Pop-up Virus warnings real?

UKworkshop.co.uk

Help Support UKworkshop.co.uk:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

stuckinthemud

Established Member
Joined
17 Jun 2019
Messages
669
Reaction score
431
Location
Caerphilly
For weeks, my laptop has had a sponsored pop-up telling me there are 5 viruses that need to be removed . This pop-up notification occurs first time I switch on each day. I’ve assumed it’s a marketing ploy from a cyber security company and not clicked on the pop-up . Any thoughts? If it is an advertising thing, can I block it or do I just keep clicking on the “x” ?
 
The only thing I have virus wise is the bog standard one that comes with microsoft windows. Other than that nowt, nada, not even security like norton or any of those other robbers.
 
For weeks, my laptop has had a sponsored pop-up telling me there are 5 viruses that need to be removed . This pop-up notification occurs first time I switch on each day. I’ve assumed it’s a marketing ploy from a cyber security company and not clicked on the pop-up . Any thoughts? If it is an advertising thing, can I block it or do I just keep clicking on the “x” ?
Google

Hijack.this

(yes that is a full stop between both words) - made by Trend Micro. It will tell you if there are any "programs" that are running\installed that are causing that behaviour and will offer to remove them permanently.

I've used it numerous times over the years to fix that exact issue (on other people's PCs\Laptops).
 
The only thing I have virus wise is the bog standard one that comes with microsoft windows. Other than that nowt, nada, not even security like norton or any of those other robbers.
I use free Comodo Antivirus - really good and impressive too. You just need to select "advanced" or something during the install and deselect the extra browser it offers to install, secure shopping & switching your DNS servers (untick a few boxes) and plain sailing after that.
 
Create a restore point first, then, check your program start up list, you may find it in there. Then note it down, delete from start up list and then reboot.
 
Create a restore point first, then, check your program start up list, you may find it in there. Then note it down, delete from start up list and then reboot.
Good idea about the restore point. Deleting it from the Start Up list only "removes" it from starting up. It doesn't actually delete it. And many of these "things" are clever enough to insert themselves back into the Start Up list and start up all over again. Just an endless game of whack-a-mole.

Utilities like HijackThis (there are others - this is just one I'm familiar with), will tell you who the publisher is of the executable (can be faked but you'd be surprised how many don't bother), the location and when you hit delete it removes the exe's, the DLL's and the registry entries too. The whole kit and caboodle.

If that doesn't fix the issue - then you are likely in RootKit (and similar exploits) territory. Although it doesn't happen as often as people are led to believe - it requires work to build one and tie it to an exploit (usually a zero day one), so most script kiddies stick to these sorts of "easier" pieces of rubbish that stick themselves in the Startup list.

Been a while since I had to use it - I think there is an option to "record" or "backup" what is being done.
 
Good idea about the restore point. Deleting it from the Start Up list only "removes" it from starting up. It doesn't actually delete it. And many of these "things" are clever enough to insert themselves back into the Start Up list and start up all over again. Just an endless game of whack-a-mole.

Utilities like HijackThis (there are others - this is just one I'm familiar with), will tell you who the publisher is of the executable (can be faked but you'd be surprised how many don't bother), the location and when you hit delete it removes the exe's, the DLL's and the registry entries too. The whole kit and caboodle.

If that doesn't fix the issue - then you are likely in RootKit (and similar exploits) territory. Although it doesn't happen as often as people are led to believe - it requires work to build one and tie it to an exploit (usually a zero day one), so most script kiddies stick to these sorts of "easier" pieces of rubbish that stick themselves in the Startup list.

Been a while since I had to use it - I think there is an option to "record" or "backup" what is being done.
True but I should have gone on and said, after reboot, if it doesn't reoccur, then search for item that was noted down, find its folder and delete it.

If it does reoccur, then a more aggressive approach with a disk cleaner app will be needed. I would also use Windows Defender, our your choice of antivirus software, but run a deep scan on ENTIRE drives you have, not a quick scan.

It sounds more like a bit of bloatware from some app download from a less than secure source to me.
 
It used to be wise to boot to safe mode in windowze, run virus scanner, delete anything nasty that may be quarantined; then reboot...

In normal mode some stuff remains hidden from many a virus scanner...; and can only be removed in safe-mode. And as already suggested you may have a root kit pest...

I use Bitdefender and it does a pretty good job (I'm on Mac systems); and my bro. is on Win-10 (or win-11) and uses either built-in M$ virus app or Bitdefender; not sure which at preasent as he has access to either, (One doesn't run two a-v utils at the same time). Also pop up blockers are useful and there are a few free popup pest removers about if you feel to use them. I can dig them out if needs-be?
 

Latest posts

Back
Top