A M/S Help Scam Screen Appeared This Morning

[PStreicher 0]

I wished now that I had taken a picture of the screen. But, I want to tell you how my morning went today. I did finally manage to get to bed sometime around 6:00 AM EST and soon to sleep. Within a few hours I awoke to the wife alerting me that something was wrong with her Surface book. I quickly looked it over and realized it is one of those where you have to power down the machine to clear the frozen screen. It had stated the usual 'Call Us Now at Microsoft...." and from what I remember, a URL listed a couple of times. Just the way it was written also made me realize there was nothing else to do but power cycle it. I had forget if I had installed eSet on it so I checked after booting. I had installed it. Checking the program everything seemed set okay and the update was up to date. I told her to let me know if it happens again. I hope eset is not lagging behind the competition now. I scanned the web long and hard looking for any all information on what the best antivirus program was then. I have been very satisfied and giving subscriptions to friends and family. I know that this pop-up got through eset this morning due to it has to be newer than the latest eset data set. And that it is only a short matter of time and it will be added to the data set and never to worry again. Prove me right, eSet!

[Marcos 5,070]

I assume it was merely a scam website that you ran into and it didn't pose a threat otherwise. There are thousands of new scam urls with fake alerts being created on a daily basis so expecting an antivirus to detect and block every single one is unreal.

[galaxy 11]

The best protection is you yourself, as no AV can help if you are not careful

[PStreicher 0]

I know that junk can creep into our computers before the vendors have a chance to update their data files to protect us. But, then again sometimes I just like to test them.

My question is why is this age old 'screen freezing' junk still able to escape the detection engines. I am not a programmer by no means but do have some knowledge of coding. What type of code does this?

[Marcos 5,070]

Modifying an html code is much easier than creating new variants of actual malware and sometimes it's even technically impossible to discern between a legit and scam / phishing website. Next time please jot down the whole url and provide it to us for further analysis as per https://support.eset.com/kb141.

[itman 1,659]

21 minutes ago, PStreicher said:

I know that junk can creep into our computers before the vendors have a chance to update their data files to protect us. But, then again sometimes I just like to test them.

My question is why is this age old 'screen freezing' junk still able to escape the detection engines. I am not a programmer by no means but do have some knowledge of coding. What type of code does this?

If this happens again, there is no need to shut down you computer. Just right mouse click on the desktop lower taskbar. Then open Win's Task Manager and terminate the browser process.

This bleepingcomputer.com article reiterates the above plus will give you some additional info. on the problem: https://www.bleepingcomputer.com/virus-removal/remove-your-computer-has-been-locked-popup-scam . Note: if the same popup keeps randomly appearing in subsequent browser sessions, it means that the attacker was able to install something on the PC.

Edited September 11, 2018 by itman

[PStreicher 0]

What if the popup covers the complete screen including the taskbar? I don't remember seeing any taskbar, only the full screen popup. I didn't think to try right clicking to open the task manager though. I read that article and there is numerous malware scanners it lists to go through. I have Malwarebytes Premium and eset premium security that has served me well in these past several years. I would have thought one of these would have caught this old looking popup. Now, my question is, what html coding keeps your screen locked like it does? Again, seems to me any decent malware or antivirus program should be able to see that coming and be able to disable and or eliminate it before it happens.

[itman 1,659]

7 hours ago, PStreicher said:

What if the popup covers the complete screen including the taskbar? I don't remember seeing any taskbar, only the full screen popup.

You can access Win Task Manager via keyboard entry of the following key sequence; Ctrl -> Alt -> Delete. You must depress the Ctrl and Alt keys simultaneously, then the Delete key.

[TomFace 539]

Doesn't ALT + F4 also close pop up windows?

And of course, do not click anywhere on the pop up window.

Edited September 12, 2018 by TomFace