InformAction Forums

I did NOT install it! But suddenly I have a banner on top of my FireFox 3.5.1 for Anchorfree.com who offers hotspot-shield. Like I said, I did NOT install it, but I have it! In spite of all the ad blockers, spyware software and other programs I have on my Mac that should have kept this from happening. (CNET, PCWorld and others recommended the program, but like I said, I did NOT install it!) I've searched this site for an answer, I've searched Google for an answer, I've searched Mac and Apple for an answer. But after TEN hours, all solutions to remove it have NOT worked. The only thing that has worked is NoScript keeping the ads from popping up, but their logo and the one inch top section of my FireFox 3.5.1 browser is lost to me, and kept by them. {MacOS 10.4.11 \ 1GHz PowerPC \ 1GB SDRAM is what I use.} Is there anything you can do to help me and keep this from happening to others?

Thanks

NoScript isn't designed to be a general ad blocker. The user agent appended to your post indicates you're using a third-party toolbar, possible the Ant toolbar. Perhaps that's causing your problem. Try uninstalling the Ant toolbar.

By the way, you need a Firefox update. Your user agent indicates you are running an obsolete version of Firefox. It's easier to troubleshoot these issues if you're using the current version. Also, it's risky to use an old version of Firefox which has known, published, unpatched vulnerabilities. NoScript is a useful security tool, but even more effective is running with an up-to-date Firefox. Help > Check for Updates.

Item one: I am NOT using an old version of Firefox, in spite of what the line says -- (Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US; rv:1.9.1.1) Gecko/20090715 Firefox/3.0.8, Ant.com Toolbar 1.3)

Item two: I NEVER installed an ant.com toolbar! I don't even know what it is.

Item three: I am NOT trying to remove ANY ADS with NoScript. I'm trying to remove the Java Script code, or what looks like Java Script code to me, that keeps popping up (being placed) above the web sites I visit. {I've saved several files that has the complete version that I could send you. Here is just a snippet of it...

}
</script><img src="FAQ%27s%20No%20Script_files/af.gif" id="AFt_img" style="border: 0pt none ; display: none; width: 0pt; height: 0pt;"><div id="AFt_dv" class="AFc_all" style="border-bottom: 1px solid rgb(204, 204, 231); background: rgb(255, 255, 255) none repeat scroll 0% 0%; height: 90px; display: block; top: 0pt; left: 0pt; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous; position: fixed; width: 100%; z-index: 666999;">
<style type="text/css">.AFc_all{outline:none;background:#fff;border:none;margin:0;padding:0;top:0;text-decoration:none;overflow:hidden;display:block;z-index:666999;}</style>


<div style="position: absolute; left: 5px; width: 100px;" class="AFc_all">
<div class="AFc_all" style="padding-top: 5px;">
<a href="http://www.anchorfree.com/" target="_blank" class="AFc_all">

<img class="AFc_all" src="FAQ%27s%20No%20Script_files/af_logo.gif" alt="AnchorFree">
</a>
</div>
<div class="AFc_all" style="padding-top: 5px;">
<a href="http://anchorfree.com/hotspot-shield/" target="_blank" class="AFc_all"><img class="AFc_all" src="FAQ%27s%20No%20Script_files/_frame_hss_icon.jpg" title="Secure your connection! Download Hotspot Shield."></a>
</div>
</div>

<div style="position: absolute; left: 845px; width: 100px;" class="AFc_all">
<div class="AFc_all" style="padding-top: 5px;"><a href="javascript:void(0)" id="close_link" class="close_link" onclick="AFf_rmBox();" onmouseover='this.focus();document.getElementById("AFi_ClA").src="http://img221.anchorfree.com/box/images/close_over.gif";' onmouseout='document.getElementById("AFi_ClA").src="http://img221.anchorfree.com/box/images/close_out.gif";' target="_self"><img class="AFc_all" src="FAQ%27s%20No%20Script_files/close_out.gif" id="AFi_ClA" title="Close this ad"></a></div>
<div class="AFc_all" style="padding-top: 5px;"><a href="http://anchorfree.com/advertise" class="AFc_all" onmouseover='document.getElementById("AFi_Az").src="http://img221.anchorfree.com/box/images ... h_wifi.gif";' onmouseout='document.getElementById("AFi_Az").src="http://img221.anchorfree.com/box/images ... i_over.gif";' target="_blank"><img class="AFc_all" src="FAQ%27s%20No%20Script_files/advertise_with_wifi_over.gif" id="AFi_Az" title="Advertise at this location."></a></div>
</div>
<div style="position: absolute; left: 110px; width: 728px; height: 90px;" class="AFc_all">
<script type="text/javascript">AFs_TmplF=function(){
if(typeof(AFv_insType)!='undefined'){
document.write('<iframe class="AFc_all" id="AFt_adFrame" src="http://box.anchorfree.net/templates/spe ... frame.html" height="90px" marginwidth="0" marginheight="0" vspace="0" hspace="0" frameborder="0" scrolling="no" width="100%"></iframe>');
}

else{
document.write("<scr"+"ipt src");document.write("='http://afe.specificclick.net?l=17947683 ... /scri"+"pt>");
}

What this does to my web browser and the sites I visit is horrendous. {Happy to send you, via a zipped up file, what your site looks like through this hack.}

Hope you can help.

Thanks

Item One: You ARE using an older Fx regardless of what you think
Item Two: The toolbar is installed, perhaps without your knowledge as part of another package or by someone else

Good luck.

Are you using a proxy?
If you start FF in Safe Mode, does the problem go away?

-------

> Item One: You ARE using an older Fx

Why do you say that? If his UA were spoofed

OK, so maybe you cannot spoof the entire UA string line? (Maybe you can, not sure?)
Anyhow, his Gecko version date displays the same as yours, which would be incorrect for FF308, but correct for FF351.

Yes the UA can be spoofed, for sure. But from what the user has shown so far, not striking me as the kind that has the knowledge to do so or if so would put the ant toolbar in there claiming not knowing what it is, installing or using it. See what I mean?