Try running some spyware removal software such as AdAware
(www.lavasoft.de) or Spybot S&D (www.spybot.info)

---
Leon Kyneur lkyneur@unitedip.net.au
United IP http://www.unitedip.net.au/
Phone: 02 8825 5586 Fax: 02 8825 5587





On Tue, 31 Aug 2004, Edw. Peach wrote:

A friend sent me a link to a page that had some adult material on it.
I visited it using Mozilla Firefox, my default browser. I noticed
that the page opened up twice and then opened a blank ABOUT page in
IE, which I only use for updating Windows XP. Now, whenever I hit a
link from my email program, I get the same result. I've sent myself
Yahoo news stories and it's the same thing.

What's up with this? How do I get that off my computer? I'm guessing
that website loaded something on me.

Edw. Peach wrote:

Sounds like your web browser has been hijacked. Best bet for cleaning it
up is something like Ad-Aware (www.lavasoft.de)

I was coming back here to report that I ran both Ad-Aware and Spybot
S&D. Both found 'a few problems,' and fixed them. I noticed that
SexList and SexTracker showed up on both, even though I had run the
Ad-Aware first. I tried rebooting my computer after the Ad-Aware scan
(and before the S&D scan) and tried that email link again (to a yahoo
news story) and it sort of froze up for a few seconds.

Could this tracker program be more deeply imbedded somewhere in my
computer?

Edw. Peach wrote:

like for example are you always taken to a certain website?

On Tue, 31 Aug 2004 14:50:32 +0100, Someone <me@here.co.uk> wrote:

No, I do not get re-directed. As I stated, I use Firefox as my
default browser, and in fact IE does not have access to the internet
unless I specify, on a per visit basis. What is odd is that I get two
windows open in Firefox of my intended site, and then about:Blank in
Internet Explorer, even though I have IE set to ask permission to go
online. I ran my AV yesterday and found no viruses.

Later today, I'll try running Ad-Aware and Spybot again and see if
those programs show up again.

"Edw. Peach" <bogus_addie@yahoo.com> wrote in message
news:u7u8j017309iee6j7hc84on0kqihfblf0c@4ax.com...
Format c:

--
Richard S. Westmoreland
http://www.antisource.com

On Tue, 31 Aug 2004 10:02:34 -0400, Edw. Peach <bogus_addie@yahoo.com> wrote:

Edw,

If this involves about:blank, HijackThis
<http://www.majorgeeks.com/download.php?det=3155> and expert advice might be a
good idea.

Create a separate folder for HijackThis, such as C:\HijackThis - copy the
downloaded file there. Then, run HijackThis ("Scan"). Do NOT make any changes
immediately. Save the HJT Log.
<http://forums.spywareinfo.com/index.php?showtopic=227>

Finally, have your HJT log interpreted by experts at one or more of the
following security forums (and post it, or a link to your forum posts, here):
Aumha: <http://forum.aumha.org/index.php>
Net-Integration: <http://forums.net-integration.net/>
Spyware Info: <http://forums.spywareinfo.com/>
Spyware Warrior: <http://spywarewarrior.com/index.php>
Tom Coyote: <http://forums.tomcoyote.org/>

Also, Edw, please don't contribute to the spread and success of email address
mining viruses. Your munging technique needs improvement.
http://www.mailmsg.com/SPAM_munging.htm

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.

On 31 Aug 2004 11:40:08 -0500, Chuck <none@example.net> wrote:

Greetings, and thanks for the info. I will get into this when I get
home from work later. I read the article about munging and I am
missing your point. That is not my real email address. If someone
needs to contact me, I prefer they do so as a response. I am leary of
all email that comes from strangers.

Perhaps you are referring to something else of which I am unaware?

On Tue, 31 Aug 2004 14:40:38 -0400, Edw. Peach <*email_address_deleted*> wrote:

It's in the article, just after "This is NOT the correct way". The point is
that, when you reference any actual domain (as in yahoo [DOT] com), you are
providing an email address that will direct spam to the email servers (yahoo in
your case). Your inbox won't see it, cause that's not your address. But the
yahoo domain will suffer from the unwanted traffic.

The domain none [DOT] net, OTOH, is a non-existant domain.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.

Edw. Peach <bogus_addie@yahoo.com> wrote in
news:u7u8j017309iee6j7hc84on0kqihfblf0c@4ax.com:

Ad-aware etc. are only as good as your security settings, I have heard of
'system restore' holding the malicious changes and then reloading them when
the system restarts as you have 'previously destroyed' them.

There might be a case for switching off system restore, running virus
checkers and ad-aware etc. then restarting, then re checking to see then
take a system rrestore snapshot so that you can then return to a clean
system

s

I've seen a few forums where people suggest just that. It sounds good
to me.

I was going to try the HijackThis program, but after looking at the
forum itself and noting the general attitude, I did not feel
comfortable checking it out further. It all seems quite authoritarian
to me. It might just be my impression, and perhaps the group is
filled with really friendly helpful people, but I did not get that
impression at all reading through the instructions and posts.



On 1 Sep 2004 14:01:28 GMT, Sam Witch <s.witch--stuff--@gawab.com>
wrote: