'Virus Found!!' Pop-Ups

The 'Virus Found!!' pop-up windows in your browser may feature elements from Support.microsoft.com, but they should not be trusted. The 'Virus Found!!' pop-up windows are produced by adware, browser hijackers, and misleading advertisements on untrusted domains. The 'Virus Found!!' messages are used by third parties connected to Ab Reach Technologies Private Limited (CID U72300DL2013PTC253961) that make money from distributing the SpeedUp PC 2018 software on the Internet. The SpeedUp PC 2018 is classified as riskware by many computer security experts, which does not contribute to the positive reception of the program by PC users. The application is promoted to be a system optimization tool that was found to generate questionable performance results.

It appears there are third parties who use fake security alerts and phishing domains to convince users to download and install the SpeedUp PC 2018 with 'spdpcsetup.exe' (MD5: C231A7A2AD02E53E63C0B96D777981AF). We have received complaints from users who say that their browser becomes unresponsive once the 'Virus Found!!' pop-ups appear on their screens. An investigation into the 'Virus Found!!' notifications revealed that Web surfers might stumble upon any of the following domains:

safety[.]microsoft.com.dsoamei.j8kwqorluchd7pvukgz1sg[.]science
safety[.]microsoft.com.ixqglk.3kgeal0tfyxl2ai[.]science
safety[.]microsoft.com.kethulh.0dmfhvo13n4qctmuwl4[.]review
safety[.]microsoft.com.kohtnmkgev.6zdyuixnh4zse3w[.]review
safety[.]microsoft.com.qazinhgitd.wfehknj8roy7qx17pf4[.]review
safety[.]microsoft.com.ukxnnohzno.6tktv5vmf4tf[.]review
safety[.]microsoft.com.wboeuax.nhmv8cec5xy4[.]bid
safety[.]microsoft.com.zhmmjksien.0dmfhvo13n4qctmuwl4[.]review

The domains listed above are not managed by Microsoft Corp. and don't offer legitimate services and cyber security solutions. You should report pages to browser vendors that invite you to install the SpeedUp PC 2018 as a cybersecurity solution. We have seen domains like safety[.]microsoft.com.wboeuax.nhmv8cec5xy4[.]bid host series of notifications and Flash animations that lead users to install the SpeedUp PC 2018 and resolve problems with 'windows.exe' and 'spoclsv.exe' in the Windows directory:

Message 'From safety[.]microsoft.com.wboeuax.nhmv8cec5xy4[.]bid' №1:

'Your Windows is badly damaged! (33.2%)
Please download Speedup PC 2018 to remove the (3) viruses from your Windows.
VIRUS INFORMATION
X Virus Name: Ransomware 2.0; Trojan.Win32.SendIP.15
X Risk: HIGH
X Infected files:
C:\WINDOWS\System32\migration\ADJF9009en.@•fg\windows.exe
C:\WINDOWS\System32\Drivers\spoclsv.exe
Download And Repair Windows
VIRUS REMOVAL
Application:Speedup PC 2018
Rating: 9.9/10
Price: Free'

PC users should avoid programs deployed via phishing domains and pages that resemble the official support portal by Microsoft — Support.microsoft.com. It is recommended to clean the computers that produce the 'Virus Found!!' pop-ups in new browser windows and new tab pages. AV companies may prevent users from accessing resources from the 87.120.36.25 IP address that appears to be used for distribution of threats and riskware like the SpeedUp PC 2018. AV engines flag the files associated with the 'Virus Found!!' notifications using the following detection names:

• Adware ( 0051b7fd1 )
• Application.InstallOpt (A)
• Generic PUA GI (PUA)
• MSIL/GT32SupportGeeks.F
• PUA:Win32/SpeedChecker
• Program.Unwanted.2514
• Riskware.Win32.Ursu.eyamwk
• Rogue.PCVARK
• TR/Agent.hwvmd