How do you avoid the fake AV popups?

Discussion in 'other anti-virus software' started by Defcon, Jan 16, 2012.

Thread Status:
Not open for further replies.
  1. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    My dad keeps getting them on his laptop, he has had a variety of AV software such as Norton/Trend Micro/MSE none of which seem to help. He only uses Firefox, everything is updated.

    (Unfortunately I cannot turn on NoScript as a lot of sites would be affected, I can't expect him to find out why a site doesn't work and whitelist it.)

    I've told him to ignore these popups and told him to never hit cancel but always close it with the 'x' but old habits die hard, and some of these damn popups even disable that and can only be dismissed by closing the website.

    What is an effective webpage filter to avoid these?
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Adblock Plus for Firefox should take care of that. Much less invasive than NoScript but it should get rid of those ads/ popups.
     
  3. nikanthpromod

    nikanthpromod Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    1,369
    Location:
    India
    only MBAM ip blocker :thumb:
     
  4. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Move to sanboxing the web browser....

    You can use sandboxie or kaspersky IS or ZA Extreme. All of these security tools can sandbox the browser and then isolate infections and make the task of cleaning "novice proof".

    Just trial them before and choose the one you dad like most. :D
     
  5. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    As this guys pointed out maybe some sort of ip/website filter, MBAM IP Blocker or EAM or many of the other options.
     
  6. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    Adblock Plus + Sandboxie. :thumb:
     
  7. id8

    id8 Registered Member

    Joined:
    Dec 22, 2011
    Posts:
    26
    Location:
    .jp
    Tab Mix Plus have a option to force opening pop-ups as tab.
    But like HungryMan suggests, AdBlock should take care of it.
    It's more dependable, and silent solution.

    Other tools I can think of are Privoxy and BFilter.
     
  8. Persian Boy

    Persian Boy Registered Member

    Joined:
    Sep 1, 2007
    Posts:
    44
    other solutions:

    Install CIS, set it on automatic, Set Execution setting in D+ to Untrusted or block and uncheck "Automatically detect installers/updaters and ...".

    then install Panda Security toolbar, after installing remove toolbar(uninstall) and leave panda url filter to do it's job.

    You will be fine :D
     
  9. gugarci

    gugarci Registered Member

    Joined:
    Mar 30, 2009
    Posts:
    288
    Location:
    Jersey
    Never close with the "X"! Use the task manger only to close all suspicious windows and pop ups.
     
  10. axial

    axial Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    477
    To amplify on @gugarci's warning slightly, malware can use almost "any" mouse click you make in order to do its dirty work, including any "X" or "close" in the corner of the popup windows.

    In years gone by it was common wisdom to use the "X" but not any more.

    While not an ideal response, I plead with friends just to hit the computer Off or Reset button if they see any suspicious window or popup.
     
  11. RedDawn

    RedDawn Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    125
    Location:
    Ireland
    Defcon,

    Add Search Engine Security to Firefox.

    -https://addons.mozilla.org/en-US/firefox/addon/search-engine-security/?src=userprofile

     
  12. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    Thanks for all the replies, I forgot to mention AdBlock was already installed but I learnt of some new filters for it.

    w.r.t things like Sandox IE, some kind of HIPS, CIS etc I am a bit hesitant because this is for a laptop I will have no access to, not even remote, and so anything that equires technical know how (like prompts in these products) will be a problem. e.g. on my pc's I run AdMuncher and it is great, but every once in a while I will find a site it doesn't work on, and its not obvious something has failed.

    About MBAM IP blocker - is it not the same concept as an updated hosts file which blocks the bad domains?
     
  13. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    You can set and forget with sandboxes so that everytime the web temp files or whatever been created is cleaned on closing. Novice proof with no iteractions needed. The same should apply with software like DefenseWall. ;)
     
  14. Montmorency

    Montmorency Registered Member

    Joined:
    Oct 9, 2011
    Posts:
    181
  15. loquitur

    loquitur Registered Member

    Joined:
    Jan 13, 2012
    Posts:
    13
    To be honest I'm surprised that they're getting through because Adblock should be catching them. Are you sure the system isn't already infected with something because random and unexplained pop-ups can be a hallmark of an infection. I would do a full scan using a reputable AV, another one with Malwarebytes Anti-malware Free and then a final one with Hitman Pro (which is free).

    You could use the MVPS hosts file (search for it online) which is very much an install and forget option.

    You should also setup Norton DNS on your Dad's PC and this will good a long way towards blocking the sites distributing the malware - even if your Dad clicks on a link Norton DNS will probably block the site.

    Finally, just to be extra safe, you could install PeerBlock and add the advertising, spying and exploit filters to it (and set it up to update on startup).

    I note also that you have listed several pieces of anti-virus software when described your Dad's setup - you should really only be using on. Out of the three you have listed Norton is undoubtably the best. It's a pay-for option though so you might want to go with a good free one to ensure that the cover doesn't lapse - perhaps AVG?

    I would avoid a HIPS.
     
  16. id8

    id8 Registered Member

    Joined:
    Dec 22, 2011
    Posts:
    26
    Location:
    .jp
    While I recommended some stuff in this thread, I thought Firefox's own pop-up blocking function was able to stop them.
    Can those fake AV pop-ups pass the built-in pop-up blocker?
     
  17. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,388
    Location:
    Lancashire
    this

    i have yet to see a popup of any kind since i started using adblock for firefox more than a year ago
     
  18. nikanthpromod

    nikanthpromod Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    1,369
    Location:
    India
    from MBAM forum
    MBAM is very effective:isay:
     
  19. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    Installed today - Norton DNS, TrafficLight, AdBlock+ addons, Fanboy lists, and Mvps hosts via HostsXpert.

    My dad is visiting for next week so I have a chance to setup his laptop. I'm thinking of reinstalling Windows as well. So I also need to decide on the final AV right now its MSE 2, but maybe I should buy NIS 2012?
     
  20. Yanick

    Yanick Registered Member

    Joined:
    May 3, 2011
    Posts:
    269
    Try BufferZone Pro? It's like Sandboxie except it only has one ''sandbox'' as sandboxie has several (or as many as you want). Bufferzone has some sort of firewall embedded inside it. Not sure how well it works.
     
  21. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
    Might consider adding Malware domain filter list to AdBlock+.

    -http://malwaredomains.lanik.us/malwaredomains_full.txt
     
  22. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    Thanks, added.
     
  23. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA

    This is pretty interesting.

    Can these be put in WinPatrol somehow?

    Does Malwarebytes Pro have this list in their blocked sites?


    -FTP
     
  24. loquitur

    loquitur Registered Member

    Joined:
    Jan 13, 2012
    Posts:
    13
    Just use the MVPS hosts file and you'll have the same protection across your whole system.
     
  25. Mayrussell

    Mayrussell Registered Member

    Joined:
    Mar 15, 2010
    Posts:
    2
    These solutions seem great for individual workstations!

    But does anyone know of what is the best way to apply this across 20 or so workstations? Norton's DNS?
     
Loading...
Thread Status:
Not open for further replies.