Log in

I forgot my password

Translator
Our Affiliates
Click the image to enter our affiliate's sites!
SpongeHolly's Spongebobness.com
Community Spotlight
Community Spotlight for August 2011 is...
Deli!
Posts and Members
We've hit 500 members!
SBC News
What's New? Currently.... SBC has hit over 500 members! This is great news for us, and hopefully we'll be getting to 600 members soon. Also, a brand new contest is going on. The first 5 users to find a golden ticket hidden somewhere on the forum, will get early access to v7! Congratulations to SOF who was the first person to find the ticket. Remember - use your heads! There are only 3 spots left. See the "Lost Temple" announcement on the homepage for more. Speaking of contests, don't forget to participate in our other contest to put a funny, original caption on an image. The winner will receive 1000 doubloons. In the future... SBC will be moving to vBulletin on August 26th, 2011. This will also be the launch of v7. We had a good time on forumotion, but it is time for us to move. Stay tuned for more!
Richest Users
UPDATED 1.) that70sguy92 (Net Worth: 40817) 2.) Clappy (Net Worth: 25979) 3.) Wumbology (Net Worth: 23558) 4.) jjsthekid (Net Worth: 19850) 5.) Jelly (Net Worth: 19621) 6). tvguy347 (Net Worth: 19142) 7.) Steel Sponge (Net Worth: 14322) 8.) Metal Snake (Net Worth: 13624) 9.) SOF (Net Worth: 12247) 10.) teenj12 (Net Worth: 11163)
SpongeBob News
A brand new DVD named "SpongeBob's Runaway Roadtrip" will be released September 20th, 2011!
Latest topics
» Bikini Bottom in 3D
1/10/2013, 9:18 pm by CDCB

» Off-Topic!
9/6/2011, 7:19 am by OMJ

» Spin-Off Festival Info
9/5/2011, 7:10 pm by ExKizuna

» SpongeBob is now a subculture!!! :D
9/5/2011, 12:19 pm by Jaiman1998

» Contest!!!!1111!!11!!!!
9/2/2011, 8:59 pm by spongebobiscool

» Rate the Thing Above You
9/1/2011, 3:30 pm by SOF

» The Ban Game!
9/1/2011, 2:16 pm by SOF

» This or That? game
9/1/2011, 2:15 pm by SOF

» Guess the Next Poster
9/1/2011, 2:13 pm by SOF


MUST READ: MALWARE PROBLEMS

View previous topic View next topic Go down

MUST READ: MALWARE PROBLEMS

Post by Luigi on 6/6/2011, 1:33 am

The following was a notice posted by a moderator at the Marble Blast Forums(which I go to regularly) a couple months ago. I do not mean to scare anyone here, it is just a reminder to surf on safe sites(Alliteration woohoo!) and not to end up like this poor guy did... Sad (The text has not been edited)
------------------------



Hello Forum;

I recently caught a relatively new malware rootkit this weekend and was forced to rebuild my entire system. I did manage to locate where the rootkit installs, how it functions, what it targets on your system, and how to fix/prevent it.

Here's the premise; The rootkit can take on a multitude of names, the most common will be shown as [randomtextcharacters]sftav.exe and another using [randomtextcharacters]sysguard.exe. Generally, you catch this malware by browsing ANY website with JAVA or FLASH. The malware is auto-installed through these two system processes automatically and the programs will self-execute (run) themselves. If you are lucky, you can stop the .exe files from running if you notice your antivirus freaking out early enough in the process. I managed to delete half of the rootkit before the other .exe managed to hack into my registry files. Who knows what both of them could do?

Here's essentially what the virus does; It poses as a "New Antivrus Software" under the name, ironically, "Antivirus Soft". This program will have an appearance close to that of the windows firewall program or the Norton AntiVirus window. You will notice a couple things immediantly;

- Your computer will begin to run slower.
- You will receive random talk bubbles from your taskbar stating you have no antivirus installed and that you should click to change this. DO NOT CLICK.
- You will start receiving fake pop-up error messages that state "Soandso.dll could not be launched because it is infected. Would you like to fix this error now? Y/N".
- IMMEDIANTLY AFTER SEEING THIS MESSAGE, ATTEMPT TO SHUT THE COMPUTER OFF, AND PRESS F8 WHEN YOU TURN IT BACK ON. ACCESS THE COMPUTER IN SAFE MODE AND YOU WILL THANK YOURSELF LATER. (See the green below)
- A new window will pop up with Antivirus Soft, the malware virus, that will appear to be running a virus scan. This is all fake, do not click anything on this window.
- Multiple red shields will appear in your tasktray bar suggesting to turn on your antivirus. You can hover your mouse over them if they take over your screen to remove some of them. Again, do not click.
- Random web-pages on Internet Explorer will begin to open on their own, including unsuitable websites and violent military photography. The malware will then direct you away from the website back to the fake antivirus window, suggesting you run a virus scan. Again, more fake rubbish.
- Your internet explorer program and mozilla firefox will become completely useless, for the malware will redirect everything to its sites and antivirus hacks.
- Every process will be unable to run, including CTRL ALT DELETE, Command Prompt, and Notepad.
- Your computer will shut off, then turn itself back on, rinse repeat.
- If you are unsure on how to defeat the virus at this point, turn off your computer, unplug it, and turn off the power supply. Most likely, you have reached the point of no return, and your best bet is to use another computer to connect to your hard drive and remove any important files you wish to salvage before rebuilding your computer.
- ADDITIONAL NOTES (EASY): If you managed to boot up Safe Mode successfully, congratulations, you win. From here, go to the directory where the malware installed (visit the link I posted below for instructions on locating it), and SHIFT + DEL key that bugger! Run virus scans using your antivirus to ensure it has been cleaned from the system.
- ADDITIONAL NOTES (HARD): If you know enough about computers and are daring enough to play with the registry files, I will provide my experience here. If not, please skip down to the URL and closing notes.

I took out my hard-drive from my computer and placed it into a machine I have running downstairs. The machine downstairs has no important components, just enough memory and a motherboard in order to run the windows OS. I also disconnected the machine from my network and prevented any interaction between my clean systems. This way, if the computer catches the virus from your hard drive, you can rebuild it anyway.

From there, I loaded my Hard Drive and was browsing through the HIVE files in order to locate the virus. **MAKE SURE YOU DISPLAY HIDDEN FOLDERS, OR ELSE YOU CANNOT LOCATE THE BASE .EXE IN YOUR APPLICATION DATA FOLDER**.

**The Antivirus Soft program will install itself into the registry in multiple locations, but the source program folder you're looking for will be in your HKEY_CURRENT_USER Hive. You will find multiple copies of the virus throughout the HKEY_LOCAL_SYSTEM/Software and HKEY_LOCAL_MACHINE/Security. You will locate the main hub in the folder 'avrsft'. Make sure you unload each hive before opening another one.

After you clean out the virus, Go through your entire system using a search for the root word \??\. This malware is a tricky little devil that likes to rename all of your drivers for your antivirus, video card, java, flash, by placing a \??\C:\....etc in front of the directory. Why is this a problem? The computer BIOS cannot read drivers if they're named \??\. The BIOS only reads drivers using \C:\...etc. Smart Malware, eh?

Also - Your Safe Mode will most likely be destroyed. If you experience blue-screens while accessing Safe Mode after cleaning the virus off the hard drive manually, you will most likely need to rebuild. (Not having Safe Mode for future malware makes you very vulnerable.)

You can probably place the hard drive back in and run it up in normal mode. If you have no Antivirus Soft pop up after 3 minutes, you're clean, and can start moving files off to prepare to rebuild the system.

For additional information on the virus, and how to prevent it, please click this sentence.

Now that you have an idea of what you're up against, here are a few key pointers I would like to inform every forum user about;

DO NOT VISIT WEBSITES YOU DO NOT TRUST. If you receive a link to a website you've never visited before, ensure ALL antivirus programs are running.

This Antivirus Soft hack is just an example of the dangers malware poses to systems on a daily basis. You should always back up your data, even when you think it becomes unnecessary and repetitive. Purchase a removable hard drive! These are expensive, but life-long investments for protecting your most valuable data (Like Marble Blast =P)

Here is a list of programs I use on a daily basis to fend off malicious content from being installed, and monitoring programs or files that may have infections; (They're all free, too!)

Spybot Search and Destroy (TeaTimer.exe is good to have running as well, even though it's a memory hog)

PrevX (The free version is very efficient at detecting malicious files as they enter your system, and show you the directory they are located. You will have to manually remove them, though.)

Malwarebytes' Anti-Malware (Super affective at removing malware from your system if you're too scared to do it manually)

Microsoft Security Essentials (I can't believe I'm saying this, but yes, Microsoft finally built an exceptional anti-malware program. So far, this thing has been as effective, if not better than Malwarebytes, since its database updates daily based on the community with the program, and the fact that all of the new computers with Windows 7 as of June 1st will have this automatically installed.)


Good Luck, Safe Web Browsing, and I hope you don't get messed with like I did

~Aayrl


avatar
Luigi
Customers
Customers

Browser : Chrome
Posts : 34
Doubloons : 11862
Join date : 2011-05-30
Age : 16
Location : 'Why, why, why?' Is that all you ever ask??

View user profile

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by SpongeSebastian on 6/6/2011, 1:42 am

I once got a malware virus on my other computer two years ago. It replaced my wallpaper with a warning message saying "WARNING Your computer is infected with virus. Please download the antivirus software" and my computer kept bugging me to download something called "Antivirus XP Pro" (their webpage looked professional and everything). I was a little suspicious, so I Googled it and found out that it was rogue software. Unfortunately, I could not remove the virus on time, and it ended up slowing my computer down to the point where it was unusable and we had to take it to a computer repair shop.

Let this be a lesson for everyone: use a secure computer browser like Firefox and try to enable some form of antivirus software on your computer. Also, for the love of God, if you get a message telling you to download some antivirus software you never heard of, DO NOT FALL FOR IT.


As moderator, I act very rarely, but I think times.
<---Courtesy of Jelly

Check out the new SBC Wiki: http://sbcommunity.wikia.com/wiki/The_SpongeBob_Community_Wiki
avatar
SpongeSebastian
Cashiers
Cashiers

Browser : Firefox
Posts : 2024
Doubloons : 15197
Join date : 2010-01-24
Age : 23
Location : Colorado, USA

View user profile http://www.tv.com/users/SpongeSebastian/profile.php

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by Luigi on 6/6/2011, 1:51 am

Another Warning: Do not get a virus on the computer which you are using when you are 6 years old. It will leave you SCARRED FOR LIFE.

As it did to me.

No really.

No joke.

No kidding.

No nothing.
avatar
Luigi
Customers
Customers

Browser : Chrome
Posts : 34
Doubloons : 11862
Join date : 2011-05-30
Age : 16
Location : 'Why, why, why?' Is that all you ever ask??

View user profile

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by SpongeSebastian on 6/6/2011, 1:54 am

William Leonard wrote:Another Warning: Do not get a virus on the computer which you are using when you are 6 years old. It will leave you SCARRED FOR LIFE.

As it did to me.

No really.

No joke.

No kidding.

No nothing.
I'm long past that age, but thanks for the heads-up.


As moderator, I act very rarely, but I think times.
<---Courtesy of Jelly

Check out the new SBC Wiki: http://sbcommunity.wikia.com/wiki/The_SpongeBob_Community_Wiki
avatar
SpongeSebastian
Cashiers
Cashiers

Browser : Firefox
Posts : 2024
Doubloons : 15197
Join date : 2010-01-24
Age : 23
Location : Colorado, USA

View user profile http://www.tv.com/users/SpongeSebastian/profile.php

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by Dragiiin123 on 6/12/2011, 7:27 am

oh yeah! fuck the antivirus rouge things, i got those on my comps to many times to count.
avatar
Dragiiin123
Good Noodles
Good Noodles

Browser : Chrome
Posts : 3402
Doubloons : 12551
Join date : 2009-10-18
Age : 19
Location : WHAT ES GOING ON EL MEXICO

View user profile

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by teenj12 on 6/12/2011, 7:19 pm

Moving to Off-Topic Lounge, but that sounds terrible Sad ,
avatar
teenj12
Good Noodles
Good Noodles

Browser : Firefox
Posts : 2308
Doubloons : 22445
Join date : 2010-07-22
Age : 19
Location : South Of Nowhere

View user profile

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by tvguy347 on 6/12/2011, 7:48 pm

This is why I have a Mac.




I'M GOING TO SLEEP. OR WATCH GEORGE LOPEZ. WASTING TIME ON HERE NOT SLEEPING IS SHAMEFUL TO ME. GOODNIGHT.
~Person on the Xat
avatar
tvguy347
Cashiers
Cashiers

Browser : Safari
Posts : 9886
Doubloons : 30465
Join date : 2009-11-02
Age : 18
Location : Don't worry about it

View user profile

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by SpongeSebastian on 6/12/2011, 10:17 pm

tvguy347 wrote:This is why I have a Mac.
Is it true what they say about Macs not having viruses?


As moderator, I act very rarely, but I think times.
<---Courtesy of Jelly

Check out the new SBC Wiki: http://sbcommunity.wikia.com/wiki/The_SpongeBob_Community_Wiki
avatar
SpongeSebastian
Cashiers
Cashiers

Browser : Firefox
Posts : 2024
Doubloons : 15197
Join date : 2010-01-24
Age : 23
Location : Colorado, USA

View user profile http://www.tv.com/users/SpongeSebastian/profile.php

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by Dragiiin123 on 6/13/2011, 6:39 am

yeah










they have that stupid rainbow circle which is just as bad as a mac.
avatar
Dragiiin123
Good Noodles
Good Noodles

Browser : Chrome
Posts : 3402
Doubloons : 12551
Join date : 2009-10-18
Age : 19
Location : WHAT ES GOING ON EL MEXICO

View user profile

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by tvguy347 on 6/16/2011, 6:06 pm

SpongeSebastian wrote:
tvguy347 wrote:This is why I have a Mac.
Is it true what they say about Macs not having viruses?

Yeah. I've gone to tons of sites that should give me viruses, but don't.




I'M GOING TO SLEEP. OR WATCH GEORGE LOPEZ. WASTING TIME ON HERE NOT SLEEPING IS SHAMEFUL TO ME. GOODNIGHT.
~Person on the Xat
avatar
tvguy347
Cashiers
Cashiers

Browser : Safari
Posts : 9886
Doubloons : 30465
Join date : 2009-11-02
Age : 18
Location : Don't worry about it

View user profile

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by OMJ on 6/16/2011, 6:16 pm

tvguy347 wrote:
SpongeSebastian wrote:
tvguy347 wrote:This is why I have a Mac.
Is it true what they say about Macs not having viruses?

Yeah. I've gone to tons of sites that should give me viruses, but don't.

Same here. Now I never get blamed for viruses.
avatar
OMJ
Good Noodles
Good Noodles

Browser : Safari
Posts : 3008
Doubloons : 15754
Join date : 2011-03-22
Age : 26

View user profile

Back to top Go down

Re: MUST READ: MALWARE PROBLEMS

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum