so lucky me, i seem to have been on the front line for the new wave of
'defender-review' trojans. (always ahead of fashion...)
i think i picked it up on kaskus blahh. it shows up as a window that pops up telling you WINDOWS
FIREWALL HAS FOUND TROJAN.ZLOB.G and that it can't help
you remove it, but to click for something that will.
a similar 'insecure browsing' message appears on iExplorer
and Firefox when you open them. they look like windows messages,
but the big clue for me was i didn't even have Windows Firewall ON
because i had 2 others running. the other clue was that it wouldn't
let you click 'keep blocking' or the other option, only the option to
'enable protection', which takes you to a 'SafeSoft' page for a fake
piece of software, most likely to get your credit card number and give
you bogus code. hackers are working harder for your credit card numbers
right now because this is the easiest time to get them.
please be careful. if you do get defender-review, i can say neither
symantec nor spybot could remove it yet, as it is too new and
USER SPECIFIC, unlike other incarnations
(it hides in your user registry keys, not the overall ones.)
since i have a log-on id, we had to sack that id and create a new one, which allowed me to keep my files, but i lost all user information. it could have been worse.
p.s : BANZAAAAAI! for obake house hahaha
They say necessity is the mother of invention. I say creativity is taking what you have and making it infinitely cooler than what you don't.
