ARrrggh! Have any of you met that super annoying ad that takes over your browser - even firefox on Mac - and hides all the windows while showing a very serious looking alert that reads:
https://www.systemdoctor.com
NOTICE: If your computer has errors in the registry database or file system, it could cause unpredictable or erratic behaviour, freezes and crashes. Fixing these errors can increase your computer's performance and prevent data loss. Would you like to install SystemDoctor to check your computer for free? (Recommended)
CANCEL / OK
The next panel/window appears after clicking either cancel or OK - and tries to freak you out even more, just in case that temporary "hide" of all your browser windows didn't get your attention:
https://www.systemdoctor.com
NOTICE: You have not completed the errors scan. If your computer has errors in file system or Windows registry, it could cause unpredictable or erratic PC behavior, freezes, crashes and loss of data.
You need to install SystemDoctor to scan for, and if found, fix system errors now (Recommended)?
CANCEL / OK
Finally, your browser will hop over to https://www.systemdoctor.com/download/2006/
index.php?aid=edgerest_ed2&lid=keyin&ex=1&p=19&ax=1 while displaying this text:
https://www.systemdoctor.com
SystemDoctor will scan your system for errors now.
Please select "RUN" or "OPEN" when prompted to start the installation.
This file has been digitally signed and indepenently certified as 100% free of viruses, adware and spyware.
OK
Once there you can leave, not install anything and remember to never buy any crap called system doctor in your life. However, some browsers will start an automatic download anyway - throw that crap away! And if you can, change your preferences/settings so that you have to approve each and every download from the web, it's safer that way.
System Doctor brags that it is 100% adware and spyware free, but is classified as adware. McAfee has gone all the way with this thing and shows what happens once it is installed - yeah, it'll ask you for your creditcard details. Yuck.
Meanwhile, if you have Firefox and adblock the advertising host of this ugly ad is adbrite, so in adblock you should block *.adbrite.com/* to ensure never having to go throough this sneaky javascript alert and redirect again. If you happen to be a webmaster who uses adbrite for your ads, consider checking that you never show this one since it'll prevent your visitors from seeing your site and that's probably not what you wanted when you signed up for some extra cash.
Update August 18 2007 Hacking web banner networks sends banner ads from hated to feared
Adland® is a commercial-laden heaven and hell for advertising addicts around the world.
This advertising publication was founded in 1996, built on beer and bravery, Adland® now boasts the largest super bowl commercials collection in the world.
Adland® survives on your donations alone. You can help us out by buying us a Ko-Fi. Adland® works best in Brave browser
Thank you for postng this, I've seen that thing and it was not pleasant. Adblock installed now.
- reply
PermalinkWhat are those applications in your dock? Second and third, right from VLC Media Player. I'm curious. :)
- reply
PermalinkThe black square is terminal (you can see it, the green text on black in the background is my terminal, unless that particular window happens to be iTerm. Yeah, I use a lot of terminal programs. I like bare bones.) Bluetooth file exchange - when I'm not fetching my own images from my phone I try and see if I can pick up my neighbours. I can surprisingly often.
- reply
PermalinkI recognized Terminal. :) Bluetooth I didn't know. What's the crate to the right of Bluetooth?
Did you visit a webpage and this "system doctor" ad hijacked your Firefox browser? Is that what happened? If so, that's nasty!
I pasted the link you provided into my browsers, but I just got the annoying "warning" windows. I use Camino, Safari, and Opera browsers. Camino let all the windows open. Safari only allowed one window to open. Opera wouldn't load the page. There was no take over of any of my browsers.
- reply
PermalinkYeah, I'm not sure I managed to capture the right link - it moves fast! It's a basic javascript that hides all windows, followed by a quick re-direct and more javascripting that throws those scary pop-up alerts all over the place. Really, it's more fraud than ad.
It didn't do the close-thing on my Safari either, just the second and third 'warning', so I probably captured the wrong link (as in, the second link after the first "hijack"), but I only had two links to choose from in my history list, so...
The crate is betterzip. Though I don't know if it's that much better really. ;)
- reply
PermalinkSystem doctor seem good, I always use spyware doctor, it is an adware and spyware removal utility that detects and cleans, work fine for me, enjoy.
- reply
PermalinkSystem Doctor is Malware - I can not make it any clearer than that.
- reply
PermalinkOhoy, seems Discdoctor isn't the only one to figure out this trick, I've now spotted a few other variations on several websites - all which have in common running bright blinking banner ads but I'm not sure if they are all from the same adserver. I've spotted adbrite and blogads on the pages where it happened and I thought it might be one of them (adbrite like I said in the post)..... But then it happened again, and the last time it popped up for me was when I was checking out De Düva: The Dove (1968) on the respectable site IMDB. For the life of me I can't figure out what ad server they are using as it seems rather random. Here's what it looked like - the same dealio with shrinking the web browser to nothing and then telling you to install something goes on. It's really really annoying.
- reply
Permalinkps, more posts about these nasty banner ads:
Shameful marketing by DriveCleaner at Hackersblog - they suspect Clickz ad banner network for hosting the ad.
The Register: "MSN punts 'scareware' - Rogue banner ads pulled"
Spyware installer hides in Messenger ad banner (kinda weird way of describing it but okay)
- reply
Permalink*sigh* I just got that Drivecleaner "ad" again when trying to read the Adland keeps getting the blame. It's time the finger-waggers ... article at Findarticles.
- reply
PermalinkI can't replicate you results, Dabitch. No sign of that Drivecleaner "ad" anywhere.
- reply
PermalinkIt doesn't pop up every time, just once-in-a-while.
- reply
PermalinkI see. It's sneaky and annoying.
- reply
Permalink