• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 686
  • Last Modified:

Security alert the dreaded red screen.

We got this once last week and again just now. It opened in it's own browser or covered another site. I had Yahoo mail open as well as Hotmail and a couple other sites that are frequented regularly. I've never gotten this particular alert before the last 10 days.
I could not close or click ok and was only able to close the full screen. I tried that to, one by one, close each browser. There was not time.
I had to manually shut down after a screen shot of the alert.

That's not my IP address: 165.227.181.242
Last week it was 165.227.114.14
Both said call Microsoft immediately.
Upon reboot Trend Micro did a scan and found nothing.
todaylast week
0
nickg5
Asked:
nickg5
  • 4
  • 2
  • 2
  • +4
6 Solutions
 
AlanConsultantCommented:
Hi,

Please can you supply details of your setup.

For example, is this a stand alone machine (Win10 Home maybe), on wifi / ethernet to a single router, then out to your ISP?

Or perhaps a business machine (Win10 Pro?) on a domain, in which case, what is the setup for packet flow from the machine to the outside world?

Most likely is that there is something nasty on the machine, but lots of other possibilities too.

Thanks,

Alan.
0
 
JohnBusiness Consultant (Owner)Commented:
It is a virus. Do a full scan with Trend Micro and then scan with Malwarebytes and see if the latter picks up and deletes the virus.
0
 
McKnifeCommented:
Saw this and it was no infection of the client but just a website. Couldn't close the browser because of a funny script that this site ran and had to kill the browser process with task manager. Restarting the browser, it re-occured.., why? Since the browser picked up where you left after you forcefully closed it with task manager (default behavior: restore pages!), it seemed to persist and was taken for a virus. It is not, it is just a scammer's website tricking to think you are infected.
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

 
nickg5Author Commented:
Windows 7 pro desktop to ISP via cable modem. The alert happened fast so I am not sure what triggered it. All websites at the time are sites used many 100's of times in the past. If the scans with TM and MB get rid of it again, then this could become a weekly event.
0
 
JohnBusiness Consultant (Owner)Commented:
Just be careful where you browse to.
0
 
nickg5Author Commented:
McKnife: As far as forced turnoff, that was not done by me with task manager. I had to press the on button on the tower. Last week, the first time this happened I was not nearly as locked up or locked out and was able to close all browsers one by one and then a proper shutdown.
0
 
Thomas Zucker-ScharffSystems AnalystCommented:
Seen b4, malvertising link. Just ctrl-alt-del and close browser (dont try to click ANY button)
0
 
nickg5Author Commented:
Thomas:
ctrl-alt-del are also the keys we use to access password entry window upon boot-up.
0
 
AlanConsultantCommented:
Hi Nick,

If you see this, does the standard window close option (Ctrl-w) work?

Are your browsers setup to allow scripts to run by default?  Assuming so, I recommend trying uBlockOrigin (add-on) and see what might be doing this.

Thanks,

Alan.
0
 
Thomas Zucker-ScharffSystems AnalystCommented:
You don't need to worry about a conflict since you don't need to reboot.  Worse case scenario is you need to run SpyBHORemover from securityxploded.com.
0
 
Tom CieslikIT EngineerCommented:
It looks like redirection to website that is trying to scare you.
For me it doesn't look like virus, but maybe you have a cookies in your computer and they're activating if they getting some input, like advertisement from other website.

I think you should not worry but:

1. Close/kill browser
2. Delete Windows/Temp
3. Go to IE Tools/Internet Option and Delete Browsing history - you can leave passwords, but delete all other things
4. Scan your computer using some smart software that will delete all cookies like MylwareBytes

After that , restart computer and check if you can go to your website
0
 
serialbandCommented:
Install an adblocker.  A lot of these things are just coming through a malicious advertising channel.  Some of these can only killed by opening up task manager to end the process.
0
 
nickg5Author Commented:
Yes control key and W works to close the browser. And control, alt, delete allows shutdown.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 4
  • 2
  • 2
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now