It looks like you're using an Ad Blocker.

Please white-list or disable in your ad-blocking tool.

Thank you.


Some features of ATS will be disabled while you continue to use an ad-blocker.


Pop-Ups, Redirects, Malware Alerts and Fake Alerts: SUPPORT THREAD

page: 1

log in


posted on Feb, 7 2009 @ 02:51 PM
The recent trend, no matter what "name" they're packaged under, are nearly all just variants of the same core crapware.

Internet Anti Virus Pro 2009
Anti Spyware 2009
Spyware Defender 2009 (?sp)
what have you...

Personally I've found a combination of the following to be quite effective in eliminating nearly each and every variant I've had come across the tech table.

Malwarebytes Anti-Malware
Super Antispyware
* Right-click and Save-as to your root drive ("C:" typically)

To start:
- Reboot to Safe Mode (press and hold F8 upon startup to get to the Boot Menu)
- Login as Administrator
- Turn off any Anti Virus program that may be running in the background.
- Go to "My Computer" and open your root drive ("C:" typically)
- Locate the ComboFix program and open it.
- Run the program (click NO when prompted to install the System Recovery Console)
- Once you've gone through the various stages and are presented with the Report, close out of the program.
- Go to "My Computer" and again open your root drive ("C:")
- Locate Ccleaner and install the program. (remove the check to install Yahoo toolbar if you don't want it)
- Once installed, Open the program.
- Click on "Registry" in the upper left-hand corner.
- Click "Scan for issues" (lower right)
- Once it's finished scanning click "Fix Issues" (bottom right).
- Once that's done click "System Cleaner" in the upper left-hand corner.
- Click "Analyze" ( lower right) ( may take a while)
- When it's finished scanning click "Run Cleaner". (may take a while)
- Once it's done close out of the program.

- Go to "My Computer" and open your root drive ("C:")
- Open the Program Files folder and locate the folder named after whatever your problem child is. (Anti Spyware '09, etc.) Open it.
- Right-click and delete each and every file therein. Don't worry if it won't allow to delete them all. (access denied and all that...)

Restart your PC.

If you're still receiving the fake alerts and what not presented by these craptastic pieces of work, then restart back into Safe Mode, login as Administrator and run the Smitfraudfix program.

Otherwise just run a full scan with the likes of Spybot S&D and AVG Anti Virus (or whatever you're using).

Run Ccleaner again using both the System Cleaner and Registry tools.

Restart you PC.

If you're still having issues then try running Malwarebytes Anti Malware and/or Super Antispyware, though It's been my experience that the previous programs do the job just fine.

If anyone has any questions or concerns regarding the above processes, please don't hesitate to U2U me. I'll be happy to assist in any way possible.

Hope this helps.

p.s. You may receive some "Access Violation" alerts whilst running ComboFix, just "X" out of them. They're typically nothing more than the program trying to restart various processes or files that have been either disabled or removed, much like the kicking and screaming tosser trying to get back in the pub after having been thrown out.

[edit on 12-2-2009 by SkepticOverlord]

posted on Feb, 13 2009 @ 07:30 AM
I run Firefox with NoScript as a beautiful extension. The NoScript blocks all scripts from running on web pages. You can select which scripts you want to allow to run for those web pages you frequently visit. Third-party scripts stay blocked as long as I do not allow them.

Using NoScript with Firefox

I highly recommend this combination for anyone who consistently has problems with this. This is obviously not the cure and end all for malware but it helps.

posted on Feb, 13 2009 @ 07:32 AM

Originally posted by Amaxium
Third-party scripts stay blocked as long as I do not allow them.

Make sure you allow ATS advertising to run. It's our only source of revenue for this massively expensive website, running on a cluster of five servers with outsourced security and tech-support teams.

posted on Feb, 13 2009 @ 07:40 AM
HEY GUYS - When 12m8keall2c speaks computer .. listen. Trust me.
He knows what he's doing and he'll save you a lot of future grief.

12m8keall2c - I'm going save this thread for future use.


posted on Feb, 13 2009 @ 07:48 AM
reply to post by 12m8keall2c

Just to let you know, yesterday - it happened 3 times, when I tried going to "recent posts" - I could not get through, this is the message I got:

INSERT INTO 202_clicks_spy SET click_id='1331185', user_id = '1', aff_campaign_id = '70', ppc_account_id = '0', click_cpc = '0.00100', click_payout = '1.75', click_filtered = '1', click_alp = '0', click_time = '1234454716'

The table '202_clicks_spy' is full

I have no idea what that means, but wanted to post it, fyi

posted on Feb, 13 2009 @ 08:09 AM

Originally posted by questioningall
INSERT INTO 202_clicks_spy SET click_id='1331185'

Source of the problem here.

A popular click-tracking tool apparently had some code issues recently. This type of "click tracking" is nothing to be concerned about as all they're doing is running what amounts to a 3rd party audit to ensure an advertising network is tracking user clicks appropriately.

It's not malware. But it is a bug.

posted on Feb, 13 2009 @ 08:32 AM
After some of our recent reports of alarms and alerts, and the coinciding significant lack of alarms by staff members and myself (who tend to spend the most time on ATS), I've done a little more research and will be putting together some tools to help our members.

First... the most probable source of malware...

Websites dealing in computer security and malware threats are noticing a distinct rise in spam emails carrying a variety of malicious payloads. The recent spread of a new botnet, combined with some new techniques to launch installers from an email have many experts very concerned. A portion of this activity runs very-small-footprint applications that first disable virus scanners, then download more complex payloads.

Incidents of malware from spam email far outnumbers incidents of getting malware from websites. While there will always be a problem with compromised web sites, spam is your #1 source of problems.

In fact, I had 17 spam emails with stealth links to the exact same URL members were reporting as problematic yesterday. One was looking like a very legitimate direct marketing email from a well-known online retailer.

Many of the payloads installed by malicious-spam include key-loggers and URL trackers. These types of malware can appear to be coming form websites you visit, as their activity will often trigger while using your web browser. As a result, you may get malware alerts while on certain sites as the key-logger is attempting to get valuable details such as passwords, user-ids, credit cards, etc... and your virus scanner is picking up on the activity.

But sometimes, there may be something more to it...

We're going to create a "Malware Reporting Page" that contains some basic information on how to determine a real threat and its point of origin. If the threat looks like something we should know about, a simple form will guide you through what we need to know so that we can properly investigate. Just saying "I got alerts while on ATS," gives us nothing to work with, and we do want to know if real threats exist.

Also, this thread will serve as a running "help thread" with information about known current threats, and how to initiate counter measures. As a result, we will be monitoring this thread, and there should only be posts on how to remove malware. This isn't a problem-reporting thread, it's a solution thread for our members. To keep this thread informative and efficient for our users, posts that report problems or discuss problems will be removed.

Thank you in advance for your help in keep this thread clear of clutter so that solutions are easy to find and implement.

new topics

top topics


log in