Bogus Virus Warning - How Did I get to the Webpage?

  • Thread starter Thread starter Roger
  • Start date Start date
R

Roger

Guest
This morning I think I had one copy of IE8 running and was on my

my.yahoo.com home page when I got a popup "Message from webpage" that said:



"Warning! Your computer contains various signs of viruses and malware

programs presence. Your system requires immediate anti viruses check!

System Security will perform a quick and free scanning of your PC for

viruses and malicious programs." "OK" "Cancel"



I hit cancel, but was redirected to 94.102.55.9 anyway and a very

convincing virus checker appeared to be running.



I am running Windows 7 and MS System Security Essentials says no

problems found.



My question is - is there anyway to be certain where the popup message

or the link to 94.102.55.9 originated? Does the IE history contain

something like a referrer link that I can access?



Once the popup message appeared, I was unable to do a view source or run

any of the IE debuggers on the parent page. Is there any way to

investigate the source of the popup when it is on my screen?



Roger
 
Even if you could find out who served the pop-up, it probably won't be

there in a few hours.



If you regularly see that phony warning on the same web page (or

domain), /stop visiting that web page or domain/ and inform the

webmaster that their page has been hacked. You can also inform Microsoft

(or Mozilla as the case may be) to consider that page or domain for

their phishing filters.



Do /not/ attempt to learn anything about that bogus pop-up; there's

nothing you can do about it and your attempts may end up installing

malware on your computer.



When you see one of those things, the safest way to dismiss it is via

Task Manager > End Task.

---

Leonard Grey

Errare humanum est



Roger wrote:

> This morning I think I had one copy of IE8 running and was on my

> my.yahoo.com home page when I got a popup "Message from webpage" that said:

>

> "Warning! Your computer contains various signs of viruses and malware

> programs presence. Your system requires immediate anti viruses check!

> System Security will perform a quick and free scanning of your PC for

> viruses and malicious programs." "OK" "Cancel"

>

> I hit cancel, but was redirected to 94.102.55.9 anyway and a very

> convincing virus checker appeared to be running.

>

> I am running Windows 7 and MS System Security Essentials says no

> problems found.

>

> My question is - is there anyway to be certain where the popup message

> or the link to 94.102.55.9 originated? Does the IE history contain

> something like a referrer link that I can access?

>

> Once the popup message appeared, I was unable to do a view source or run

> any of the IE debuggers on the parent page. Is there any way to

> investigate the source of the popup when it is on my screen?

>

> Roger
 
@Roger:



And if a Norton or McAfee free trial came preinstalled on the Win7 computer

when you bought it, MSE may not have installed properly and therefore may

not be working properly.



Leonard Grey wrote:

> Even if you could find out who served the pop-up, it probably won't be

> there in a few hours.

>

> If you regularly see that phony warning on the same web page (or

> domain), /stop visiting that web page or domain/ and inform the

> webmaster that their page has been hacked. You can also inform Microsoft

> (or Mozilla as the case may be) to consider that page or domain for

> their phishing filters.

>

> Do /not/ attempt to learn anything about that bogus pop-up; there's

> nothing you can do about it and your attempts may end up installing

> malware on your computer.

>

> When you see one of those things, the safest way to dismiss it is via

> Task Manager > End Task.

> ---

> Leonard Grey

> Errare humanum est

>

> Roger wrote:

>> This morning I think I had one copy of IE8 running and was on my

>> my.yahoo.com home page when I got a popup "Message from webpage" that

>> said:

>>

>> "Warning! Your computer contains various signs of viruses and malware

>> programs presence. Your system requires immediate anti viruses check!

>> System Security will perform a quick and free scanning of your PC for

>> viruses and malicious programs." "OK" "Cancel"

>>

>> I hit cancel, but was redirected to 94.102.55.9 anyway and a very

>> convincing virus checker appeared to be running.

>>

>> I am running Windows 7 and MS System Security Essentials says no

>> problems found.

>>

>> My question is - is there anyway to be certain where the popup message

>> or the link to 94.102.55.9 originated? Does the IE history contain

>> something like a referrer link that I can access?

>>

>> Once the popup message appeared, I was unable to do a view source or run

>> any of the IE debuggers on the parent page. Is there any way to

>> investigate the source of the popup when it is on my screen?

>>

>> Roger
 
The site below explains how to use Process Explorer and MalwareBytes'

Anti-Malware to remove the infection, which is frequently recommended in this

newsgroup. You might not yet actually be infected but you should assume you are

until you have completed the tests described.







Clicking _any part_ of a malware pop-up is like saying "Please come in." to a

vampire! :-(



--

G. R. Woodring





Date: 2/19/2010 11:06 AM, Author: Roger Wrote:

> This morning I think I had one copy of IE8 running and was on my

> my.yahoo.com home page when I got a popup "Message from webpage" that said:

>

> "Warning! Your computer contains various signs of viruses and malware

> programs presence. Your system requires immediate anti viruses check!

> System Security will perform a quick and free scanning of your PC for

> viruses and malicious programs." "OK" "Cancel"

>

> I hit cancel, but was redirected to 94.102.55.9 anyway and a very

> convincing virus checker appeared to be running.

>

> I am running Windows 7 and MS System Security Essentials says no

> problems found.

>

> My question is - is there anyway to be certain where the popup message

> or the link to 94.102.55.9 originated? Does the IE history contain

> something like a referrer link that I can access?

>

> Once the popup message appeared, I was unable to do a view source or run

> any of the IE debuggers on the parent page. Is there any way to

> investigate the source of the popup when it is on my screen?

>

> Roger
 
You must log in or register to reply here.

Similar threads

A
How can I get the settings for Define Power Buttons -> "Change settings that are currently unavailable" to appear?
Replies
0
Views
7
Arthur_Snobb
A
A
How can I get the settings for Define Power Buttons -> "Change settings that are currently unavailable" to appear?
Replies
0
Views
6
Arthur_Snobb
A
A
How can I get the settings for Define Power Buttons -> "Change settings that are currently unavailable" to appear?
Replies
0
Views
7
Arthur_Snobb
A
D
How do i get rid of popup false virus alerts in Windows 11?
Replies
0
Views
8
Digiti124
D
D
How do i get rid of popup false virus alerts in Windows 11?
Replies
0
Views
20
Digiti124
D
Back
Top