Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake Windows Defender


  • Please log in to reply
7 replies to this topic

#1 onna28

onna28

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:29 PM

Posted 11 February 2011 - 06:30 PM

I'm not sure if I have the right topic for this or not and if not I apologize. I was just wondering how can you tell if you have a fake Windows Defender program?

Edit: Moved topic from Am I hacked? What do I do? to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:29 AM

Posted 12 February 2011 - 05:48 PM

Rogue security programs are one of the most common sources of malware infection. They infect machines by using social engineering and scams to trick a user into spending money to buy a an application which claims to remove malware. They typically use bogus warning messages and alerts to indicate that your computer is infected with spyware or has critical errors as a scare tactic to goad you into downloading a malicious security application to fix it. The alerts can mimic system messages so they appear as if they are generated by the Windows Operating System. It is not unusual for malware writers to use the names of popular and legitimate security programs as part of the name for a fake anti-virus software in order to trick people into using them. There are at least two rogue security programs that use part of or all of the Malwarebytes name. There are also rogues for SmitfraudFixTool, VundoFixTool, Spybot Search and Destroy, Avira AntiVir and many more. Even Microsoft has been targeted by attackers using such names as Microsoft Security Essentials, MS Anti-virus for their programs and incorporating the names Defender, XP, and Vista into naming schemes for other rogue applications.

Rogue antispyware programs are responsible for launching unwanted pop ups, browser redirects and downloading other malicious files so the extent of the infection can vary to include backdoor Trojans, Botnets, IRCBots and rootkits which compromise the computer and make the infection more difficult to remove. If your machine has been infected it will show symptoms such as those noted above.

Windows Defender installs in the C:\Program Files\Windows Defender\ folder. The version of Defender included with all versions of Windows 7 and Vista is part of the operating system.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 HelpINeedHelp

HelpINeedHelp

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 12 February 2011 - 06:12 PM

In simpler terms, to tell if a Anti-Spyware program is "fake", obviously if it installed without your consent than that will tell you immediately that the program is NOT legit.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:29 AM

Posted 12 February 2011 - 08:23 PM

There are folks who give consent and even buy some of these rogue applications.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 HelpINeedHelp

HelpINeedHelp

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 12 February 2011 - 08:26 PM

There are folks who give consent and even buy some of these rogue applications.

I'm sorry, and please excuse me for my maybe bad language, but those people who buy/download those programs must be idiots, or didn't take much consideration in downloading Anti-Virus/Malware/Spyware software.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:29 AM

Posted 12 February 2011 - 08:32 PM

They are usually folks who are novice users and either uninformed or desperate in their attempts to remove an infection when the legit tools seem to fail.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 onna28

onna28
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:29 PM

Posted 14 February 2011 - 12:50 PM

Well I didn't buy it or knowingly consent to downloading it. I'm guessing it's the real deal. Thanks for the input.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:29 AM

Posted 14 February 2011 - 02:49 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users