Virtual Teen Forums
 

Go Back   Virtual Teen Forums > >
Register Blogs FAQ Calendar Mark Forums Read Chat Room

Reply
 
Thread Tools Display Modes
Old August 3rd, 2012, 08:37 PM   #1
Mirage
Retired GMod
 
Mirage's Forum Picture
 
Name: Macks
Join Date: December 17, 2011
Location: World 1-1
Age: 19
Gender: Male
Default The All-in-One Virus Guide

Welcome to Mirage's All-in-One Virus Guide!

~Do you think you have a virus on your computer? Do you need to know how to remove it? Well, worry no more my teenage comrades!~

TYPES OF MALWARE


The types of malware include (but are not limited to):
  • Spyware
  • Adware
  • Ransomware
  • Rogues
  • Rootkits
  • Trojans
  • Backdoors

I will now explain exactly what the different types of virus do.

SPYWARE


Spyware runs in the background of your computer, and the worst part is you may never even know it is there until it is too late. Most spyware comes in the form of a "keylogger" which (as the name suggests) logs your keystrokes. There are two different kinds of keyloggers, hardware and software. Hardware keyloggers are far less common then software keyloggers, as they have to actually be physically attached to the victim's computer by means of a USB drive or serial port. Software keyloggers record what you type and email the log back to the creator. Then the creator can use your sensitive account information for malicious activities.

ADWARE


Adware is one of the more obvious types of viruses. It can insert advertisements in many unwanted places, such as on the sides of your websites or on your Facebook timeline. These ads are only visible to you, and most of the time users infected with adware shrug it off as a new feature on the site they are viewing. This can also be one of the most profitable types of virus for the creator, because they are being paid every time you view one of the ads. Sometimes adware will be so bold it will insert advertisements directly on your desktop. Other forms of adware include "Shopping Alerts" or "Good Deal Notifications".

RANSOMWARE


Ransomware is the most profitable type of virus to create due to the reason that the only easy way to remove it is to complete a payment to the virus creator. These viruses are created solely as ways to earn money.

There are two types of ransomware; one of which I like to call "posers".
Posers lock up a system and display a notification like "Illegal Downloads Detected". The reason these types of ransomware are so successful is that they try to scare the user into paying to avoid prosecution. Some scare tactics they use are claiming to be the FBI or other body of government, stating a warrant for the user's arrest has been issued, or (for more advanced ransomware) providing faked court/police documents.

The other type of ransomware is what I like to call "brash" ransomware. Brash ransomware blatantly states that the user has been infected by ransomware and must pay to unlock their files.

Methods for payment (for both types of ransomware) often include:
  • Texting or calling a premium phone number
  • Sending a PayPal payment to a certain email
  • Straight up entering your credit card information into the form


ROGUES


Rogue Antivirus Software, or for short "Rogues", pose to be legitimate Antivirus software. Often the process of infection is started when a user visits a hijacked webpage which claims the user has many viruses (when in reality they don't) and then says that the user should download their antivirus software to remove the threats. The user downloads the fake software and is then (once again) told that they have viruses on their computers. The program will sometimes claim to remove one or two of the infections, but all rogues eventually pressure a user into purchasing the "full version" of the product to remove the remaining threats. When the "full version" of the software is purchased, an easy method of Uninstallation is usually presented to the user. If the user had stayed with the free version an apparent means of uninstallation would not have existed. Rogues are yet another profitable virus to create.

ROOTKITS


Rootkits usually do not fly solo, they simply make a clear path for another piece of malware to run undetected. The word "rootkit" is contracted from "root" (the user with the highest permissions on a *nix system) and "kit" which simply means a collection of software. They use the root account (which is similar to the Administrator account on Windows based systems) and allow certain programs to run undetected by antivirus software or the firewall.

TROJANS


Trojan Horse Attacks, commonly known as just "Trojans", pose as legitimate, helpful programs and can sometimes actually act as such. For example, let's say a user downloads a trojan called CalculatorPlatinum. CalculatorPlatinum actually functions as a working calculator, but at the same time it allows hackers to access your computer over the Internet by opening ports and disabling the operating system's protective measures. This type of virus can also be classed as a Social Engineering Attack, which is described in depth below under the main category "ONLINE THREATS".

BACKDOORS


Backdoor viruses focus mainly on one aspect of computing: remote access. They (similar to some rootkits) open up ports and falsely authenticate themselves which allows hackers to access the user's files and computer over the Internet, Local Network, or Intranet (only applicable for computers on business networks).

ONLINE THREATS


Sometimes there are viruses that you don't even need to download in order to be affected by them. Just visiting an infected or fake page can open your computer up to a network of cyber criminals!

PHISHING


Phishing is one of the more widely known types of online threat. They involve making a fake copy of a legitimate site with modified code. This modified code can send the login details to the creator which can in turn lead to unauthorized account access. The fake page often circulates through fake emails claiming to originate from the legitimate service. For example, you could get an email from what seems to be PayPal asking you to confirm your account details. You click the link in the email and without thinking you enter your login information. Nothing happens! You have just been "phished".

To keep yourself safe from this type of attack, take note of the following:

When you receive an email from a service asking you to confirm your login information, type out the URL to the service yourself and never click the links within emails. Some phish sites take advantage of human error, by hosting their fake copies at a website with only a one letter difference than the real one. For example, a spoof of PayPal would have the website papal.com or paypl.com.

If you are skeptical about whether an email actually originated from a legitimate service, check the real website and email the company asking if the email was sent out. If it wasn't, the company may ask you to forward it to them. When this happens, you are saving countless others who will now not fall prey to the phishing attack.

SOCIAL ENGINEERING


Social engineering attacks can be the most deadly. The attacker creates an online persona, maybe posing to be a 15 year old girl or something along the lines of that. Ultimately, they trick you into revealing your password. A common method of account hijacking is trying to reset a users password. At this point it usually asks the user the security question. The attacker can pop the security question and the unsuspecting user will answer it without thinking anything. Then the attacker is free to reset the password. Sneaky, huh?

GOOGLE VIRUSES/REDIRECT VIRUSES


Sometimes when you click a result on Google you will be redirected to an "unsavory" page completely unrelated to the result you clicked on. This is called a redirect virus. The most common issue that causes this is a modified "hosts" file. To edit your file back to normal, follow these steps.

1.) Run Notepad AS ADMINISTRATOR (Right Click -> Run as administrator)
2.) Navigate to File -> Open
3.) Navigate to the following directory: C:\WINDOWS\system32\drivers\etc\
4.) Make sure "All Files" is selected in the drop down menu, otherwise you won't see it.
5.) Double-click the "hosts" file
6.) Delete anything after these lines:

Quote:
Originally Posted by hosts File
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
7.) Save the file, and you're finished!

REMOVAL STEPS


Think you're infected? Run these steps to cure your computer!


DISCLAIMER: Mirage or Virtual Teen is not responsible for any damage these programs or steps cause to your computer or other property. (Basically, if you mess up, don't blame us!)

To minimize damage in case something bad happens, create a system restore point before performing any removal steps. If the removal is successful, then create a new restore point after removal.

If the virus prevents execution of any or all programs mentioned below then reboot your computer in Safe Mode and then try again.


STEP ONE - RKILL


Step one is to download RKill from bleepingcomputer.net. Please make sure you download RKill from BleepingComputer ONLY as there are some trojans out there posing as RKill! Once you download it, run it. It will terminate all malware processes it can find. After this is complete, a logfile will pop up in notepad. Do not continue to the next step until this logfile has popped up (to ensure RKill is completely finished).

STEP TWO - COMBOFIX


Step two is to run ComboFix. ComboFix is a very powerful program (!) so only run it if you are 100% sure your computer is infected with a virus. So far, I have performed this step countless times and ComboFix hasn't messed anything up but that doesn't mean it couldn't for you!

STEP THREE - MALWAREBYTES


Now for the last step. Download Malwarebytes Anti-malware Free Edition (say that 10 times fast!) and run it. Often a quick scan is all you need to find everything, but feel free to run a full scan if you want. This step will clean up any remaining viruses or residual files from the previous steps.

~And like magic, the viruses are gone!~


Thank you very much for reading my All-in-One Virus Guide! I will make periodical updates on this guide.

~The last update was made to this page on: April 3rd, 2013~

Stop, that tickles!
Former Global Moderator
Bagels are actually fruit.

Quote:
Originally Posted by Magus
8:12 PM [Magus] Latah is a great singer.
8:12 PM [Magus] The real singer.

Last edited by Mirage; April 3rd, 2013 at 11:38 AM. Reason: added Google Viruses
Likes: (1)
Mirage is offline   Reply With Quote
Old August 3rd, 2012, 08:40 PM   #2
Christheman
Nice Poster
 
Christheman's Forum Picture
 
Name: Chris
Join Date: January 26, 2012
Location: NJ
Gender: Male
Blog Entries: 1
Default Re: The All-in-One Virus Guide

thanks!

14 and straight PM me if you want!
<---------Leave some rep and i'll return the favor
"I love the cold because you can put on clothes to stay warm but in the heat you can only get naked and thats frowned upon..."-Christheman
Christheman is offline   Reply With Quote
Old August 3rd, 2012, 08:42 PM   #3
ImCoolBeans
Retired Administrator
 
ImCoolBeans's Forum Picture
 
Name: Mike
Join Date: April 26, 2010
Location: US
Age: 23
Gender: Male
Default Re: The All-in-One Virus Guide

Awesome job, man. Thanks for making this it's great!

Always here to help. Don't hesitate to PM me.


Machines Are Taking Over
-Ron
-and also Beth, with Max too
Contact me at [email protected]
Jon was here
"The Goderator" Worshiper
*Ali*-
Officially blessed by Elysium, The Goderator
ImCoolBeans is offline   Reply With Quote
Old August 3rd, 2012, 09:22 PM   #4
Infidelitas
Mother Ru
 
Name: Charlie
Join Date: January 4, 2011
Location: Hobart
Age: 24
Gender: Undisclosed
Default Re: The All-in-One Virus Guide

Niice work Max. Cudos



Motorcycling is LIFE

2016 Kawasaki Ninja 300R | 1989 Honda CBR250R
Infidelitas is offline   Reply With Quote
Old August 3rd, 2012, 09:22 PM   #5
Foamy
The Squirrel King
 
Foamy's Forum Picture
 
Name: Justin
Join Date: August 12, 2011
Location: USA
Gender: Male
Blog Entries: 16
Default Re: The All-in-One Virus Guide

This is amazing. Thanks.

I just had a nice bowl of mac n cheese.
Foamy is offline   Reply With Quote
Old August 13th, 2012, 03:35 PM   #6
root
Banned
 
Name: Liberty
Join Date: August 13, 2012
Location: someplace nice
Gender: Female
Default Re: The All-in-One Virus Guide

for rootkits i prefere tdskiller from Kapersky. (dunno how to spell). I agree with you on mbam and never tried combofix.

You should warn them about RATs and shit. People will crypt their virus/RAT and it will be FUD to like everything. Tell them to check msconfig for stuff and to check App Data for weird .dll files. Otherwise, you can still be infected.
root is offline   Reply With Quote
Old August 14th, 2012, 05:51 PM   #7
Rayquaza
Sky High Pokmon
 
Join Date: October 11, 2010
Location: Sky Pillar
Age: 22
Gender: Agender
Blog Entries: 1
Default Re: The All-in-One Virus Guide

A good idea might be to put a list of well known, free antivirus & anti-spyware software, such as AVG, Spybot S&D, Avira and MalwareBytes, at the end of the thread. It's well written though. Good job.
Rayquaza is offline   Reply With Quote
Old August 14th, 2012, 08:38 PM   #8
Jess
....
 
Name: Jessica
Join Date: March 7, 2010
Location: Pennsylvania
Gender: Female
Blog Entries: 39
Default Re: The All-in-One Virus Guide

thanks, good job

but can you change the yellow to a different color? it kills my eyes
Jess is offline   Reply With Quote
Old August 14th, 2012, 10:17 PM   #9
Scarface
Retired Administrator
 
Scarface's Forum Picture
 
Name: Ronnie
Join Date: November 11, 2009
Location: In the 80's
Age: 25
Gender: Male
Blog Entries: 17
Default Re: The All-in-One Virus Guide

nice job it works.

Contact me if you need to talk. I'm always here to help all
you have to do is be honest.

Never Let Go
Act as if it were IMPOSSIBLE to fail.
<3 Mikey
The Need For Speed!

R&G Forever until it turns gray...then it will still thrive
I<3 TheVTStaff
Smart ass #1
Supportive Presence
Scarface is offline   Reply With Quote
Old August 30th, 2012, 08:30 PM   #10
TheBigUnit
Awesome Poster
 
TheBigUnit's Forum Picture
 
Join Date: June 18, 2011
Gender: Male
Default Re: The All-in-One Virus Guide

I'm sorry are they the removal steps all from the same site?

Tired, so so tired
TheBigUnit is offline   Reply With Quote
Old September 1st, 2012, 09:01 AM   #11
xDarkAngelx
Awesome Poster
 
Name: George
Join Date: July 15, 2011
Location: Lost
Gender: Male
Blog Entries: 7
Default Re: The All-in-One Virus Guide

Had a ransomware virus last night, tried the first step of what you said whithout any luck. But came to using Combofix and sorted the problem out straight away. So great job!

10/7/12
18/7/12
1/10/12
12/12/12
xDarkAngelx is offline   Reply With Quote
Old September 1st, 2012, 12:00 PM   #12
Haleyzmont
Member+
 
Haleyzmont's Forum Picture
 
Name: Haley
Join Date: October 23, 2011
Location: Toronto
Gender: Female
Blog Entries: 13
Default Re: The All-in-One Virus Guide

Thanks, I'll make sure to be more careful with what links i click.

14, lesbian and proud <3 (and RUSSIAN, more specifically Belorussian)
Haii, I'm a nice person, i'm open to talking about anything. I havn't come out of this secret closet to my family but my doors have been opened to the classmates and school. Have a great day
Haleyzmont is offline   Reply With Quote
Old September 20th, 2012, 09:13 PM   #13
DerBear
Retired H&A Mod
 
DerBear's Forum Picture
 
Name: Derri
Join Date: April 2, 2011
Location: Scotland
Age: 22
Gender: Male
Blog Entries: 7
Default Re: The All-in-One Virus Guide

Just got round to reading this all. Really good job Max


Retired Help & Advice Mod

If anyone wants to add me on PSN feel free to send me a PM.
DerBear is offline   Reply With Quote
Old September 20th, 2012, 10:13 PM   #14
PoseidonX43
Awesome Poster
 
PoseidonX43's Forum Picture
 
Name: Sithis
Join Date: August 31, 2009
Location: in hell.
Age: 22
Gender: Cisgender Male
Default

This is a really great post max, good job!

C'est la vie, Adios, Good Riddance, F*** You.
My Diary.


PoseidonX43 is offline   Reply With Quote
Old December 26th, 2012, 05:32 PM   #15
MrDaniel2K13
Member++
 
Name: Daniel
Join Date: March 9, 2012
Location: Northern Ireland
Gender: Male
Default Re: The All-in-One Virus Guide

Awesome Information
MrDaniel2K13 is offline   Reply With Quote
Old March 5th, 2013, 02:22 PM   #16
Stuey1
Member+
 
Name: Stuart
Join Date: March 2, 2013
Location: England
Age: 19
Gender: Male
Default Re: The All-in-One Virus Guide

thanks

Hello, I'm 16 from England - I'm happy to help anyone with any questions so feel free to PM me!

I'm also taking a few online courses to further my knowledge in phycology and health so feel free to ask questions (I may or may not be able to help)
Stuey1 is offline   Reply With Quote
Old March 6th, 2013, 09:50 AM   #17
Emerald Dream
Forever Green
 
Emerald Dream's Forum Picture
 
Name: Allison
Join Date: November 8, 2012
Location: The Crystal Castle
Gender: Cisgender Female
Blog Entries: 21
Default Re: The All-in-One Virus Guide

Malwarebytes is the greatest program I have on my computer...including all the music, pics, and games. I run it every few days just out of habit.
Emerald Dream is offline   Reply With Quote
Old May 21st, 2013, 01:10 AM   #18
NzForever
Member+
 
Join Date: April 1, 2013
Location: New Zealand
Age: 18
Gender: Male
Default Re: The All-in-One Virus Guide

Really good thread.
NzForever is offline   Reply With Quote
Old July 19th, 2013, 06:15 AM   #19
SamanthaKannu
Banned
 
Join Date: July 19, 2013
Gender: Undisclosed
Default Re: The All-in-One Virus Guide

Spyware is the good one and that can be mentioned.
SamanthaKannu is offline   Reply With Quote
Old August 23rd, 2013, 03:44 PM   #20
wizzz
Junior Member+
 
Name: Fredrik
Join Date: August 22, 2013
Location: Sweden
Age: 20
Gender: Male
Default Re: The All-in-One Virus Guide

You should add Bootkits also.

15 | Straight

I'm always up for meeting new people.
wizzz is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 05:38 PM.


Powered by vBulletin®
Copyright©2000 - 2018
Search Engine Optimisation provided by DragonByte SEO (Lite) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
Copyright 2004 - 2018, VirtualTeen.org