Looking for OS X/Linux/network infection help

Solved/Closed
Anonymous User - Jan 7, 2015 at 08:32 PM
smed_79 Posts 1288 Registration date Saturday September 20, 2008 Status Contributor Last seen March 16, 2017 - Jan 23, 2015 at 08:36 PM
Hello,

smed79 over in the EasyList forums sent me here for assistance. I do not know Kioskea's view regarding ad-blockers, so, if Kioskea is negative toward them, I will confine future posts strictly to this thread's title.

While testing Adblock Plus on Safari, I encountered a site, Newser.com, that displays some ads (mostly MacKeeper banners and AdSupply page-unders) through the adblocker. All adblockers in all browsers I've tested in all OS's I've tested and on all networks and machines I've tested, actually. That includes Firefox, Chrome, and Ubuntu Linux. For more detail please see the thread at: https://forums.lanik.us/viewtopic.php?f=62&t=20215&sid=4e50f8080f08ddccf88660c9cb0123a3

I followed smed79's and fanboy's advice for cleaning my machines, as well as the malware and adware removal guides over at thesafemac.com. I cannot find anything on my machines. Apparently, they do not see the ads that I do, nor similar ones, so, presumably, something is up with my systems, no matter how unlikely that may seem to me. (I've been at this computer thing, digging into them since 1984, so I thought I could figure something like this out. Apparently not.)

Without further input, I don't know what else to say, other than help! I've been dealing with this for more than 10 days now, and I feel I cannot trust my systems until I know what is (or isn't) going on. Can someone else, with known clean machines, at least check the newser.com site for what I describe over at the EasyList forums (above link) and see if the same thing occurs?

Thanks for any help,
Shawn


Related:

7 replies

Blocked Profile
Jan 7, 2015 at 08:44 PM
Hello Shawn,

the likeliness of your Mac being infected is very slim.

i've just visited the website on my Windows laptop and I too go an advert in the bottom right corner.

This is nothing to worry about. The cookies on your Mac will tell the site that you're on a Macbook and it will give you Mac related adverts to try and boost their sales.

Obviously, what you seem to be saying is that you're using Adblocker on several web browsers and it is still occuring - Am i correct?

And just to clarify - Are you trying to stop the advert from popping up?

Also, have you checked your applications to ensure you've got no adware programs installed?

I've tried this website in IE with no adblocker and i can tell you that there are A LOT of adverts on that website.


**UPDATE

I've been doing some testing and find that if you use Firefox and run the latest version of Adblocker Plus with YesScript and you blacklist newser.com, that annoying slide in advert does NOT appear.

https://addons.thunderbird.net/en-us/seamonkey/addon/yesscript/

If at first you don't succeed; call it version 1.0
0
Anonymous User
Jan 7, 2015 at 09:39 PM
Thanks for checking!

You are correct, whichever adblocking software I use in/with whichever browser, I still see the ads I referenced. I checked Newser without any adblocking, and, I agree, it is a mess! Prime example of the need for adblocking, not to mention questioning the quality of "news" on such a site.

I get similar page-unders and banners in a fresh download of Ubuntu Linux running on a flash drive with only Adblock Plus added on to Firefox. Safari in OS X, sans any non-Apple software installed in the OS, with only Adblock Plus added, does the same thing. I actively avoid any adware-based software and have been unable to find any malware or adware on my machines.

Though I find almost all ads as presented today extremely annoying (and a turnoff for me in regard to the sites pushing them and the companies advertising), mostly, I wanted to report them to the EasyList maintainers, so that they could consider updating their lists to include AdSupply ads that currently get through their lists. However, they seem insistent that it isn't the lists, but my machines being infected with something, instead.

I'll give your YesScript suggestion a try.

** UPDATE

YesCript in Firefox blocked the floating banner. For Safari users, JavaScript Blocker (similar to NoScript) works. At the moment, Adblock Plus still lets the floating banners through. Blocking javascript also works with the page-under windows on Newser.com, as is, Adblock Plus after updating the filters a few minutes ago. ABP is also blocking the page-unders in the AdSupply's demos on their corporate site. So it looks like they're getting the filters updated.
0
Anonymous User > Anonymous User
Jan 7, 2015 at 10:53 PM
*YesScript in Firefox...

*Too late to edit: I spoke too soon: using ABP without YesScript in Firefox or JavaScript Blocker in Safari, clearing browser website data brought the page-under windows back.
0
smed_79 Posts 1288 Registration date Saturday September 20, 2008 Status Contributor Last seen March 16, 2017
Jan 13, 2015 at 04:12 PM
I wanted to report them to the EasyList maintainers, so that they could consider updating their lists to include AdSupply ads that currently get through their lists. However, they seem insistent that it isn't the lists, but my machines being infected with something, instead. 


@nwahs

AdSupply ads is already blocked by ||adsupply.com^$third-party found on Easylist.

I told you I have no ads no floating banner ! how to explain ?

screenshot:

1: http://img110.xooimage.com/files/e/9/f/capture-d-cran---...22-08-48-4973bd5.png

2: http://img110.xooimage.com/files/6/8/5/capture-d-cran---...22-09-10-4973bde.png

3: http://img110.xooimage.com/files/0/d/7/capture-d-cran---...22-09-36-4973be5.png

4: http://img110.xooimage.com/files/e/e/5/capture-d-cran---...22-09-52-4973bed.png

?
0
Anonymous User > smed_79 Posts 1288 Registration date Saturday September 20, 2008 Status Contributor Last seen March 16, 2017
Jan 13, 2015 at 10:05 PM
0