dragonslayer2k12 Posted March 23, 2013 Share Posted March 23, 2013 Had you been using NOD32 from eset it would have eventually fought off the virus by itself and the warning screen would have went away but you would still have to run anti spyware stuff to finish it off. I have seen this on many laptops and the users reactions are really funny when they tell me about it. Some of them are denying everything saying they didn't download anything or they can't prove it because the user covered the webcam as soon as it went on lol. I have been in front of one of these infected laptops where the camera is recording me lol. But since it didn't have any internet it was not showing anything to anyone. The camera comes on but it probably doesn't record anything just activates it and provides a display for the camera to scare people with. Having a good AV is critical these days but the best defense is yourself when downloading things you are not sure about. If you are not sure just don't download it or try another server and see if the same thing happens again. Nexus is not one of those crap sites that tacks on download managers out of nowhere or free coupons with your download etc. So something like that should never be on their site or servers. Most of the time it does require a reformat to get rid of this virus because the user didn't have any AV at all or they had avg or norton or mcrapee so the worst of the virus would still be in effect. You have to get your foot in the door so to speak just long enough to run something like combofix and then kapersky TDSSkiller afterwards then antispyware like spybot search and destroy and then antivirus scan. If the computer is fast enough you might be able to run AV scan and spybot at the same time but that scan is only useful if the AV is NOD32 or kapersky or something similar. Also this kind of virus likes to mess up AV like avg and prevent them from uninstalling so you can't install another AV after removing the virus. Link to comment Share on other sites More sharing options...
scot Posted March 23, 2013 Share Posted March 23, 2013 (edited) I had that virus 4 times, luckily I was able to remove it by starting my system with the recovery menu and get back in pc time when I didn´t had the virus then I just make a full scan with my antivirus and remove it. One of it I was able to just start in the safe mode and making a full scan and remove it. I hate that virus makes my blood boil when I start to see a blnk screen and then that notice that I´m downloading music (I don´t even hear music -.-) I get this virus often simply by browsing the internet with antivirus, it makes me think how dangerous the internet is for computers. Edited March 23, 2013 by scot Link to comment Share on other sites More sharing options...
DustinC86 Posted March 23, 2013 Share Posted March 23, 2013 (edited) OMG LOL @ OP!! You reformatted!?!?!? ROOOOFL. I downloaded this same trojan from this site yesterday. I'm going to tell you how to fix it, if anyone else comes across it. Hopefully they won't be like the OP and REFORMAT! LMAO! Ok... Once the screen pops up blocking any further action, turn off the computer. Unplug it from the internet, or turn your router off. Boot the computer back up, and you'll notice the screen doesn't pop back up.At this point, you should run the scan for whatever virus protection you have. I personally use Malwarebytes, it IS the best. It caught it for me in no time, and got rid of it. If your anti-virus doesn't fix this trojan, try to get on a different PC and download Malwarebytes, along with the update and upload it to your PC via flashdrive, install, then scan with it. It comes with a 2 week trial, but costs just 15 dollars ONCE afterwards, and is totally worth it. P.S. To folks like the OP: Reformatting just means you suck with computers and don't know how to fix anything. Get a hold of me if you have a problem, I can save you losing your data, or paying a tech $100 or more. :smile: Cheers! Edited March 23, 2013 by DustinC86 Link to comment Share on other sites More sharing options...
DustinC86 Posted March 23, 2013 Share Posted March 23, 2013 I had that virus 4 times, luckily I was able to remove it by starting my system with the recovery menu and get back in pc time when I didn´t had the virus then I just make a full scan with my antivirus and remove it. One of it I was able to just start in the safe mode and making a full scan and remove it. I hate that virus makes my blood boil when I start to see a blnk screen and then that notice that I´m downloading music (I don´t even hear music -.-) I get this virus often simply by browsing the internet with antivirus, it makes me think how dangerous the internet is for computers. HAha, it sounds like you have one of those fake anti-viruses. Link to comment Share on other sites More sharing options...
m3dicat3d Posted March 23, 2013 Share Posted March 23, 2013 Just to clarify, is this something that is within the NMM or the servers. I was planning on starting to DL mods tonight (just built my first comp yesterday, yay!) and I was planning on using Mod Organizer and BOSS, not NMM. Once I saw this ransomware warning I obviously am cautious now, would like to still start modding tonight, but also don't want that crap on my brand new rig. Any thoughts? Link to comment Share on other sites More sharing options...
bben46 Posted March 23, 2013 Share Posted March 23, 2013 To all - If you see your webcam light come on when you did not intend for the camera to be on - Stop right there. You could be a victim of a type of malware used by perverts for watching people over the internet. The same malware can steal personal info such as credit card numbers also. - here is an article on how it works: http://arstechnica.com/tech-policy/2013/03/rat-breeders-meet-the-men-who-spy-on-women-through-their-webcams/ Stop right there, cover the camera lens - black electrical tape is best - (don't use clear tape :pinch: ) update your antivirus immediately, unplug from the internet and run a scan - if your scan doesn't show anything - it is likely being blocked by the malware. I prefer to use a Linux based rescue disk - available FREE from several different antivirus companies. (you may have to dig through their website to find the free version) Put the rescue disk on a CD or USB stick (you may have to do something to the USB to make it bootable. Power your computer all the way off - and boot it using the rescue disk - this will boot a NON windows operating system that the virus cannot infect or block - and run the antivirus included to clean it - the one I use is Kapersky rescue disk - and is available FREE here http://majorgeeks.com/Kaspersky_Rescue_Disk_d6501.html The rescue disk will need an internet connection to update it's virus database. As you are now running a Non windows system, the virus cannot infect it. (I'm sure they will eventually figure out a way to get around this too) Link to comment Share on other sites More sharing options...
FiftyTifty Posted March 23, 2013 Share Posted March 23, 2013 To all - If you see your webcam light come on when you did not intend for the camera to be on - Stop right there. You could be a victim of a type of malware used by perverts for watching people over the internet. The same malware can steal personal info such as credit card numbers also. - here is an article on how it works: http://arstechnica.com/tech-policy/2013/03/rat-breeders-meet-the-men-who-spy-on-women-through-their-webcams/ Stop right there, cover the camera lens - black electrical tape is best - (don't use clear tape :pinch: ) update your antivirus immediately, unplug from the internet and run a scan - if your scan doesn't show anything - it is likely being blocked by the malware. I prefer to use a Linux based rescue disk - available FREE from several different antivirus companies. (you may have to dig through their website to find the free version) Put the rescue disk on a CD or USB stick (you may have to do something to the USB to make it bootable. Power your computer all the way off - and boot it using the rescue disk - this will boot a NON windows operating system that the virus cannot infect or block - and run the antivirus included to clean it - the one I use is Kapersky rescue disk - and is available FREE here http://majorgeeks.com/Kaspersky_Rescue_Disk_d6501.html The rescue disk will need an internet connection to update it's virus database. As you are now running a Non windows system, the virus cannot infect it. (I'm sure they will eventually figure out a way to get around this too) Classic case of not reading the original post. Link to comment Share on other sites More sharing options...
fiewiel Posted March 23, 2013 Share Posted March 23, 2013 OMG LOL @ OP!! You reformatted!?!?!? ROOOOFL. I downloaded this same trojan from this site yesterday. I'm going to tell you how to fix it, if anyone else comes across it. Hopefully they won't be like the OP and REFORMAT! LMAO! Ok... Once the screen pops up blocking any further action, turn off the computer. Unplug it from the internet, or turn your router off. Boot the computer back up, and you'll notice the screen doesn't pop back up.At this point, you should run the scan for whatever virus protection you have. I personally use Malwarebytes, it IS the best. It caught it for me in no time, and got rid of it. If your anti-virus doesn't fix this trojan, try to get on a different PC and download Malwarebytes, along with the update and upload it to your PC via flashdrive, install, then scan with it. It comes with a 2 week trial, but costs just 15 dollars ONCE afterwards, and is totally worth it. P.S. To folks like the OP: Reformatting just means you suck with computers and don't know how to fix anything. Get a hold of me if you have a problem, I can save you losing your data, or paying a tech $100 or more. :smile: Cheers!Guy your attitude sucks. If you got infected by some unknown .exe and than start to make fun out of other people with the same problem you should just be very very quiet. Link to comment Share on other sites More sharing options...
scot Posted March 23, 2013 Share Posted March 23, 2013 I had that virus 4 times, luckily I was able to remove it by starting my system with the recovery menu and get back in pc time when I didn´t had the virus then I just make a full scan with my antivirus and remove it. One of it I was able to just start in the safe mode and making a full scan and remove it. I hate that virus makes my blood boil when I start to see a blnk screen and then that notice that I´m downloading music (I don´t even hear music -.-) I get this virus often simply by browsing the internet with antivirus, it makes me think how dangerous the internet is for computers. HAha, it sounds like you have one of those fake anti-viruses. Actually I use microsoft security essentials all updated and the antivirus acuses the virus but 1 or 2 seconds after it blocks my computer. Link to comment Share on other sites More sharing options...
Georgiegril Posted March 23, 2013 Share Posted March 23, 2013 I ran across a site that does rather exhaustive testing of different anti-virus programs, in various situations, (not all of them, they leave out Comodo for example). My kaspersky is about to expire and I have been looking into alternatives. Just thought I would post the link, since I have seen a lot of people looking to find a new or better AV program, and this is a bit more comprehensive and objective than just one person's experience.AV-Comparitives, independent testing I ran accross it, BTW, after investigating NOD32 and seeing a complaint that they falsely represent their rating from this organization....anyway, I hope the site is useful to someone! Link to comment Share on other sites More sharing options...
Recommended Posts