Mon, Nov 25, 6:34 PM CST

Renderosity Forums / Community Center



Welcome to the Community Center Forum

Forum Moderators: wheatpenny Forum Coordinators: Anim8dtoon

Community Center F.A.Q (Last Updated: 2024 Nov 23 2:12 am)

Forum news, updates, events, etc. Please sitemail any notices or questions for the staff to the Forum Moderators.



Subject: A warning about viruses at scifi3d.com


JAG ( ) posted Mon, 22 June 2009 at 10:51 PM · edited Wed, 18 September 2024 at 5:40 AM

Just wanted to let the community know that I contracted a direct virus from simply visiting the the www.scifi3d.com website this afternoon...apparently one of their banner advertisements was a trojan and it walked right through my virus defense and installed "wmwareService.exe" and something else called "76.exe" which promptly seized control of my windowsXP system, taking over IExplorer completely.  Once loaded it began to scan my entire computer under the guise of a software program that masqueraded as a Virus Scanner of all things.  I had to jerk my internet connection and run a 5 hour scan to find all 19 files from it and delete them.  This wasn't part of scifi3d of course...but came from one of their ad placements, so if someone is brave enough to go back over there, please notify them of the matter.  Hopefully nobody else got hit.  This viral-ware was pretty nasty and buried itself into my system and what that scan was all about I have no idea and probably don't want to know.   Just thought I'd put the warning out.  If anyone has already contracted it, AVG Freeware virus scan software available from cnet.com wiped it's nasty butt out pretty good as far as I can tell.  It walked through Nortons entirely and the Windows automatic shield.  Also, not I'm not trying to down scifi3d...it's a great site and has been for years.  But the adware-virus definitely came through their site.  I had nothing else open and it loaded instantly upon their page loading.  The so-called virus scan software it installed to cover it's scan was called "Barracuda Virus Protection" in case anyone else gets it.  Whatever you do, do NOT click any of the buttons when this program starts to run, as it will only bury your system with further files.  Disconnect your internet connection [ hard wire ] and then run your virus scan.  Ignore notices that Windows needs to shut down.  This is only the virus attempting to stop you from removing it.  --sigh-- Good luck...


pearce ( ) posted Tue, 23 June 2009 at 6:47 AM

Good info -- thanks ;)

I often see hints that Norton is outgunned by the good freeware applications.  I use Avast! myself, and that's caught and blocked a few rogue (or compromised) websites, but AVG is good too.  Personally I've never bothered with Norton.


Miss Nancy ( ) posted Tue, 23 June 2009 at 3:56 PM

file_433436.png

this is what I get, hence they may already be aware of said problems.



JAG ( ) posted Wed, 24 June 2009 at 1:50 AM

Just an update...the removal software did not get Barracuda.  Apparently the newest version is out and it walked AGAIN right through my newly installed and updated programs.  It passed AVG, Ad-Aware, and Malware all three without missing a beat and reinstalled itself into my computer this morning and took over again.  I just ended up having to wipe my entire system to get rid of it and I'm just "hoping" I killed it finally.  This was the worst thing I've ever dealt with viral-wise.  It actually changed it's file names every time I started deleting them.  It was almost like dealing with a live party on the other end.  These spyware programs are getting vicious and very sophisticated.  Definitely steer clear of the scifi3D site folks...sad to see it go.  Hope they eventually get it nipped in the bud.

Thanks for comments and support!


markschum ( ) posted Wed, 24 June 2009 at 12:11 PM

I have sent an email to the site advising them of this block.
McAffee site advisor doesnt have it shown as a problem site.

The alert seems to be from google (?)


Miss Nancy ( ) posted Wed, 24 June 2009 at 2:45 PM · edited Wed, 24 June 2009 at 2:46 PM

Attached Link: http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://www.scifi3d.com/

yes, google advisory. above link goes to a text page linked to "Why was this site blocked?" is scifi3d the site with the free yodas and binks models (unrigged)?  those are very useful in carrara.



JAG ( ) posted Thu, 25 June 2009 at 5:48 PM

I wouldn't really rely on McAffee...there about as useless as Symantec/Nortons at blocking or protecting anything.  These new malware programs are using Adobe Acrobat as a backdoor through IE's security and once active, it uses Acrobat to download even more files from their sites until you are swamped.  I also got hit again this morning on one of the free Renderosity model hosts from the freestuff.  I've sent the poster a message so he can move the file off that particular host, but from what I've read online in security blogs the last few days, the a-holes are blitzing the internet using random banner exchanges to shift their attacks.  Basically speaking, the site flashes a banner...and it's fine...nobody gets infected...then a new visitor logs in and the banner changes and it's the ahole file and it infects this person's system...next person comes along and the banner is different and safe again.  So it's possible for one person to get infected while another 1000 don't.  So the site blockers and such are useless in this situation.  Also, this particular bunch are using pseudo-software...a con in which they load an HTML document that looks like a real antivirus software program and tellls you that you have viruses, click here to buy their software to remove them.  If you don't click, it then proceeds to swamp your system and take it over with malware.  The software is a virus itself and the method is not only illegal but is actual digital fraud.  The programs have been traced to Russia, but that's about all currently, and the security people are scrambling to keep up, but they are changing the file names daily as well as their imbeded locations.  It is seriously, seriously nasty.  So everybody just stay aware of things and watch it.  In the fifteen years I've been a tech-head out here in cyber land I've never seen a bunch like this...and it's proliferating.


scanmead ( ) posted Thu, 25 June 2009 at 6:53 PM

Attached Link: AVG linkscanner

AVG is now running Linkscanner, an essential layer of protection for just such threats. And it's free. 


JAG ( ) posted Fri, 26 June 2009 at 2:22 PM

thanks for the link on the AVG --- I had their free antivirus installed before and it did not catch the virus, but the linkscanner can't hurt any.  Thanks.


Privacy Notice

This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.