Softbard.com
The website Softbard.com is a malicious site that tries to sell you rogue anti-virus products. These rogue anti-virus program can issue fake warnings and fabricated scan results that try to convince you that buying the fake anti-virus program promoted by Softbard.com is the only way to fix your PC. In all cases, removing all Softbard.com-related malware is the best choice, since the rogue anti-virus program has no beneficial functions. Many types of threats and malware-delivering Trojans can also hijack your web browser to force you to visit Softbard.com. Scan your computer for threats right after such unintended visits, since just going to Softbard.com can cause you to be the victim of forced download attacks through browser exploits.
Step Around Softbard.com's Pit Trap
Softbard.com does a good job of keeping up the outer look of a real anti-virus software website, but falling for this for even a second can riddle your PC with forced malware downloads. There can be little to no visual indications of the mess Softbard.com pushes on your system; disabling JavaScript and plugins on your browser helps but isn't a perfect defense.
The most common drive-by download malware used by dangerous sites like Softbard.com is the Trojan. Trojans run silently as background processes by changing your Registry, and usually conceal their files in obscure locations with the Hidden viewing attribute. These Trojans are then used to install other malware like rogue anti-virus applications.
Currently, Softbard.com's main product is Antivirus Monitor, a known rogue security program that pesters the user with fake errors and bad scan results while refusing to be uninstalled. Antivirus Monitor is also known for hijacking Internet Explorer, and can use fake warnings to block security websites or force you to go to Softbard.com.
Here's what the fake warning blocker looks like:
Internet Explorer Warning – visiting this web site may harm your computer!
Most likely causes:
The website contains exploits that can launch a malicious code on your computer
Suspicious network activity detected
There might be an active spyware running on your computer
Burying the Bard Once and For All
If you're experiencing signs of Softbard.com-related infection, you needn't worry - there are known anti-malware solutions to this problem available in various good security products. Be particularly careful to distinguish between legitimate security products and warnings and scans by the fake Antivirus Monitor, since trusting Softbard.com's rogue application will only make the situation worse for your PC.
Try to stop all malware from running before you remove it to insure the most effective deletion of Softbard.com-based threats. You may also need to change your homepage and other browser and security settings back to regain a life free from this PC threat.
In the future, keeping up the strictest possible browser settings with exceptions for trusted sites, as well as using a less common browser, can help you survive any brushes with Softbard.com with less damage.
File System Modifications
- The following files were created in the system:
# File Name 1 %Temp%\[RANDOM CHARACTERS]\ 2 %Temp%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1?HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:33921"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"HKEY_CURRENT_USER\Software\[RANDOM CHARACTERS]
Additional Information on Softbard.com
- The following messages's were detected:
# Message 1 System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.System component corrupted!
System reboot error has occurred due to lsass.exe system process failure.
This may be caused by severe malware infections.
Automatic restore of lsass.exe backup copy completed.
The correct system performance can not be resumed without eliminating the cause of lsass.exe corruption.Warning!
Name: firefox.exe
Name: c:\program files\firefox\firefox.exe
Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.