Yep, they’re at it again. The Trojan Horse hackers had actually seemed to have gotten lazy for a while, at least by their previous standards. But now, they’re back: in Trojan 2: Fake Frag (Electric Boogaloo). Yes, more “fakeware”, this time claiming your “SATA Drive has Failed”, along with a ton of other fake messages. Then, despite the fact that you’ve never actually downloaded it, “Windows Recovery” software comes up and starts to scan your PC for bugs. Naturally, it finds them. By the tons. So not only is hard disk failure imminent, your computer is attracting parasites galore. Soon, it will be on fire.
Of course, it isn’t on fire. These Trojans are part of a new Blackmail-ware era of con game, where a “magic program” will recover your failed hard disk, “fix” all your system errors, and leave you $80 short. These are easy Trojans to pick up, as well, as one of our techs discovered on his home machine the other week. Continual notes that “only Windows Security 2011” will fix this, and at $80, it doesn’t seem so bad.
This is all a huge waste of your money, of course. There are a number of sites that do show you how to remove the “virus”, which is typically just a small .exe file that runs anytime you execute ANYTHING. A good way to stop the thing (and find exactly what .exe it is), of course, is by using your Windows Task Manager. Once inside, click on “Processes”, and look for something that just doesn’t look right. It’ll usually be using a ton of CPU, and can be stopped easily. Stopping it, of course, will typically then enable you to search for it in the registry.
We could go into deeper detail, but we won’t – there are a lot of other sites on the Internet that do. But just be warned: a lot of these guys suggest: “This is a difficult process for the non-advanced user, you may want to try Spyware Remover 2000 or Spyware Doctor” (or some other crappy name for an otherwise free spyware remover). So what are they doing? Yes, friends, they too are blackmailing you. Only this time it’s for less money, typically around $30. Check out a great demo video of this script in action on the Inquirer.
A smart user should know that all you really need is Regedit, and you can get the job done yourself.
Here are a few names this kind of virus goes under:
Internet Security Essentials