Pete in MI
New member
I went to a site and it popped up a video screen, then a statement I could not see the video without running a new codec and a window pops up to run/download the file. (media_codec_install_wizard_3912981 and exe file).
Not being born yesterday I downloaded it then virus scanned it with nothing reported. So having been born the day after yesterday...I ran it.
Everytime I tried to run Internet Explorer a window popped up telling me my system was infected and to download a file called IE Defender and of course there is a window for downloading it. I downloaded it and virus checked it and it was OK...nope I didn't run this one. (iedefender-setup another exe file)
At this point I figured I'd see what this IE Defender is all about so a GoodSearch of IE Defender turned up this info http://research.sunbelt-software.com/threatdisplay.aspx?name=IEDefender&threatid=174153
It is a rogue security program that tells you you have a problem (guessing it was in the media codec program which then wanted me to install this piece of malicious stuff.)
OK here is the worse part, not only does it hijack you IE Explorer but the informations on that site at the bottom that tells you what files to delete - they cannot be found if you only installed the media codec program. I don't know if they can be found if one installed the IE Defender program.
So the files cannot be located via Windows Explorer looking in those folders so can't delete what you can't find. Next was to use the Search available in Windows Explorer...no files under name of iedefender.exe found (again I didn't install that program).
Tried to find the codecs dll files...not found. Tried to use Control Panel's Uninstall Programs...not listed so can't be uninstalled. Went to Regedit to search for these...not found.
Tried MSconfig for programs in StartUp...not found.
There are only 2 other things to try at this point...Restore or Format Harddrive. I tried Restore and was able to restore the computer to yesterday...before this media codec file was run on the system.
What started this all off? I am on Google Alert for a couple things...one is Houghton Lake. I saw an interesting caption (didn't pay attention to the url that is under the listing) and clicked on it...took me to the video page that then said I couldn't see the video with installing the media codec file.
I have gone back to that Google Alert in my email and see that the last 8 links they put in with 'interesting' subject are XXX porn sites.
So look at the url first before clicking on the 'interesting' link. Also, this is a new malicious thing that just came out about 5 days ago and has been updated on the Counter Spy Research Center yesterday. Obviously, the person(s) that put this out there is keeping on top of who is watching their program and they are making changes to keep you from knowing how to get rid of this mess.
You've been warned...God please keep my Brothers and Sisters in Christ and others from falling prey to the dangers of this program and the dangers of Google letting porn sites be included in thier listings. (That's why I use GoodSearch 99 percent of the time because it does not allow porn). Thank you Father in Jesus name.
Not being born yesterday I downloaded it then virus scanned it with nothing reported. So having been born the day after yesterday...I ran it.
Everytime I tried to run Internet Explorer a window popped up telling me my system was infected and to download a file called IE Defender and of course there is a window for downloading it. I downloaded it and virus checked it and it was OK...nope I didn't run this one. (iedefender-setup another exe file)
At this point I figured I'd see what this IE Defender is all about so a GoodSearch of IE Defender turned up this info http://research.sunbelt-software.com/threatdisplay.aspx?name=IEDefender&threatid=174153
It is a rogue security program that tells you you have a problem (guessing it was in the media codec program which then wanted me to install this piece of malicious stuff.)
OK here is the worse part, not only does it hijack you IE Explorer but the informations on that site at the bottom that tells you what files to delete - they cannot be found if you only installed the media codec program. I don't know if they can be found if one installed the IE Defender program.
So the files cannot be located via Windows Explorer looking in those folders so can't delete what you can't find. Next was to use the Search available in Windows Explorer...no files under name of iedefender.exe found (again I didn't install that program).
Tried to find the codecs dll files...not found. Tried to use Control Panel's Uninstall Programs...not listed so can't be uninstalled. Went to Regedit to search for these...not found.
Tried MSconfig for programs in StartUp...not found.
There are only 2 other things to try at this point...Restore or Format Harddrive. I tried Restore and was able to restore the computer to yesterday...before this media codec file was run on the system.
What started this all off? I am on Google Alert for a couple things...one is Houghton Lake. I saw an interesting caption (didn't pay attention to the url that is under the listing) and clicked on it...took me to the video page that then said I couldn't see the video with installing the media codec file.
I have gone back to that Google Alert in my email and see that the last 8 links they put in with 'interesting' subject are XXX porn sites.
So look at the url first before clicking on the 'interesting' link. Also, this is a new malicious thing that just came out about 5 days ago and has been updated on the Counter Spy Research Center yesterday. Obviously, the person(s) that put this out there is keeping on top of who is watching their program and they are making changes to keep you from knowing how to get rid of this mess.
You've been warned...God please keep my Brothers and Sisters in Christ and others from falling prey to the dangers of this program and the dangers of Google letting porn sites be included in thier listings. (That's why I use GoodSearch 99 percent of the time because it does not allow porn). Thank you Father in Jesus name.
Never had a virus. I work on PC's at the plant but play with the Mac at home