Here is a graphic that shows up on my screen...
This has shown up 2-3 times in the last 10 days while I'm browsing websites with IE 11. You can see in the full screen grab above, the purported URL from which this is coming. I'll be browsing a web site and suddenly when I select something, I lose the screen I was on and this takes over my browser window.
There is another dialogue box that comes up on top of this screen that is from the OS somehow. It is small, and looks very much like what you see when using the MSG.exe command over a network. It says something like the webpage has discovered a problem and you need to clean your computer immediately. I think I clicked the dialogue box away if I remember correctly, then have to quit IE, if I remember correctly.
I am running Surface RT so I cannot turn off Windows Update which means my Windows Defender that is provided with RTs is up to date on virus/malware issues as far as Microsoft knows. You cannot get MSE for RTs, but Windows Defender GUI looks just like MSE. I ran a full scan using Defender just to say I did. It reported no problems and my system is protected. My arm processor is Nvidia Tegra 3 Quad core 1.3 GHz, in Surface RT with Windows 8.1 RT. Regedit for ...
teRPC is set to 0, and "Allow remote assistance connections" is off in the system control panel. The Surface RT is on WiFi to Apple Airport (maybe 7 years old) which is Ethernet connected to Motorla SB series cable modem (maybe 7 years old) to Comcast. Under Security control panel, Firewall and everything is on and ok except for "Network Access Protection Agent" which was not running. Looking into it, I found it off and set to manual. I changed it to automatic and started it. It is on now.
1. Is it really that easy to send something to a protected system?
2. Is there a checklist of things to do to close down security issues to prevent this?
3. Was my off status of the NAP agent how they got to me, or unrelated?
4. Is there any useful intelligence I can gather if they do it again?
5. Shouldn't Windows Defender tell me my NAP agent is off?
Any answers or advice would be awesome. Thank you.