My ATS pages are getting hijacked!!!

page: 2
15
<< 1    3  4 >>

log in

join

posted on Apr, 4 2012 @ 06:35 PM
link   
SkepticOverlord has been notified of this thread. Please be patient.




posted on Apr, 4 2012 @ 06:37 PM
link   
I am starting to get really irritated. Often times I'll be visiting ATS and www.heavy.com will take over my browser and just randomly start playing a video. This happens on no other website I visit (ONLY on ats). Has anyone else experienced this? Does ATS get sponsored by these guys or something? Or do I have a virus? As I said, it doesn't happen on any other website I visit.

^ posted in a thread I made. This is only happening to me on ATS.



posted on Apr, 4 2012 @ 06:38 PM
link   
DS I sent you a message.
follow the link



posted on Apr, 4 2012 @ 06:57 PM
link   
We get custom Advertising on ATS usually the latest places we were looking at or searching for on the internet.

As a firefox debugging test you can click tools/options/content and uncheck _javascript briefly.

You won\'t be able to post or search that way but if it fixes the problem then its probably in a tempfile or cookie that you picked up.



posted on Apr, 4 2012 @ 07:05 PM
link   
If you are getting re-directs, the first thing to check is your hosts file.
For most users, the only entry that should be in there is:

127.0.0.1 localhost

The file is called "hosts" and has no extension
you can use any text editor on it.

in Windows it in C:/windows/system32/drivers/etc
In Linux, it is in the .etc directory

Trojans usually inject all sorts of re-direct websites in this file because it is searched first before any DNS entries are queried.



posted on Apr, 4 2012 @ 07:25 PM
link   
reply to post by fakedirt
 



fakedirt - Thanks for the heads up. I knew my security was good, but not this good. Thanks for giving me a place to check it. This is what GRC said about my computer security. Maybe this is why I've never had a virus or any other malware problem.


Please Stand By. . .
Attempting connection to your computer. . .

Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.



posted on Apr, 4 2012 @ 08:19 PM
link   

Originally posted by greeneyedleo
CCleaner.....


If you use CCleaner,

here is a shortcut to their commandline routines.

It will run the tempfile cleaner in the background without opening the whole menu program.



"C:\Program Files\CCleaner\ccleaner.exe" /auto


make a new shortcut and use the above commandline.
(sub with your drive letter\folder)

It will run according to your settings.
(be sure to set to save certain cookies before using this)
(set under "Options/cookies" menu)

not a bad idea to run this every few hours.



posted on Apr, 4 2012 @ 08:29 PM
link   
I've been getting that too for over a week now, and ONLY from ATS pages. If the firehose page is one of the tabs open, every now and again when it refreshes, it redirects to heavy.com and leads into a bunch of homemade bungee stuff.
This is definitely an ATS ad doing this.



posted on Apr, 5 2012 @ 03:44 AM
link   

Originally posted by greeneyedleo
CCleaner.....


CCleaner will not clean JAVA history

That is were keyloggers and redirects can hide. Its a known JAVA issue that hasn't been fixed



Go to Control Panel ---> JAVA----> temporary Internet files----->Delete Files-------> Check both Applications and Trace Logs----> OK


That will also give you some extra speed



You can decide to check or uncheck the box "keep temporary files on my computer" I have it unchecked and have no issues. Some games may need that active

But clean out that JAVA temp folder from time to time



posted on Apr, 5 2012 @ 05:57 AM
link   
reply to post by DAVID64
 


no problem david64.

when i was struggling to get a grip on the situation last year, autowrench suggested the site and i was impressed. so, a big thanks to autowrench from me.
regards fakedirt.



posted on Apr, 5 2012 @ 09:11 AM
link   
a simple way to stop your browser being hijacked (this isnt a fix its prevention) sometimes you will be looking up the most straight forward not obviously bad website, on say some science research wesbite and you will get a pop up box with a yes/no box that if you try to close the browser or try to leave the page/tab the box will keep bugging you till you click it *DO NOT DO THIS*.

If you get one of these pages, they cannot directly launch the payload because the user must put in an input to run it (thanks to some nifty windows 7 security and browser tech) however, its all too easy to ignore a pop up window like this and click yes.

To avoid launching their nasty payload (usually the hosts file style of redirection as posted above) you cannot 'soft close' the browser because the pop up will stop you, you must hit ctrl+alt+del (or right click taskbar) to launch the task manager, find firefox in the processes list and right click it "end process". Now firefox when you restart the browser, will want to restore your last session - this is bad and will take you right back to the bad page. Instead of running fire fox from your normal start bar icon or desktop icon, you will have to search your start bar for the firefox and then choose the "start in safe mode" this will give you the option to NOT restore the last session and thats what you want - then you get a fresh tab and are free to continue browsing.

Good pop up stoppers and advanced browser security add ons etc do stop most of these but every now and then one gets through - if you never get these anyway when one does pop up you are all more likly to click the pop up.

Just more info on the same stuff, 2 cents from biigs.



posted on Apr, 5 2012 @ 04:16 PM
link   
I've had a similar problem on one of my older laptops. I'm sure it's the same thing and if you leave it be for so long without actually getting it fix it will only damage your computer/laptop more and believe me when I tell you, it get's annoying. If it's what I think it is, you have a rootkit installed on your computer.

To fix this, simply download;

TDSSKiller Anti-rootkit utility

Follow the instructions and your problem should be fixed.



posted on Apr, 5 2012 @ 06:21 PM
link   
i too have been having the redirect to heavy the last few days, maybe a week. I've noticed it only happens when i am on ats...

I'm running ubuntu linux, and am under the impression that its damn near impossible for a virus to infect linux, so i am leaning to blaming the site as well...

I've changed my settings in firefox to notify me of redirects, and it shows up constantly since...it says the site is trying to redirect.
edit on 5-4-2012 by Jrosh because: (no reason given)
edit on 5-4-2012 by Jrosh because: (no reason given)



posted on Apr, 5 2012 @ 06:59 PM
link   

Originally posted by violet
[Anyways it's still happening and apart from clearing the cache, none of the sugestions can be used on an ipad, Apple doesn't get virus' as far as i know. They don't even endorse anti-virus software, etc.

.


There is a recent rash of Apple vulnerabilities, and now there are hundreds of thousands
of Mac's that are infected, and being used for bots. Over 600,000.

www.eweek.com...

No one is "safe" without protection.



posted on Apr, 5 2012 @ 07:12 PM
link   

Originally posted by snowspirit
I've been getting that too for over a week now, and ONLY from ATS pages. If the firehose page is one of the tabs open, every now and again when it refreshes, it redirects to heavy.com and leads into a bunch of homemade bungee stuff.
This is definitely an ATS ad doing this.



It's happening to me as well.

Always to HEAVY.COM and only when I'm on ATS.

This obviously is not a malware or virus issue if multiple people here are experiencing the same redirect to the exact same site.

Agreed. It's highly annoying.

Also, over the past few weeks, the flash ads posted within threads here will occasionally just start randomly playing. Sometimes ALL AT ONCE which is super annoying. Having to scroll down to each one to mute them, only to have it happen again.

There have been days where I've just given up and logged off because I couldn't even read anything because it was so distracting



Yes. In the case of the latter, I realize I could just put my sound on mute, but then I'm not hearing anything else either like chat notifications, or music I may be listening to.

just my .02
edit on 5-4-2012 by HIWATT because: spelling


edit: i'm using chrome
edit on 5-4-2012 by HIWATT because: (no reason given)



posted on Apr, 5 2012 @ 07:48 PM
link   

Originally posted by cry93
Not only hijacked but kicked offline. I just typed something very real from my heart and its gone because I was kicked off line.

And btw, I was responding to a topic created by the "owner" of ATS.
edit on 3-4-2012 by cry93 because: (no reason given)


Same here for the past four or five days... just suddenly booted out loosing whatever I've written.

I am a member on a very dedicated site and run a top virus program with all the whistles and bells, SAS, CCleaner, own and have malwarbytes on standby and if bad enough I have used hijack this too... not being a novice I have ran both regular and safe boot scans and came up with nothing.

The one thing I did notice however after I increased my popup blockers sensitivity level a day or two ago, I now often get the white bar popping up often saying an active x or the like has been blocked. Since doing this, I have not been bothered.
edit on 5-4-2012 by OldCurmudgeon because: edit


XL5

posted on Apr, 5 2012 @ 11:47 PM
link   
I have not gotten these redirects, however, I have gotten other stuff to the point I have alot of things disabled or set to notify. I just wish that when I see threads like this, that people didn't jump the gun and claim "virus for other site", but instead, ask enough questions/get enough answers to rule out what it is and what it is not.

In this case, its most likely coming from AD's hosted on ATS, to say otherwise would be just like those pre-typed "We are sorry for your bla bla bla" letters that just work on sheeple. Like how the reactor problem was handled by Japan's govt.. If Japan's govt. had told the truth and worked to solve the problem, sure there would be more fear for awhile and more people would have left, but they would have trusted the govt. alot more.

Same thing with web sites and the need to hide things behind the curtain. It wouldn't be that bad for some one who has the info (mod or owner) to pop in and say "such and such site paid our AD server alot of money for placement and then our AD server paid us alot to host this AD, but we had no clue it would be a redirect like this, we don't have people who look at the coding of AD's all day, but we know now and have disabled it". On the other hand, if it was an outside attack on ATS, they could say so and how you can block it as well as mention that they are fixing it. If it isn't a mistake or attack (see above) and it wasn't from another site, that only leaves a real good reason to NOT talk about it with ATS members.

I think a global Transparency Day would be great. It would be the one day that was not Halloween, the one day people could see the "man" behind the mask. A day where we could see the real reasons we are left in the dark, heh, it might be like Halloween for those of us that are somehow "too old" for Halloween.

Disable "active x/scripts" seems like a good way to block it.
edit on 5-4-2012 by XL5 because: .



posted on Apr, 6 2012 @ 03:48 AM
link   
*sigh* Did anyone not bother to read my post?
edit on 6-4-2012 by TheProphetMark because: (no reason given)



posted on Apr, 6 2012 @ 04:58 AM
link   
reply to post by TheProphetMark
 


yaba. read your post. downloaded the zip file and stored it for a rainy day.

it seems that regards to the ios ipad and the like, apple have released a patch for the vunerability which they describe as malware/bot type hostage taker.

would be nice to hear from the posters as to whether this has addressed their problem.

regards fakedirt.



posted on Apr, 6 2012 @ 10:51 AM
link   
reply to post by TheProphetMark
 


your post is directly related to windows.... seems like people who most definately are not running windows are having the problems as well....


The utility supports . 32-bit operation systems: MS Windows XP SP2, MS Windows XP SP3, MS Windows Vista, MS Windows Vista SP1, MS Windows Vista SP2, MS Windows 7, MS Windows 7 SP1, Microsoft Windows Server 2003 R2 Standard / Enterprise SP2, Microsoft Windows Server 2003 Standard / Enterprise SP2, Microsoft Windows Server 2008 Standard / Enterprise SP2. and 64-bit operation systems: MS Windows XP SP2, MS Windows XP SP3, MS Windows Vista, MS Windows Vista SP1, MS Windows Vista SP2, MS Windows 7, MS Windows 7 SP1, Microsoft Windows Server 2008 Standard / Enterprise x64 Edition SP2, Microsoft Windows Server 2003 R2 Standard / Enterprise x64 Edition SP2, Microsoft Windows Server 2003 Standard / Enterprise x64 Edition SP2, Microsoft Windows Server 2008 R2 Standard / Enterprise x64 Edition SP0 or higher.



is this the gratification you are fishing for? Or is more required





new topics
top topics
 
15
<< 1    3  4 >>

log in

join