Page 3 of 3 FirstFirst 123
Results 21 to 30 of 30

Thread: Redirecting and stuff

  1. #21
    Senior Member
    Join Date
    Jun 2014
    Posts
    148

    Default Stuff about "Stuff"

    "Best way I can think of, people who have accounts with Nortons is to keep reporting it."
    -Oh, I'm "all over" that advice. After 3+ hours of remote... Lets just say they are keeping in touch and listening. I'll keep you updated on how that goes.

    The two links you posted previously on proxy settings wouldn't load from the link in the post, I'll play around with them and see what I can do about finding the site pages. As for the noscript... that is one awesome program, can't thank you enough for that. I'm just learning the basics of it and already I love what it does!

    If I can ask just one more question, I would like to know what you make of the screen shots I have attached with this reply, I believe they are associated with the winphone I dumped from my system. They aren't mine and I wouldn't use that number of characters in a password even if I did create them. I wasn't able to change the password, although I would love to have been able to... I settled for removing them and I'll keep an eye on that in the future.
    No hurries, no worries on a quick response, enjoy the weekend.

    About that "POP" in the screen shots, did I see somewhere in the scans a POP detection? I'll go over the logs I have available and will let you know what I find.

  2. #22
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,772

    Default

    I have to login in daily since I work on multiple forums...but, a couple of months ago I was retired from teaching malware removal at a different site so that did kinda give me comfort. (Not old enough to retire in real life dang it)

    Let me answer a couple of questions here.


    SSO POP user/s
    Point of presence (POP) is the point at which two or more different networks or communication devices build a connection with each other. POP mainly refers to an access point, location or facility that connects to and helps other devices establish a connection with the Internet.


    In a SSO system, a user logs in once to the system and can access multiple systems without being prompted to sign in for each one. Okta is a cloud-based SSO platform that allows users to enter one name and password to access multiple applications. .

    Device single sign-on (SSO) Single sign-on (SSO) enables users to access multiple resources (that is, applications and adapter procedures) by authenticating only once.

    The two links you posted previously on proxy settings wouldn't load from the link in the post,
    By chance was NoScript enabled?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #23
    Senior Member
    Join Date
    Jun 2014
    Posts
    148

    Default POPS and stuff

    (Not old enough to retire in real life dang it) - It ain't all it's cracked up to be in the brochures, I recommend a significant lottery win or other substantial windfall first.
    The noscript is awesome, just what I needed, thanks so much. still getting the hang of it but I love it already.
    About the POP info, who creates these and why would It be Password protected from me?
    I'm trying to understand just what their function was in my case, just curious.

  4. #24
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,772

    Default

    Quote Originally Posted by 1oldman View Post
    (Not old enough to retire in real life dang it) - It ain't all it's cracked up to be in the brochures, I recommend a significant lottery win or other substantial windfall first.
    The noscript is awesome, just what I needed, thanks so much. still getting the hang of it but I love it already.
    About the POP info, who creates these and why would It be Password protected from me?
    I'm trying to understand just what their function was in my case, just curious.
    lottery win......LOL!

    NoScript is a must have and after you've worked with it a short while it's like something you don't want to be without.

    Let me show you a couple of links defining POP info

    When you use Office 365 applications such as Outlook 2016, Skype for Business, Word, Excel and others Single Sign On (SSO)
    The sso pop user and device are part of the Credentials Manager components of the Single Sign-On portion of Microsoft accounts which are used on current versions of Windows.


    https://answers.microsoft.com/en-us/...8-c306641f1573

    https://www.bleepingcomputer.com/for...so-pop-device/
    https://www.reddit.com/r/Windows10/c...under_windows/
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #25
    Senior Member
    Join Date
    Jun 2014
    Posts
    148

    Default noscript, should be standard equipment on any browser.

    Thanks for keeping the thread open while I continue my education. I'm loving the noscript, learning fast and I'll never surf without it again. The links to POP and related stuff were much appreciated, a great way to share info, that cleared up one mystery, one less thing to worry about. I've been working on securing things on this computer, making some progress but I ran into an issue that I didn't see coming. Yesterday the wireshark was having some display problems, I think OK, no problem and do an un-re-install of the program (life should be so easy). Anyway, I notice a usbcap option, that was new to the updated version I had... Long story short, as soon as I rebooted and logged in I discovered that my wireless mouse had decided to quit working, same for my corded razor super deluxe gaming mouse, although the power to the cooling pad still worked through a usb port that was otherwise useless. I played around with settings, drivers etc. ran Mbam, came up clean. To me, in the moment, it seemed like I had messed up something on the reinstall and just needed to sort it out. I'm thinking, just do a system restore and save a little time since I'm not making any ground, (being digitally challenged can be challenging as that's where I found that I had no restore points saved). At one point, while giving my wife a hand, I decide to run Nortons rootscan (PE) I'll attach a shot of the detections, copying the log is eluding my skill set at the moment, but the detections were interesting. Although the dates on the files were 5-26 I'm thinking either that was misnamed on purpose or I had a virus just waiting for a trigger. Of course that would be a "Lottery winning longshot" considering the point at which my usb problem surfaced. I always try to not confuse correlational with causation but as soon as I fixed those two detections and rebooted, you guessed it, the mouses and usb situation returned to nominal, (nominal, I love that word). Afterwards, I also ran the Mbar out of curiosity, but that one came up clean.
    I'm still seeing connections in the wireshark that I don't prefer to see, I'll attach a shot of a couple packets as an example, just in case you have any thoughts on what I'm looking at. I hate seeing redirector mentioned but I realize that could be legit.
    I'm working on learning how to use the shark and VT, hoping to get some pointers from those communities as I go as there is a lot of information to filter out to find what your looking for. I'll follow up after I run a full system scan and hear back from Norton.
    The noscript caught my wifes facebook trying to run script on our banking page as soon as it loaded, that seemed beyond intrusive and it was a pleasure to block it.
    Attached Images Attached Images

  6. #26
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,772

    Default

    What your seeing through the wireshark tool I can't help with. Myself I've never used it but one thing I noticed
    I notice a usbcap option, that was new to the updated version I had... Long story short, as soon as I rebooted and logged in I discovered that my wireless mouse had decided to quit working, same for my corded razor super deluxe gaming mouse, although the power to the cooling pad still worked through a usb port that was otherwise useless.
    Anyway to go into tool settings to allow access for the USB's that were blocked?
    I'm not sure exactly how to proceed here other then posting questions at the wireshark help forums?
    https://ask.wireshark.org/questions/
    I feel sure you would have to register as a user to use or ask questions at this forum or read over the pages of questions already asked.

    Now for what Nortons captured, if you google the exe's that were found, they are also legit.
    Couple of things here
    Could be a false detection, join/register at their web site to ask why those legit Microsoft processes were considered viruses.
    https://community.norton.com/
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #27
    Senior Member
    Join Date
    Jun 2014
    Posts
    148

    Default will do

    Thanks for the updated info, I couldn't find any way to manually get the usb system working, they just returned to normal after the PE fix. I do have an account with wireshark community, just need to figure out phrasing my questions so as not to sound confusing, one of the hazards of learning new games. As for Norton community, I'll give that another shot but I haven't had a lot of luck, your reply gives me a particular angle to try. wish me luck. Again, your help is priceless, thanks so much.

  8. #28
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,772

    Default

    Let's remove tools and quarantine folders.

    • Please download DelFix or from Here and save the file to your Desktop.
    • Double-click DelFix.exe to run the programme.
    • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Click the Run button.
    • -- This will remove the specialized tools we used to disinfect your system.
      Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete
      ).

    ***************

    Your good to go, safe surfing.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  9. #29
    Senior Member
    Join Date
    Jun 2014
    Posts
    148

    Default Done :)


  10. #30
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,772

    Default

    Glad we could help.
    Since this issue appears resolved ... this Topic is closed.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •