Reply
Stone Esquire
iubica
Posts: 3
Registered: ‎09-08-2013
Accepted Solution

Double underlined links embedded in web page - for Firefox, Chrome and Internet Explorer

Long story short: my 8th grade daughter ran some YouTube video, or downloaded some software then ran a YouTube video, and a window popped up on the entire screen saying "This is the FBI, you have been caught viewing child porn, etc etc, deposit $300 to this bank account to avoid charges".

 

I logged out, logged back in, the "FBI" window disappeared, but links started to be underlined in random web pages presumably using JavaScript technology. This happened with all my three web browsers. The double underlined links send me to web page ads.

 

I suspect this kind of virus is sophisticated enough to glean passwords as they are typed in the web browser.

 

I've reinstalled Firefox, reinstalled Java, the Acrobat reader and Acrobat Flash. Problem with doubly underlined links still happened.

 

Another clue: disabling the Acrobat Flash add-on in Firefox appeared to cure the doubly underlined link problem. Reenabling it reenables the doubly underlined links (and it's the latest version...)

 

Ran the Microsoft antivirus, Malwarebytes, TrendMicro antivirus - some minor files were cleaned up, but the main problem with the double underlined links persists.

 

Called the local police dept in Lexington MA, they can offer no help. Will call tomorrow the MA state police because this seems to be a particularly nasty strain - and it is impersonating the FBI. At a minimum, they should have a system where these complaints are logged as a matter of police crime.

 

But in the meanwhile, perhaps I can get help on this forum.

 

Thanks,

Andrei

Please use plain text.
Stone Esquire
iubica
Posts: 3
Registered: ‎09-08-2013

Re: Double underlined links embedded in web page - for Firefox, Chrome and Internet Explorer

Another clue: the Internet Explorer doubly underlined links stopped after increasing the internet security level to Medium-High.

 

Also, the Firefox JDK add-on is disabled. And I remember seeing some sort of FireFox config listing the sites where add-ons are downloaded from - and that list of sites included a strange URL which I have since removed. (That did not fix the problem either).

Please use plain text.
Stone Esquire
iubica
Posts: 3
Registered: ‎09-08-2013

Re: Double underlined links embedded in web page - for Firefox, Chrome and Internet Explorer

Running Combofix seems to have gotten rid of it. (http://www.bleepingcomputer.com/combofix/how-to-use-combofix) Attached is the Combofix log.

Please use plain text.