Deep Freeze Remover Or Hidden Infection?

Fake Deep Freeze Password RemoverI recently happened upon an interesting blog post. The blog went on to explain how to remove the password from Deep Freeze.

Seemed simple so I thought I’d see if this actually worked on one of our test machines. The first sign of trouble is this “review blog” had some interesting grammar.

Things like “Deepfreeze is a software that is a software for us if we want to be protected from computer viruse”. The second sign of trouble should have been the download site, which gives a fake download. The page has fake “download now” buttons to trick you into clicking them giving the owner money for paid traffic.

Finally getting to the actual download page and downloading the small 108KB  .exe takes no time at all. So far so good. Upon trying to install the .exe file I’m presented with an interesting message from my anti-virus and application whitelisting program.

Turns out the password remover doesn’t actually remove anything but rather adds something. It adds a nice little trojan.Win32.Generic!BT virus to your computer. We have seen these “removers” in the past but this was the first one with a virus in it. These removers are often tried by students in labs or employee’s at workstations that want to install their own software choices.  So administrators watch out for this one popping up.

As scammers are becoming more cunning so should you. Keep up to date by following us on Twitter @faronics or like us on Facebook.


About The Author

Jordan Harris

Sign Up For A 30-Day Trial


Deep Freeze Enterprise

Centralized deployment and management as well as a host of configuration options for the Enterprise.

  • This field is for validation purposes and should be left unchanged.

Ready to find out more about Faronics? Let us know how to reach you.

We're here to help you in any way possible.