09-08-2013 09:31 PM
Long story short: my 8th grade daughter ran some YouTube video, or downloaded some software then ran a YouTube video, and a window popped up on the entire screen saying "This is the FBI, you have been caught viewing child porn, etc etc, deposit $300 to this bank account to avoid charges".
I suspect this kind of virus is sophisticated enough to glean passwords as they are typed in the web browser.
I've reinstalled Firefox, reinstalled Java, the Acrobat reader and Acrobat Flash. Problem with doubly underlined links still happened.
Another clue: disabling the Acrobat Flash add-on in Firefox appeared to cure the doubly underlined link problem. Reenabling it reenables the doubly underlined links (and it's the latest version...)
Ran the Microsoft antivirus, Malwarebytes, TrendMicro antivirus - some minor files were cleaned up, but the main problem with the double underlined links persists.
Called the local police dept in Lexington MA, they can offer no help. Will call tomorrow the MA state police because this seems to be a particularly nasty strain - and it is impersonating the FBI. At a minimum, they should have a system where these complaints are logged as a matter of police crime.
But in the meanwhile, perhaps I can get help on this forum.
Solved! Go to Solution.
09-08-2013 09:39 PM
Another clue: the Internet Explorer doubly underlined links stopped after increasing the internet security level to Medium-High.
Also, the Firefox JDK add-on is disabled. And I remember seeing some sort of FireFox config listing the sites where add-ons are downloaded from - and that list of sites included a strange URL which I have since removed. (That did not fix the problem either).
09-09-2013 08:03 PM
Running Combofix seems to have gotten rid of it. (http://www.bleepingcomputer.com/combofix/how-to-us