computer viruses

I am going to post this here because I know some of you guys are pretty smart at this stuff, where as I don't have a clue.

I am having computer virus issues:

Last thurday, a notice opened on my computer with FBI headings, from the FBI cybercrime division, saying that my computer had been seized for violation of of copyright laws for downloading pirated music (which I wasn't and haven't done). It went on to say that there was a $300 fine for this the first offense and gave instructions to go to a walgreens and buy a money gram for $300 and take that to western union and have it sent to a code that they provided and that failure to do so within 72 hours would result in arrest. (no I am not bumpkin enough to have believed or done this).

But, there wasn't much I could do. My computer was locked on this page. I couldn't get out or do anything else. Rebooting and restoring my computer to an earlier setting did not work. I was locked on this page/notice. After fooling around trying every thing I could think of for a day and a half, on Saturday Morning, I put in my restore disk that would restore my computer to factory setting, losing all information. (supposedly the computer would be just like the day I brought it home).

Well, this worked somewhat. Saturday, I was able to get online for 4 or 5 hours. The first thing I did was look up FBI cybercrime division and found all kinds of information on "the FBI cybercrime virus". Showed a sample which was identical to my notice. I was not surprised. It said that this virus goes around Norton and McFee anti virus protection.

Anyway, I figured restoring to the factory settings had solved the problem, but several hours later, my computer just shut down. The only screen I could access said there was a fatal error. I tried a bunch of things, including a second factory reset and got nothing. After spending the day yesterday doing everything I could think of I was debating on whether I should take the computer to a computer repair shop or just replace it.

So this morning, still fooling around, I was once again able to reset to factory settings and am one again online, but I suspect not for long. So, has anyone encountered the 'FBI cybercrime virus' and/or have nay information or suggestions on what to do about it?

Disclaimer: I know nothing about computers and what I'm doing is probably damaging mine although nothing bad has happened yet.

The same FBI thing happened to me and I felt guilty for a split second for downloading free music. It sounds like you may have fixed the problem but if it comes up again, here's what I do/did: When I turn on my computer I go to windows task manager. As all the tasks are popping up, a "windows host process (rundll32)" will come on the list. I click to end that process and I have never had anymore problems with it.

You should always have a Windows restore and a Virus scanning / utility image available. Using this you'll be able to boot from the uninfrected CD/DVD and perform virus removal tasks and system restore tasks.

And you should be backing up your HDD weekly. I've learned this lesson the hard way several times over the years.

Make sure your virusscanner is active and make sure you have spyware or malware detection and run it frequently.

go to Bleeping Computer, and post in the appropriate section. Someone will give you instructions on how to fix it yourself.

I've used their help a few times over the years. There is nothing they haven't seen.

Also, the F.B.I. might be a little more interested than usual in trying to find out just who is impersonating federal law enforcement agents like them. Depending on your local office, they might like to hear or even see just what the spoofing is.

Did you change your passwords or signons at, startup as soon as you got it restored again? I would assume they have that info.

( if I was a computer security expert, I'd say you got phished, and now have a malware/ rootkit) but I'm not.

Boot in safe mode... do control alt delete to list ongoing processes see what new programs are running and delete them.

See what files in the operating system area are larger than they are supposed to be.

IF you are able reload the operating system..

update your security measures.

Quote: RogerKint

As all the tasks are popping up, a "windows host process (rundll32)" will come on the list. I click to end that process and I have never had anymore problems with it.

I believe that this is a legitimate file.

Quote: Mosca

go to Bleeping Computer, and post in the appropriate section. Someone will give you instructions on how to fix it yourself.

I've used their help a few times over the years. There is nothing they haven't seen.

Good suggestion Mosca. The very first article on that site addresses this exact virus.

kewlj --

you are much better off just formatting your hard drive and installing a fresh copy of your OS.

You have backups of your important files, right?

If you don't, you can't do it, but at least let it be a lesson to make backups of important files regularly.

I forget whether it was you or another member that I tried to help. It appears you have a nasty virus/malware. My recommendation is the same with the previous poster in posting for help to either Bleeping Computer, Tom's Hardware, or Major Geeks. These guys are reliable, and unfortunately, your FBI warning virus is a newer one. We got the warning from our IT department at work to be on the lookout for suspicious emails.

You must have clicked on a bad website or downloaded something that appeared to be docile.

Assuming you had all time in the world, the following procedure will take hours. This will get you started, but use at your own risk. It's what I would do.

1.) Restart in Safe Mode w/ networking (repeatedly hitting F8 during the startup until you get to choose safemode).
2.) Update your antivirus software, and rescan full drive.
3.) Download Malwarebytes from www.cnet.com/downloads and rescan. (Fix anything you find.) If prompted to restart, make sure u restart back into safe mode w/ networking.
4.) Use Trendmicro Housecall Online scanner (Fix anything you find.) If prompted to restart, make sure u restart back into safe mode w/ networking.
5.) Download OTL.exe and use the following command in the fix section:
:OTL
:Commands
[purity]
[emptytemp]
[emptyflash]
[clearallrestorepoints]
[Reboot]
6.) Reboot into normal mode, and download combofix. Unload or turnoff your antivirus program. Run combofix. Paste your log here.
7.) Rerun step five again after step 6.
8.) Rescan with everything.

All this makes me glad that I'm a Mac-user.

The nasty thing about a lot of the malware/virus issue, is you don't necessarily have to be visiting unfamiliar places and clicking on something. If anyone you correspond with gets infected, email from the person can be the origin.

On a related note, I got a pop-up a couple weeks ago that look just like the Adobe update screen that I get about every couple weeks. I noticed the address bar that wasn't suppose to be there.

Quote: rxwine

The nasty thing about a lot of the malware/virus issue, is you don't necessarily have to be visiting unfamiliar places and clicking on something. If anyone you correspond with gets infected, email from the person can be the origin.

On a related note, I got a pop-up a couple weeks ago that look just like the Adobe update screen that I get about every couple weeks. I noticed the address bar that wasn't suppose to be there.

That is a good one, and so are the alerts that show up on a screen telling you that a virus was just detected on your system, and click here to isolate the virus and prevent the virus from causing any more damage. Of course, what really happens is, your system WAS fine, but you just downloaded a virus, or more likely a trojan horse for targeted ads or other annoying, but non-threatening actions.

The world wide governing bodies had better wake up and instead of viewing cyber crime as who cares, they need to adopt much harsher penalties, like death. You can't expect the good guys to be able to control the internet and make it safe by technology alone. The bad guys will always be one step ahead when it comes to technology. You need a second control point, and fear of death is a pretty good deterrent. We could be enjoying so much more with the internet and our connectivity, but the fear of the bad guys stealing info, or wreaking havoc with viruses, is causing us to only use a fraction of what we could be doing.

I got a call a couple of years ago from someone telling me they were with some PC Monitoring Organization, and that my PC IP address was being used for spam, and they were going to help me get rid of it. I played along and tried to react as a typical user would. I wanted to see where they were going to go. I would ask aquestion, but he would never supply me with a solid technical answer. It was always very generic, and impressive sounding, but non informative. We then got to the step where he was having me grant remote desktop access to him, although that IS NOT what he was telling me it was going to do. I bumbled around, telling him it was not working, that my network seemed to be down, that I typed the command wrong, etc. I kept this up for a good 15 minutes. The poor ass was getting so frustrated on the other end. He was so close to getting to my info he could taste it, yet it just wasn't happening.

After I grew tired of jerking him around, I really lit him up with a bunch of point blank technical questions, ending with demanding to know why he was trying to remote desktop to my PC. Much to my surprise, he hung on me! LOL

I don't have the time to read your post, but I wanted to recommend that you reinstall your operating system before/if you format. All of your files will go into a windows.old folder. That works for me instead of reformatting most of the time.

Quote: zippyboy

All this makes me glad that I'm a Mac-user.

Ditto.


As some of you know, my Internet access at work has been severely limited a few months ago. I had picked up that same FBI virus on my work PC...

I'm posting this via iPhone.