chodson, I looked at programs that I installed that could have caused the problem. Did you install a program that was recommended by "Kim Komando" called WordWeb? I'm wondering if it has some type of adware?
I have not installed the program you mention above. I've had that mate1 one also. I have to assume that something has gotten into our browsers that is not yet being caught by the AV programs or adblock or Malwarebytes or Spybot types of programs. They open up mostly when clicking on the new tab (+) tab. These are not pop-ups (although once open they may contain pop-ups (the last one I got.. http://guaranteed-issue.com (DO NOT GO HERE) sends pop-ups when you try and x out the tab (do you really want to close this tab type of pop-up)), the new tab opens, but also a tab containing one of these things opens. I am in the midst of running a full Avast scan, which will take a long time, and if I see anything interesting in that report I'll post it.
Thanks for the update. I too have had the same webpage appear in a "popup tab".
According to Norton's Safe Web, this site (see report below) and all other sites that have poped up on my computer are "safe".
guaranteed-issue.com Summary Norton Safe Web found no issues with this site. o Computer Threats: 0 o Identity Threats: 0 o Annoyance factors: 0 Total threats on this site: 0 o Community Reviews: 0 add your review Anonymous (Sign In or Sign Up) user reviews (0)
I am concerned that when I installed WordWeb (which i have unstalled and still had one popup tab since rebooting), I might have given permission to such advertising...I'm usually careful not to allow such.
The point is not whether or not the site is considered "safe" by Norton (although any site that tosses pop-ups at you when you try and close it is not what I consider a safe site), but why are they popping up at all. I want to find what is using my opening of a new tab as a good reason to serve me an ad. Hiding the underlying trigger is sleazy at best. I am also quite careful of hidden adware and other tricks. I've been using Chrome for a few years, and this is a new one on me. Chrome is acting more like the old style porn sites that just kept opening window after window if you ended up on one of them....a behavior I happily thought had faded into history...
Full scan with Avast has just finished. Infected files found 0. This means no results now with Avast, Malwarebytes, Spybot, to name 3, and Adblock is running always. If this is acceptable behavior now for Chrome it's looking like time to give Firefox another go maybe...
The problem you described: "any site that tosses pop-ups at you when you try and close it...."
My problem seems to be different: unwanted advertisement webpage opens in a new tab. My problem only occurs one or two times a day. I can close the tab without any problem or without it "tossing pop-ups". So far, my problem is an aggervation, not a threat.
I like you would like you would like to find the trigger and agree that any site that that does this is sleezy.
FYI, Foxfire does not have this problem. I keep both open, so I can access 2 different emails that are yahoo based, even though one is att.net.
FYI, I tried to do a system restore to a point before my problem started..."could not restore to that point. Have you tried to do a system restore?
Not realizing it was not an isolated incident, it was a couple of weeks before I got annoyed enough to start trying to track it down, by which time I had no idea how far back to try and restore, so no, I have not done a system restore. Re the pop-ups, my behaviour is exactly the same as yours, with the same pages coming up..a few times a day, in a new tab. The pop up behavior I mentioned seems to be localized to that particular ad (guaranteed-issue), and is not how all of them respond to an x out. If google is serving them, their analytics need a tweek...I've been with the same auto insurance company for well over 20 years, and have not gone to any sites or talked about it in any emails, and in fact none of the sites served up seem to have any relevance to either my surfing habits or any recent conversations. Given that we are getting the same ads, my guess is that those url's may be hard coded into whatever is opening the tabs.
I just did some research on Cloudfront.net and found the following:
We are not alone.
CloudFront.net is not a web site. It is a redirect to Amazon CloudFront. Amazon CloudFront is a web service for content delivery. It integrates with other Amazon Web Services to give developers and businesses an easy way to distribute content to end users with low latency, high data transfer speeds, and no commitments. It is a pay-as-you-go service.
The solution as stated is: "**A little later.... I've looked at my cookies (Chrome/spanner/settings/show advanced settings/Content Settings/All Cookies and site data/) and searched for cloudfront.net and found three cookies from them, all of which I've deleted.
At the time they were accepted by Chrome I was viewing only Facebook. Amazon, Facebook, unwanted and intrusive ads, slyly installed?!? What gives?
Hopefully this is the last I'll see of these cloudfront.net ads."
I just searched my history and found 5 cookies from the cloudfront.net and deleted only those cookies. Hopefully that will fix the problem. I should know by the end of the day tomorrow.
I don't think this is it. I show no cloudfront cookies at all, and have not seen any, and I have been in that section of settings often over the past few days deleting cookies and adding some to blacklists. I am on Amazon frequently enough so that I would think I would see it, but no. What we may have here is some people looking around to find what is causing this and noticing that they have a cloudfront cookie...which may otherwise have gone on sitting there un-noticed. On the other hand...I am noticing that Facebook has come up a couple of times in conversation...and the possibility that they have snuck something onto my machine seems highly likely. Wouldn't be the first time they've added something to my account I have no desire to have...and I do generally have a facebook tab open. I think maybe I'll try keeping it closed when not actively viewing for a few days and see if that has any effect.
I am changing my mind, even though I find no cloudfront cookies by name. Here is my history from yesterday. I was in my gmail account and likely then clicked on the new tab tab or a link in a mail message....
Social Security Disability Benefits socialsecuritydisabilitybenefits.co
10:46 AM Social Security Disability Benefits socialsecuritydisabilitybenefits.co
since this is from history, read from bottom to top. First cloudfront, then kpm7.com (another Amazon ad server...are we seeing a pattern here?) then to the ad. Note it is for socialsecuritydisabilitybenefits.co not .gov or even .com . This is a site that is trying to get it's hands on a percentage of a SSD award by offering easily available free advice...in other words...like most of the ads coming through this method...probably not doing anything illegal, but sleezy at best. The forex ad that comes up is also for a product generally considered no better than a coin flip for buying/selling on forex markets. In other words, all of these ads are from sites that are using distortions at best, so no surprise to see them popping up using this stealth method. Most legitimate ad servers would have culled them out long ago.
It is looking like Amazon has some explaining to do. I am a Prime account member and regular customer for years, but I will be quite willing to switch to a Nook and another site for incidental purchases if this is the new Amazon business model. I expect to be served ads while browsing their site..I do not expect my work flow to be interrupted by unwanted crap sites.
blocking the cloudfront cookie in chrome did nothing. I have just blocked cloudfront.net at my router. This may make the difference, but I think we are not much closer to finding out which entity snuck this POS malware onto our systems in the first place. Looked up tutvp.com also, and I'm adding them to my routers block list on general principles.
This page is unavailable due to policy restrictions. Detected: "cloudfront.net" in the address.
So, that being either my block at the router or firewall I did not get the ad proper...but I did still get a new tab with that stuff on it instead...which still requires me to stop what I am doing and close it, so I am not gaining much benefit besides not having a bunch of cookies for dubious companies set also.
There are a couple of other threads about this also if you use the set of numbers in front as well as the .cloudfront.net address in your search, none of which have come to any conclusions yet...and a lot in german with the word "trojan" in them, but I haven't tried to translate them...all seemed to start around the same time, and at least on the english side, no one has discovered the vector. I think that first set of numbers should be the company name (were they not intentionally trying to hide it), and cloudfront merely the equivalent of the hosting servers. I can't really imagine Amazon risking so much of a backlash intentionally. I suspect someone has bought whatever service it is that cloudfront offers, and has twisted it to their own purposes..hence hiding the name behind a hash tag.