Jump to content

Malware popup website


Recommended Posts

Last week several times, a website 'muscled' another website out of the way. I use Windows 10 and FF 69.02. This popup website that replaced the website I was watching, blocked the back button. It advertises itself as being from my provider. Its address changes every time it appears when it replaces the site I went to. A popup ad then announces I won a price. The website is not connected to any particular website it replaces but appears randomly, which is new to me. I cannot block this website by using its name as it changes every time it appears. Yet I want to take measures so it doesn't appear again. I want to know how to block this class of blocking 'popup' annoyance/malware sites.

Link to post
Share on other sites

Hi, Otto.      :welcome:

My name is Maurice. I will be helping and guiding you, going forward on this case.

Please follow my directions as we go along.  Please do not do any changes on your own without first checking with me.

If you will be away for more than 3 consecutive days,  do try to let me know ahead of time, as much as possible.

 

Please only just attach   all report files, etc  that I ask for as we go along.

.

There are a few issues here.  The major one being a rogue scam display.   And it may be that your Firefox is set to re-open with the last page it had ....if it ever goes into a recovery.

[  1  ]

If the scam screen happens again, you should grab a screen capture.
IF possible send me a screen shot picture of the screen. 
"how to tips on this clickable link"

 

[  2  ]

The screen you described is a kind of malvertisement and does not come from your PC. It emanates from the Internet and exists as Browser based alert and not something from some thing on your computer. Malwarebytes won't "catch it" for that reason.

Browser lockers reside in the browser cache only, it does not involve actual malware on your computer. This is a fake, made-up “warning page” designed to lure you into a scam.

Please keep in mind that the computer mouse and the keyboard can still be used to get rid ( close out) the screen.



Cleaning the browser history removes the pop-up. ( tips below ).

Tech support scammers use fake warnings and lie about the state of your computer to frighten you into calling them & then flim-flam you into a so called cleanup or perhaps, some maintenance scam.

Getting rid of bogus screen (s)

 

Look at the very topmost right corner of the browser itself.
I mean the one for Chrome or Firefox or Edge browser itself ( or matter of fact any browser).
Move the mouse pointer over the X at the very far right-top corner and click that.
That will close the browser and its display and the audio too ( if any).

 

You could also use Alt-key + F then click on Exit.

.

Other ways available, if the one above is not a success.
You can easily use keyboard key-press shortcuts to get rid of the false pages displayed. ( see below). And if there is any video with this, it will stop when the page is closed.

 

When this fake is in the foreground and in a web browser, there are many ways to get it off the screen.
I would suggest to do a few keyboard presses to get rid of the windows on-screen.

 

press and hold CTRL key on keyboard and then tap W key. CTRL + W 
 image.png.4537c17a6db534fb727f2640952ebe86.png
That should close the Tab page of the web browser in the foreground.
You can repeat as needed.

 

Every web browser will recognize the CTRL+W key-presses as a "close this window" command.

.

.

Other ways to get rid of screen:
Press and hold ALT-key on keyboard and then tap the F4 function key a to get the foreground windows closed and done away with. ( repeat use of ALT + F4 sequence). 
image.png.2386e8ca9d8aaccc518a9780ae626acf.png

ALT + F4 is especially helpful against the smaller window ( if any) that is up in front.
If your machine is a notebook or laptop, you should depress and hold the ALT + FN (function key) + F4 keys.

ALT + HOME key on the keyboard will put your browser page back onto your prior choice for Home page. That easily deals with the bigger full page displayed.
Then while still in the web browser, press and hold SHIFT + CTRL + DELete keys to start the process to delete all browser cache & history.


Other ways to get rid of the bogus display are listed below:

There is always the ability to end the web-browser program thru using Windows' Task Manager applet.
Click the Start button and type: 
taskmgr.exe
and then press Enter. 
( or you can press and hold CTRL-key on keyboard + ALT-key +DELETE key to get Task Manager option).

In the processes tab, find the process for whichever browser you are running: 
_iexplore.exe, firefox.exe, chrome.exe, MicrosoftEdge.exe, MicrosoftEdgeCP.exe_ and then click _End Process_ or _Terminate_.


 

[  3  ]


Look at the following Malwarebytes Blog article and scroll down to the section marked *Clear your browser's cache* 
and do that for each of your web browser programs.
https://blog.malwarebytes.com/puppum/2017/04/adware-the-series-part-1/


 

 

 

Contrary to what one may have thought, the scare ware does not "lock" the machine. 
You can still press the Windows-key on keyboard to get the Windows menu.
image.png.a60646851fa38a3a5240b9bcfb67a72c.png
You can use a variety of Windows Keyboard shortcuts to get around to other choices for remedy.

 

NOTE: While it may look as if your machine seems locked, I can assure you it is not. Task Manager can be used. Other Windows keyboard shortcut commands can be used. The Windows RUN option as well is also available.

 

[  4  ]

You have asked how to prevent the hijack pest from happening in future.

Get the Malwarebytes Firefox Browser Guard.

get & install the Malwarebytes beta Firefox extension.

Open this link in your Firefox browser:    https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/

Then proceed with the setup.

That link is for English US.   There are other language version.  Just go to the very bottom right of the page and look at “Change language” list drop down.

Link to post
Share on other sites

Thank you Maurice for all the explanations and warnings.

Ad [1]: So far I have not had a repeat of this browser locker yet.

Ad [2]: especially useful for those instances when more than just the back button is blocked (as I have experienced before)

Ad [3]: Thanks for the link; lots of useful info I was not aware of all of it yet. But there I see a problem for me: except in very serious cases I never want to clear History. I want to PRUNE History of all 'the bad actors', any malware pages that are in there. And it just does not do (in Firefox) to 'Select All Tabs'  and then to 'Bookmark All Tabs' beforehand, in order to retain the tabs, as the history per tab is not saved, just the current page. And in History on the Bookmark Tool Bar the pages are retained sequentially and not grouped by Tab. I would want to snip the blocking- or malware site from the individual tab history so that if I go back it is as if the removed site has never been there. My experience with apps that retained the full history per tab was rather negative; rather unwieldy and time consuming.

Ad [4]: I have installed the Malwarebytes Firefox Browser Guard. I hope for a positive experience.

Additionally, I would like to download and save your post as it was rather mangled by my email client; is there a way to retain it offline just as it looks online? I was not able to do it in FF or in IE.

Otto

Link to post
Share on other sites

I am glad to know the tips are useful.

When viewing my reply in the web browser, you can highlight that COPY all lines.   Then go to your word processing app ( MS Word or other text processor)  and then PASTE into your own document file.

 

I am glad to know

Quote

So far I have not had a repeat of this browser locker yet.

 

See this article on our Malwarebytes Blog
https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/

 

You want to disable the ability of each web browser on this machine from being able to allow "push ads". That means Chrome, Firefox, or Edge browser (on Windows 10), or on Opera.

Scroll down to the tips section "How do I disable them".

Link to post
Share on other sites

That's fine.   You are welcome.

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

 

Best  practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).


Free games & free programs are like "candy". We do not accept them from "strangers".


Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.
 

 

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.

 
Do a Windows Update.

Make certain that Automatic Updates is enabled.
https://support.microsoft.com/en-us/help/12373/windows-update-faq




Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

.

All the best to you.

Sincerely,

Maurice

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.