Jump to content



Photo

I've got the worst virus of my life, please help


  • Please log in to reply
30 replies to this topic

#1 cjay92

cjay92

    Neowinian

  • Joined: 06-May 13

Posted 06 May 2013 - 09:43

Ok, hi guys, im completely new here, found this board as i was googling to find any solution for my problem, so here i am. I further thank to anyone who will try to help me.

So i was browsing through "adult sites", like everyone does once in a while when u r home alone or however, doesnt really matter lol, when all of a sudden the movie stops and the screen goes white (blank page opens), everything stops for a while and then i see as my laptop cam turns on (the blue light turns on when i use it) so i immediately turn away my computer but i wasnt fast enough as the blank page turns into this message with my picture on the top of it! Under my picture, the one taken a few seconds ago, there is my IP written, name of my country, wrong city and name of my administrator account. And the message says that my computer was blocked for one of this reasons: i was breaking the copyrights part of the law and i will face jail or pay big money or that i may even broke the law of prohibited pornographic material, animals and children (?!), the different sentence is written and the last one was that there maybe is a chance i got affected by illegal program or whatever. But on the right side of the page, there are commercials for pay pale and some other internet pay sytems. The other thing is, everything is written in my language, but it's like "the worst google-translate" version of it.

And that was it. I cant do anything with my administrator account, its frozen. So i waited till my computer stopped and went stand by, so i could use this second account. That happened last night, i was literally scared to death. Now i calmed down a bit, but still have no clues as what to do. If you maybe know what should i do, please help me

I thank everyone who read it and thanks in advance!

Kind regards


#2 DrakeN2k

DrakeN2k

    Neowinian

  • Joined: 04-December 10

Posted 06 May 2013 - 09:48

Format your PC will be the best course.

#3 Nick H.

Nick H.

    Neowinian Senior

  • Tech Issues Solved: 10
  • Joined: 28-June 04
  • Location: Switzerland

Posted 06 May 2013 - 09:51

Ah, this one again...

First, get hold of MalwareBytes and Spybot. Reboot your computer in to safe mode (this should hopefully prevent the "FBI warning" from appearing). From there you will need to run the programs I just mentioned, and hopefully that will clean up whatever has infected you.

Another option would be to run msconfig and disable everything from starting when you first log on with the exception of the essential stuff. Then you can go looking to clean out the various bad files.

A final option would involve going in to the registry. I wouldn't recommend it for anything other than a last resort though.

EDIT: Sure, formatting would be a 100% effective way of cleaning the virus, but at the same time it isn't always an option for some people.

#4 +Aheer.R.S.

Aheer.R.S.

    I cannot Teach Him, the Boy has no Patience!

  • Tech Issues Solved: 9
  • Joined: 15-October 10
  • Location: Wolverhampton, United Kingdom
  • OS: Windows 7 X64 Ultimate Edition
  • Phone: Sony Xperia Z1 Compact

Posted 06 May 2013 - 09:53

If you still have the install disk, then I would recommend a reformat, this will destroy all evidence of the virus, but I will only recommend it as a last resort, while you are able to get online, I would first try kaspersky's tssd rootkit remover, spybot and malwarebytes to see if it can remove the infection...

http://support.kaspe...m/5350?el=88446

http://www.malwareby...CFWLHtAod2lkAdw

http://www.safer-networking.org/


And I'd recommend a premium internet security suite, I personally use Zonealarm, but it has it's haters (even though I've never had any problems) or norton, comodo, malwarebytes, eset, kaspersky just to mention a few,

#5 Crisp

Crisp

    To infinity and beyond

  • Tech Issues Solved: 2
  • Joined: 06-May 10
  • Location: 127.0.0.1

Posted 06 May 2013 - 09:54

What version of Windows are you running?

#6 OP cjay92

cjay92

    Neowinian

  • Joined: 06-May 13

Posted 06 May 2013 - 09:56

thanks everyone so much for your quick responces! i shall try your first advice, Intrinsica!

so as i see, this is a common virus?

What version of Windows are you running?


i use windows 7

#7 XerXis

XerXis

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 13-February 06
  • Location: Belgium

Posted 06 May 2013 - 09:58

thanks everyone so much for your quick responces! i shall try your first advice, Intrinsica!

so as i see, this is a common virus?



i use windows 7


very common, and a lot of people fall for it. So, props to you for at least recognizing it as a virus ;). In the future, don't download anything from adult sites and only visit the "trusted" ones

#8 OP cjay92

cjay92

    Neowinian

  • Joined: 06-May 13

Posted 06 May 2013 - 10:09

ok guys, i cannot download neither malwarebytes or spybot, since i'm logged in as user, but as you know, i cannot use the administrator account.

i guess i will delve into formatting, just have to learn how

very common, and a lot of people fall for it. So, props to you for at least recognizing it as a virus ;). In the future, don't download anything from adult sites and only visit the "trusted" ones


thanks =) lol i feel silly as i write this, but that's the thing, - i didn't download anything, just a regular "tube run" lol

#9 orno

orno

    the ornster...

  • Joined: 09-August 04
  • Location: Frankfurt, Germany

Posted 06 May 2013 - 10:11

I've used these instructions with some success on multiple computers, but the safest would be to format (and really, make an image of a clean install which can be easily reverted to in such cases) since there are many different variations of the same thing

1) http://malwaretips.c...-police-trojan/
2) http://www.wikihow.c...-Virus-Manually

good luck!

#10 +Aheer.R.S.

Aheer.R.S.

    I cannot Teach Him, the Boy has no Patience!

  • Tech Issues Solved: 9
  • Joined: 15-October 10
  • Location: Wolverhampton, United Kingdom
  • OS: Windows 7 X64 Ultimate Edition
  • Phone: Sony Xperia Z1 Compact

Posted 06 May 2013 - 10:12

before you do, do you have access to another computer, or can a buddy download it for you then burn to disk or flashdrive, or can you at least download under the 'run as administrator' option?

And on a side note, once you have fixed your computer, you should mostly use your user account that way (in theory at least) it's safer.

#11 RaulMR

RaulMR

    Neowinian

  • Joined: 19-September 08
  • Location: Portugal

Posted 06 May 2013 - 10:12

Hi
You can do a restore point (if you don't tourn it off).
  • Insert your installation disk
  • First panel chose your language and keyboard layout
  • Next screen (i think) you can chose install or repair, press repair.
  • The repair program will find (i hope) the SO in your system.
  • (don't remember everything but...) This point you can chose in a list what to do. Press system restore and select one restore before the attack.
  • Restart (count down appear...? )

Repair Windows 7 without the disk

#12 Nick H.

Nick H.

    Neowinian Senior

  • Tech Issues Solved: 10
  • Joined: 28-June 04
  • Location: Switzerland

Posted 06 May 2013 - 10:23

<Comment removed>

ok guys, i cannot download neither malwarebytes or spybot, since i'm logged in as user, but as you know, i cannot use the administrator account.

There is another option: delete the infected profile. I'm not sure how effective it would be though as I've not attempted it myself.

#13 OP cjay92

cjay92

    Neowinian

  • Joined: 06-May 13

Posted 06 May 2013 - 10:33

I've used these instructions with some success on multiple computers, but the safest would be to format (and really, make an image of a clean install which can be easily reverted to in such cases) since there are many different variations of the same thing

1) http://malwaretips.c...-police-trojan/
2) http://www.wikihow.c...-Virus-Manually

good luck!


wow that's exactly it - reading the first option right know, will follow the steps! Thanks!!

before you do, do you have access to another computer, or can a buddy download it for you then burn to disk or flashdrive, or can you at least download under the 'run as administrator' option?

And on a side note, once you have fixed your computer, you should mostly use your user account that way (in theory at least) it's safer.


no, at the moment i don't have. thanks for the warning! run as administration? isn't that an option only when the program is already downloaded or am i wrong? im really newbie in this waters.

There is another option: delete the infected profile. I'm not sure how effective it would be though as I've not attempted it myself.


thanks for the advice, the more i get them, the better. actually that's really interesting that user profile isnt inffected. i mean, thank god, but i use this user account w/o any problem

#14 srbeen

srbeen

    Neowinian

  • Joined: 30-November 11

Posted 06 May 2013 - 10:34

download the USB bootable unix distro (ubuntu for example). Web browers works great in them. shut off, boot up from USB, browse your adult sites and then power off. Its a live environment so who cares if you have to blow it away. You can also use this to pull data from the infected drive(s) before formatting.

There is also a unix disc that will boot and reset all your passwords to any/every windows account. You can also boot windows in safe mode (hammer F8) and manage files that way.

As for the infection, adult sites in particular was known to overlay a video window with a click-to-install malware ad virus, and when you click what you think is play - you just basically gave the OK for that virus/malware to install - because that click for play was really to allow the ad to run on your system. xhampster and pornhub I think were the worst for this. most of these are webbrowser malware to log infos on what you do and enter.

#15 cork1958

cork1958

    Neowinian

  • Tech Issues Solved: 2
  • Joined: 04-October 02

Posted 06 May 2013 - 10:34

That FBI alert is totally simple to remove. Just get some one else to download Malwarebytes or SuperAntiSpyware, or you can on another machine if you have one, and get the latest definition files while you're at it and install them manually, in safe mode. Then simply run a full scan of either and, poof, all gone!!

Anyone that suggests reformatting or installing Linux is nuts to do so over this simple bug!



Click here to login or here to register to remove this ad, it's free!