If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
talking malware?
I had Microsoft Edge browser open while I was using the Kindle Book app
to write a paper in Libre Writer. Connecting hardwire to the default router from my ISP. Edge showed a screen that starting talking about a need to press some buttons or something or my computer would be seen as a threat to the network and would be disconnected until contacting Microsoft. I ran a full scan with Windows Defender. I ran an offline scan also. No threats were found. Proceeding without browsing until I find out how to address this. Would clearing the cache, etc. fix this? Can I clear stuff outside of Edge? Any other ideas? I used to know how to configure an IP firewall ... but it is on ... -- dale - http://www.dalekelly.org |
Ads |
#2
|
|||
|
|||
talking malware?
dale wrote:
I had Microsoft Edge browser open while I was using the Kindle Book app to write a paper in Libre Writer. Connecting hardwire to the default router from my ISP. Edge showed a screen that starting talking about a need to press some buttons or something or my computer would be seen as a threat to the network and would be disconnected until contacting Microsoft. I ran a full scan with Windows Defender. I ran an offline scan also. No threats were found. Proceeding without browsing until I find out how to address this. Would clearing the cache, etc. fix this? Can I clear stuff outside of Edge? Any other ideas? I used to know how to configure an IP firewall ... but it is on ... There is an example of what you're dealing with, here... https://www.tenforums.com/antivirus-...ge-hacked.html Nobody there has completely root-caused it. Yes, in theory, clearing caches and history is all fine stuff. Except some browsers now, they *insist* on opening pages from the previous session. Which is a *bad* *bad* behavior. Think of the extra aggravation that could cause. Examples of tools, with no certainty they will help. https://www.bleepingcomputer.com/dow...-removal-tool/ https://www.bleepingcomputer.com/download/adwcleaner/ If this one keeps coming back, then you would suspect a Startup item or an EXE somewhere is helping it. It could have added a Scheduler entry, to re-install itself. And so on. I'm no good at fixing these. I'm not methodical enough. ******* You could edit the "hosts" file, and redirect the adware link host address to 127.0.0.1. That's not a firewall. And it might not even be any easier to do than programming the firewall. A firewall could stop outbound connections from MSEdge, or perhaps even prevent communication with a certain address. Doing it with the "hosts" file isn't all that good, but you don't need to know that much to do it. And the people who write this crap, have considered all the possible responses an end-user will make. That's why it's hard to remove. The thing is, when one developer discovers an "evil method", the other black-hats write that down for future usage. They accumulate a bag of tricks. This is also why, using a System Restore point, hardly ever works, because they "solved" that one long ago. All the restore points would end up infected, if any EXE is present on the machine. That's one of the first things they screw over. Paul |
#3
|
|||
|
|||
talking malware?
On Sat, 16 Sep 2017 22:12:52 -0400, dale wrote:
I had Microsoft Edge browser open while I was using the Kindle Book app to write a paper in Libre Writer. Connecting hardwire to the default router from my ISP. Edge showed a screen that starting talking about a need to press some buttons or something or my computer would be seen as a threat to the network and would be disconnected until contacting Microsoft. I ran a full scan with Windows Defender. I ran an offline scan also. No threats were found. Proceeding without browsing until I find out how to address this. Would clearing the cache, etc. fix this? Can I clear stuff outside of Edge? Any other ideas? Leechblock. I used to know how to configure an IP firewall ... but it is on ... |
#4
|
|||
|
|||
talking malware?
"dale" wrote
|I had Microsoft Edge browser open while I was using the Kindle Book app | to write a paper in Libre Writer. Connecting hardwire to the default | router from my ISP. | | Edge showed a screen that starting talking about a need to press some | buttons or something or my computer would be seen as a threat to the | network and would be disconnected until contacting Microsoft. | As Paul said, a HOSTS file would be a good start. Also, stop using Edge. If you use Firefox or Pale Moon you can use NoScript extension to block all script except what's absolutely necessary. The problem was probably with the page you were visiting. It may have been that actual page or the site could have been hacked or, probably most likely, an ad on the page was the method to get to you. (An example of how HOSTS can help. Attack ads are becoming more common. Ad servers like Google/Doubleclick have an automated system that allows people to buy an ad in order to get access with their own script on commercial webpages.) ** Such a scam requires javascript. Nearly all online risks require javascript. Commandeering your browser requires javascript. You don't have to put up with sites taking over your browser, malware or not. ** NoScript is the most practical solution for most people. I use 2 browsers. The one I use normally blocks javascript completely, as well as iframes, cookies, etc. But if you shop online that's not realistic. In that case NoScript will allow you to, for example, allow staples.com or amazon.com and their related domains, while blocking the tracking/spyware and ad domains that infest most commercial sites. You can also train it: Allow staples.com permanently. Block scorecardresearch.com permanently. Block googletagmanager.com permanently. Block doubleclick.com permanently. Etc (Side note: Scorecardresearch and Googletagmanager will spy on you with web bugs if you disable script, so they should also be in your HOSTS file.) A firewall is also a good idea. But that's a whole other discussion. Especially on Win10. Ideally you should block anything outbound that you didn't instigate, but with Win10 itself being spyware that gets complicated. Nevertheless, blocking what you can would at least provide some warning if you get malware installed that tries to call home or use your computer as part of a "bot herd". |
Thread Tools | |
Display Modes | Rate This Thread |
|
|