Anybody else getting annoying popups in Pprune email? About every second time I access it I get messages telling me my drive is full of errors and do I want to download their program, and no matter which option I take it starts downloading. One program is drivecleaner.com and I forget the other one but it's pretty well identical. Pprune email is the only site it happens on.

You have a simple trojan is all, I suggest you first scan your computer with your anitvirus software to clear it of all possible virus infections and try once more, if the problem still remains you will need a specific Malware remover.
One I have used for many years now with great effect is Spybot Search and Destroy, available free here.

http://www.spybot.info/en/download/index.html.

Works well out of the box, update before scanning to make sure you have the latest detection rules.

Spybot has a number of other useful features that help protect you from this sort of problem. Well worth ten minutes downloading and setting it up.

I don't think that's the case, but I may be wrong. This has happened on three different computers, including my work account. Do trojans not attack individual or network computers rather than an address? I have used Spybot for several years on my PC's, but as far as I am aware they don't make a version for Mac. :hmm:

The only one I know off hand for the MAC O/S is ITEGO VIRUS BARRIER. It's also known that there are few direct trojan's out and about that affect Mac's though there are some around that affect them via documents though not seriously, probably because Mac's are not as numerous as PC's so not worth attacking heavily.
I don't know what browser you might be using but i,d have a quick look at it's home page setting and also that the option, 'Enable Third Party Browser Extentions' is set too disabled, though if it's already in the systems this will only stop new browser attachments gaining a foothold.

By the way, what is the POP-UP you keep getting, i.e. what is it advertising.

If you get it only on PPRuNe e-mail and nowhere else, and on three separate virus-protected computers, it sounds like a pop-up on the site. What's the URL of where you get it?

I've never seen it, but I'm using Firefox with the add-on pop-up blockers, and I don't see the ads on this site, either. I'll take a look with Firefox, and with the Internet Explorer I keep for checking stuff like this.

As I posted initially, one of the sites is drivecleaner.com. I have updated and cleaned my PC with SpyBot which found several problems. Whether that has fixed the problem there time will tell. I am now on my Mac and just signed into Pprune email and the other popup came up, url is http://www.systemdoctor.com/download/2006/index.php?ax=1&ex=1&mpt=[CACHEBUSTER]&aid=elserich_rdt&lid=mplx4. (Hmm, I see after posting part of that doesn't come up as html...cachebuster? sounds suspicious.)

The two formats are pretty well identical; warning, you are infected, you need blahblah, we will now check your system, and until you click OK there is no way of getting rid of it.

It doesn't happen every time, but it only ever happens on the Pprune email page.

Oh, I see, you wanted the url of the site where I get my email, Keef? It's http://pprune.mail.everyone.net/email/scripts/loginuser.pl

Now I'm racking my brain to remember whether I did actually get this popup on my work computer network and to be honest I can't be 100% sure. But my home PC's and Macs are all networked wirelessly.

I was going to post the same subject at the weekend. Only on PPRuNe email, same pop-ups. And I'm using Linux!

If I click the pop-up to cancel, the whole email page crashes out and I have to log in again. It usually happens three times before the page stabilises and I can read email.

Using Linux, I can't download and run a Windows executable. For me it's a problem in PPRuNe.

Well, that's a relief that I'm not the only one.

I also seem to be having an incredible run of luck at being the millionth visitor to various sites I've never heard of, and all these people want to give me a FREE* computer. My stars must be aligned perfectly.
Now clearly nobody else could be the millionth visitor to the same sites so I know for sure I'm the only one getting these messages on the Pprune email site, but I just thought I'd rub it in to all you others who aren't as lucky. :hmm:

Oh frabjous day!

You are simply not going to believe this, but I've now also been selected to receive a FREE* plasma TV! Oh my gard!!!!! The odds against this must be simply overwhelming. I feel so blessed, at last my life is turning around.

I haven't used my PPRuNe e-mail much, but that site recognised me and logged me in. No problems, and no apparent pop-ups.

However... all the pages had, somewhere on them in large print, the message 404 Not Found so I reckon the Adblock add-in to my Firefox (or one of the other protection devices) is doing its job.

If you're using Firefox, click on Tools - Add-Ons - Extensions - Get Extensions and look for Adblock. It's excellent.

While you're there, I'm also impressed with NoScript - which prevents Java being stuffed onto your machine. You can enable sites you trust, and block those you don't. A useful protection indeed. That might be what's blocking whatever is 404 Not Found.

I also use SpoofStick,which displays the name of the site you're really connected to (even if it's spoofing what shows in the URL window). Once, I thought I was on eBay, it told me I was on something entirely different ;)

Keef,

Using IE6 I get a variety of errors - 404, red cross, page cannot be found - plus some "ads", including all those mentioned in the thread, of which the most "virulent" is the CACHEBUSTER mentioned above.

I suspect that each time the page is hit, a random ad is inserted. Some of these no longer connect to the source, hence the errors. You can cycle through by using shift + refresh.

I will mention it to the powers that be - this doesn't fit well with the "spam-free" claim in the bullets above the ad!

SD

Thanks SD, let us know how you get on. First time I've heard of one of these things infecting a Linux or Mac. Jeez, if this keeps up I'll have to think about putting an anti-virus program on!

Spybot didn't remove it from my PC either.

Binos, there is no question of "infecting" as such - your browser is capable of rendering the HTML in the ad plus whatever "active" content is included using plug-ins like flashplayer, or javascript etc.

SD

Thanks, SD. I'll be interested in the outcome. I was a bit alarmed when I saw, in the HTML, the expression "pprune.biz". My experience with .biz domains has been consistently awful.

Binos: I would strongly recommend installing the Firefox Adblock and Noscript. Easy to do, and they do what it says.

Binos,

I was getting a login pop-up window for "mygulfair" a few days, which seemed to sort itself out after I posted about it on Pprune. No-one else seemed to have the problem.

Do you have "Block Pop-up Windows" selected on the Mac: Apple-K ? Don't put an antivirus program on your Mac, whatever you do. It's probably just an annoying, but persistent bit of Javascript.

Applemacster

I suspect that this is part of the mail provider pprune uses.

Am I right in thinking that it's 'powered by everyone.net'?

I have another mail account using this service and suffer the same problems as Binos but only on my home machine (WinXP), work (WinXPPro + Linux firewall) and my old 'number 2' (Win98 - believe it or not) are free from it.

When I get back I'll have a go at investigation a bit more.


VnV

Tested the work computer again today and the same thing definitely happens there, so it's not limited to my home network. Is it a coincidence that my work email address has started receiving 30-40 spam emails a day when it has had none for five years?

Macster: Apple-K does nothing on my mac. :confused:

Keef: I'll give the Firefox Adblcok a try and see if it makes any difference.

thanks all.

Binos,

Apologies, I was in shortcut mode. Apple-K toggles the "Block Up Pop-up Windows" option on the Safari menu. It didn't help for the issue I had, but it might be worth checking.

Applemacster