Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Suspicious IE pop-up message

18 Apr 2011   #1
Thomas R

Windows 7 Ultimate x64 SP1 Ver. 6.1.7601 (Build 7601)
Suspicious IE pop-up message

When I tried to open a link from a Google search I got this pop-up message (see attachment).

It seems the original link was broken and instead of showing a 404 message the link was hijacked and redirected to
[link removed]

I tried to close it by clicking the Windows [X] button but that opened another browser window in full screen showing Computer (where it shows all drives attached to the computer) and it looked like it was performing a scan. I immediately shut it down with Task-Manager. Then I performed full scans with Microsoft Security Essentials and also with Malwarebytes which both could not find any infections. So either I was fast enough to kill it in time or it does something else – in all likelihood nothing good.

So does anyone know what this is and how to protect yourself against it?

Btw. by now I have added this domain to my blocked list

Attached Images
Suspicious IE pop-up message-unbenannt.jpg 
My System SpecsSystem Spec
18 Apr 2011   #2

Microsoft Community Contributor Award Recipient


Looks like this is another form of scareware - trying to trick people into believing their computer is infected and the only way to get rid of the malware is to buy a "special" program only offered by the bad guys.

If MSE and Malwarebytes haven't found anything, that's a good sign you probably closed down the scareware before it could do any damage. But you might want to run one more free product - Norton Power Eraser. Heed the warning: "The tool uses more aggressive techniques than your security product, hence there is a risk that it will flag legitimate programs for removal. You should carefully review the scan results page before removing any files."

Scareware Removal | Norton Power Eraser

You can download from here.
My System SpecsSystem Spec
18 Apr 2011   #3

Windows 7 Ultimate x64

Quote   Quote: Originally Posted by Thomas R View Post
...So does anyone know what this is and how to protect yourself against it?
Don't click OK.
My System SpecsSystem Spec

18 Apr 2011   #4
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10

Anytime something pops up saying you have a virus/malware, you need to consider the following:

Did I install this software on my PC at some point?

If you didn't, then the chances are good it's a rouge trying to get you to click on it to either install malware/virus

Is it a real message from any AV/Anti-Malware you have on your PC?

Fake AV authors go through a lot of trouble to craft screens that may look almost exactly like your current AV/Malware detection screens. Along with lots of flashing buttons and red warning screens to get you to panic & push the button.

Know your software and know what the screens look like as well as the typical behavior for it. If something seems "out of the ordinary", best to investigate it before taking any actions.

Hitting the "X" and having it take you to another screen is evidence that you had a persistent program that wouldn't take no for an answer. Unfortunately nowadays, hitting the "X" does not guarantee the program will close and is usually set as "go ahead".

The way I deal with these occasional annoyances is I lock down the firewall and hit alt +F4 (although with today's malware, even that's no guarantee it won't try to redirect to something else, hence the reason I lock the firewall to shut off all traffic)
My System SpecsSystem Spec
18 Apr 2011   #5

Windows 7 Ultimate 64 bit

The paid version of Malwarebytes' Anti-malware blocks malicious IPs, thereby helping to protect you from that garbage. They charge a one-time fee, there are no annual renewal charges.

I also recommend using the NoScript add-on for Firefox.

WinPatrol is another great addition to your protection programs. It will prevent programs from making changes to your registry without your consent. Very light on resources, very effective. There are free and paid versions available.
My System SpecsSystem Spec
18 Apr 2011   #6

Windows 7 & Windows Vista Ultimate

Hi, ThomasR.

In addition to the other responses you have received, it would be a good idea to do thorough cleaning of the Temp Files on your computer. I suggest TFC:

Download TFC to your desktop
  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
My System SpecsSystem Spec

 Suspicious IE pop-up message

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar help and support threads
Thread Forum
Could I Be Infected? Suspicious Error Message From Program
So earlier today I heard a song in a Youtube video that I wanted to find the name of so that led me to this software called: Tunatic. After downloaded the setup file, I ran it but it gave an error: runtime error 216. The setup then closed. Something about the error message didn't look like....
System Security
Suspicious E-Mail
I got a very suspicious e-mail. It's in my spam, fortunately but I was wondering if anyone knows anything about this phishing attempt?
Chillout Room
Two suspicious processes
I tried googling them with no results. A log of my whole startup is included as an attachment. The two suspicious processes are: Yes HKLM:Run x0ux9jD C:\Users\Gummi\AppData\Local\Temp\UmVQd.exe and Yes HKCU:Run ykfXkcM C:\Users\Gummi\AppData\Local\Temp\UmVQd.exe
System Security
Should I get suspicious?
:sarc: I'm getting this every once in a while in Resource Monitor - Network . It happens a little while after I open an IE window. Open the image and you'll understand what I mean. Is this normal???
General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 23:31.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App