Is my laptop infected?

The Worrier

Very worried guys.

I was on some adult sites (embarrassed) and when I was leaving some of the site's this Garda site with President Higgins face on it came up saying something about illegal content and something about my IP address. And it said my browser would be locked which it isn,t.I immediately left the site, I'm not sure whether it came via a pop up or from a link on one of those *cough* adult sites.

I exited the internet and did a quick scan via Norton 360 and it came back grand. I then did a comprehensive scan of my laptop with Norton 360 which also came back grand.

Question is, was that Garda page a virus or what? Only realised when I googled what happened it could be a virus.

Nothing has come up since and everthing seems ok. Could it still be infected? Funnily enough when I was on one of those adult site it appeares to freeze slightly like for 30 seconds but that was all.

I do my banking online which is worrying me now.

Baked.noodle

Download and update Malwarebytes. Run a short scan which should test the files in memory and system files. Then download Microsoft Security Essentials and give that a run too. You should be all right. Also, in general you could clear your browser cache after you bank on-line, just as a precaution. Disable Norton while you use the programs mentioned.

beertons

Yeah, that's a virus. Happened me once. Do a scan, i used a free avg one, and never went back to that site.


*Higgy is watching you

Mr. G

I'd recommend you get on another uninfected computer and change your passwords just in case.

Try running a time boot scan also.

The Worrier

Baked.noodle wrote: »

Download and update Malwarebytes. Run a short scan which should test the files in memory and system files. Then download Microsoft Security Essentials and give that a run too. You should be all right. Also, in general you could clear your browser cache after you bank on-line, just as a precaution. Disable Norton while you use the programs mentioned.

Would downloading any of them compromise the Norton 360 I have?

Is the Norton360 not good at dectecting this stuff?

The Worrier

beertons wrote: »

*Higgy is watching you

LOL

Baked.noodle

The Worrier wrote: »

Would downloading any of them compromise the Norton 360 I have?

No. Norton may interfere with the scans though. If you disable Norton temporally, probably by right clicking the icon in the task bar on the lower right side of your screen, you can scan away with Malwarebytes.

Is the Norton360 not good at dectecting this stuff?

Malwarebytes is better, and free. It doesn't monitor all the time, only when its scanning, so you can use Norton as before afterwards.

There is detailed instructions on how to remove the virus (if your infected) here.

ScouseMouse

I cleaned three laptops with this virus.

Its the FBI Garda virus where they want you to send them cash. I do money transfer and a guy actually tried to send it!

Some variants are harder to clear than others, it depends if you can get into safe mode. Check out the virus and malware forum. Actor Seeks Job is quite handy there for advice though I think he has renamed to ASG or something.

The Worrier

Baked.noodle wrote: »

No. Norton may interfere with the scans though. If you disable Norton temporally, probably by right clicking the icon in the task bar on the lower right side of your screen, you can scan away with Malwarebytes.



Malwarebytes is better, and free. It doesn't monitor all the time, only when its scanning, so you can use Norton as before afterwards.

There is detailed instructions on how to remove the virus (if your infected) here.

I would prefer not to download anything as of yet but thank's anyway. I give the laptop another comprehensive scan on Norton360.

Thing is Norton will normally tell you if your entering a bad website.

This site just seemed like an annoying ad site. If you took the message on it with a pinch of salt you'd do nothing about it so that's why I'm wondering has it even got into my laptop as both Norton scans came back clear. And it said they got rid of tracking cookies or something.

Baked.noodle

Norton hasn't detected anything so doing repeat scans is a waste of time. Defiantly run Malwarebytes. You might not be infected with the Garda virus after all as you haven't been locked out of the computer.

The Worrier

Baked.noodle wrote: »

Norton hasn't detected anything so doing repeat scans is a waste of time. Defiantly run Malwarebytes. You might not be infected with the Garda virus after all as you haven't been locked out of the computer.

Is Malwarebytes a virus detector and not a virus protector?

And will that definitely tell you if your infected or not?

Thanks again sir!

Baked.noodle

Ya, kinda. It should remove a lot of virus though. It should flag files that would have been installed if you are infected with any common virus.

bumper234

The Worrier wrote: »

Is Malwarebytes a virus detector and not a virus protector?

And will that definitely tell you if your infected or not?

Thanks again sir!

Jesus you sure live up to your name

Norton will not detect or get rid of this ok it's not a "virus" per se it is ransom ware/malware. Everyone has told you how to get rid of it using malware bytes and i can understand your apprehension about downloading more software but this will work (I have cleared this particular malware from at least 20 computers all running Symantec anti virus) Have a look at these pages and they all say the same thing too. Bottom line is if you want to get your computer clear follow the instructions.

http://botcrawl.com/how-to-remove-the-fbi-moneypak-ransomware-virus-fake-fbi-malware-removal/

The FBI virus, also referred to as the FBI Moneypak virus, Citadel Reveton, and other terms is dangerous malware categorized as ransomware we discovered in 2012 that cyber criminals use in attempt to disguise themselves as the FBI. The FBI virus utilizes Trojan horses

Removal Tips

The safest option to remove the FBI Moneypak virus by using Malwarebytes Anti-Malware software (free or paid versions),

If you're not happy using malwarebytes you can follow Nortons instructions here

https://support.norton.com/sp/en/us/home/current/solutions/v71075396_EndUserProfile_en_us

mark17j

My mum was on facebook yesterday and she clicked on this funny vid in her news feed, of somebody making a fool of themselves in a football stadium,
as soon as she clicked on the vid this police page popped up with president Higgins face, she got a fright, the only way she could get out of it was to log off windows and back on....
I did virus,malware, spyware scans on her machine all came up good..
but we are still keeping an open eye for anything suspicious.
She just uses the pc for facebook and e-mail

The Worrier

bumper234 wrote: »

Jesus you sure live up to your name

Norton will not detect or get rid of this ok it's not a "virus" per se it is ransom ware/malware. Everyone has told you how to get rid of it using malware bytes and i can understand your apprehension about downloading more software but this will work (I have cleared this particular malware from at least 20 computers all running Symantec anti virus) Have a look at these pages and they all say the same thing too. Bottom line is if you want to get your computer clear follow the instructions.

http://botcrawl.com/how-to-remove-the-fbi-moneypak-ransomware-virus-fake-fbi-malware-removal/

The FBI virus, also referred to as the FBI Moneypak virus, Citadel Reveton, and other terms is dangerous malware categorized as ransomware we discovered in 2012 that cyber criminals use in attempt to disguise themselves as the FBI. The FBI virus utilizes Trojan horses

Removal Tips

The safest option to remove the FBI Moneypak virus by using Malwarebytes Anti-Malware software (free or paid versions),

If you're not happy using malwarebytes you can follow Nortons instructions here

https://support.norton.com/sp/en/us/home/current/solutions/v71075396_EndUserProfile_en_us

Thanks. On that note. I WILL use Malware Bytes. I'm asuming there webpage is the one previously mentioned, yeah?

I only really be interested in a free one assuming there is one. Can 'you uninstall it after using it?

one man clappin

Boot into safe mode with networking
Download malwarebytes and update.
Run the scan (I would recommend running full scan, should take approx 1 hour)
If malwarebytes finds anything it will ask you to remove selected. Do this.
Also malwarebytes will produce a log report, copy that and post it here. JSA112 is brilliant at reading the logs and will give you further advice.

bumper234

The Worrier wrote: »

Thanks. On that note. I WILL use Malware Bytes. I'm asuming there webpage is the one previously mentioned, yeah?

I only really be interested in a free one assuming there is one. Can 'you uninstall it after using it?

http://www.malwarebytes.org/lp/malware_lp/?gclid=CNy1u8-05roCFSV42wodu2sAJA

Go to the free download button and away you go. You sure can remove it if you want but honestly if you are going to keep a computer secure then this is one of the must have tools for that so i would recommend keeping it.

The Worrier

A couple of question's guys.

Looked at the Norton option one that someone posted and although it seems a to be a bit of a rigmarole I'd wouldn't mind using that one, however, I may not even have this virus so maybe using Malware Bytes and scanning the laptop for the virus is what I should do.What do you think?


Thing is Im finding it difficult to know how to turn off the Norton in case one compromises the other. If you lefr click the Norton logo it says something like turn off firewall and turn off something else.

jsa112

Malwarebytes is the best removal tool out there, you should use it. It wont conflict with norton either. If you cant turn norton off it doesn't matter, still run malwarebytes

old_aussie

If you have a ransomware (FBI) type of infection it will be on screen most of the time demanding you pay a ransom to get your PC unlocked.

DO NOT give your creditcard details or personal details to get it removed as it's just a scam.

Judgement Day

Ancient technophobe with a strange - to me - query. Tonight I sent several emails (Yahoo) and they were altered by something after I sent them resulting in them being garbled nonsense. It was almost like something was trying to translate them? Any clues as to what might be happening? Be gentle!

jsa112

do this

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Quick Scan button. Do not change any settings. The scan wont take long.
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files here

The Worrier

old_aussie wrote: »

If you have a ransomware (FBI) type of infection it will be on screen most of the time demanding you pay a ransom to get your PC unlocked.

DO NOT give your creditcard details or personal details to get it removed as it's just a scam.

That's the thing. Its not on the screen all the time. So is my computer ok

jsa112

If its coming up at all, then no its not ok. Run malwarebytes anyway, it wont hurt and it will only take 5 minutes

GarIT

It seems like it was just a popup rather than an infection. Or if it was an infection Norton stopped it. Can you check Norton's settings to see if there is any detection log, or quarantine history?

Norton has by far the best detection rates of any security product, the only problem is it usually really slows you down.