Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

I get spam malware messages on one profile only and not the others

  • 18 tontu
  • 1 am na jafe-jafe bii
  • 3 views
  • i mujjee tontu mooy d3von

more options

A few days ago I started getting full page spam messages when looking at threads in one forum only. I have to keep backing out or closing out of Firefox. Initially FF blocked them, but not anymore. Norton never blocked them.

These messages only come up when using one FF profile, not another. They also do not show up when using a Chromebook, so I presume the problem is on my end.

I have cleared all cookies & cache and did a complete scan with Norton, Malwarebytes, & AdwCleaner. Even restored Windows 7 back to an earlier time. But none of this helped.

They are full page messages & say they're from AT&T, Walmart, or Visa. However the addresses all start out with: happy.luckyparkclub.com/………..

Sometimes the messages appears right away & sometimes it takes a few minutes.

I cleared FF cookies, went back to the forum, & then looked at the cookies again. I noticed that happy.luckyparkclub.com and dbmtrk.xyz both appeared in the cookies list at the same time, 23 seconds. The forum cookie was time stamped at 22 seconds.

If I look at the forum using a different FF profile there is no problem & neither of these 2 cookies are there.

If I open a New Private Window in the problem profile then I don't get the messages either, at least not yet.

What does the Private Window NOT access that the regular window does?

Which profile folder or file could be causing the problem?

Thanks for any suggestions.

A few days ago I started getting full page spam messages when looking at threads in one forum only. I have to keep backing out or closing out of Firefox. Initially FF blocked them, but not anymore. Norton never blocked them. These messages only come up when using one FF profile, not another. They also do not show up when using a Chromebook, so I presume the problem is on my end. I have cleared all cookies & cache and did a complete scan with Norton, Malwarebytes, & AdwCleaner. Even restored Windows 7 back to an earlier time. But none of this helped. They are full page messages & say they're from AT&T, Walmart, or Visa. However the addresses all start out with: happy.luckyparkclub.com/……….. Sometimes the messages appears right away & sometimes it takes a few minutes. I cleared FF cookies, went back to the forum, & then looked at the cookies again. I noticed that happy.luckyparkclub.com and dbmtrk.xyz both appeared in the cookies list at the same time, 23 seconds. The forum cookie was time stamped at 22 seconds. If I look at the forum using a different FF profile there is no problem & neither of these 2 cookies are there. If I open a New Private Window in the problem profile then I don't get the messages either, at least not yet. What does the Private Window NOT access that the regular window does? Which profile folder or file could be causing the problem? Thanks for any suggestions.

All Replies (18)

more options

Okay, let's try this;

On the system/profile with the problem:

Type about:support in the address bar and press Enter. Under the main banner, press the button; Copy Text To Clipboard.. Now in the Reply Box on the forum page, do a right-click in the box and select Paste.

This will show us your system details. No Personal Information Is Collected.

more options

Many site issues can be caused by corrupt cookies or cache.

Warning ! ! This will log you out of sites you're logged in to. You may also lose any settings for that website.

If there is still a problem, Start Firefox in Safe Mode {web link} by holding down the <Shift> (Mac=Options) key, and then starting Firefox.

A small dialog should appear. Click Start In Safe Mode (not Refresh). Did this help?

While you are in safe mode;

Try disabling graphics hardware acceleration in Firefox. Since this feature was added to Firefox it has gradually improved but there are still a few glitches.

How to disable Hardware Acceleration {web link}

more options
more options

I cleared the cookies & cache & started in Safe Mode but it made no difference. Neither did disabling graphics hardware acceleration.

The link mentions looking for unfamiliar programs & processes. There are folders & files with non-descript names, such as the ones with 20-30 characters, but I have no idea what these are for. There is nothing unfamiliar in Control Panel > Installed Programs, and I have not installed any new software in a long time.

The links want me to install SpyHunter, but I’m reluctant to install anything at this point. Plus I’ve already done complete scans with 3 other programs.

I searched the registry for “Happy Lucky Park Club” and also each word separately. “Happy” & “park” showed up but they were related to programs I know about.

I'll take a look at the about: support and paste it here.

more options

Do you have any extensions installed in this profile ?

Did you check the connection settings ?

more options

cor-el said

Do you have any extensions installed in this profile ? Did you check the connection settings ?

I have 4 add-ons, but they were disabled & did not appear on the upper toolbar when I started FF in Safe Mode.

Which connection settings should I be checking?

more options

FredMcD said

Okay, let's try this; On the system/profile with the problem: Type about:support in the address bar and press Enter. Under the main banner, press the button; Copy Text To Clipboard.. Now in the Reply Box on the forum page, do a right-click in the box and select Paste. This will show us your system details. No Personal Information Is Collected.

I copied the about:support to my word processor & it has 15 pages of information. There is info about video, audio, & a big section just filled with characters. Do you want all of this or just certain sections?

more options

You can check the connection settings here:

  • Options/Preferences -> General -> Network: Connection -> Settings

If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly.

See "Firefox connection settings":

more options

The setting was set for "Use system proxy settings". But it's the same for the profile that works.

I changed the problematic profile to "No proxy" but it made no difference. I still got the spam messages. Again, it's just one specific forum that has a problem when using my main profile. Everything else seems to work normally including other forums I visit.

When the problem first started a few days ago, Firefox would display a Red screen with a warning & it blocked the spam message. But after about 2 days Firefox no longer displayed the Red warning screen, and what I got was the spam screen. I have no idea why this changed, but apparently something triggered FF in the early stages.

more options

There are quite a few folders & files in the Profile folder. Is there any particular one(s) that might be causing the problem? If so, I could swap in the matching ones from the good profile & see if that makes a difference. Or temporarily rename some folders or files & see if they're recreated with new ones that work. I might end up with some missing data or information, but that would at least narrow down where the problem is.

Any thoughts about doing this?

more options
more options

I'm still looking at all the links to get rid of this spam.

Just thinking I should post the full address that's shows up in the FF address bar. Maybe something in it will help figure out the problem.

http://happy.luckyparkclub.com/bonus/com-us-cc-s10-iph11-cdn/lp1.php?c=4fz6swxaz4vz0&k=0ada4d0e0e1b1b9ac8b35501cbfb2253&country_code=US&carrier=AT&T&country_name=United%20States&region=Illinois&city=Glenwood&isp=AT&T%20Services,%20Inc.&lang=en&os=Windows%207&osv=&browser=Firefox&browserv=69&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768

The first part between "bonus" and "country_code" is different depending on which spam message is displayed.

Chris Ilias moo ko soppali ci

more options

Mike109 said

I copied the about:support to my word processor

Open a text/word program and load the file. Left-click once. Now <Control> A to highlight everything, then <Control> C to copy it.

Next, have your web browser go to; https://pastebin.com/

Paste <Control> P the content of the file in the window. Note: On the bottom, fill out the boxes as best you can.

Now press Create A New Paste. The page will reload. Copy the new web address, and post it here.

more options

FredMcD said

Mike109 said
I copied the about:support to my word processor

Open a text/word program and load the file. Left-click once. Now <Control> A to highlight everything, then <Control> C to copy it.

Next, have your web browser go to; https://pastebin.com/

Paste <Control> P the content of the file in the window. Note: On the bottom, fill out the boxes as best you can.

Now press Create A New Paste. The page will reload. Copy the new web address, and post it here.

https://pastebin.com/7sgvpG1b

more options

Any luck finding a problem in the data?

more options

I didn't see anything, but called for more help

more options

As mentioned sometimes it takes a few minutes of reading the threads before the spam message appears. It's possible it might show up when using the second FF profile or Private Window if I looked at the forum threads for an even longer period of time. Anything's possible.

OTOH no one else on the forum has mentioned a problem.

I did edit the Hosts file using 127.0.0.1. It did block the spam message but gave me a full page error message instead. IOW nothing gained.

A few messages above, cor-el posted a link & it appears quite a few people are having the same issue.

The first day or two that a I had the problem Firefox blocked the spam message. But then it stopped blocking it. It must have initially detected something, if that means anything. Since the whole forum webpage is replaced with a full page spam message along with a different address, would this be considered a redirect vs. a popup?

more options

try clearing your all history and remove cache and all data , after that you wont get any pop ups or spam messages IM experince