Absolutely wrong. (Think about it. Why would the virus bother to announce its presence if you’re already infected?)
The pop-up (not a virus*) is created using javascript (which can be hidden in a single pixel). The script is then hidden in an innocuous advertising graphic. Most sites use services that provide their ads. The malware programmers take out an ad on the service (hiding their identities). They show the ad provider a clean version of the ad. Then, they swap it out for one with the javascript. Presto! Anyone getting the ad will get the message. Any site that uses that service – even legitimate uninfected sites – will give the popup.
The best response to this warning is to kill the process through task manager. You can run a Malwarebytes scan, but it probably won’t find anything, since the scam requires you call the number shown.
Despite the scariness of the warning, it’s meaningless. The whole point is to scare you, so you do what they want. Fear is the mind killer.
*As I pointed out, I do a Malwarebytes scan as a precaution and it’s never found a virus on the computer that had one of the popups.
This same thing happened to one of my neighbors, who I help regularly with her old Windows laptop. She left a message on my phone, which I didn’t get to right away, and panicked so much that she called the number and they sold her a $700 plan to reinstall Windows. When I called her back, she was still on the phone with them. She insisted I come over to deal with it. She was still on the phone when I got there, and I told the person on the phone we were not interested in what they were selling. Then I canceled her credit card.
When she told me about how she got the message on the screen, and how it wouldn’t go away, I asked her why she simply didn’t turn the computer off. This is something I’ve told her over and over again these past years, if there is a problem, reboot. I think she’s finally got it.
By the way, I did run a virus scan on her laptop, and there was nothing there. In her case it was just a browser pop-up window that wouldn’t close.
Probably wasn’t a dialog box at all, but a picture of a dialog box inside the page, in which case clicking the red x may have been performing some other (undesirable) action.
It is probably a website with malware ads that make the popup. The goal is typically to get you to call the service and let them fix your computer. There is possibly a fee, but I’ve heard of them claiming to be from a legitimate entity (e.g. your ISP or Microsoft) and saying they’ll do it for free. They’ll need access to your computer to run some programs, and they’ll need your IP and some additional information to access the computer. Once they have that information, there are a number of malicious things they can do, from installing malware (including the cryptoware, remote access tools) to stealing passwords and bank info.
For what it’s worth, my sister in law had this happen to her. On her Mac, watchwolf49.
Correct. This happened to me a month or so ago, and they had an 800 number and a very authoritative and savvy dude with an Indian accent who gave me some good directions, said that my pc was infected and that in order to get just a month’s protection I’d have to cough up I think it was $99, two months, $199, lifetime,–and get this, transferable to all future computers! :rolleyes:–$399. He was amazingly persuasive and polite, and when I said I’d like to think about it I think he gave me a number to call back so I could buy the program.
I thought about it for a while, took a long walk, went to the library, did some googling, and while I’m not sure exactly what I found out that compelled me to do so I decided to try system restore before doing anything else. This was an “insurance decision” based on my intuition that maybe, just maybe I was being set up., that the whole thing, the malware-virus-trojan thingie and the offers to fix everything wrong on my pc may just be the same guys.
Cut to the chase: I carefully read the system restore guidelines to make sure I would save most of what was on my pc (just in case), which was the most recent date, clicked the button,–and lo! :D–my pc was back to being totally normal, has been ever since. I’ve since downloaded a free malware program, have not bought the full program, and it occasionally finds stray PUPs and other nasty things. Most of all I am uber cautious when allowing pop-ups, which seems to be what got me in hot water in the first place. Bottom line: be careful where you travel on the web, read all warnings, don’t give your e-mail to anyone you don’t know for sure is alright. My pc (actually a lap) has been running just fine ever since.:o
I’m only using about 200gb on a PC that has a 1tb hard drive. 2TB and larger external hard drives are cheap insurance. What I’m looking for is a stand-alone program that will back up my entire computer onto an external hard drive. I would boot this program just before bedtime periodically and it would backup my entire hard drive while I’m asleep. I’d reboot Windows in the morning after disconnecting the external drive. If I did happen to download ransomware at some point, the hijacker would not be able to encrypt the data because all the data are off-site.
This program should also have a stand-alone restore option wherein I could erase and restore my hard drive so I could reboot.
They do. You probably already have it. On Win 7 it’s called “Backup and Restore”. You can have it make an image of your entire system drive and/or you can select certain other drives and directories to be backed up.
Doing this manually every night seems like a chore. I’d just schedule it to run every night. Buy two backup drives and swap them a couple times a week or whenever you think of it.
No, I want something that runs independent of Windows. Anything that currently resides on my computer could be corrupted by a ransomware virus. Besides, system restore does not backup user data.
Yes, I realize that this is labor intensive, but I would only run it once a month or so. I already run incremental backups of user data on a weekly basis and store the backups on drives that are disconnected from the computer.
I am not sure what you mean here. I’m not talking about restore points or anything like that. I’m talking about Windows Backup’s drive IMAGE functionality. It’s a byte-for-byte copy of your entire drive. User data and all directories, even those not related to windows at all. If/when the need arises to restore, you blow away the entire volume and replace it with the drive image. Or use a brand new drive. After you boot the machine, it’s in the exact same condition it was the day you backed it up.
I can understand you wanting something independent from Windows in case the attacker wants to screw with that too. But why wouldn’t that same attacker also be able to screw with backup files created by non-Microsoft products as well?
My younger brother had me install Teamviewer (a program that allows remote access) on my computer. He poked around on it and found that the virus would have allowed the hackers to manipulate my computer without me even knowing about it. And yes, they would go after credit-card accounts (I have no credit cards) and my bank account (usually nearly empty). I hope the feds get the goods on these bastards soon. :mad:
One of the challenges with advice in this forum (and many others) is there are alot of well meaning people who know little about nuts and bolts windows. Restore vs. system restore vs. refresh vs. backup, and the various features that are or are not included by default on the various versions of windows make it even more confusing to the average user. Windows backup is not installed by default on Win7 Home for example but is on Win7 Pro.
This implies an active attacker, this is winning lottery ticket grade rare. Viruses are 99.9999% a passive process. There is no interpretation and decision making.
The situation Dougie_Monty is dealing with is a scam, not ransomware. Ransomware situations are epic disasters that you do not recover from without backups or paying the ransom. I have been involved in 6 of these at businesses in the last 2 months, 1 lost everything, 3 had backups, 2 paid the ransom and got the files decrypted.
While I echo the recommendation for Malwarebytes, it’s worth noting that there are fake Malwarebytes download pages out there, which serve up yet more shit to the victim (link goes to a Malwarebytes blog post on the issue).
I’ve seen an infection where attempts to browse to Malwarebytes.com were redirected to one of these malicious fake sites, which looked reasonably realistic. The idea is presumably that the target, having discovered an infection, will attempt to run anti-malware, but will just end up even more malware-riddled than before.
If you’re using an infected computer, and you’re not absolutely completely 110% sure you’re navigating to the the legit Malwarebytes site, I’d recommend downloading the installer from an uninflected machine, copying it to a USB stick and installing from there.
My mom had a message like this pop up on her Mac, and she not only called the number but she dutifully followed the steps given by the ne’er-do-well at the other end of the line
She balked when he asked for a credit card, and said she would need to ask her son.
She called me, at which point I had her unplug the computer and pack it up and ship it to me (to NJ from the west coast). I replaced her hard drive with a new SSD I had kicking around, saved the 10 documents (!) she had on her old drive, gave her the latest OS, and shipped it back.
That particular problem was a simple browser popup script, but once she let him in, the machine was tainted, so it was easier to do the full wipe.
Office Depot wanted to do this–wipe my hard drive, after my data is backed up ( I have a flash drive with a 13-gigabyte capacity) and reinstall the operating system, Windows 7. All this for about $110.
I’m not sure this is necessary now, however, after what my brother did. Footnote: Some of you may have seen a box pop up on the Internet advertising “Windows 11.” I told the Office Depot technician about that; he said there is no such thing.
