• 0

I've got the worst virus of my life, please help


Go to solution Solved by orno,

Question

cjay92

Ok, hi guys, im completely new here, found this board as i was googling to find any solution for my problem, so here i am. I further thank to anyone who will try to help me.

So i was browsing through "adult sites", like everyone does once in a while when u r home alone or however, doesnt really matter lol, when all of a sudden the movie stops and the screen goes white (blank page opens), everything stops for a while and then i see as my laptop cam turns on (the blue light turns on when i use it) so i immediately turn away my computer but i wasnt fast enough as the blank page turns into this message with my picture on the top of it! Under my picture, the one taken a few seconds ago, there is my IP written, name of my country, wrong city and name of my administrator account. And the message says that my computer was blocked for one of this reasons: i was breaking the copyrights part of the law and i will face jail or pay big money or that i may even broke the law of prohibited pornographic material, animals and children (?!), the different sentence is written and the last one was that there maybe is a chance i got affected by illegal program or whatever. But on the right side of the page, there are commercials for pay pale and some other internet pay sytems. The other thing is, everything is written in my language, but it's like "the worst google-translate" version of it.

And that was it. I cant do anything with my administrator account, its frozen. So i waited till my computer stopped and went stand by, so i could use this second account. That happened last night, i was literally scared to death. Now i calmed down a bit, but still have no clues as what to do. If you maybe know what should i do, please help me

I thank everyone who read it and thanks in advance!

Kind regards

Link to post
Share on other sites

Recommended Posts

  • 0
Mando

There is some useful stuff in this thread:

http://www.neowin.net/forum/topic/1149774-unknown-scareware/

Get one of the anti-virus boot CDs and see if that can remove the virus.

Kapersky Av Rescue CD cleans up the FBI "virus" scareware. Ive used it on approx. 20 infections work level and about another 5 personally on friends n families PCs. Ive personally had a 100% success rate with Kapersky Bootcd.

https://support.kaspersky.com/viruses/rescuedisk

Its a driveby payload due to an outdated version of Java on your machine ;)

glad you got it sorted - I have not had to deal with this one yet.. But it took a picture off your webcam?? That is a freaking awesome.. You have to give creds to some of these guys.

Kind of hoping one of friends or family run into this one - just so I can lmao :)

So how much was the fine they wanted you to pay?

Its also checks your locale and spits up the region specific "Police" Organisation. :) we get the Metropolitan Police logo (pity that only has effect in London and im in Scotland lol) pretty convincing though. I think it was either ?50 or ?500 to remove. Lol Kapersky did that for ?0 :p

Link to post
Share on other sites
  • 0
+ir0nw0lf

Some variants of the FBI/DOJ virus can't be removed unless hours and hours are spent on it. I have had a few instances where I tried multiple removal/scanners in safe mode, booted off scanner discs from outside the OS, etc. etc. and none of them worked. Most of the time it's not that tough, just don't be too angry if you can't 100% clean it up. Just not possible in all cases.

Link to post
Share on other sites
  • 0
+warwagon

Some variants of the FBI/DOJ virus can't be removed unless hours and hours are spent on it. I have had a few instances where I tried multiple removal/scanners in safe mode, booted off scanner discs from outside the OS, etc. etc. and none of them worked. Most of the time it's not that tough, just don't be too angry if you can't 100% clean it up. Just not possible in all cases.

I've never actually seen one that wasn't a single exe or dll cause the issues in appdata\local \appdata\roaming \appdata\(username) or c:\programdata. I mean sure sometimes there were some other critters, but they were always in the same directory of the exe or dll file causing the issue. In all cases just booting off a bartpe disc / USB and deleting them by hand let me get back into windows.

Link to post
Share on other sites
  • 0
cjay92

glad you got it sorted - I have not had to deal with this one yet.. But it took a picture off your webcam?? That is a freaking awesome.. You have to give creds to some of these guys.

Kind of hoping one of friends or family run into this one - just so I can lmao :)

So how much was the fine they wanted you to pay?

and i wish you will never have to deal with it =) and no one else too, of course. yes, when i saw blue light i immediately turn away my laptop but it still snapped it. i swear it's really really scary, you don't really think straight at the moment. only later i saw the poor language and commercials. as far as i remember, they wanted 100?, but im not sure

oh and of course, i credited a guy in a post just above yours! will be forever thankful to everyone, such an amazing community to run into

Lets not forget to talk about how you got infected in the first place. Because if you don't fix it, you may be reinfected very quickly.

The most likely cause is an out of date version of Java on your machine. If you know you don't need it or think you don't need it uninstall it. Other applications which are targeted by exploits are Flash and adobe reader.

So its VERY VERY important that you keep your system current with the latest windows updates and keep the 3rd party applications listed above up date as well.

A great application to do so is called Patchmypc located at http://www.patchmypc.net in a single click it will automatically update all the important 3rd party applications all with 1 click.

Tbh i've just uninstalled Java as i read it from your comment. I really don't think i need it, thanks! but as for flash and adobe, i actually need those. i mean, i wasn't able to watch some videos w/o them and sometimes i was running an older version and the same problem occurred. so do you think it's still better to unstall it? it's kinda funny one thing is so needed but at the same time suspected as dangerous.

and omg thank you so much for this piece of advice! i will sure download it. i try to take as much as possible from this thread, because u guys pointed out on so many important programs i've never even heard off! oh, and to add, my newly downloaded malwarebytes detected 2 trojans, my gawd, i dont know, was it either that FBI thing or something else laying somewhere, however, i got rid of them, thanks to the program.

so if i can ask you, what else beside Patchmypc do you recommend to use it?

thanks again to everyone for great responce..

Link to post
Share on other sites
  • 0
The Evil Overlord

Did I just read warwagon getting praised???

:shiftyninja:

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.