Fresh Tendrils's Blog
I want to preface this by saying that whomever came up with the "fake antivirus package" type trojan needs to be shot in the face with a shotgun.
Anyway, this past weekend my parents ran into a problem with their computer - they couldn't get on the internet. Everything was hooked up and you could click into Firefox, but a warning page would load up and warn you about insecure internet navigation and give you two options. Option 1 would allow you to "enable protection" which directed you to defender-review.com (fake site). Option 2 would allow you to ignore the warning, but clicking that would shut-down FF. Also, every couple of minutes a window would pop-up on the desktop saying that a made-up virus had been found but couldn't be dealt with until I enabled protection. I would like to note that although there were three buttons on this window, 2 were grayed out - the only one you could click on was "enable protection" which took you to the site already mentioned.
I didn't have time to do more than simply finding out that defender-review was a fake site and a virus before work. When I got home I searched google for ways to eliminate the virus. Most of them simply directed me to download some kind of software which I did not want to do. It should be noted that McAfee, Lavasoft, or Spy Doctor did not detect this virus. I tried doing a system restore several times without success and decided to try a different technique after reading a couple blog posts. I searched through all files and folders. There was a Google folder in the Application Data that I deleted immediately. I found a blog with a list of files to delete and sure enough they were there, all with the same time-stamp. Deleting the files did the job. Pretty sweet.
This has been the second time my parents computer got a virus like this. The first time was easy to do, this time took a little bit of work since their computer couldn't access the internet.
Anyway, just a heads up to you guys.
Anyway, this past weekend my parents ran into a problem with their computer - they couldn't get on the internet. Everything was hooked up and you could click into Firefox, but a warning page would load up and warn you about insecure internet navigation and give you two options. Option 1 would allow you to "enable protection" which directed you to defender-review.com (fake site). Option 2 would allow you to ignore the warning, but clicking that would shut-down FF. Also, every couple of minutes a window would pop-up on the desktop saying that a made-up virus had been found but couldn't be dealt with until I enabled protection. I would like to note that although there were three buttons on this window, 2 were grayed out - the only one you could click on was "enable protection" which took you to the site already mentioned.
I didn't have time to do more than simply finding out that defender-review was a fake site and a virus before work. When I got home I searched google for ways to eliminate the virus. Most of them simply directed me to download some kind of software which I did not want to do. It should be noted that McAfee, Lavasoft, or Spy Doctor did not detect this virus. I tried doing a system restore several times without success and decided to try a different technique after reading a couple blog posts. I searched through all files and folders. There was a Google folder in the Application Data that I deleted immediately. I found a blog with a list of files to delete and sure enough they were there, all with the same time-stamp. Deleting the files did the job. Pretty sweet.
This has been the second time my parents computer got a virus like this. The first time was easy to do, this time took a little bit of work since their computer couldn't access the internet.
Anyway, just a heads up to you guys.
Fresh Tendrils
51
Fresh Tendrils's Blog Categories
Fresh Tendrils's Xbox 360 Gamercard
Fresh Tendrils's PSN Gamercard
More
Fresh Tendrils's Friends
Recent Visitors
The last 10 visitor(s) to this Arena were:
Fresh Tendrils's Arena has had 77,355 visits
- AUChase
- Capfan11
- Cash Stevens
- Drag66
- IHateDuke32
- mike24forever
- Rackz
- Silverstring
- sportznut02
- stlbluesfan79
Fresh Tendrils's Arena has had 77,355 visits