Has the site been hacked or is it my computer?
I am getting popups when placing the cursor over some underlined words

eg Chat in the dark blue bar of General Astronomy heading on the forum pages

the reason why i ask is that yesterday I went to a suspect site, even though Mozilla said DONT, and some software loaded..i think I got rid of it all as everthing else was ok yesterday and last night. and is ok at other forums.
the popups only happens at iceinspace...this morning anyway:question:

I would say you still have nasties just saying you went to a suspect site tells me it is still infected and I am having no probs with IIS:thumbsup:
Hope you can get rid of it. Try spy bot search and destroy and malware bytes use the free versions of both and I would find a root kit finder too.

It almost certainly won't be limited to IIS.

And there's a fair chance your a/v and spyware remover won't find it - as it's may not actually be malware. It came aboard, invited, when you did 'something', like download a toolbar or program.

It sounds like ads' pop up when you hover over certain (now) highlighted words. If you're on Xp, go to 'tools' and 'add-ons' and see if there's something called 'incredibar' - that's a common cause of these attacks. Basically, disable ALL the add-ons and re-boot. If the problem has gone, add them back one at a time. If you're on another o/s, get to where add-ons are listed similar to what I've described above.

Let us know how it goes :thumbsup:

yep...my computer
and no it wasnt a porn site I visited...lol..i was after a pdf book file but a program called called e-type was installed...I thought I had got rid of it

I tried a restore and that went thru the motions etc ..but when it was supposed to be finished it said it could not restore.

booted into safe mode...run kaspersky while I was also deleting program called e-type and another called abc ( i think it was)
anyway kaspersky didnt find anything..(cos I deleted them?)
ran registry cleaner while in safe mode also...also ran another registry cleaner..which cleaned up what the other couldnt
did a restore to previous date and that worked...
appears that I might have got rid of it...no popups............................. . at the moment

If it's this then good luck, it is a real PitA and can be incredibly difficult to remove.
I'm still not convinced it's as mundane as people seem to think it is, time will tell I guess.

:mad2: yea it sux dont it !!! , hope you get it sorted .
Brian.

Well Eskimo, there's a lesson learned the hard way.
If Mozilla has detected a site with malicious content and warns you about continuing then hit the 'Back button'.
Electing to ignore the warning will always have this destructive result :bashcomp:
Hope you purge it okay

your right Colin...hit the back button....but when you think you have good antvirus protection and al that you say..it'll be ok.....my anitvirus will pick it up and get rid of it.....wouldnt you say that?...well I did...and was wrong..hahaha
glad it wasnt a bad nasty one tho....everything is going well:thumbsup:

Mozilla does stop some legit web sites tho!

I'm going through exactly the same thing. :mad2:
I had a thread running here (http://www.iceinspace.com.au/forum/showthread.php?t=93296)

Except for now after a couple of months, it's worked it's thru to you-tube and occasionally facebook- it seems to know the sites I'm using most. Nowhere else do I have a problem. But it's really bad on IIS, I cannot click anything without being bombarded with pop up windows. Suffice to say, my visits here have decreased recently, just too annoying.:sadeyes:
Yet to get around to sorting it out- not being computer savvy doesn't help.

Zuzy
for your info I run Kaspersky antivirus, and quite pleased with it

Do a search on google on how to remove Ad Server...just did a google and there are even youtube clips on how to remove.....just remember that if you have it..eg are infected...you probably have a few thousand in front of you and those geeks generally have a way or know of a way on how to remove such nasties...in my case I have been very clean for eons..well months anyway, and it should have clicked straight away when pop ups began to occur, especially after it was the kidsss....err i mean my fault...I usually do when I know the kids have been playing with my computer

and /or also startup (bootup) in Safe Mode...hit the F8 key when you boot up...do complete scan in safe mode...doing this stops most trojans and virus'es from loading and which allows removal

Hi,

Apart from the AV scan or malware scan, I'd suggest the following

- Disable any unknown add-ons in Firefox and other browsers.
In Firefox, go to tools -> Add-ons.

- Check add/remove programs
Go through Add-Remove programs, go through the list to look at anything you haven't installed on don't want, like toolbars or add-ons. just uninstall them.

- Check processes running
Look at the processes running and see if you can spot any strangely named processes.
For windows xp, click on start->run type msinfo32
for windows 7, its described here
http://www.techrepublic.com/blog/window-on-windows/identify-and-get-detailed-information-about-processes-in-windows-7/3340
or you could download process monitor from microsoft
http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

- Check startup programs
Look your registry hive for programs that are loaded on startup or if you're not familiar with registry editor,
in windows 7 or windows xp, type msconfig in start, run. Click on the startup tab.
that'll show you which programs are marked to load on system startup.
this is where usual malware or unauthorized software create entries so they run in memory. Disable the ones that don't look legitimate.

This may not list all programs, so open the Hive
HKEY_LOCAL_MACHINE\SOFTWARE|Microso ft\Windows\CurrentVersion\Run
look at the programs listed on the right. if something doesn't look legitimate, highlight it and delete.
but use the registry editor with caution. If you're not familiar with it, don't use it.

you can also install windows defender which is free from microsoft to work with your anti-virus software,
make sure the windows firewall is turned on for all your wireless or lan connections,
or use system restore to restore the system to the state before when you went to those websites.

they all look strange:shrug:....best to write down and check out on google first is what I do

It is a bit hard to discern if you're not too familiar, but the legitimate ones usually have one or to characters relevant to the program.
eg.
Java - javaw.exe
firefox - firefox.exe
Mcafee - mcshield.exe
VNC - winvnc.exe
and so on.

do you use windows 7 or windows xp?
if windows 7, use the method described here and sort by program location.
that will give you an idea of what the program is.

start with add/remove programs first and then go through the above.
Else use system restore to go back to how it was just before you went to the website.
All software installs will invoke a system restore point, so you may or may not have a restore point.
don't go back too far though. you might have to re-install anything installed after that.

I think what you have is called Vibrant In-Text advertising.
just go through the add-ons and extensions in firefox and disable unwanted ones.
http://support.mozilla.org/en-US/questions/879920
http://forums.mozillazine.org/viewtopic.php?t=564572

or install the Adblock add-on
https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/

do a google search for
"disable vibrant advertising firefox"

Thanks Alister....I am clean now...everthing is OK.

it was just that I didnt think it was my fault at first..it never is I'm perfect

but no it was me...

restore was not available to me after I was infected..ETYPE it was called.
it allowed me to go thru the motions but when supposedly finished it said it could not do the restore...and the last really bad virus my kids downloaded greyed out restore

anyway I stated in safe mode...deleted the software did a scan cleaned registry with two different cleaners and rebooted ..all ok