U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Computers
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 07-18-2016, 08:33 AM
 
Location: Cleveland, Ohio
11,849 posts, read 13,978,818 times
Reputation: 8083

Advertisements

Quote:
Originally Posted by thecoalman View Post
When this happens hold down the left ctrl , alt and then delete button, release all three. This will open a window that gives you a few options, select Task Manager. Alternatively in the Windows search box search you can search for task manager. When you have task manager open on the processes tab find the browser, if you are using windows 10 this is most likely going to be Microsoft Edge. Right click it and select end task, this will close the browser. At this point typically you can open the browser and it will be gone.
You can also just pull the plug out of the wall. That works too. Or hold the power button in for 10 secs...
Reply With Quote Quick reply to this message

 
Old 07-18-2016, 09:46 AM
 
Location: Log "cabin" west of Bangor
5,728 posts, read 6,921,053 times
Reputation: 10477
Quote:
Originally Posted by sutton08865 View Post

what do we do the next time this happens again? nothing we did from reboot to unplugging computer and waited 20 minutes and turned it back on. still was not able to do anything. I do have a printed copy of the tech support memo that they worked on the computer :
WEMO Tech support they gave us our customer id # and contact #s to call if we have any more problems.

but once again what do we do if the banner fills the page again. what or how do I get around it. We do have Norton virus protection. we have been on the computer since 1999 and never incounted a problem not the same computers but atleast ten over the years
before this . n
thank you again
Any time you are browsing the internet, and a page claims that you are infected with a virus or other malware and wants you to call a number to let them 'fix' it- close the window immediately. Neither Microsoft nor any other legitimate company does this, or *can* do this. DO NOT CALL THE PHONE NUMBER PRESENTED TO YOU. If you feel the need to call someone, call ONLY the phone numbers in the documentation provided with your computer/software, the phone book, or the company's official web site.

This is a 'social engineering' hack, an attempt to get you to call them, at which point they try to convince you to give them access to your machine. This is the point at which your machine WILL be infected/damaged/compromised, and you will PAY them to do it to you. (This is like buying a gun, giving it to a hoodlum and asking him to rob you, and giving him your home address so he can get even more loot.)

Some scammers will merely take your money and may not harm your machine, others may do both, while still others will use the information from your credit card (and on your computer, if any) to continue to rob you.

Pay attention ONLY to warnings presented to you by legitimate anti-virus/anti-malware that YOU have previously installed on your computer.

This is the Federal government website- it is not completely up to date and does not provide all of the information, but it is a good place for you to start:

https://www.consumer.ftc.gov/article...-support-scams

------------------------------------------------------------------------------

Going by what you have written and your questions, it appears that you lack sufficient technical skills to correct the damage that has most likely already been done to your computer. Take your computer to someone you know and trust who has the skills to clean out any malware and restore your machine to an undamaged/uncompromised condition.

Quote:
WEMO Tech support they gave us our customer id # and contact #s to call if we have any more problems.
DO NOT MAKE ANOTHER CALL TO THIS [ALLEGED] 'TECH SUPPORT' COMPANY.
(That's like going back to the thief that already robbed you once and saying "I'm a glutton for punishment, I have more money, please rob me again".)

In fact, it would be helpful if you would post that phone number here, so that it can be compared to the phone numbers of other [known] scams.

--------------------------------------------------------------------------

If this occurs again, DO NOT CALL THE PHONE NUMBER THEY PRESENT TO YOU. DO NOT TALK TO THEM. DO NOT CONTACT THEM.

(There, have I shouted this at you enough times? Has it sunk in yet?)

If this occurs to you again (after you have had your computer examined and cleared by someone who is technically proficient, known to you and trusted), and you feel the urge to call the number on your screen, repeat the following mantra faster and faster until it sinks in:

Owa
Tadum
Assiam
Ifeye
Fallfore
Thisagain

--------------------------------------------------------------------------

Now, get thee to a real tech and have your machine properly repaired.

-------------------------------------------------------------------------

And if you want to be *really* smart:

1) Get SpyBot Search & Destroy installed and keep it updated;

2) Create one or more user accounts that do not have "Administrative Rights" enabled and use that/those accounts for all normal, regular use and web-browsing. Only use the [strong password-protected] Administrator account for installing/updating software from legitimate sites.
Reply With Quote Quick reply to this message
 
Old 07-18-2016, 10:20 AM
 
Location: 10110001010110100
6,385 posts, read 10,849,507 times
Reputation: 5589
Quote:
Originally Posted by Zymer View Post
and you feel the urge to call the number on your screen, repeat the following mantra faster and faster until it sinks in:

Owa
Tadum
Assiam
Ifeye
Fallfore
Thisagain
...or the urge to tie the knot again!
Reply With Quote Quick reply to this message
 
Old 07-18-2016, 04:03 PM
 
40,296 posts, read 41,850,213 times
Reputation: 16809
Quote:
Originally Posted by Zymer View Post

Going by what you have written and your questions, it appears that you lack sufficient technical skills to correct the damage that has most likely already been done to your computer. Take your computer to someone you know and trust who has the skills to clean out any malware and restore your machine to an undamaged/uncompromised condition.
Again Zymer this may simply be the result of the homepage being changed if it's appearing when they are opening the browser, it's very simple fix. As I noted previously there was no malware on my parents computer.
Reply With Quote Quick reply to this message
 
Old 07-18-2016, 05:55 PM
 
Location: 10110001010110100
6,385 posts, read 10,849,507 times
Reputation: 5589
Quote:
Originally Posted by thecoalman View Post
Again Zymer this may simply be the result of the homepage being changed if it's appearing when they are opening the browser, it's very simple fix. As I noted previously there was no malware on my parents computer.
I agree, a script infused in an online ad or link could create such an undesired outcome.
These guys are trying to gain access by deceiving people into thinking:

a) They are a part of Microsoft or an affiliate
b) The victim's PC is really infected
c) They can "fix" the issue for XXX amount of money (Initial quote getting cut in half is a big red flag, a legit company offering a legit service is not going to do this, especially if that company is MS)


I am leaning towards a superficial browser hijacker/re-director. They could have easily placed a startup entry so a related web page would open. It is often an .htm/.html file that is in the Temporary Internet Files or Temp folder that gets added to a startup location which creates the ongoing infection illusion for most.

I think Coalman already mentioned the CTRL+ALT+DEL to launch the Windows Task Manager to kill any and all iexplore.exe or firefox.exe or chrome.exe (or whichever browser you were using) they see listed on the Processes tab

Additionally, running a temp/junk file cleaner like CCleaner/FCleaner/CleanAfterMe/ATF-Cleaner and then rebooting would have done the trick. If using a standalone basic Temp/Browser cache cleaner like ATF-Cleaner or CleanAfterMe (both free), users would also want to check out the startup entries using another freebie like Autoruns, StartupList or something much more basic like StartupControlPanel to view and modify all the startup entries that get loaded when Windows boot up.
Good think about more complete cleaners like CCleaner or FCleaner is the additional Tools they offer which in this case being quite critical, Startup.

For Windows 8/10 users, Task Manager offers it as one of the program tabs which makes it quite convenient to access and modify.

I'd advice OP to have a local professional to take a look at your system and give you a clean bill of PC health.
If you want to be extra cautious then I'd recommend you change any account/credit card info you shared with those people. I imagine if you had good protection in place this was not likely to happen. Even one or two free security browser add-ons might have prevented this headache.

A lot of people also seemed to have forgotten about a good 3rd party firewall solution. Windows has an integrated one but I still find it very inadequate. You want a software firewall that is a bit overzealous, especially if you are not very tech savvy or letting other people use your computer time-to-time.
Reply With Quote Quick reply to this message
 
Old 07-18-2016, 06:55 PM
 
40,296 posts, read 41,850,213 times
Reputation: 16809
Quote:
Originally Posted by TurcoLoco View Post

I am leaning towards a superficial browser hijacker/re-director. They could have easily placed a startup entry so a related web page would open. It is often an .htm/.html file that is in the Temporary Internet Files or Temp folder that gets added to a startup location which creates the ongoing infection illusion for most.
In the case of my parents computer it was simply changed, how that occurred I don't know but I would guess a script on the page and they clicked the link, blah, blah blah.

Changing it back was the issue because you're immediately in that dialog box loop. In Edge You can't access the options with the dialog box open. As I mentioned email yourself a link in an email of any webpage and you can bypass it to get into the options to change it. Once that was done no more problems, there was no malware found by malwarebytes.

I don't know if it's the same in other browsers, they are exploiting the behavior of the browser. It's not really an infection but what what I would call a browser bug.
Reply With Quote Quick reply to this message
 
Old 07-18-2016, 07:12 PM
 
2,909 posts, read 1,709,430 times
Reputation: 2988
How do these things happen? Because trusted commercial sites regularly get hacked so that the hackers insert malicious code that downloads to any computer that goes to that page. It's part of life now, and why we need protection from both viruses and malware.
Reply With Quote Quick reply to this message
 
Old 07-18-2016, 07:47 PM
 
Location: Log "cabin" west of Bangor
5,728 posts, read 6,921,053 times
Reputation: 10477
Quote:
Originally Posted by thecoalman View Post
Again Zymer this may simply be the result of the homepage being changed if it's appearing when they are opening the browser, it's very simple fix. As I noted previously there was no malware on my parents computer.
Yes, I understand that, but the OP's postings indicate that he/she lacks sufficient savvy to make that determination. Hence my suggestion to enlist the aid of someone who *does* have the appropriate knowledge.

We can go through all the possibilities and the procedures to rectify them, but if the OP doesn't have the knowledge of how to apply the information we are just tilting at windmills.
Reply With Quote Quick reply to this message
 
Old 07-19-2016, 02:05 PM
 
Location: 10110001010110100
6,385 posts, read 10,849,507 times
Reputation: 5589
Quote:
Originally Posted by thecoalman View Post
In the case of my parents computer it was simply changed, how that occurred I don't know but I would guess a script on the page and they clicked the link, blah, blah blah.

Changing it back was the issue because you're immediately in that dialog box loop. In Edge You can't access the options with the dialog box open. As I mentioned email yourself a link in an email of any webpage and you can bypass it to get into the options to change it. Once that was done no more problems, there was no malware found by malwarebytes.

I don't know if it's the same in other browsers, they are exploiting the behavior of the browser. It's not really an infection but what what I would call a browser bug.
In my previous post, I actually wanted to say CTRL+ALT+DEL that you mentioned followed by a CTRL+SHIFT+DEL to delete browser cache, cookies, etc.

The 3-key combo works on all browsers but not sure if it would override the pop-up you mentioned?

I am guessing, the script would probably be a simple JavaScript code similar to the sites that ask the user if they'd like to change their home page to www.xyz.com but without the prompt/end user interaction.
Reply With Quote Quick reply to this message
 
Old 07-20-2016, 09:43 AM
 
Location: USA
701 posts, read 994,547 times
Reputation: 651
Obviously, with what's already happened, as already suggested, the OP should have their computer re-checked again by someone they trust and who's technically competent. Just to make sure it's clean.

Going forward, though, since the OP indicated that she is not a techy, would switching to a browser like Firefox with NoScript or Comodo Dragon in Virtual mode be more useful for them? Not that these browsers are bullet-proof. But at least they add another layer of protection for the user.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Computers
Similar Threads
Follow City-Data.com founder on our Forum or

All times are GMT -6. The time now is 05:30 AM.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top