Fake virus alert that freezes computer?"
Page 1 / 1
Hello DonaldReimer,
Welcome to the Webroot Community,
The “Virus Alert – Warning” pop-up ads are caused by an ad-supported extension for Internet Explorer, Firefox and Chrome, which is distributed through various monetization platforms during installation. This malicious browser extensions is typically added when you install another free software (video recording, download-managers or PDF creators) that had bundled into their installation this adware program.
“Virus Alert – Warning” is used by cyber criminals to promote their remote support services.
What you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application) These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's.
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket. Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
Hope this helps?
Welcome to the Webroot Community,
The “Virus Alert – Warning” pop-up ads are caused by an ad-supported extension for Internet Explorer, Firefox and Chrome, which is distributed through various monetization platforms during installation. This malicious browser extensions is typically added when you install another free software (video recording, download-managers or PDF creators) that had bundled into their installation this adware program.
“Virus Alert – Warning” is used by cyber criminals to promote their remote support services.
What you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application) These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's.
- Go to the Control Panel where the “Programs and Features” or the “Uninstall a Program” screen is displayed, scroll through the list of currently installed programs and uninstall New Player, HostSecurePlugin, CloudScout Parental Control, Savefier, Storm Watch, Media Video Players, Browsers_Apps_Pro, Save Pass, HQualityPro-1.6, Sm23mS, Salus, Network System Driver, SS8 and HD-V2.2.
The malicious program may have a different name on your computer.
To view the most recently installed programs, you can click on the “Installed On” column to sort your programs by the installation date. Scroll through the list, and uninstall any unwanted or unknown program.
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket. Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
Hope this helps?
? if you can't find it in the list of programs there's something else you can try for what it is worth... Some of the critters referred to by Ssherjj have the habit of altering something to the shortcut of your browser.
Locate the shortcut icon from your browser, right-click on it and go to properties. Go to the shortcut tab and select target
( or just look at the image below 😃 ) Remember, desktop, taskbar & menu as these are different shortcuts
See if in that target field there is anything mentioned behind the "C:Program FilesGoogleChromeApplicationchrome.exe" ==> can be internet explorer if you use IE or FF when you use FF .
Just don't have them all so can't screenshot better but i'm sure you get the point
So if there is anything past the final " that looks like an url ( link ) then consider it not essential to the functionality of your browser & then remove that bit...If you are unsure copy paste the entire line in notepad or something you can save and then edit , apply and ok... Then try that shortcut again and see what happens... Not everythign's gone yet but some of the browser hijacks might be
Have a good day and feel free to ask if you need more or i was too nerdy again...
And forgive me for the Dutch version of Windows 10 :$ ( no i didn't go & borrow an OS like what some might think :D )
Locate the shortcut icon from your browser, right-click on it and go to properties. Go to the shortcut tab and select target
( or just look at the image below 😃 ) Remember, desktop, taskbar & menu as these are different shortcuts
See if in that target field there is anything mentioned behind the "C:Program FilesGoogleChromeApplicationchrome.exe" ==> can be internet explorer if you use IE or FF when you use FF .
Just don't have them all so can't screenshot better but i'm sure you get the point
So if there is anything past the final " that looks like an url ( link ) then consider it not essential to the functionality of your browser & then remove that bit...If you are unsure copy paste the entire line in notepad or something you can save and then edit , apply and ok... Then try that shortcut again and see what happens... Not everythign's gone yet but some of the browser hijacks might be
Have a good day and feel free to ask if you need more or i was too nerdy again...
And forgive me for the Dutch version of Windows 10 :$ ( no i didn't go & borrow an OS like what some might think :D )
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.