It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Pop-Ups, Redirects, Malware Alerts and Fake Alerts: SUPPORT THREAD
page: 19
share:
The recent trend, no matter what "name" they're packaged under, are nearly all just variants of the same core crapware.
Internet Anti Virus Pro 2009
Anti Spyware 2009
Spyware Defender 2009 (?sp)
what have you...
Personally I've found a combination of the following to be quite effective in eliminating nearly each and every variant I've had come across the tech table.
ComboFix
Smitfraudfix
Malwarebytes Anti-Malware
Super Antispyware
Ccleaner
* Right-click and Save-as to your root drive ("C:" typically)
To start:
- Reboot to Safe Mode (press and hold F8 upon startup to get to the Boot Menu)
- Login as Administrator
- Turn off any Anti Virus program that may be running in the background.
- Go to "My Computer" and open your root drive ("C:" typically)
- Locate the ComboFix program and open it.
- Run the program (click NO when prompted to install the System Recovery Console)
- Once you've gone through the various stages and are presented with the Report, close out of the program.
- Go to "My Computer" and again open your root drive ("C:")
- Locate Ccleaner and install the program. (remove the check to install Yahoo toolbar if you don't want it)
- Once installed, Open the program.
- Click on "Registry" in the upper left-hand corner.
- Click "Scan for issues" (lower right)
- Once it's finished scanning click "Fix Issues" (bottom right).
- Once that's done click "System Cleaner" in the upper left-hand corner.
- Click "Analyze" ( lower right) ( may take a while)
- When it's finished scanning click "Run Cleaner". (may take a while)
- Once it's done close out of the program.
Now,
- Go to "My Computer" and open your root drive ("C:")
- Open the Program Files folder and locate the folder named after whatever your problem child is. (Anti Spyware '09, etc.) Open it.
- Right-click and delete each and every file therein. Don't worry if it won't allow to delete them all. (access denied and all that...)
Restart your PC.
If you're still receiving the fake alerts and what not presented by these craptastic pieces of work, then restart back into Safe Mode, login as Administrator and run the Smitfraudfix program.
Otherwise just run a full scan with the likes of Spybot S&D and AVG Anti Virus (or whatever you're using).
Run Ccleaner again using both the System Cleaner and Registry tools.
Restart you PC.
If you're still having issues then try running Malwarebytes Anti Malware and/or Super Antispyware, though It's been my experience that the previous programs do the job just fine.
If anyone has any questions or concerns regarding the above processes, please don't hesitate to U2U me. I'll be happy to assist in any way possible.
Hope this helps.
p.s. You may receive some "Access Violation" alerts whilst running ComboFix, just "X" out of them. They're typically nothing more than the program trying to restart various processes or files that have been either disabled or removed, much like the kicking and screaming tosser trying to get back in the pub after having been thrown out.
[edit on 12-2-2009 by SkepticOverlord]
Internet Anti Virus Pro 2009
Anti Spyware 2009
Spyware Defender 2009 (?sp)
what have you...
Personally I've found a combination of the following to be quite effective in eliminating nearly each and every variant I've had come across the tech table.
ComboFix
Smitfraudfix
Malwarebytes Anti-Malware
Super Antispyware
Ccleaner
* Right-click and Save-as to your root drive ("C:" typically)
To start:
- Reboot to Safe Mode (press and hold F8 upon startup to get to the Boot Menu)
- Login as Administrator
- Turn off any Anti Virus program that may be running in the background.
- Go to "My Computer" and open your root drive ("C:" typically)
- Locate the ComboFix program and open it.
- Run the program (click NO when prompted to install the System Recovery Console)
- Once you've gone through the various stages and are presented with the Report, close out of the program.
- Go to "My Computer" and again open your root drive ("C:")
- Locate Ccleaner and install the program. (remove the check to install Yahoo toolbar if you don't want it)
- Once installed, Open the program.
- Click on "Registry" in the upper left-hand corner.
- Click "Scan for issues" (lower right)
- Once it's finished scanning click "Fix Issues" (bottom right).
- Once that's done click "System Cleaner" in the upper left-hand corner.
- Click "Analyze" ( lower right) ( may take a while)
- When it's finished scanning click "Run Cleaner". (may take a while)
- Once it's done close out of the program.
Now,
- Go to "My Computer" and open your root drive ("C:")
- Open the Program Files folder and locate the folder named after whatever your problem child is. (Anti Spyware '09, etc.) Open it.
- Right-click and delete each and every file therein. Don't worry if it won't allow to delete them all. (access denied and all that...)
Restart your PC.
If you're still receiving the fake alerts and what not presented by these craptastic pieces of work, then restart back into Safe Mode, login as Administrator and run the Smitfraudfix program.
Otherwise just run a full scan with the likes of Spybot S&D and AVG Anti Virus (or whatever you're using).
Run Ccleaner again using both the System Cleaner and Registry tools.
Restart you PC.
If you're still having issues then try running Malwarebytes Anti Malware and/or Super Antispyware, though It's been my experience that the previous programs do the job just fine.
If anyone has any questions or concerns regarding the above processes, please don't hesitate to U2U me. I'll be happy to assist in any way possible.
Hope this helps.
p.s. You may receive some "Access Violation" alerts whilst running ComboFix, just "X" out of them. They're typically nothing more than the program trying to restart various processes or files that have been either disabled or removed, much like the kicking and screaming tosser trying to get back in the pub after having been thrown out.
[edit on 12-2-2009 by SkepticOverlord]
I run Firefox with NoScript as a beautiful extension. The NoScript
blocks all scripts from running on web pages. You can select which scripts you want to allow to run for those web pages you frequently visit.
Third-party scripts stay blocked as long as I do not allow them.
Using NoScript with Firefox
I highly recommend this combination for anyone who consistently has problems with this. This is obviously not the cure and end all for malware but it helps.
Using NoScript with Firefox
I highly recommend this combination for anyone who consistently has problems with this. This is obviously not the cure and end all for malware but it helps.
Originally posted by Amaxium
Third-party scripts stay blocked as long as I do not allow them.
Make sure you allow ATS advertising to run. It's our only source of revenue for this massively expensive website, running on a cluster of five servers with outsourced security and tech-support teams.
HEY GUYS - When 12m8keall2c speaks computer .. listen. Trust me.
He knows what he's doing and he'll save you a lot of future grief.
12m8keall2c - I'm going save this thread for future use.
THANK YOU
He knows what he's doing and he'll save you a lot of future grief.
12m8keall2c - I'm going save this thread for future use.
THANK YOU
reply to post by 12m8keall2c
Just to let you know, yesterday - it happened 3 times, when I tried going to "recent posts" - I could not get through, this is the message I got:
I have no idea what that means, but wanted to post it, fyi
Just to let you know, yesterday - it happened 3 times, when I tried going to "recent posts" - I could not get through, this is the message I got:
INSERT INTO 202_clicks_spy SET click_id='1331185', user_id = '1', aff_campaign_id = '70', ppc_account_id = '0', click_cpc = '0.00100', click_payout = '1.75', click_filtered = '1', click_alp = '0', click_time = '1234454716'
The table '202_clicks_spy' is full
I have no idea what that means, but wanted to post it, fyi
Originally posted by questioningall
INSERT INTO 202_clicks_spy SET click_id='1331185'
Source of the problem here.
A popular click-tracking tool apparently had some code issues recently. This type of "click tracking" is nothing to be concerned about as all they're doing is running what amounts to a 3rd party audit to ensure an advertising network is tracking user clicks appropriately.
It's not malware. But it is a bug.
After some of our recent reports of alarms and alerts, and the coinciding significant lack of alarms by staff members and myself (who tend to
spend the most time on ATS), I've done a little more research and will be putting together some tools to help our members.
First... the most probable source of malware...
Websites dealing in computer security and malware threats are noticing a distinct rise in spam emails carrying a variety of malicious payloads. The recent spread of a new botnet, combined with some new techniques to launch installers from an email have many experts very concerned. A portion of this activity runs very-small-footprint applications that first disable virus scanners, then download more complex payloads.
Incidents of malware from spam email far outnumbers incidents of getting malware from websites. While there will always be a problem with compromised web sites, spam is your #1 source of problems.
In fact, I had 17 spam emails with stealth links to the exact same URL members were reporting as problematic yesterday. One was looking like a very legitimate direct marketing email from a well-known online retailer.
Many of the payloads installed by malicious-spam include key-loggers and URL trackers. These types of malware can appear to be coming form websites you visit, as their activity will often trigger while using your web browser. As a result, you may get malware alerts while on certain sites as the key-logger is attempting to get valuable details such as passwords, user-ids, credit cards, etc... and your virus scanner is picking up on the activity.
But sometimes, there may be something more to it...
We're going to create a "Malware Reporting Page" that contains some basic information on how to determine a real threat and its point of origin. If the threat looks like something we should know about, a simple form will guide you through what we need to know so that we can properly investigate. Just saying "I got alerts while on ATS," gives us nothing to work with, and we do want to know if real threats exist.
Also, this thread will serve as a running "help thread" with information about known current threats, and how to initiate counter measures. As a result, we will be monitoring this thread, and there should only be posts on how to remove malware. This isn't a problem-reporting thread, it's a solution thread for our members. To keep this thread informative and efficient for our users, posts that report problems or discuss problems will be removed.
Thank you in advance for your help in keep this thread clear of clutter so that solutions are easy to find and implement.
First... the most probable source of malware...
Websites dealing in computer security and malware threats are noticing a distinct rise in spam emails carrying a variety of malicious payloads. The recent spread of a new botnet, combined with some new techniques to launch installers from an email have many experts very concerned. A portion of this activity runs very-small-footprint applications that first disable virus scanners, then download more complex payloads.
Incidents of malware from spam email far outnumbers incidents of getting malware from websites. While there will always be a problem with compromised web sites, spam is your #1 source of problems.
In fact, I had 17 spam emails with stealth links to the exact same URL members were reporting as problematic yesterday. One was looking like a very legitimate direct marketing email from a well-known online retailer.
Many of the payloads installed by malicious-spam include key-loggers and URL trackers. These types of malware can appear to be coming form websites you visit, as their activity will often trigger while using your web browser. As a result, you may get malware alerts while on certain sites as the key-logger is attempting to get valuable details such as passwords, user-ids, credit cards, etc... and your virus scanner is picking up on the activity.
But sometimes, there may be something more to it...
We're going to create a "Malware Reporting Page" that contains some basic information on how to determine a real threat and its point of origin. If the threat looks like something we should know about, a simple form will guide you through what we need to know so that we can properly investigate. Just saying "I got alerts while on ATS," gives us nothing to work with, and we do want to know if real threats exist.
Also, this thread will serve as a running "help thread" with information about known current threats, and how to initiate counter measures. As a result, we will be monitoring this thread, and there should only be posts on how to remove malware. This isn't a problem-reporting thread, it's a solution thread for our members. To keep this thread informative and efficient for our users, posts that report problems or discuss problems will be removed.
Thank you in advance for your help in keep this thread clear of clutter so that solutions are easy to find and implement.
new topics
-
TODAY IS A HUGE ELECTION DAY FOR AMERICA - November 5th 2024 - Reports from Around The Nation.
2024 Elections: 5 hours ago -
Joe Rogan Endorses Trump After Musk Interview
US Political Madness: 6 hours ago -
Trump is NOT Racist
Politicians & People: 7 hours ago -
"I'm seeing Red" by Jesslee and the Marine
Music: 8 hours ago -
Black Holes Could Be The Mysterious Force Expanding The Universe
Science & Technology: 9 hours ago
top topics
-
Trump holds final campaign rally in Michigan before voting begins Tuesday
2024 Elections: 12 hours ago, 14 flags -
Kamala is running pro Palestine ads While simultaneously running pro Israel ads
2024 Elections: 12 hours ago, 11 flags -
Joe Rogan Endorses Trump After Musk Interview
US Political Madness: 6 hours ago, 11 flags -
TODAY IS A HUGE ELECTION DAY FOR AMERICA - November 5th 2024 - Reports from Around The Nation.
2024 Elections: 5 hours ago, 10 flags -
Kamala finally builds a wall...around her home in DC
Jokes, Puns, & Pranks: 16 hours ago, 8 flags -
Almost Home
Short Stories: 15 hours ago, 7 flags -
Black Holes Could Be The Mysterious Force Expanding The Universe
Science & Technology: 9 hours ago, 7 flags -
"I'm seeing Red" by Jesslee and the Marine
Music: 8 hours ago, 5 flags -
Trump is NOT Racist
Politicians & People: 7 hours ago, 5 flags
active topics
-
British Man Jailed for over 2 Years for Shouting at Police During Protest has Died in Prison
Social Issues and Civil Unrest • 35 • : BrucellaOrchitis -
TODAY IS A HUGE ELECTION DAY FOR AMERICA - November 5th 2024 - Reports from Around The Nation.
2024 Elections • 11 • : KrustyKrab -
New York State Government Kills Peanut the Squirrel and Fred the Raccoon
US Political Madness • 63 • : Lazy88 -
Mood Music Part VI
Music • 3688 • : BrucellaOrchitis -
Stonehenge offers up a new Mystery - The Altar Stone
Ancient & Lost Civilizations • 46 • : BrucellaOrchitis -
The CIA's Dark Search for the Ark of the Covenant, and the Ark of Gabriel Explained.
Paranormal Studies • 13 • : BrucellaOrchitis -
Joe Rogan Endorses Trump After Musk Interview
US Political Madness • 7 • : charlyv -
The Manhattan Alien Abduction
Aliens and UFOs • 5 • : Arbitrageur -
Portland Oregon and Washington D.C. Businesses Board up in Preparation for Election Day Unrest
US Political Madness • 20 • : Vermilion -
Trump holds final campaign rally in Michigan before voting begins Tuesday
2024 Elections • 21 • : WeMustCare
9