Helping people with computers... one answer at a time.

It's very likely that a pop-up got a toe-hold into your system and you'll need to take some steps against possible lingering malware.

A couple of weeks ago, I got a screen that said it was from the police saying that I had downloaded too much porn, which I hadn't downloaded any, and I had to pay 50 pounds to unlock my computer. I removed this lock from the startup list and did a virus check, which came up with none. Now, I don't get any emails in my inbox and I have to go online to retrieve them all. The settings are correct and I can send email from my other email address and it receives it okay. I'm using Incredimail for my main email, which is the problem one and Windows Live Mail for my second email address, which is unaffected.

In this excerpt from Answercast #37, I look at a system that seems to be infected from a malicious pop-up and suggest some recovery steps.

Lingering infection

In situations like this, it's unfortunate, but there probably is some lingering infection on your machine.

I do have an article called, "How do I clean up Windows after removing an infection?"

Something got in

The fact that the pop-up appeared at all is typically the sign of malware getting a toehold on your system. Obviously had you agreed to whatever it was telling you, things would have gotten much, much worse. But right now, your system is still kind-of suspect.

Check for malware

At a minimum, I would probably:

  • Fire up Malwarebytes.org's free Malwarebytes anti-malware tool and run an additional scan.

  • Also make sure that your own anti-virus and anti-spyware tools are up-to-date.

  • And run an up-to-date scan with them as well.

Misbehaving program

Now, in a case like this, where you've got one program that's misbehaving, there are two approaches that I might suggest. One is to go ahead and:

  • Configure Windows Live Mail (since that's working) to access your primary account.

In other words, switch from Incredimail to using Window Live Mail for that account.

If you don't want to do that, if you want to continue using Incredimail, the only suggestion I really have would be to:

  • Completely uninstall Incredimail and then reinstall Incredimail.

Back up

Make sure that all of your email is backed up. In fact, for that matter, make sure that your system is backed up. But certainly make sure that your email is backed up so you don't lose anything.

  • The best thing to do is to just make sure that Incredimail gets reinstalled.

Clearly, there's something broken or something that's been affected in it. There's really no way to tell exactly what it is or what you might want to tweak to fix it. The best solution is probably a clean reinstall of Incredimail itself.

Article C5614 - July 22, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

3 Comments
Snert
July 24, 2012 7:04 PM

I alway download the latest updates for my malware scanners then reboot into Safe Mode to run the scans. Maybe I'm erring on the side of caution but maybe not.

Andy
July 25, 2012 3:12 AM

By any chance did you click a link of Facebook when the popup appeared. This story sounds very familiar, only the police wanted this guy for watching child porn, but he only wanted to look at a 'lego cake'. I found it quite funny because I don't like him but on a serious note - well its serious, and it's high unlikely that something like that would ever actually officially happen. You'd probably get a letter, a phone call, a email, or even a visit from either your ISP or the police!

Jimmy Gambino
July 26, 2012 1:15 PM

Okay, I am very familiar with this actual malware. See the following link for instructions on removing it courtesy of bleepingcomputer.com. Here is the link to help you remove this Rogue Ransomware
http://www.bleepingcomputer.com/virus-removal/remove-police-central-e-crime-unit-reveton-ransomware

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.