Fake Pop-ups

Why pay someone when you can do this yourself? Fake pop-ups are on the rise. 
 
They vary in appearance. Some have sound, some do not. If you receive anything similar to the picture below, the following steps are the safest. For Mac follow the same steps except for safe mode. Instead of holding the Shift key hold the ‘S’ key while booting.
 
1. Do NOT call the number.
 
2. Do NOT click anything, do NOT even try to close it by clicking the ‘x’. Even that could be a hotspot that starts a silent install of either a remote access software or an encryption script that will lock your computer and files permanently. If encryption occurs you WILL lose all files and programs and have to reset your computer to factory condition.
 
3. To break the link, hold the Power button and wait patiently until the machine is off. Not just until the screen is black, hold it for at least 30 seconds until the machine is totally off.
 
4. If there is an ethernet cable disconnect it. If the machine is on wifi turn off the router. Physically interrupt the internet connection. If anything was installed to run on startup this prevents the would-be scammer from getting into your system while you check it.
 
5. Click the Windows button and hold the shift key while clicking ‘Restart’. Continue to hold the shift key and wait patiently until the screen has gone dark and another screen appears. Then you can let off.
 
6. Select Troubleshoot.
 
7. Select Advanced options.
 
8. Select Startup Settings.
 
9. Select Click Restart and wait patiently.
 
10. Press the number 4 for Safe Mode. This starts just enough of Windows to run the computer. You can close the safe mode message screen that pops up.
 
11. If you have a jump drive and another computer download Malwarebytes and ADWCleaner. (You can google each of these and make sure they come from the malwarebytes.com site.)
 
Malwarebyes: https://www.malwarebytes.com/
 
ADWCleaner: https://www.malwarebytes.com/adwcleaner/
 
12. After saving the downloads to the jump drive plug the jump drive into the affected computer. (The one in safe mode)
 
13. From the jump drive double-click and run ADWCleaner. Allow it to clean anything it finds and to restart the machine when it needs to. Leave the jump drive in place. Hold the shift key as you click the ADW restart option and hold it until the screen from step 6 appears.
 
14. Follow steps 7 through 10.
 
15. When the machine is booted install Malwarebytes from the jump drive.
 
16. Open Malwarebytes and allow it to run a scan. Disregard any messages about downloading databases and scan anyway. Allow it to quarantine anything it finds.
 
17. If Malwarebytes wants to restart allow it to restart. Otherwise, restart the computer without holding the shift key.
 
18. After the computer starts reconnect the ethernet cable if there is one or turn the router back on and reconnect to the wifi network if the machine does not do so automatically.
 
19. When you see that the icon in the lower right shows a connection open Malwarebytes and run another scan. If anything needs to be quarantine allow that to happen. If it is clean then you are done. You can go into the settings and account settings of Malwarebytes, deactivate the demo and keep the free version. In those same screens you can tell it not to start with Windows (recommended not to start) and to not send data. Then you can close the program.
 
20. Download CCleaner from Piriform, run the cleaner and the registry tool. Then reboot.
 
21. Any threats are removed and your system is cleaned up. Open your internet browsers and do a search to make sure the item you search for appears. If it does then your system is clean and there are no browser hijackers. It is safe to use. If not, you will need to check for rogue extensions.
 
Please call if you need help with this any time day or night 7/24. 512.648.1506 or click the link below to get help now.