Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: How do i stop popup claiming my PC has been infected?


24 Dec 2011   #1

Win7 Ult 64b
 
 
How do i stop popup claiming my PC has been infected?

I have had this happen in the past week on two different Windows 7 PC's. I am sure that it is not a virus on either PC because after it happens I can shut the PC off without doing anything else then reboot and I scan with the latest version and updates of Spybot, Malwarebytes and Eset Nod32, all three come back as negative.

With IE8 I can be surfing the web and all the sudden I got a popup that says my PC has been infected and the resulting window looks like the program is scanning the PC. I have had this happen when I am at Yahoo's website so it does not have anything to do with questionable websites. I recall that the popups had a name like Microsoft Security Isentials 2012 or whatever. I believe that I have seen them called by two different names.

A month ago on an XP PC and last night on this PC I tried to shut the popup program down and all that did was get my PC infected. Running Spybot and Malwarebytes got rid of the infection and after that I ran Eset Nod32 and that came back with no infections found.

How can I get this to stop popping up on my PC and running its bogus scan?

My System SpecsSystem Spec
.

24 Dec 2011   #2

Windows 7 Home Premium x64
 
 

Thats a infection. NOT from Microsoft ,heres instructions :Remove Win 7 Security 2012 (Uninstall Guide)
My System SpecsSystem Spec
24 Dec 2011   #3

Windows 7 Ultimate SP1 - 64 Bit
 
 

Can you provide us with a Screenshot please.

Press Print Screen on your Keyboard, paste it into Paint (CTRL+V), Save it as [imagename].

Upload it to Tinypic

And upload it in your next post: Screenshots and Files - Upload and Post in Seven Forums
My System SpecsSystem Spec
.


24 Dec 2011   #4

Win7 Ult 64b
 
 

Thanks for the links it was useful information. That is what I had, but with Spybot and Malwarebytes I had already gotten rid of it. I downloaded and ran RKill and TDSSKiller, they did not find anything so the previous runs of Spybot and Malwarebytes got rid of it. After running RKill and TSDDKiller I ran Malwarebytes again to be on the safe side and Malwarebytes did not find anything.

My real question is how to I prevent this in the future? Isn't ESET NOD32 suppose to prevent this? I have ran into this twice now on Yahoo's website and I am tired of this! How do I stop it from attacking my PC?
My System SpecsSystem Spec
24 Dec 2011   #5

Win 7, 32bit, Premium
 
 

Quote   Quote: Originally Posted by idahosurge View Post
With IE8 I can be surfing the web

Not to be off-subject, but you prefer IE8 over IE9 ? 9 is said to be more secure.
My System SpecsSystem Spec
24 Dec 2011   #6

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 

If it happens consistently at the same web site, I would suspect the web site. If it happens randomly, then there may be a piece of the malware remaining that didn't get removed.

Norton Power Eraser will remove stubborn malware.

Norton Rescue Tools

Quote:
Because Norton Power Eraser uses aggressive methods to detect threats, there is a risk that it can select some legitimate programs for removal. You should use this tool very carefully.
If you continue to have the same problem, you might want to try a Bootable AV rescue disk, which will scan the system before the infection has a chance to initialize. Here is a site with a list of disks you can use:

Free Bootable AntiVirus Rescue CDs Download List

(Note, Kaspersky rescue disk has caused problems in the past. If they have remedied that, I do not know so you may wish to try one of the other disks before using that one)

It could also be random "fly by malware". If you are using Firefox, add a program called NoScript, that will stop any malicious scripts from running on a page. There is a similar program for IE, but I'm at a loss to recall what it is. Maybe someone can help me out on the name?

When you get that pop up message, it's best to use the Alt + F4 key to shut the window, since clicking on anything, including the red X can cause a d/l to initiate. Also, if it's convenient, shut down the net connection before shutting the window, to be even more sure something isn't sneaking into your system
My System SpecsSystem Spec
24 Dec 2011   #7

Windows 7 Professional SP1 64-bit
 
 

According to bleepingcomputer.com you were suppose to merge FixNCR.reg first.

Also:
Quote:
If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes' Anti-Malware to protect against these types of threats in the future.
My System SpecsSystem Spec
24 Dec 2011   #8

Win7 Ult 64b
 
 

Quote   Quote: Originally Posted by Flatiron View Post
According to bleepingcomputer.com you were suppose to merge FixNCR.reg first.

Also:
Quote:
If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes' Anti-Malware to protect against these types of threats in the future.
I did run FixNCR.reg before I ran RKill and TDSSKiller.
My System SpecsSystem Spec
24 Dec 2011   #9

Win7 Ult 64b
 
 

Quote   Quote: Originally Posted by torre View Post
Quote   Quote: Originally Posted by idahosurge View Post
With IE8 I can be surfing the web

Not to be off-subject, but you prefer IE8 over IE9 ? 9 is said to be more secure.
I do prefer IE8 because I can not stand the way they changed the search function on IE9, but I may have to consider switching.
My System SpecsSystem Spec
24 Dec 2011   #10

Win7 Ult 64b
 
 

Quote   Quote: Originally Posted by Borg 386 View Post
If it happens consistently at the same web site, I would suspect the web site. If it happens randomly, then there may be a piece of the malware remaining that didn't get removed.

Norton Power Eraser will remove stubborn malware.

Norton Rescue Tools

Quote:
Because Norton Power Eraser uses aggressive methods to detect threats, there is a risk that it can select some legitimate programs for removal. You should use this tool very carefully.
If you continue to have the same problem, you might want to try a Bootable AV rescue disk, which will scan the system before the infection has a chance to initialize. Here is a site with a list of disks you can use:

Free Bootable AntiVirus Rescue CDs Download List

(Note, Kaspersky rescue disk has caused problems in the past. If they have remedied that, I do not know so you may wish to try one of the other disks before using that one)

It could also be random "fly by malware". If you are using Firefox, add a program called NoScript, that will stop any malicious scripts from running on a page. There is a similar program for IE, but I'm at a loss to recall what it is. Maybe someone can help me out on the name?

When you get that pop up message, it's best to use the F4 key to shut the window, since clicking on anything, including the red X can cause a d/l to initiate. Also, if it's convenient, shut down the net connection before shutting the window, to be even more sure something isn't sneaking into your system
Thanks, I will keep this in mind.

Maybe I will try Firefox and NoScript.
My System SpecsSystem Spec
Reply

 How do i stop popup claiming my PC has been infected?




Thread Tools



Similar help and support threads for2: How do i stop popup claiming my PC has been infected?
Thread Forum
How to stop annoying Windows Security popup System Security
Outlook 2010-Managing shared alias inbox as case claiming system Microsoft Office
Solved How to stop popup that says files are ready to be burned to disc Music, Pictures & Video
How do I stop - "Application/json" file down load popup? General Discussion
Ransomware encrypts files claiming SOPA piracy charges Security News
Stop AutoPlay Popup General Discussion
claiming primary partition with window 7 Installation & Setup

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:41 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33