posted on Sep, 4 2009 @ 10:12 AM
I've seen it here, and at other sites. It's definitely coming off of an ad server, and you don't have to click on the ad for it to pop up. If the
ad runs sound, animation, video, etc... it can pretty much do what it wants without anybody clicking on it. Unfortunately as fast as the ad servers
can get the bad scripts out of rotation, the scripters use straw businesses and/or stolen business identities to buy more rotations. I also put part
of the blame on the ad server companies for not putting enough scrutiny on the ad scripts before they are put into rotation.
It's something we all will have to put up with, and it will happen more often in the future until the ad server companies realize it is part of their
job of keeping bad script out.
I've gotten these things off of ATS, Fark, and other web sites that are completely legit. It's not the fault of ATS at all. ATS, Fark, and the
other sites have to make money somehow, and it boils down to ads, subscriptions, or a mix. Cut the ATS guys some slack.
If you are that upset about the fake antivirus popups, the solution would be to charter a flight to the Ukraine (where, last I had read, these
scriptors are operating out of), and hunt them down. They host their crap on servers out of Singapore, and other asian countries where all it takes
is proper payment to get anything hosted, and those operators will look the other way as long as the account is up to date (like the Russian Business
Network in Russia). It's the same MO as the smitfraud virus. The name of the so-called antivirus/antiadware changes, but the method remains the
same. Next month, next year, it will be named something different.... 'Windows 7 antivirus' 'Windows 7 2010 antivirus', etc....
For the time being if you get a popup that warns you that your computer may be infected, don't click on it as many here have said. What you are
seeing is a borderless window, and anything within the border is basically a clickable image. CTRL-ALT-DELETE, find iexplore.exe, firefox.exe, or
chrome, safari, etc.. in the process list, and kill it there. Then scan for adware.
[edit on 4-9-2009 by SpacePunk]