InformAction Forums

I'm beginning to see page redirects to adrotator.se
Many are caught but adrotator is persistent.
When not caught I find nag/warning pop-under windows.
I've scanned my registry, run Malwarebytes and MS Security essentials.
I'd appreciate any feedback on adrotator and your suggustion at blocking it.
Win 7, Version 6.1.7601 SP 1 Build 7601
Firefox 30.0

What's on your NoScript whitelist?

need more details
example URL that is redirecting?
anything weird in your extensions list (check both about:addons & about:support)?

Nothing unusual in the NoScript white list.
I'm not finding anything that sticks out in About:adons or about:support.
What I'm getting are pop under windows with either porn or PC warnings. As they pop under they are a separate instance of Firefox (not a new tab) that I won't see unless /until I close or minimize my main window.
Thanks for your thoughts, keep them coming

Do you know what site you're going to that is spawning these pop-unders?

If it is not triggered by any specific site try scanning your system with something like AdwCleaner.

I don't know what sites My browser is being redirected to but suspect (as the name suggests) they are random rotating ads that offer pay for click (or redirect).
I did download and run ADWcleaner which found a number of issues and registry entries. Thanks for the tip.
These pop-unders aren't a big deal but I would like very much to stop my browser from being hijacked.
Thanks for your ongoing assistance.

> Many are caught

How? By what?

> I'm beginning to see page redirects to adrotator.se

Any particular URLs that open these redirects / pop-unders?
(They're not necessarily the same.)

The most recient redirect pop-under is as follows
web Address: http://0427d7.se/?placement=289748&redirect
Page body: http://0427d7.se/
http://adrotator.se/?redirect&placement=289748&

Maybe I'm not following, but on what page were you on, what actions did you take, that led to these pages opening up?

In Firefox, I still consistently get pop under windows. The NoScript blocks them but I still have several open instances of Firefox (not tabs) open in the background.
an example of the link displayed is:
http://0427d7.se/
http://9cc85d.se/?redirect&placement=289748&
I'd like to know how to stop these extra pages from loading.
Thanks

solus2sail wrote:I'm beginning to see page redirects to adrotator.se
Many are caught but adrotator is persistent.
When not caught I find nag/warning pop-under windows.
I've scanned my registry, run Malwarebytes and MS Security essentials.
I'd appreciate any feedback on adrotator and your suggustion at blocking it.
Win 7, Version 6.1.7601 SP 1 Build 7601
Firefox 30.0

This doesn't sound like a NoScript issue, since you said that NoScript is successfully blocking the ad sites.

Maybe you want Adblock Plus?

I use AdBlock Plus as well. I thought it was NoScript that was catching the redirect but allowing the new instance of Firefox to open anyway?

Adblock Plus is not a reliable request blocker anymore.

You're still not being clear about *what* is causing these extra windows to spawn. Is this happening "by itself" with no pattern, or do you get these popunders only while/after you visit specific webpage(s)?
Do these occur when you don't have any script-enabled sites open?
Do you think there is any possibility this could just be some really elusive malware or adware?

If you are *absolutely sure* you can rule out the possibility of malware or system-wide installed adware, try Standard Diagnostic and please post your findings.