Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New FakeRean / Braviax Rogue called XP Defender 2013, Vista Defender 2013, and Win 7 Defender 2013 released.


  • Please log in to reply
3 replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,718 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:19 AM

Posted 01 October 2012 - 12:31 PM

A new version of the Rogue.FakeRean-Braviax family of rogues was released today. The new version that was released today is called XP Defender 2013, Vista Defender 2013, or Windows 7 Defender 2013. It currently does not have support for Windows 8 and will not install on that version of Windows.

Two years ago, this family of computer infections introduced the idea of changing its name based upon the version of Windows it was installed on. This family of rogue has historically been agressively promoted through the use of hacked web sites, spam, and fake anti-malware scanners. At this point it is too soon to tell whether or not this new version will be as agressively distributed.

For those who are infected we have removal guides available at the following links:


Remove XP Defender 2013 (Uninstall Guide)
Remove Vista Defender 2013 (Uninstall Guide)
Remove Win 7 Defender 2013 (Uninstall Guide)



BC AdBot (Login to Remove)

 


#2 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:09:19 AM

Posted 03 October 2012 - 08:51 AM

Wow, almost Thanksgiving / Christmas time... saw this rouge coming. Biggest time of year for this infection. Thanks for the update Grinler!

#3 CriticalHit

CriticalHit

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northwestern Ohio
  • Local time:09:19 AM

Posted 03 October 2012 - 03:32 PM

Encountered the Win 7 Defender 2013 today, in a corporate environment (on a Disaster Recovery laptop, no less)

Part of the infection had disassociated executable file types, using the guide and a registry edit it's back to running normal.

#4 Grinler

Grinler

    Lawrence Abrams

  • Topic Starter

  • Admin
  • 43,718 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:19 AM

Posted 03 October 2012 - 06:54 PM

Glad we could be of help. Rkill should have reset the file associations for you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users