Skip to main content
I just got a warning sign on my computer screen from Microsoft that said I may have potential threats that may cause a system crash. Clean computer now. I ran a scan with Webroot and it came up with no threats. What do I do?
Hello LMA,

 

Welcome to the Community!,

 

 

THIS IS A SCAM!!  Neither Microsoft nor any other company sends emails, pop ups, or phone calls of any kind advising that you may have a problem.

 

If you clicked anything links, allowed them to remote into your computer, or went to any web sites please submit a Trouble Ticket ASAP.  (Now would be a good idea....)

 

If you would like more information, read on (After submitting that Trouble Ticket.....)

 

NEWS ARTICLE: Tech Support Scams are on the rise.

 

 

Microsoft never issues this type of warning or email or anything of a sort!  Please see the following link for Microsofts official word on this:

http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx

 

"Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.

 

Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you're using.

 

Once they've gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable."

 

Also see Avoid scams that use the Microsoft name fraudulently

http://www.microsoft.com/security/online-privacy/msname.aspx 

 

 

For more information here iwhat the United States Federal Trade Commission has to say on the subject::

http://www.consumer.ftc.gov/articles/0346-tech-support-scams

 

"In a recent twist, scam artists are using the phone to try to break into your computer. They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need.

 

These scammers take advantage of your reasonable concerns about viruses and other threats. They know that computer users have heard time and again that it’s important to install security software. But the purpose behind their elaborate scheme isn’t to protect your computer; it’s to make money."

 

This scam is common and has been around for quite a while.  Here is a good Webroot Blog article from April 2013 by Threat Researcher Roy Tobin.

http://www.webroot.com/blog/2013/04/30/fake-microsoft-security-scam/

 

 

Best Regrda,
I just got the same message. Went to Webroots and ran a full scan. Everything seems fine. RFS
Thank you!  Did not click on it.
Hello CincyStorm8,

 

Welcome to the Community Forum,

 

Also @ I would advise you to do a PUA check of your system just to be sure that there isn't anything triggering that popup,

 

Please follow these instructions below but I still would issue a Support Ticket just to be safe.

 

Here's our writeup of PUAs..

This is long but it can help you out alot and if you can't do this then issue a Support Ticket. OK?

 

hat you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application) These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.

 

WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.

 

For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Trouble Ticket, especially if you cannot remove it easily from the directions in the KB Article.

 

For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket.  Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.

 

To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:

 


  • Open Webroot SecureAnywhere
  • Click on ‘Advanced Settings’ from the top right
  • Select ‘Scan Settings’ from the left side
  • Unselect the option “Detect Potentially Unwanted Applications”
  • Click on the Save button (you may have to enter in a CAPTCHA)
  • Reselect the option to “Detect Potentially Unwanted Applications”
  • Click on the Save button
  • Run another scan with Webroot and remove any items that get detected.
To help avoid PUA's in the future, remember to read all of the information when installing or updating software (Adobe downloads often have those "extra special offers"attached... PUA'S!: often the PUA included will be mentioned, and you can opt out of installing it.  Those check boxes you see? Usually only one of them is for the User Agreement of the software you want, the others are for the junk you don't.

 

 I hope this helps you both understand, and resolve the problem and if not please let us know!

 

 

 

NOTE: As noted above, PUA's that:

 


  • Come in with other downloads
  • Have a clear opt out ability prior to install
 

are often NOT detected and removed.  This is partly for legal reasons: the source of the download can complain about it's extra software being blocked automatically by Webroot.  There may be to allow WSA to recognize and block a LOT more PUA's than it currently can.  Please see THIS IDEA for more information, and give a KUDO if you agree.  User Idea requests are noted by the Webroot Team, and the more Kudo's on an Idea the more likely we may see dev time devoted to it.

 

 

Please let us know how everything is going so that we may help others,

 

Thanks,

 

 

 

Reply