EDIT: Please note that I don't intend any complaint or criticism of Adearners here. I apologise if I give that impression. I'm just trying to gather data is all. See also UPDATE later in thread, I have now been in contact with Adeaners.

Hi, I've tried to contact adearners but gotten no reply so if anyone can draw their attention to this...

I know there have been some posts about unauthorized signups to ozloop and paid-email-from-the-great-white-north. I have some more information that may be helpful (or maybe it just confuses the issue )

I was also the victim of an attempted sign-up without my permission at both ozloop and great-white, but the email address used was one that I know was exclusively used in connection with my membership of AdEarners.com.

A little history:-

March 20th: Adearners changed to using their "poc-it-change" server to send emails.

March/April: all ok.

April 25th: poc-it-change attempt to send me a virus (WORM_SOBIG.A - nice! NOT!)

April 26th: Adearners revert back to using their own email server.

April/May: all ok.

May 19th: "confirmation" emails received from ozloop and paid-email-from-the-great-white-north (ignored).

Since May 19th: no, zero, nada, emails from adearners.

coincidence? or what?

Okay, firstly are you sure it was them that sent it to you and not someone else. When Worms procreate they take the email address from the person's address book and place it in the From: section. Which is why when you get a virus sent to you you check to make sure it came from that person.


Also, confirmation emails are not unauthorised signups, just means someone tried to sign you up. Unauthorised would mean that the WM of the site manually put you into the database, something which no legit and intelligent WM would do. Even if you asked them via email. 99.99% of the GPTR sites have double optin so it makes it impossible to be signed up without permission, or for invalid email accounts to appear in their databases.

Hi Jaikula, thanks for responding

Yup, I'm 99% sure the virus was from poc-it-change, it came from 69.12.117.4 :-

nslookup 69.12.117.4
Canonical name: mail-da-1.dns-solutions.net

whois poc-it-change.com
Registrant:
pocitchange
3307 Apache Dr.
Mineral Wells, Texas 76067
United States

Registered through: Go Daddy Software (http://www.godaddy.com)
Domain Name: POC-IT-CHANGE.COM
<snip for brevity>
Domain servers in listed order:
NS1.DNS-SOLUTIONS.NET
NS2.DNS-SOLUTIONS.NET

Perhaps I was not too clear in my post above, all of that happened to a specific email address of mine that was used only for adearners.

As for the "unauthorized", thanks for clarifying that - maybe I'm not using the correct terminology, but the fact remains that somebody tried to sign me up for two programs without my consent, and using an email address that should have been known only to adearners.com

Sorry, I also forgot to ask a main question above... Has anybody received any points emails from adearners since May 9th?

I am not sure if this have some conection with the subject, but all emails I get from AdEarners.com in last 10 days have attachment.....
so I delete them

Ahhhh Thank You hristo7777 - that is very interesting

My email service recently introduced their own virus scanner so maybe that's why I haven't seen any adearners emails lately - hmmm they are supposed to send me a "safe" notification that they blocked a virus but I didn't get that/those either.

Thanks again

Ok, if they have gotten a worm, then there is a possibility that someone got your email addy they are using there with it.

I would be contacting prohosting.com at their abuse@ and postmaster@ email address letting them know about it.

UPDATE:

I've just got off the phone with Steve, the owner of adearners, and he sounds like a helpful guy. He's going to look into this with his server co.

I told him about this thread at GPF and invited him to come here and let us know what's happening.

In the meanwhile if anyone else has any other info to help him I'm sure he'd appreciate you posting here.

Marty

I'm not sure what the reflinks look like for that program, but could it be that it got out there because of that?.