Trojan.FakeAlert files in Windows XP and Vista:

1. Click your Windows Start menu, and then click “Search.”
   
2. A speech bubble will pop up asking you, “What do you want to search for?” Click “All files and folders.”
   
3. Type a Trojan.FakeAlert file in the search box, and select “Local Hard Drives.”
   
4. Click “Search.” Once the file is found, delete it.

How to stop Trojan.FakeAlert processes:

1. Click the Start menu, select Run.
   
2. Type taskmgr.exe into the the Run command box, and click “OK.” You can also launch the Task Manager by pressing keys CTRL + Shift + ESC.
   
3. Click Processes tab, and find Trojan.FakeAlert processes.
   
4. Once you’ve found the Trojan.FakeAlert processes, right-click them and select “End Process” to kill Trojan.FakeAlert.

How to remove Trojan.FakeAlert registry keys:

Because your registry is such a key piece of your Windows system, you should always backup your registry before you edit it. Editing your registry can be intimidating if you’re not a computer expert, and when you change or a delete a critical registry key or value, there’s a chance you may need to reinstall your entire system. Make sure your backup your registry before editing it.

1. Select your Windows menu “Start,” and click “Run.” An “Open” field will appear. Type “regedit” and click “OK” to open up your Registry Editor.
   
2. Registry Editor will open as a window with two panes. The left side Registry Editor’s window lets you select various registry keys, and the right side displays the registry values of the registry key you select.
   
3. To find a registry key, such as any Trojan.FakeAlert registry keys, select “Edit,” then select “Find,” and in the search bar type any of Trojan.FakeAlert’s registry keys.
   
4. As soon as Trojan.FakeAlert registry key appears, you can delete the Trojan.FakeAlert registry key by right-clicking it and selecting “Modify,” then clicking “Delete.”

How to delete Trojan.FakeAlert DLL files:

1. First locate Trojan.FakeAlert DLL files you want to delete. Open your Windows Start menu, then click “Run.” Type “cmd” in Run, and click “OK.”
   
2. To change your current directory, type “cd” in the command box, press your “Space” key, and enter the full directory where the Trojan.FakeAlert DLL file is located. If you’re not sure if the Trojan.FakeAlert DLL file is located in a particular directory, enter “dir” in the command box to display a directory’s contents. To go one directory back, enter “cd ..” in the command box and press “Enter.”
   
3. When you’ve located the Trojan.FakeAlert DLL file you want to remove, type “regsvr32 /u SampleDLLName.dll” (e.g., “regsvr32 /u jl27script.dll”) and press your “Enter” key.

That’s it. If you want to restore any Trojan.FakeAlert DLL file you removed, type “regsvr32 DLLJustDeleted.dll” (e.g., “regsvr32 jl27script.dll”) into your command box, and press your “Enter” key.

Did Trojan.FakeAlert change your homepage?

1. Click Windows Start menu > Control Panel > Internet Options.
   
2. Under Home Page, select the General > Use Default.
   
3. Type in the URL you want as your home page (e.g., “http://www.homepage.com”).
   
4. Select Apply > OK.
   
5. You’ll want to open a fresh web page and make sure that your new default home page pops up.

Trojan.FakeAlert Removal Tip

Is your computer acting funny after deleting any Trojan.FakeAlert files? I recommend using a program like File Recover from PC Tools. File Recover saves deleted files that otherwise can’t be recovered by Windows operating sytem.

Want to save time finding Trojan.FakeAlert files? Download Spyware Doctor, let it find the Trojan.FakeAlert files for you, and then manually delete Trojan.FakeAlert files.

Source : http://www.411-spyware.com/remove-trojan-fakealert

How to remove Personal Antivirus rogue anti-spyware

Malware Description:

When it comes to computer security, Personal Antivirus is not a program you want to have in your system. The explanation is simple: Personal Antivirus is a rogue anti-spyware tool designed to deceive people into paying for its registered commercial software, no matter how illicit its tactics may be. Personal Antivirus propagates through backdoor Trojans or insecure downloads on the web. The latent intrusion is always followed by Personal Antivirus launching its misleading campaign on your computer. It means you will keep getting multiple alerts and scanners trying to get you alarmed about the security of your PC. Personal Antivirus pop-ups and scanners report infections that supposedly inhabit your machine. These deceitful techniques practised by Personal Antivirus are all about tricking you into downloading and registering the paid commercial version of Personal Antivirus. In reality, Personal Antivirus is not capable of removing any actual infections because it’s not developed on a legitimate antivirus engine. Therefore, purchasing Personal Antivirus is probably the most unreasonable to do. On the other hand, though, ignoring Personal Antivirus in your system will soon turn its obsessive pranks into a major system disruption and further malware invasion resulting in getting your privacy violated. So it’s highly recommended to remove Personal Antivirus once you spot its signs on your computer.

Malware Type: Rogue Anti-Spyware

Malware Author: Innovagest2000 SL

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

Personal Antivirus Free Scanner and Remover: Download Now

Personal Antivirus Screenshot:

How to remove Personal Antivirus and affiliated threats manually:

Manual removal of Personal Antivirus is a feasible objective if you have sufficient expertise in dealing with program files, processes, .dll files and registry entries.

The files to be deleted are listed below:

• %Documents and Settings%\All Users\Desktop\Personal Antivirus.lnk
  
• %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus
  
• %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk
  
• %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk
  
• %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk
  
• %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk
  
• %UserProfile%\Application Data\Personal Antivirus
  
• %UserProfile%\Application Data\Personal Antivirus\settings.ini
  
• %UserProfile%\Application Data\Personal Antivirus\uill.ini
  
• %UserProfile%\Application Data\Personal Antivirus\unins000.exe
  
• %UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk
  
• %UserProfile%\Application Data\Personal Antivirus\db
  
• %UserProfile%\Application Data\Personal Antivirus\db\config.cfg
  
• %UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf
  
• %UserProfile%\Application Data\Personal Antivirus\db\Urls.inf
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
  
• %Program Files%\Personal Antivirus
  
• %Program Files%\Personal Antivirus\activate.ico
  
• %Program Files%\Personal Antivirus\Explorer.ico
  
• %Program Files%\Personal Antivirus\PerAvir.exe
  
• %Program Files%\Personal Antivirus\unins000.dat
  
• %Program Files%\Personal Antivirus\uninstall.ico
  
• %Program Files%\Personal Antivirus\working.log
  
• %Program Files%\Personal Antivirus\db
  
• %Program Files%\Personal Antivirus\db\DBInfo.ver
  
• %Program Files%\Personal Antivirus\db\ia080614.db
  
• %Program Files%\Personal Antivirus\db\ia080618x.db
  
• %Program Files%\Personal Antivirus\Languages
  
• %Program Files%\Personal Antivirus\Languages\IAEs.lng
  
• %Program Files%\Personal Antivirus\Languages\IAFr.lng
  
• %Program Files%\Personal Antivirus\Languages\IAGer.lng
  
• %Program Files%\Personal Antivirus\Languages\IAIt.lng
  
• %WINDOWS%\system32\log.txt
  
• %UserProfile%\Application Data\Microsoft\Windows\winlogon.exe
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
  
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe

The registry entries that need to be removed are as follows:

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
  
• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
  
• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine
  
• HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PrS”
  
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Personal Antivirus”

Please, be aware that manual removal of Personal Antivirus is a cumbersome process and does not always ensure complete deletion of the malware, due to the fact that some files might be hidden or may get reanimated automatically afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal of Personal Antivirus, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.

Source : http://remove-malware.net

How to remove Trojan.FakeAlert infection

Malware Description:

Trojan.FakeAlert (aka Downloader.MisleadApp or Hoax.Win32.Agent.n) is a dangerous digital infection that specializes in promoting affiliated rogue security products. Trojan.FakeAlert is known to be currently involved in the intricate pushing schemes of Personal Antivirus rogue anti-spyware program. Typically, Trojan.FakeAlert intrudes without the user’s awareness and consent because it applies backdoor techniques to infiltrate, i.e. it spots and exploits security flaws and firewall vulnerabilities to get on board. When inside, Trojan.FakeAlert creates some additional registry entries and drops a few malicious files in the System32 folder. The consequences of such malicious activity of Trojan.FakeAlert are as follows: the victim will keep getting misleading and exaggerated alerts about a variety of infections which are allegedly detected on the compromised computer. Those alerts usually appear from the system tray in the bottom right-hand corner of the desktop. In fact, through, if you click on such fake notifications, you will trigger the procedure of installing the rogue anti-spyware application (currently – the PAV infection mostly). In addition, in the overwhelming majority of cases of Trojan.FakeAlert infection, it has caused browser hijacking symptoms, which results in diverting you online activities to fraudulent insecure websites. It’s strongly recommended to remove Trojan.FakeAlert parasite if it attacked your PC. And make sure you check your machine for additional infections after that.

Malware Type: Trojan Horses

Malware Author: Unknown

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

Trojan.FakeAlert And Affiliated Malware Free Scanner and Remover: Download Now

How to remove Trojan.FakeAlert manually:

Manual removal of Trojan.FakeAlert is feasible if you have sufficient expertise in dealing with program files, system processes, .dll files and registry entries.

The associated files to be deleted are listed below:

• rpnqrdnm.exe
  
• runsrv32.exe
  
• tcpservice2.exe
  
• susp.exe
  
• users32.exe
  
• zserv.dll
  
• wstart.dll
  
• winflash.dll
  
• udpmod.dll
  
• runsrv32.dll
  
• questmod.dll
  
• pynix.dll
  
• jao.dll
  
• bridge.dll

The related registry entries to be removed are as follows:

• HKEY_CLASSES_ROOT\clsid\{60e2e76b-60e2e76b-60e2e76b-60e2e76b-60e2e76b}

Please, be aware that manual removal of Trojan.FakeAlert malware is a cumbersome procedure and does not ensure complete deletion of the malware, due to the fact that some files might be hidden or may automatically reanimate themselves afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal of Trojan.FakeAlert, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.