Hi All...... I am sure a lot of you know that my other passion is security and viruses. But spyware and browser hijacking are relatively new and I doubt that most of you are aware of this rising phenomenom......but you should be. I had clicked on an old link in Genealogy.com for Patsy's site as she described and after 8 popups and a nasty spyware program called GATOR trying to download, I got the heck out of there......but the damage had been done. The next day my home page was changed to "Find the Website You Need" and among other things, I couldn't update my computer at Windows Update because it interfered with that as well. There are two good programs out there for spyware (and spyware can be 'benign' or 'malignant' to use medical terms.....this one was a bad one. AdAware 6 is a bit more user friendly.....I happen to use Spybot Search and Destroy, which is not. It scares me at times (G). It found 3 entries hidden in my Registry for this hijacker and I deleted them. I am now in the process of running a specialized program for hijacking and it is being evaluated by the experts!! So this is not something that is minor. This is majorly serious. And if any of you ever have your home page hijacked, write me immediately. DO NOT GO TO MAX PAGES!! As far as I can see, that is where I picked up this sneaky hijacker. That site showed up as the first line in the specialized Hijack analyzer....so I don't doubt this. Some *%&^ has taken over the page and will cause you nothing but grief!! Patsy had nothing to do with this......it was done behind her back and I wrote her this morning when I had enough information and the cleanup process almost completed. I will give you the links for AdAware and Spybot, but suggest you use the first one.......it is more user-friendly. I run it every day to take out the spyware cookies that land on here. Usually 3 or 4 per day. I happened to have it off temporarily for a reason and that is how I got hijacked. http://www.lsfileserv.com/index.html - this is the one for the new version 6 of AdAware......read the first page, click on the free one and download it. http://security.kolla.de/ - this is the Spybot Search and Destroy and for the 'everyday user', it is a little complicated, so stick with AdAware. I hope I have covered everything.......but it seems no matter what defence mechanisms the experts come up with, the 'black hats' invent newer ones. If you want to write me off-List........no problem. If there is anything further I will post it......but because this was Pat Jackson's old website that was involved, I felt that you all needed a warning and an explanation. And check your Favourites and delete any "Max Pages" sites you might have...... Now......think I will go have a drink!! (G) And it won't be just Pepsi!! Cheers.....Heather

Heather Thank you for sharing this information and the resources to combat the problems that we are all experiencing. I am a teacher of IT in adult education and will pass on your warnings, experiences and the resource sites to students and friends. I have downloaded and run AdAware which found 6 "infections", mainly in the Cookies folder, but one in the registry. Previously I have taken to reloading Windows about every 6 months to overcome this problem, so I will be interested to see how effective AdAware is. Thanks again for your advice. Regards Di ----- Original Message ----- From: "Heather Figueroa" <heatherfig@rogers.com> To: <CARIBBEAN-L@rootsweb.com> Sent: Saturday, May 03, 2003 6:34 AM Subject: WARNING!! Browser Hijacking...... > Hi All...... > > I am sure a lot of you know that my other passion is security and > viruses. But spyware and browser hijacking are relatively new and I > doubt that most of you are aware of this rising phenomenom......but you > should be. > > I had clicked on an old link in Genealogy.com for Patsy's site as she > described and after 8 popups and a nasty spyware program called GATOR > trying to download, I got the heck out of there......but the damage had > been done. > > The next day my home page was changed to "Find the Website You Need" and > among other things, I couldn't update my computer at Windows Update > because it interfered with that as well. > > There are two good programs out there for spyware (and spyware can be > 'benign' or 'malignant' to use medical terms.....this one was a bad one. > AdAware 6 is a bit more user friendly.....I happen to use Spybot Search > and Destroy, which is not. It scares me at times (G). > > It found 3 entries hidden in my Registry for this hijacker and I deleted > them. I am now in the process of running a specialized program for > hijacking and it is being evaluated by the experts!! So this is not > something that is minor. This is majorly serious. And if any of you > ever have your home page hijacked, write me immediately. > > DO NOT GO TO MAX PAGES!! As far as I can see, that is where I picked up > this sneaky hijacker. That site showed up as the first line in the > specialized Hijack analyzer....so I don't doubt this. Some *%&^ has > taken over the page and will cause you nothing but grief!! > > Patsy had nothing to do with this......it was done behind her back and I > wrote her this morning when I had enough information and the cleanup > process almost completed. > > I will give you the links for AdAware and Spybot, but suggest you use > the first one.......it is more user-friendly. I run it every day to > take out the spyware cookies that land on here. Usually 3 or 4 per day. > I happened to have it off temporarily for a reason and that is how I got > hijacked. > > http://www.lsfileserv.com/index.html - this is the one for the new > version 6 of AdAware......read the first page, click on the free one and > download it. > > http://security.kolla.de/ - this is the Spybot Search and Destroy and > for the 'everyday user', it is a little complicated, so stick with > AdAware. > > I hope I have covered everything.......but it seems no matter what > defence mechanisms the experts come up with, the 'black hats' invent > newer ones. If you want to write me off-List........no problem. > > If there is anything further I will post it......but because this was > Pat Jackson's old website that was involved, I felt that you all needed > a warning and an explanation. And check your Favourites and delete any > "Max Pages" sites you might have...... > > Now......think I will go have a drink!! (G) And it won't be just > Pepsi!! > > Cheers.....Heather > > > ==== CARIBBEAN Mailing List ==== > For information on individual islands, research aids, island bulletin boards or history please visit the CaribbeanGenWeb project at > http://www.rootsweb.com/~caribgw/ >

(follow-up set to soc.genealogy.computing which is thew newsgroups to discuss that subject) On Fri, 2 May 2003 22:59:04 +0000 (UTC), dialincc@tpg.com.au ("Di Coghlan") wrote in soc.genealogy.west-indies: >to students and friends. I have downloaded and run AdAware which found 6 >"infections", mainly in the Cookies folder, but one in the registry. cookies can't be "infected", i.e. they will keep information to track you, but only information you already gave them. My cookies jar for example has 86 cookies or 55 unique ones if I removed duplicates. Some obvious "spies" are: .2o7.net .advertising.com .bfast.com .doubleclick.net server.iad.liveperson.net None is from a site I visited. They can track sites you visited to better target you, but otherwise, they are not vicious. But the one in the registry is vicious. No web site should be able to modify your register and if one does, then you should find where you got it. If it is a genealogy site, you should say which key was changed. Many netters never use anti-virus for the mere reason if a virus is propagated from day 1, and the anti-virus is updated at day + 10, then you are unsafe during 9 days. If you use safer products (avoid MS Internet Explorer, MS Mail, Outlook, etc.) and know what you do, then you can survive to the net. Otherwise, you can't without anti-virus but anyway, anti-virus are not enough. Denis -- 0 Denis Beauregard http://www.genealogie.com (français) /\/ Genealogy Web site: http://www.francogene.com (English) |\ >>Adresse modifiée souvent/email changed frequently<< / | Relationniste - www.sgcf.com - 60 ans en 2003 ! oo oo Société généalogique canadienne-française

Thanks for the info. Kind regards Christine Fensbo ----- Original Message ----- From: "Heather Figueroa" <heatherfig@rogers.com> To: <CARIBBEAN-L@rootsweb.com> Sent: Saturday, May 03, 2003 6:34 AM Subject: WARNING!! Browser Hijacking...... > Hi All...... > > I am sure a lot of you know that my other passion is security and > viruses. But spyware and browser hijacking are relatively new and I > doubt that most of you are aware of this rising phenomenom......but you > should be. > > I had clicked on an old link in Genealogy.com for Patsy's site as she > described and after 8 popups and a nasty spyware program called GATOR > trying to download, I got the heck out of there......but the damage had > been done. > > The next day my home page was changed to "Find the Website You Need" and > among other things, I couldn't update my computer at Windows Update > because it interfered with that as well. > > There are two good programs out there for spyware (and spyware can be > 'benign' or 'malignant' to use medical terms.....this one was a bad one. > AdAware 6 is a bit more user friendly.....I happen to use Spybot Search > and Destroy, which is not. It scares me at times (G). > > It found 3 entries hidden in my Registry for this hijacker and I deleted > them. I am now in the process of running a specialized program for > hijacking and it is being evaluated by the experts!! So this is not > something that is minor. This is majorly serious. And if any of you > ever have your home page hijacked, write me immediately. > > DO NOT GO TO MAX PAGES!! As far as I can see, that is where I picked up > this sneaky hijacker. That site showed up as the first line in the > specialized Hijack analyzer....so I don't doubt this. Some *%&^ has > taken over the page and will cause you nothing but grief!! > > Patsy had nothing to do with this......it was done behind her back and I > wrote her this morning when I had enough information and the cleanup > process almost completed. > > I will give you the links for AdAware and Spybot, but suggest you use > the first one.......it is more user-friendly. I run it every day to > take out the spyware cookies that land on here. Usually 3 or 4 per day. > I happened to have it off temporarily for a reason and that is how I got > hijacked. > > http://www.lsfileserv.com/index.html - this is the one for the new > version 6 of AdAware......read the first page, click on the free one and > download it. > > http://security.kolla.de/ - this is the Spybot Search and Destroy and > for the 'everyday user', it is a little complicated, so stick with > AdAware. > > I hope I have covered everything.......but it seems no matter what > defence mechanisms the experts come up with, the 'black hats' invent > newer ones. If you want to write me off-List........no problem. > > If there is anything further I will post it......but because this was > Pat Jackson's old website that was involved, I felt that you all needed > a warning and an explanation. And check your Favourites and delete any > "Max Pages" sites you might have...... > > Now......think I will go have a drink!! (G) And it won't be just > Pepsi!! > > Cheers.....Heather > > > ==== CARIBBEAN Mailing List ==== > For information on individual islands, research aids, island bulletin boards or history please visit the CaribbeanGenWeb project at > http://www.rootsweb.com/~caribgw/ > >