The Straight Dope

Go Back   Straight Dope Message Board > Main > In My Humble Opinion (IMHO)

Reply
 
Thread Tools Display Modes
  #1  
Old 12-08-2012, 03:06 PM
half-elf half-elf is offline
Guest
 
Join Date: Dec 2008
possible malware/ adware?

hi dopers,
delurking to hopefully avail myself of your wisdom because this thing is driving me crazy...
Certain words appear to be hyperlinked and when I mouse over them a pop up appears advertizing something or telling me that I won a prize (mainly iphone/ apple or diet related). I already emailed TubaDiva (hi TubaDiva & thanks for the advice!) so I know it's not an SDMB problem. Running AVG and Malwarebytes didn't help. Now I didn't think to read the content of the pop ups carefully till half an hour or so ago, but the couple I came across since appear to be from a site named prize give away club dot com (obviously, no blanks between words). Googling the words doesn't turn up anything useful besides one single unanswered as of yet forum question from somebody located (suprisingly) in my own small country.
So - anybody heard of this cursed adware entity? Any advice would be muchly appreciated.

ETA - I probably should have put this in GQ

Last edited by half-elf; 12-08-2012 at 03:07 PM.. Reason: wrong forum
Reply With Quote
Advertisements  
  #2  
Old 12-08-2012, 03:28 PM
Quartz Quartz is offline
Charter Member
 
Join Date: Jan 2003
Location: Home of the haggis
Posts: 19,835
Got any toolbars, browser speed ups, or the like installed? Get rid of them.
Reply With Quote
  #3  
Old 12-08-2012, 03:36 PM
Czarcasm Czarcasm is online now
Charter Member
Charter Member
 
Join Date: Apr 1999
Location: Beervania
Posts: 38,440
Quote:
Originally Posted by Quartz View Post
Got any toolbars, browser speed ups, or the like installed? Get rid of them.
The word "toolbars" in your post was a mouseover for free samples from something called "Bsaving". Should this happen if I'm signed on a member?

edited to add: and the phrase ""free sample" in this post was another mouseover!

Last edited by Czarcasm; 12-08-2012 at 03:38 PM..
Reply With Quote
  #4  
Old 12-08-2012, 04:13 PM
TubaDiva TubaDiva is offline
Accept no substitutes
Moderator
 
Join Date: Mar 1999
Location: In the land of OO-bla-dee
Posts: 10,087
If you see this sort of thing on the board, you have picked up a bug.

It's not anything being generated by or initiated from The Straight Dope or from Sun-Times media.

I really like AVG -- there's a free version -- http://www.avg.com

I'm sorry you're having this mess happening. Ain't none of us.
Reply With Quote
  #5  
Old 12-08-2012, 04:17 PM
Czarcasm Czarcasm is online now
Charter Member
Charter Member
 
Join Date: Apr 1999
Location: Beervania
Posts: 38,440
Quote:
Originally Posted by TubaDiva View Post
If you see this sort of thing on the board, you have picked up a bug.

It's not anything being generated by or initiated from The Straight Dope or from Sun-Times media.

I really like AVG -- there's a free version -- http://www.avg.com

I'm sorry you're having this mess happening. Ain't none of us.
It looks like you are right-my previous post was from the food bank, but it's not happening here at home. I'll clean their system when I do my shift tomorrow.
Reply With Quote
  #6  
Old 12-08-2012, 04:21 PM
half-elf half-elf is offline
Guest
 
Join Date: Dec 2008
he he... on first viewing, the word "free" in Czarcasm's post gave a mouseover, and when I reloaded the page, I get a mouseover on the word "browser" - the quote, not the original word by Quartz .
Now, I paid more attention to those damn mouseover pop ups and found they were linked to something called coupon drop down, which upon further Googling, is apparently connected to an add-on called Yontoo (I don't know how that got installed). Following instructions on the Malwarebytes forum I installed and ran a programm called Super Anti Spyware which - to my dismay - found and removed around 150 threats, including the Yontoo add-on. (I also manually removed the add-on from Firefox). I then restarted my laptop.
I triumphantly returned to this thread, read the replies by Quartz and Czarcasm, and .... as I just mentioned I am still getting the pop ups.

Off to investigate the suggestions by Quartz.
Thanks guys!
Reply With Quote
  #7  
Old 12-08-2012, 04:25 PM
half-elf half-elf is offline
Guest
 
Join Date: Dec 2008
Quote:
Originally Posted by Quartz View Post
Got any toolbars, browser speed ups, or the like installed? Get rid of them.
How do I go about finding browser speed ups?
Reply With Quote
  #8  
Old 12-08-2012, 05:34 PM
twickster twickster is offline
Illudium Q-36 Explosive Space
Moderator
 
Join Date: Aug 2002
Location: Philadelphia
Posts: 38,050
Since this isn't about the SDMB, I'll move this from ATMB to IMHO, home of advice and diagnostics.
Reply With Quote
  #9  
Old 12-08-2012, 05:45 PM
half-elf half-elf is offline
Guest
 
Join Date: Dec 2008
Thankee kindly.
I'm running out of ideas, so any advice would be appreciated!
Reply With Quote
  #10  
Old 12-08-2012, 10:36 PM
gotpasswords gotpasswords is offline
Charter Member
 
Join Date: Mar 1999
Location: Charlotte
Posts: 14,468
Sounds like running Malwarebytes is in order.
Reply With Quote
  #11  
Old 12-09-2012, 03:48 AM
half-elf half-elf is offline
Guest
 
Join Date: Dec 2008
Quote:
Originally Posted by gotpasswords View Post
Sounds like running Malwarebytes is in order.
Oh, yes - I ran it several times to no avail.
Anyway, I did a Firefox reset (and promptly reinstalled Adblock) and it seems to have gone away.
I am now furiously scooting around threads and mousing over all the links I find to see if they are real links or ... that thing.
So far, so good.
Reply With Quote
  #12  
Old 12-09-2012, 04:29 PM
Czarcasm Czarcasm is online now
Charter Member
Charter Member
 
Join Date: Apr 1999
Location: Beervania
Posts: 38,440
Quote:
Originally Posted by half-elf View Post
Oh, yes - I ran it several times to no avail.
Anyway, I did a Firefox reset (and promptly reinstalled Adblock) and it seems to have gone away.
I am now furiously scooting around threads and mousing over all the links I find to see if they are real links or ... that thing.
So far, so good.
This page should be what you are looking for.
Reply With Quote
  #13  
Old 12-10-2012, 08:54 AM
Mama Zappa Mama Zappa is offline
Charter Member
 
Join Date: Feb 2003
Posts: 9,749
Quote:
Originally Posted by gotpasswords View Post
Sounds like running Malwarebytes is in order.
I can't speak to Malwarebytes' general effectiveness but there are definitely false negatives with that one; we had a rootkit on our home computer about 18 months ago and it picked up nothing.

If the OP (and ChefGuy) can't make the things go away any other way, it may be worth a visit to one of several tech support boards where volunteers will help you debug your computer.
Reply With Quote
  #14  
Old 12-10-2012, 11:27 AM
drachillix drachillix is offline
Guest
 
Join Date: Jun 2000
Items of this variety are usually browser modifications.

Programs like Hijackthis will spit out a log of all the details but it will take someone who knows how to read them to know what to do with them.

The forums at bleepingcomputer and computerhope are both excellent for this sort of thing.
Reply With Quote
  #15  
Old 12-11-2012, 01:46 PM
half-elf half-elf is offline
Guest
 
Join Date: Dec 2008
Just bumping this to thank everybody for their advice.
As mentioned earlier, I fixed this by removing Yontoo from my Firefox add-ins (also had to go to Add/remove programs in the Control Panel and do an uninstall). In the process I discovered a Malwarebytes type program called SuperAntiSpyware which actually seems to be more efficient than Malwarebytes to remove all residual
threats. What finally fixed it was doing a Firefox reset. Have had no trouble since and I can now go back to being a lurker (though I am tempted to start responding to some threads... who knows?!?)
Thanks you guys!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 10:45 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.

Send questions for Cecil Adams to: cecil@chicagoreader.com

Send comments about this website to: webmaster@straightdope.com

Terms of Use / Privacy Policy

Advertise on the Straight Dope!
(Your direct line to thousands of the smartest, hippest people on the planet, plus a few total dipsticks.)

Publishers - interested in subscribing to the Straight Dope?
Write to: sdsubscriptions@chicagoreader.com.

Copyright 2013 Sun-Times Media, LLC.