Friday 4 August 2017

Edge Browser: Reset After Malware How To

Every time a client of ours opened Edge they would receive a big red screen with "Edge has been compromised".

With the Edge option to open previous tabs/pages there is no real way to get out of the loop. We cleaned out the Edge temporary files folder and the problem still happened.

So, to fix it we needed to nuke & pave.

We do that by running the following two steps on the problematic machine:

1: Delete:
C:\Users\%username%\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe

2: Elevated PowerShell all on one line:
Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml" -Verbose}

3: Start Edge

With the above process complete the user should get the "Welcome to Edge" message and tabs.

NOTE: This process essentially removes and re-installs Edge. _ALL_ settings, saved passwords, and such are removed!

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
Our Cloud Service
Twitter: @MPECSInc

1 comment:

Victor said...

Hi Philip,

Maybe a different attack, but we had one client that kept getting hit by the "your computer has a virus call support at ..." page. You would shut down Edge and the open previous tabs/pages would start it back up. Similar to what you experienced.

The fix I found on Internet was to:
Press Windows Key and type google.com in the search bar and this would open the browser with previous pages and google.com page on top.
You can then close the "virus" page and problem solved.

Not sure if that works on the variant you fixed but it has work a couple of times for me.
Take care,
Victor