Playing around with Chrome earlier today and ran into this RansomWare.
** STOP: 0x0000007E (0xFFFFFFFFFC000000047, 0xFFFFFF800002EB5B48) Serious security threats have been detected on your computer. Your personal photos, credit card information and passwords may be compromised. It is highly recommended you do NOT continue using your computer until you've contacted an official technician. Your IP 10.0.1.4 may be under attack. Please call this number as soon as possible. CALL 855-464-6657 (PRESS 1) An official technician will help you remove any adware/spyware on your computer.
The same error appears in Mozilla Firefox, but it is not nearly as imposing as the dialog box is not modal and one can close the tab.
The URL of the site that was menacing me is support.com-techsupport513.com
Chrome Task Manager
Here is how to close the RansomWare Tab.
- In Chrome, try to access Chrome’s Task Manager by clicking the Shift-Esc key combination
- In our case, that key combination is already in-use by the “Intel Management and Security Software”. More later on configuring the Intel Tool to use an alternate key combination
- If by chance, you are able to bring up Chrome’s task manager it might not be visible or quickly overlaid by the Ransomware. If so, please re-arrange your windows and look for it
- Another way of accessing Chrome’s Task Manager is to try launching a new Chrome Application\Window altogether and accessing the Task Manager from that window.
- One of the many good things about Chrome is that it’s Task Manager lists all opened Tabs, not just the ones in the current application
- But, the chances of you being able to launch a new Chrome Application is a bit slim, as the message box is quite modal for all Chrome Apps
- If you are able to access the Task Manager
- Select the “Tab:Security Warning” row
- Once the troubling tab is selected, Click the “End Process” button
Task Manager – Google Chrome
Brute Force Kill
If you are on unable to access Google Task Manager and close the specific Tab, I will suggest that you use Windows Task Manager and kill your Chrome’s processes.
Though one can use Microsoft Spy++ to identify the Windows handle and convert the App’s Process ID from Hex to Decimal and attempt to close of a singular process, it seems all Google’s processes are often terminated.
One possible work-around for malfeasance web sites is to null them out via your local hosts file.
To your C:\Windows\System32\drivers\etc\hosts file, add support.com-techsupport513.com and set the IP Address to 127.0.0.1.
Thankfully some routers and Wireless Access Points allow one to generalize this for all hosts using that gateway.
Only Allow Pop-Ups for specific Web Sites
It is a good practice to return your Chrome Settings to only allowing Pop-ups from specific web sites.
- In Chrome, access Advanced Settings/Content Page ( chrome://settings/content )
- In the Pop-ups group-box, select the “Do not allow any site to show pop-ups (recommended )“
- Explicitly add sites that you will like to permit pop-ups by clicking the “Manage exceptions…” button
KeyStroke Combination Struggle
Unfortunately, identical KeyStroke combinations can be preferred by various Vendors and Applications.
Google Chrome wanted to register Shift-Esc.
But, “Intel Management and Security Status” launched prior to Google Chrome, and it already requested and registered that key combination.
Our options included preventing the Intel’s tool from auto-starting or changing it’s hotkey.
The default hotkey is shown below:
We changed it to Shift-F10.