You are viewing our Forum Archives. To view or take place in current topics click here.
Danger of the internet YOU should KNOW about...
Posted:

Danger of the internet YOU should KNOW about...Posted:

Rystar123
  • TTG Senior
Status: Offline
Joined: Jan 30, 201014Year Member
Posts: 1,429
Reputation Power: 81
Status: Offline
Joined: Jan 30, 201014Year Member
Posts: 1,429
Reputation Power: 81
OK, so I just wanted to warn you guys of a Nasty piece of Spyware/Rogueware which has now been increasingly circulated recently. I was Attacked by This about an Hour ago, and have only just recovered from 50+ Minutes of 'Safe Mode' Hell


The Spyware is called WinDefender, Commonly mistaken for the built in Windows Defender program, it is also Redistributed as WinDefender 2008, WinDefender 2009, Windefender 2010, WinDefender Plus, WinDefendPremium, etc.


What this nasty piece of kit does is it auto-installs by itself after visiting Maliciously injected sites [i got mine from stupidly googling Proxy Sites, although AVG didnt pick up this Phishing site], Then it imitates the Windows Defender we all know, Generating Numerous fake errors such as AVGcore10.exe has crashed, Windows has detected worm, etc.


The Program's solution to this is to pay $250 for their Anti-Spyware, You may be thinking, 'Yeah, what kinda dumbass will fall for that!' but its amazing the things we humans do while in despair.


SOLUTIONS

OK, so this window just popped up on you saying, THANK YOU FOR INSTALLING WINDEFEND 2010!, And i don't care who you are, CUT THE POWER!, of course many virus removal Firms would advise against this, (probably because they want to make money, -cough- McAfee -cough-) But it immediately cuts your connection from the internet and other computers on the network. The next thing your gonna want to do, is a System-Intrusive virus scan, with a good virus scan like AVG, NOD32 etc, and also a Spyware scan with Malware Bytes, Spybot S&D etc. To try and clean the crap from your pc. If this fails, try searching the roaming app data, as i have Vista, i am unsure if this is avaliable on other operating systems, but what you do is, [in *SAFE MODE*] Search for the file 'appdata' and open it, then look for the folder called 'Roaming' inside there, there could be a file called Defender.exe with the classic windows XP Defender logo, i delted that, and was fine.
Suggested by TTG_SamTheMan, Performing a System Restore can also remove the virus and stop it in its tracks, Although, With my version of System Restore, it keeps my files and folders from dates after system restore, so check you have that option disabled.




Hope this helps you guys stay Safe


Last edited by Rystar123 ; edited 1 time in total

The following 6 users thanked Rystar123 for this useful post:

The_1N_Only (12-20-2010), TTG-TaylorGangOrDie (12-20-2010), Trigyyz (12-20-2010), Iowa (12-20-2010), Greatest (12-20-2010), -FAMAS- (12-20-2010)
#2. Posted:
-FAMAS-
  • TTG Senior
Status: Offline
Joined: Aug 28, 201014Year Member
Posts: 1,239
Reputation Power: 15
Status: Offline
Joined: Aug 28, 201014Year Member
Posts: 1,239
Reputation Power: 15
nice post man keep it up
#3. Posted:
Rystar123
  • TTG Senior
Status: Offline
Joined: Jan 30, 201014Year Member
Posts: 1,429
Reputation Power: 81
Status: Offline
Joined: Jan 30, 201014Year Member
Posts: 1,429
Reputation Power: 81
SG-x-MONEY wrote nice post man keep it up


Thanks, recently got nabbed by this, its horrible, it kills your mind seeing all the seurity popups.
#4. Posted:
Greatest
  • TTG Senior
Status: Offline
Joined: Mar 15, 201014Year Member
Posts: 1,632
Reputation Power: 65
Status: Offline
Joined: Mar 15, 201014Year Member
Posts: 1,632
Reputation Power: 65
thanks man this will keep me safe in future preventions + rep
#5. Posted:
Rystar123
  • TTG Senior
Status: Offline
Joined: Jan 30, 201014Year Member
Posts: 1,429
Reputation Power: 81
Status: Offline
Joined: Jan 30, 201014Year Member
Posts: 1,429
Reputation Power: 81
DareToMod wrote thanks man this will keep me safe in future preventions + rep

No Problem Man, gotta keep the community safe 8)
#6. Posted:
xLasers
  • TTG Contender
Status: Offline
Joined: Aug 06, 201014Year Member
Posts: 3,068
Reputation Power: 141
Status: Offline
Joined: Aug 06, 201014Year Member
Posts: 3,068
Reputation Power: 141
I got this too, don't ever trust antivirus stuff you didn't personally install, often they want you to send money off to Ukraine or Bolivia. My desktop recently got something called Pragma (a nasty mix of trojans, worms, and a rootkit) that deleted most of the operating system, forcing me to reinstall windows.
#7. Posted:
Did
  • TTG Contender
Status: Offline
Joined: Nov 06, 201014Year Member
Posts: 3,569
Reputation Power: 162
Status: Offline
Joined: Nov 06, 201014Year Member
Posts: 3,569
Reputation Power: 162
thanks man will keep an eye out
#8. Posted:
Rystar123
  • TTG Senior
Status: Offline
Joined: Jan 30, 201014Year Member
Posts: 1,429
Reputation Power: 81
Status: Offline
Joined: Jan 30, 201014Year Member
Posts: 1,429
Reputation Power: 81
TTG_LaSeRzZ wrote I got this too, don't ever trust antivirus stuff you didn't personally install, often they want you to send money off to Ukraine or Bolivia. My desktop recently got something called Pragma (a nasty mix of trojans, worms, and a rootkit) that deleted most of the operating system, forcing me to reinstall windows.


Ouch, Sounds like a Hyped-Up Version of this, nasty. Ill research it and add it to the post
#9. Posted:
PushaT
  • TTG Warrior
Status: Offline
Joined: Dec 23, 200914Year Member
Posts: 9,264
Reputation Power: 389
Status: Offline
Joined: Dec 23, 200914Year Member
Posts: 9,264
Reputation Power: 389
Thanks for this...

This is why I run scans on my labtop every hour. I play it safe.
#10. Posted:
SOMBRA_619
  • TTG Master
Status: Offline
Joined: Apr 23, 200915Year Member
Posts: 858
Reputation Power: 55
Status: Offline
Joined: Apr 23, 200915Year Member
Posts: 858
Reputation Power: 55
nice tutorial i got infected last week with the same s^&*t
Jump to:
You are viewing our Forum Archives. To view or take place in current topics click here.