Jump to content

Microsoft Official Support Popup


Recommended Posts

I viewed another sketchy (adult) video and came across a potential malware/PUP attack that opened in a new tab and claimed to be from Microsoft (see first attached image) followed by another "ad" asking to install an HD Video player (see second attached image). I have become more self-aware that these pop-ups may not be malicious as they claim to be, but it's always a good idea to get it checked out.

 

microsoftsupport.png

hdvideo.png

Link to post
Share on other sites

Fraud site and not real.  It is not malware on your PC.  Both graphics represent forms of Internet Malvertisements

The top graphic is similar the the below video.

http://multi-av.thespykiller.co.uk/other/MallwareScam.wmv

They can be mixed into a rotating advertisement on a web site or mixed into a randomized advertisement.  Some web sites are more prone to this than others.  It is dependent on whom the web site owner chooses to do advertisement business with.  Over a ~3 month period Newegg had this problem.  All you had to do was continuously refresh the web page and eventually the malvertisment was displayed.  In their case it was a fake Adobe update.  In this case it is a fake indication of infection and a supposed HD Video Player.  Another could also be a fake indication of a Blue Screen of Death ( BSoD ) condition.

Since these fraud sites are not dependent upon software to be on a PC, no anti malware software can detect it.  Simply because it emanates from the Web and not from the PC.

 

Link to post
Share on other sites

@JHay   This all goes to what is called as "situational awareness"   ( as David is fond of saying).

A message like that one above, showing up in a web browser page and claiming all kinds of "stuff" is on the face of it very very in-authentic.  Simply by it appearing in a web browser.  No real genuine security product is going to show its message in a browser and give a telephone number.

( while there are some online security scans that do make use of a browser, in those cases, the user knows up front that (a) he went to that site knowingly and (b) the site is genuine)   ( but in your case here, you know that you are not in that type).

 

Second, this is one variation of literally hundreds or many dozens of fakes.  All scams.   Fake tech support.

Thirdly, we can assure you that the message is not from Microsoft.    ( the logo is stolen).

Fourth, Microsoft and legitimate security program providers ( again) will not show their message in a web browser like that.   and they will never have a 8xx telephone number to call for technical support.

All of these together is what we call, the need for everyone to have a constant awareness & not jump to conclusions.  i.e. situational awareness.

Get familiar wit our Malwarebytes program and how we display messages.

Get more familiar with Windows messaging and know Microsoft wont show you their message in the browser for Chrome.

Your antivirus program wont show a message like that in the browser either.

 

Lastly, that second screen  ( about a alleged video player ) is a lure to get you to begin installing some really nasty ransomware or other malicious crud.  Never fall for that.

 

Resetting that web browser and deleting all its cache ( temporary files) is all you need to do.

Avoid tech support scams:
"Beware of US-based Tech Support Scams":https://blog.malwarebytes.org/fraud-scam/2014/08/beware-of-us-based-tech-support-scams/

"see our Tech Support Scams – Help & Resource Page":https://blog.malwarebytes.org/tech-support-scams/

Plus these as well.
https://blog.malwarebytes.org/fraud-scam/2014/08/tech-support-scammers-rip-big-brand-security-software-with-fake-warnings/

http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx

 

N.B.  I would recommend you do 2 scans.  One full scan with your antivirus   ( after a update run for definitions).

One scan with Malwarebytes Anti-Malware.

P.S.S.   Please stay out of "dodgy" video sites.    please.

Edited by Maurice Naggar
Link to post
Share on other sites

After conducting a full scan, Kaspersky reports no threats found.

Here's the results from the MBAM Scan:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/1/2016
Scan Time: 10:30 PM
Logfile: 
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.05.01.05
Rootkit Database: v2016.04.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jordan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 386461
Time Elapsed: 12 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Kudos.  That is as it should be.   Let me just suggest, you tighten up the security settings in the Chrome browser.  Drill thru the Settings / advanced settings & content settings.

and turn OFF all pop-ups.

It seems you are all good to go.

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.