The Italian virus who asks for a bribe

I was just talking to a friend in Italy and she was a bit upset because of a received message on the internet which blocked her computer.

She said that she got a message in her browser (and on her desktop I think) similar to the one in the picture which says that the Guardia di Finanza (Financial Guard of Italy) has blocked her computer because they found some pedophilic and terrorist material. I didn’t knew if the Italians had implemented such blocks in their country but it sounded weird (although I guess in some countries this would be possible). Anyway, I googled “guardia di finanza virus” and found some websites, mostly in Italian. It turns out it is a virus and it demands money to unblock your system. I told her about this and she said she also found it weird that they were asking for 50 euros to forget all about it. It all came clear.

As I understand, the virus blocks the start button, the Run process, you know…the works. But the browser could still be used in this case. It is a bit of a bad ass virus for doing that mixed with a huge hint of phishing (trying to make you give the credit card details). By this I mean it has a high risk factor to it.

An Italian blogger explains here about this. You probably don’t know Italian so I’ll translate a bit for you. He’s basically saying that he came across this and found it funny that the Financial Guard won’t arrest him for such accusations but instead would take bribe.

HOW TO REMOVE IT

He then talks about a method, pressing F8 when the computer starts and choosing the option “Start with command prompt”. Then you have to manually remove:

c:programdataNOTEPAD.EXE-X.TXT
and
c:programdataRUNDLL32.EXE-X.TXT

But that’s too complicated. Instead you could choose to download Malwarebytes. You could also try IObit, from the same website. It usually gets this hard job done. You might have problems downloading it but let’s hope you don’t. I sent this program using Yahoo Messenger to this person and it got downloaded and it even made it’s update. After the update, close your internet connection and give it a Full Scan.

It should work just fine. I will return with a later update to tell you if the job is done.

As for a good Anti-Virus to always have on your computer…I don’t know what to say. I have the free version of AVG and I thought I should scan my system today. I see I have 2 trojan viruses and a smaller threat. So, maybe this free version isn’t really protecting me that much but it’s protecting me…in a less efficient way. I recommend scanning monthly or once in three months or four with more powerful tolls like Malwarebytes, IObit, CCleaner, and so on. They are freeware (free to use).

I made this post because one could get scammed in such a way, seeing how we live in a tough economy and a lot of people don’t want trouble, even if they didn’t made a mistake. So, be prepared for this sort of tricks of the internet!

[LE] Malwarebytes failed she said but IObit probably did some cleaning. You’re on your own guys!

p.s. Somebody reminded me of a good idea but it’s for prevention only. Make a Backup of your system  (Start – All Programs – Accessories – System Tools – Backup). Then you can use it later on to Restore your files and settings (by going in the same place Start – Accessories…).

[LE] 20-11-2012

A lot of people talk about Rescue Disks. There are various softwares that gives you a kit for you to burn on a CD or write on a USB. With this, when you turn on your system, it safetly removes any problem. Try Kaspersky or Bitdefender.

 

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.