Home Guides Remove “Pornographic virus alert from Microsoft” scam popup

Remove “Pornographic virus alert from Microsoft” scam popup

4 min read
0
895
Online scammers continue to orchestrate campaigns that cash in on users’ credulity, as is the case with the Pornographic virus alert from Microsoft popups.
  1. What is the “Pornographic virus alert from Microsoft” popup/redirect virus?
  2. Automated removal of Pornographic virus alert from Microsoft scam
  3. Restore web browser settings to their original defaults


What is the “Pornographic virus alert from Microsoft” popup/redirect virus?

Windows users are in a constant spotlight of cybercriminals whose nefarious portfolio revolves around tech support scams. This tactic poses significant benefits to the felons, because they don’t have to do any super-complex coding, nor is there a need to employ sophisticated malware distribution techniques. It’s much simpler than that. First, the malefactors design a Microsoft Support site lookalike and park it at some domain that has nothing to do with the world’s leading software publisher. Next, they create and spread a browser plugin configured to redirect the traffic to the above-mentioned site. The rest of the plan is a matter of fooling users into installing this plugin, with the efficiency depending on how scary the warnings on the rogue landing page appear. This is precisely how the Pornographic virus alert from Microsoft tech support scam works.

Pornographic virus alert from Microsoft scam popup on fake Microsoft Official Support site
Pornographic virus alert from Microsoft scam popup on fake Microsoft Official Support site

The victims are redirected to a misleading site titled “Microsoft Official Support”. It is tailored quite competently and contains the right logos so that the information on it seems true-to-life. There are a few extra catchy phrases such as “Microsoft Support Alert” and “We have detected a virus from a pornographic website. It might corrupt your data and track your financial activities”, which are aimed at adding some more hues of apprehension and serve as a call to action. The pivot point of the manipulation, though, is a popup showing up instantly after the traffic forwarding takes place. Here’s what it says:

PORNOGRAPHIC VIRUS ALERT FROM MICROSOFT

This computer has been LOCKED

Do not close this window or restart your computer without calling support

We have locked this computer for your security
You have been browsing unsafe pornographic websites. Your computer has been infected. Contact the Microsoft helpline to reactivate your computer. Failure to call will result in a notice being sent to your residence.

This popup warning isn’t really a dialog and cannot be closed by clicking on some button like OK or Cancel. Instead, it is part of the fraudulent web page’s predefined modus operandi, and even if the user tries to X out of the whole site the attempt is going to be futile. The only way to close the scam message is to use Task Manager and terminate the browser process. Now, let’s analyze the notification proper. Although it says that the computer is locked, it’s not – the only affected component is the web browser. Also, the con artists try to act on the victim’s feelings of embarrassment by threatening to send some notice that will supposedly end up in the mailbox and other family members may find out about the user’s little secret. This is certainly bluff, but some people may still fall for it.

The scammers fire this deceptive electronic napalm at the user in order to dupe him or her into giving them a phone call. By dialing the purported “Microsoft Security Toll-Free” number provided on the spoof page, though, the victim runs the risk of disclosing their PID (personally identifiable data), unwittingly allowing the cybercrooks to access their machine, and paying for inexistent virus cleanup assistance. The pseudo support agent on the other end will most likely ask the targeted person to enable the remote desktop service and provide the authentication details so that they can allegedly remove the “pornographic virus”. If this happens, then the best case scenario will come down to an imitation of repair and a demand to pay a fee for it. Things may get nastier, though. The adversary can use the unrestricted access to the machine to manually deposit some harmful malware onto it and execute the infection. For example, if it’s ransomware then all the important files will become encrypted and won’t be recoverable unless the victim pays a fortune for the decryption key.

When confronted with the “Pornographic virus alert from Microsoft” popup, users should absolutely ignore the information on it and never call the criminals. Fortunately, identifying the hoax is a no-brainer. The first giveaway is the URL of the fake “Microsoft Official Support” page – in most cases it doesn’t even contain the corporation’s name in its structure. Secondly, the vendor in question won’t ever block a PC because of a virus. And thirdly, the only impacted element of the victim’s computing experience is the browser rather than the operating system altogether. A quick analysis of these telltale signs of fraud will suffice to say No to the swindlers. In order to restore normal operation of the contaminated web browser, follow the steps below and eliminate the real culprit, that is, the malicious browser helper object that has probably crept inside via an application bundling trick.


Automated removal of Pornographic virus alert from Microsoft scam

Owing to an up-to-date database of malware signatures and intelligent behavioral detection, the recommended software can quickly locate the infection, eradicate it and remediate all harmful changes. So go ahead and do the following:

1. Download and install the antimalware tool. Open the solution and have it check your PC for PUPs and other types of malicious software by clicking the Start Computer Scan button

Download Pornographic virus alert from Microsoft remover

2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.

Use Control Panel to get rid of the Pornographic virus alert from Microsoft popup

• Open up the Control Panel from your Start menu in Windows XP/Vista/7/8/8.1/10 and select Uninstall a program
Access program uninstall screen on Windows
• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal doneUninstall unwanted program


Restore web browser settings to their original defaults

In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the Pornographic virus alert from Microsoft popup scam.

Reset Google Chrome

• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings
Go to Settings in Chrome
• Scroll down the settings screen and click Advanced down at the bottom
Advanced settings in Chrome
• Move on to the Reset and clean up sub-section and select the option that says Restore settings to their original defaults
Restore Chrome settings to their original default
• Finally, confirm the restoration by clicking Reset settings on the warning message
Reset Chrome settings
• Restart Chrome.

Reset Mozilla Firefox

• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information
Access Troubleshooting Information page in Firefox
• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it
Refresh Firefox button
• Follow subsequent directions to reset Firefox to its original settings
Complete refreshing Firefox
• Restart the browser.

Reset Internet Explorer

• Select Internet options under IE’s Tools (Alt+X)
Open up Internet options in Internet Explorer
• Proceed by clicking on Advanced tab, then select Reset
Locate and click the Reset button in IE
• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled
IE reset confirmation
• Reboot the machine to fully implement the fix.

Reset Safari

• Go to the Safari menu and select Preferences
Go to Safari Preferences
• When on the Preferences screen, select the Privacy tab and hit the Remove All Website Data button if you are up to erasing all website data stored on your Mac. Otherwise, you can use a site-specific removal option described below
Remove All Website Data button
• A dialog will appear, asking you to validate your choice. Click the Remove Now button if you are sure. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc.
Confirm website data removal
• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, click the Details button under Privacy tab
Details button under Privacy tab
• Select the websites for which you would like to erase data and click the Remove button
Removing data for selected sites in Safari
• Click the Done button to confirm and exit. You can also select the Remove All option to remove all data stored by the listed websites.

Revise your security status

Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.

Download Pornographic virus alert removal tool

Rate article

5/5 (2)

Leave a Reply

Your email address will not be published. Required fields are marked *