Hi all,
First off: Can’t switch to Linux, Windows is a work requirement. Please spare me.
With that out of the way, here’s my problem:
Since 2-3 days I’ve been seeing ads disguised as a minimized video player popup on my Windows 10 Login Screen .
Initially I thought I might have been watching something on youtube and forgot to close the tab and it autoplayed in the background until reaching this stuff by chance; but that turned out not to be the case (I’m also using Firefox exclusively, which I thought wouldn’t integrate with Windows, but I wasn’t 100% sure on that end).
I tried to research this a bit, but the only similar case I found was in an old reddit thread saying that some Windows update installed the LinkedIn App for them, which is not the case here.
Antivirus (Bit Defender) and Malwarebytes both give me a clean report.
So I did some more digging and right click that thing with my firewall set to deny all to figure out where this is taking me, and surprise…
There’s a total of 100 connection attempts from Windows Search to around 10 different IP addresses, all of which belong to Microsoft.
I have not installed any updates in the last 14 days, no new software, and have not changed any system settings.
What did change is that I am currently not in China, where I normally live, but am on a business trip to Malaysia, where a bunch of services that are blocked in China might be accessible, and are now splicing in those (somewhat disguised) ads.
Does this happen to anyone else, and if so, do you have an idea how to get rid of it?
Thanks a lot in advance!
First off: Can’t switch to Linux, Windows is a work requirement. Please spare me.
Did they give you a very funny reason for this requirement, or is it just some windows exclusive garbage that doesn’t work in wine?
Did they give you a very funny reason for this requirement, or is it just some windows exclusive garbage that doesn’t work in wine?
Why do people always ask this kind of crap?
If you have a corporate laptop, it will likely have a suite of software centrally managed by your company’s IT department.
It will contain software that is also centrally licenced so that your boss doesn’t have to figure out how to pay for thousands of dollars of software, they can just tell IT to bill a licence for software X to your cost centre at $13.75 a month.
It will have a domain login that is your corporate identity which will usually require multi factor authentication.
It will have some corporate VPN solution which operates mostly transparently and requires zero setup on your part.
It will contain company sensitive data which will usually be encrypted by bitlocker, whose keys are stored with your domain account.
It will have the usual Teams/Outlook/SharePoint stuff with a centralised calendar and contacts for your company, and likely security classifications for all the communications you do through it, allowing you to join groups, accept invites to restricted groups, and limit access, all linked to your domain account.
It will have mapped drives to your corporate file storage , again, all linked to your domain account.
It will probably have OneDrive, synced to a corporate server, again, linked to your domain account.
It will have a printing solution that is linked to your domain account so that your printers follow you wherever you go and you can easily find and print to the secure print queue on some random printer you happen to walk past in one of your offices, so you can enter your PIN or swipe your access card and have that IMPORTANT_SECRET_RESEARCH.DOC file print while you’re standing in front of the printer.
And finally, your work laptop does not belong to you. Wiping it and installing Linux plus Wine and keeping company sensitive data on an unmanaged device will attract the ire of HR.
Your IT department won’t give a crap. But they also won’t help if anything doesn’t work, such as trying to join a domain to access allllll those domain-linked features with an unauthorised device.
They will simply re-image your laptop to bring it back to a known state that they can deal with.
So no, suggesting Linux + Wine to run some “windows exclusive garbage” isn’t an answer here.
This kind of reply is never convincing, so rather than promote proprietary software, here’s the real answer:
Removing Windows is rarely your job, so don’t do this extra work for free.
Despite being the centrally managed solution most companies chose, it also is, let’s face it, a completely capable OS that’ll happily run most software without recompiling your kernel twice a day. (My Linux days are long gone, I know things are supposedly easier today.)
Sure, it’s sometimes annoying to use and I might take longer to do my job on it. It also might spy on you. But then, I’m being paid by the hour and I don’t do private shit on my work computer, so yeah, what gives.
Why do people always ask this kind of crap?
Fuck you too. 👍
It will contain software that is also centrally licenced so that your boss doesn’t have to figure out how to pay for thousands of dollars of software, they can just tell IT to bill a licence for software X to your cost centre at $13.75 a month.
To think they could be paying nothing for better software instead.
It will contain company sensitive data which will usually be encrypted by bitlocker, whose keys are stored with your domain account.
As soon as you need to decrypt that data, you’re at best trusting that data to the NT kernel if you use a memory filesystem.
It will have a domain login that is your corporate identity which will usually require multi factor authentication.
I’ve never heard the terminology domain account. Does it prevent you from using a different OS?
It will have the usual Teams/Outlook/SharePoint stuff with a centralised calendar and contacts for your company, and likely security classifications for all the communications you do through it, allowing you to join groups, accept invites to restricted groups, and limit access, all linked to your domain account.
I’d be surprised if there wasn’t some way to get some of these to work on not-windows / not-macos. Either a webclient or Pidgin, the everything client :)
It will probably have OneDrive, synced to a corporate server, again, linked to your domain account.
https://github.com/abraunegg/onedrive
And finally, your work laptop does not belong to you. Wiping it and installing Linux plus Wine and keeping company sensitive data on an unmanaged device will attract the ire of HR.
If your HR is that cancer I’d try looking for a different company. If they are scared of “unmanaged” devices why are they using a spyware OS.
Your IT department won’t give a crap. But they also won’t help if anything doesn’t work, such as trying to join a domain to access allllll those domain-linked features with an unauthorised device.
You shouldn’t be using Unix in production unless you know how to use Unix, I agree.
Sometimes I have doubts if some people I see posting here on Lemmy actually work. It seems like y’all live in this Wonderland where finding new jobs is extremely easy and convincing whole companies to use free software is easy like sending an e-mail. I’m honestly envious.
But still, the fact that the person already said that not using Windows isn’t an option and you persisted questioning wasn’t very nice, so I see no reason for you to be rude and offensive when someone call out your behavior. Please keep it civil.
But still, the fact that the person already said that not using Windows isn’t an option and you persisted questioning wasn’t very nice
I wasn’t telling them that they should use Linux, I wanted to know why they weren’t allowed to.
I live in China, policies are to be followed. There is no “but”, and I rather pick a nicer hill to die on, when it comes to that.
Damn I feel sorry for you
Have you considered leaving china?
Not for the sake of being able to use Linux, no. On other terms most certainly.
Be safe out there. People can disappear in China over just about anything
It’s really not as crazy as the media makes it sound like on a general basis, but yeah. Ever since covid even the last person realized what rights remain when the powers that be go wild. My days here are numbered anyways, just a few more weeks.
Honestly China makes me really sad. It has such a long and rich history and now the government seems to be completely separated from the government.
I haven’t had this happen personally, but are you allowed to edit your hosts file? I’m assuming those IP addresses are coming from DNS resolution, and if you hardcode those DNS entries to resolve to 127.0.0.1, it’ll stop the ads.
nslookup <ip address>
should give you the domain names, if not there’s DNS logs in Event Viewer that should tell you.Yep I can access the hosts file, that’s a great idea. Will give it a shot. I just hope those aren’t IPs that MS is using for genuine requests of applications I have to use such as Teams or Outlook… But will give it a try, at least if anything else breaks, I know what to do to resolve that. Thanks for the tip!
Windows detects media being played and shows you that inlay with controls. It must be detecting that stream somewhere being played, even if it isn’t obviously playing in a browser tab. You should be able to control whether it shows media controls on the lock screen.
Been poking around a bit more, and found another entry in the Firewall that comes up right on boot, which is a service called MS.Edge.Webview2, which seems to be triggered through the Teams App (that I did have on autostart). I’ve now completely uninstalled Teams, and after a fresh boot the ad (or “media control”) seems to be gone now. Guess I’ll be using Teams from my phone or via browser in the future. No idea how that happened though, I never played any video through Teams.
Glad you got it sorted. Weird about teams though. Have a good one!