I clicked on a link sent out on 2/8, where you must make five valid searches to receive credit. The link was rpdir.net/?REQ=FREE+car . As soon as I clicked on this link, I was bombarded with popups and mandatory downloads (you *Must* click this, you must click 'open'...) Norton immediately detected Downloader.trojan trying to download to my pc.

The runner was 200402082326341544. I'm not sure if the first link I clicked on was the same as the runner, and I'm not about to risk finding out

In any case, I posted over in the AYS forum, but thought it would be beneficial to post here as well.

You are warned!!! *eg*

I'm personally a little more concerned about the virus aspect....flagrant abuse of search engines is too common-place to really offend me anymore...and the lesser of two evils lol

Thanks for the info....I found the email in my mailbox and deleted it without clicking.

I clicked on that ad already Didn't get the Norton notification (I have Norton installed too and have had so many download.trojan attacks so I know which one you are talking about )

Anyway since there are pop-ups spawned from that link, I suspect it came from one of the pop-ups.

Good that you have anti-virus software installed.

AYS members look out for my ad...My second so I'm all happy about it. It's the one about my sister giving birth...LOL...it's a search but my message is funny...or so I think...
Have a nice day everyone!

it doesnt say you have to click on 5 results to get credit it says you have to click on 5 to win a car

no lol i barely know how to run ads. I appreciate what was said about the virus my only reason for posting is i have seen that people get in trouble for saying you have to click a result to get paid and i would hate to see the wm of ays get into trouble because of someone's ad when they clearly did not say that you had to clikck results to get paid it was some stupid scam to win a car

I've seen some programs that require valid searches, but the info posted earlier was direct from the advertiser. "Only U.S. and Canada searches are valid for commissions payment, and pls. don't cheat I can detect multiple ip addresses clicks and only 1 unique I.p. address per 24 hour period is valid."

Even if you don't get the virus from the main site, who's to say the 5 links/search links won't use the same popup spawner?

So, five chances to win a virus aren't worth the 5 cents, 5 clicks, and 60 seconds it takes to get credit

Thanks a lot !!! I haven't got any trojan remover or spyware remover right now on my computer. I just installed windows XP.

Well, Thanks a Billion for mentioning the runner number as well.

Bye
Saad (Downloading Ad-aware right now)

I deleted that ad, not because of what's posted here but earlier. Due to the sheer concern I have over the sender, and what might be tracking my computer if I did click it. "Causes" tend to make me worry for my own privacy, more than anything else. Also have a problem with the "just click the results". In MOST search engines, that's illegal. You're not supposed to be sending people to a results page at all, and it's abusive. And again, considering this advertiser's way of helping his people(?), kinda bothers me in what's being directed back to them.

PTRE, add these to your favorites and run them about once a week at least. They're free scans, and work well in conjunction with what you download. They're also updated frequently.

http://housecall.trendmicro.com/

http://www.pandasoftware.com/activescan/co...ang=2&IdPais=63

And don't forget to add Spybot Search & Destroy. You can get a free copy, and I'm sure someone here has the direct addy. It's been so long ago I loaded it, I don't remember exactly how I found it.

I click the same link, but my system worked... copied from the Trojan Horse thread a few days ago... NOT ONE POP UP or problem ensued! YEAH, YEAH...for me, and I really feel for you because I lost TWO desktops last fall to this type of ploy! Hard lesson to learn for me...

PLEASE Take the same steps:

You may not like the length of this, but you may find it saves your PC.

First, load Hi Jack This (available from CNET's Download site: http://download.com.com
BE VERY CAREFUL WITH THIS PROGRAMME and Make a BACKUP before DELETING entries.

Then PROTECT Yourself with the following or similarily excellent tools....

a) Windows Update security patches - should be on your IE menu (I'm assuming you're running IE) got to http://www.microsoft.com/ if you haven't yet done so.

Firewall - I suggest Sygate Personal Firewall as it can be tailored to application rather than every IP address.
http://download.com.com/3000-2092-10247416.html?tag=lst-0-1

c) Antivirus - if you're not using one, Avast's is pretty good
http://download.com.com/3000-2239-10245925.html?tag=lst-2-2 AVAST can check any questionable behaviour.

d) Spyware - I use the following programmes to get rid of and prevent the nasty bugs from scoping my machine....

1. Spybot Search & Destroy -
http://download.com.com/3000-2144-10194058.html?tag=lst-0-1
2. Spyware Blaster - http://www.wilderssecurity.net/index.html
3. MRU Blaster - gets rid of unwanted cookies, ie cache, etc.
http://www.wilderssecurity.net/index.html

e) IE Popup stopper (for the ones which use the MS Messenger function) -
ASHAMPOO IP Spam Blocker
http://download.com.com/3000-2144-10195339.html?tag=lst-0-2

I also set my IE security standards so that files cannot be
downloaded/installed without me knowing about it - I suggest a download manager like DAP http://download.com.com/3000-2071-10248332.html?tag=lst-0-1 which
is one which can catch individual files.

This might seem like a lot. Better safe than sorry....It is worth it, though you'll need to experiment with the settings so that it doesn't interfere with the programmes you really need. I was amazed at the number of things that were continually being "put" on my machine without me knowing about it - even with anti-virus and a firewall.

Hope this helps. Let me know.

This post has been edited by antinomy on Feb 6 2004, 01:19 PM


--------------------

Antinomy Strikes Twice!
http://www.boursesurf.com
Pay-Day Profit Rewards for FREE, 5%/day 7days/week
Want me to build a down-line for you?
Check my PTR list and nominate one which you'd like to trade!

Yeah, not good.

What exactly was the virus you found?

Downloader.trojan. Supposedly it would modify mscache.exe, or perhaps create mscache[1].exe. I dunno. Maybe there's some sort of script that would overwrite my original file on reboot.

Norton blocked it, but you can read about it here http://securityresponse.symantec.com/avcen...der.trojan.html

Apparently it's a program that will DL worms and trojans from multiple sites.

Yeah...I sure clicked on it...got about 7 popups from it and 3 were from Outwars, I was NOT impressed...I used Housecalls right away but it didn't detect anything so I must not have gotten anything from it...

Will do another scan today though with panda...thanks for the heads up...

Well, I'm quite certain it was from that website, as it was the only link I had opened at the time.

But it makes sense that one of the popups could have spawned it, since their origin is another website altogether. And since those are fairly random...*shrug*

I'm surprised that Norton doesn't tell me what website the virus was on. I mean, without downloading the trojan, it was able to tell me what file on my pc it was attempting to modify/create.

Of course, that would make things too easy

Sorry, I didn't see it in a thread, it came in two emails from Robert:

I'm a member of AYS but I haven't seen this yet.Maybe a little behind.This sounds like a serious problem caused by an advertiser,not AYS.Without their knowledge I'm guessing.Has anyone contacted their admin about this?If not, someone should.

qcp