Login is only required for web access to tickets.


 
Microsoft says I am Infected!
Posted by George M., Last modified by George M. on 21 April 2017 11:33 PM
 "Microsoft says I am Infected!"

If you see this message below or similar message and can not make changes to your screen.  





DO NOT unplug the power to the computer. Instead hold the power button down till the computer completely shuts off.
DO NOT CALL the number. They are not Microsoft and you are not infected with what they claim.

MOST IMPORTANTLY,

DO NOT LET THEM HAVE CONTROL OF THE COMPUTER. If you do talk to them, and they ask you to type any website or run command, they could be having you enter information that can give them control of your computer.


This infamous advertising window locks your screen.  At some point you probably have seen or experienced it! Just a heads up, it is not the only one.

There are multiple variations of this warning going around. All of them provide a number to call. Whether that is a 1-855, 877, 866, 555 or various other potentials, you should not call that number. If you call that number, you will get a tech support company almost always in another country or at minimum with a foreign accent.  In all the cases we have come across so far they take you into the event viewer and try to convince you that all the events are infections either on your machine or people trying to hack into your machine. This is not true. The Event view is a component of Microsoft's operating system that provides a logged record of alerts and notifications. These are events the occur silently and/or visibly and required notation for potential troubleshooting of significant problems or require user input to approve or disapprove of changes you want to make to your computer.  Could this information contain information that could help find an infection? Yes, but this is rare.  Majority of what you will find is information telling you what services were started and stopped at what time, ERROR messages indicating an app didn't start or failed due to a missing file, Warning messages indicating certain security settings were not applied or permissions were not granted, and issues with features or requested actions timed out because they exceeded the allotted time they should have occurred in. Some have even taken consumers into the command prompt and used trace route commands or other commands used in the Command prompt line to indicate numerous people are trying to hack your computer and steel your information. This is to scare you into believing everything they say. They then pitch the sale of their services, charging you anywhere from $99 to $1000 or more. They then use free and available online tools to correct problems they helped create in the beginning that generated their ad. Some people have fallen victim and purchased these packages.  After a few months they got re-infected and called back for help since the support, in one consumers case, was supposed to be for 10 years. The answer they got, was not what anyone wants to hear. To quote the customer statement on what the support company had said... "Oh that doesn't cover any cases of re-infection. It will be another $200 to clean your system up again".  It was not too long after that, the customer contacted us back and renewed their membership. Our support is always free to paying members and we don't charge you for using free tools available on the internet.


If you got one of the screens like the above image, or a variation of it, the information below will be very helpful.

HOW DO I GET OUT OF THIS SCREEN??

There are 2 possible methods and certainly, there maybe more but these are the most effective below.

Method 1:

1.
Close the open browser:
  • Press CTRL + ALT + DEL at the same time
  • Select START TASK MANAGER or TASK MANAGER from the menu you should be seeing.
  • On the Task Manager windows look for your current browser(Chrome, Firefox, EDGE, IE, etc.) and right click on it choosing END TASK.
  • Repeat the process as necessary making sure all browser windows are closed and the message is gone.
2. You should run the DISK CLEANUP utility in Windows. For instructions Click here.

3. Reset your internet browser. For instructions to reset your internet browser click here.

4. Contact us through live chat or by sending us an e-mail for further instructions on how to remove the P.U.P.(possibly unwanted programs) that is generating the ads on your computer. In some cases a custom cleaner or third party application maybe required.

Method 2 (The long method for customers with Windows 10 and using Microsoft Edge.):

1. Close the open browser:
  • Press CTRL + ALT + DEL at the same time
  • Select START TASK MANAGER or TASK MANAGER from the menu you should be seeing.
  • On the Task Manager windows look for your current browser(Chrome, Firefox, EDGE, IE, etc.) and right click on it choosing END TASK.
  • Repeat the process as necessary making sure all browser windows are closed and the message is gone.
2. You should run the DISK CLEANUP utility in Windows. For instructions Click here.

3. Clear the Microsoft Edge active recovery folder to avoid repeating the process.
  • Click on the Start Menu.
                  
  • Click on File Explorer.
                
  • Click on This PC.


  • Click on C: Drive.  This drive could have any label but will always have c:.  If C: is not the drive with your Windows operating system, then select the drive letter that corresponds to the drive with your Windows operating system installed.


  • Click on View and then Check the box labeled hidden items.


  • Navigate to the following folder  "C:\Users\{YOUR USER PROFILE LOGIN NAME}\AppData\Local\Packages\Microsoft.MicrosoftEdge_xxxxxx\AC\MicrosoftEdge\User\Default\Recovery\Active" delete the contents only.  DO NOT DELETE THE FOLDER!! This folder should in our experience only contain *.DAT type files.  If you see any other type of file contact us as soon as possible and do not proceed further.


4. Close all open windows and contact us for further instructions to remove P.U.P. (possibly unwanted programs) from your computer by phone, e-mail or live chat. Some circumstances may require a custom cleaner.


For further assistance -

SUBMIT A TICKET

or

CONTACT SUPPORT

Additional user information may be found via the StopSign KNOWLEDGE BASE.





(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments: