Tradedoubler - malware?

Discussion in 'Computer Support' started by John Dean, Aug 15, 2005.

  1. John Dean

    John Dean Guest

    There's an annoying feature at some sites - the one I experience it at
    most is www.imdb.com, the Internet Movie Database.
    There's a banner ad down the right hand side of the page and if I move
    the mouse pointer across it (no clicking, just moving across to get from
    the page to the slider bar and back) it triggers an attempt to download
    mp3s. These are caught by my download manager, Download Accelerator.
    Typically, there are 3 mp3s in each attempt, each with a URL of origin
    of the form
    http://hstgb.tradedoubler.com/file/23643/mp3/mp3-1.mp3
    (subsequent files end in /mp3-2.mp3, /mp3-3.mp3 etc.) Each one is around
    40 kb in size.
    So:
    1. How come these things can spring on me without having clicked on
    them, just by having passed my mouse over them?
    2. Any way I can guard against them?
    3. If I didn't have a download manager, would these files just install
    on my PC?

    Using XP Home and IE6

    --
    John Dean
    Oxford
     
    John Dean, Aug 15, 2005
    #1
    1. Advertising

  2. John Dean

    pcbutts1 Guest

    None of those links on the right side point to the url you quoted. You
    probably have malware. Download, install, update and run all of the
    following.

    Ad-Aware
    http://www.pcbutts1.com/downloads/aawsepersonal.exe

    Spybot search and destroy
    http://www.pcbutts1.com/downloads/spybotsd14.exe

    Ewido Security Suite Trial version
    http://www.pcbutts1.com/downloads/ewidosetup.exe

    Microsoft Windows AntiSpyware (Beta1)
    http://www.microsoft.com/downloads/...A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en

    If none of the above fixes the issue then download Hijack this, run it, save
    a copy of the log file and cut and paste it back here to this group so that
    I can analyze it.Ignore anyone who tells you to post it elsewhere. I need to
    see it not them.


    HijackThis
    http://www.pcbutts1.com/downloads/HijackThis.zip

    --


    The best live web video on the internet http://www.seedsv.com/webdemo.htm
    NEW Embedded system W/Linux. We now sell DVR cards.
    See it all at http://www.seedsv.com/products.htm
    Sharpvision simply the best http://www.seedsv.com



    "John Dean" <> wrote in message
    news:ddqhpn$2dh$...
    > There's an annoying feature at some sites - the one I experience it at
    > most is www.imdb.com, the Internet Movie Database.
    > There's a banner ad down the right hand side of the page and if I move
    > the mouse pointer across it (no clicking, just moving across to get from
    > the page to the slider bar and back) it triggers an attempt to download
    > mp3s. These are caught by my download manager, Download Accelerator.
    > Typically, there are 3 mp3s in each attempt, each with a URL of origin
    > of the form
    > http://hstgb.tradedoubler.com/file/23643/mp3/mp3-1.mp3
    > (subsequent files end in /mp3-2.mp3, /mp3-3.mp3 etc.) Each one is around
    > 40 kb in size.
    > So:
    > 1. How come these things can spring on me without having clicked on
    > them, just by having passed my mouse over them?
    > 2. Any way I can guard against them?
    > 3. If I didn't have a download manager, would these files just install
    > on my PC?
    >
    > Using XP Home and IE6
    >
    > --
    > John Dean
    > Oxford
    >
     
    pcbutts1, Aug 15, 2005
    #2
    1. Advertising

  3. John Dean

    Guest

    "John Dean" <> wrote:

    |>There's an annoying feature at some sites - the one I experience it at
    |>most is www.imdb.com, the Internet Movie Database.
    |>There's a banner ad down the right hand side of the page and if I move
    |>the mouse pointer across it (no clicking, just moving across to get from
    |>the page to the slider bar and back) it triggers an attempt to download
    |>mp3s. These are caught by my download manager, Download Accelerator.
    |>Typically, there are 3 mp3s in each attempt, each with a URL of origin
    |>of the form
    |>http://hstgb.tradedoubler.com/file/23643/mp3/mp3-1.mp3
    |>(subsequent files end in /mp3-2.mp3, /mp3-3.mp3 etc.) Each one is around
    |>40 kb in size.
    |>So:
    |>1. How come these things can spring on me without having clicked on
    |>them, just by having passed my mouse over them?
    |>2. Any way I can guard against them?
    |>3. If I didn't have a download manager, would these files just install
    |>on my PC?
    |>
    |>Using XP Home and IE6

    I don't see it. Most likely cause I run a host file, or Opera is
    blocking pop-ups.

    Hosts file:
    http://www.everythingisnt.com/hosts.html

    Better one:
    http://someonewhocares.org/hosts/

    About Hosts files:
    http://www.mvps.org/winhelp2002/hosts.htm

    --

    Elegant Universe from NOVA
    http://www.pbs.org/wgbh/nova/elegant/program.html
     
    , Aug 15, 2005
    #3
  4. John Dean

    Harrison Guest

    On Mon, 15 Aug 2005 18:05:29 +0100, "John Dean" <> wrote:

    >There's an annoying feature at some sites - the one I experience it at
    >most is www.imdb.com, the Internet Movie Database.
    >There's a banner ad down the right hand side of the page and if I move
    >the mouse pointer across it (no clicking, just moving across to get from
    >the page to the slider bar and back) it triggers an attempt to download
    >mp3s. These are caught by my download manager, Download Accelerator.
    >Typically, there are 3 mp3s in each attempt, each with a URL of origin
    >of the form
    >http://hstgb.tradedoubler.com/file/23643/mp3/mp3-1.mp3
    >(subsequent files end in /mp3-2.mp3, /mp3-3.mp3 etc.) Each one is around
    >40 kb in size.
    >So:
    >1. How come these things can spring on me without having clicked on
    >them, just by having passed my mouse over them?
    >2. Any way I can guard against them?
    >3. If I didn't have a download manager, would these files just install
    >on my PC?
    >
    >Using XP Home and IE


    Block that site in IE.
    Tools>Internet Options>Security>Restricted Sites.
    Add hstgb.tradedoubler.com to the list.

    or

    Edit the hosts file to block it.
    C:\Windows\System32\drivers\etc\
    Make sure Explorer is set to view hidden and system files.
    Open the file hosts in notepad and add the following
    127.0.0.1 hstgb.tradedoubler.com and save the file with no extension.
    If it saves as hosts.txt, delete hosts and rename the new file to hosts.

    Also see:
    www.mozilla.org
    http://www.mvps.org/winhelp2002/hosts.htm

    By the way, I don't see these ads in my IE, nor any reference to tradedoubler in the source code, so you may be infected
    with some sort of adware.
    Plenty of posts here on how to deal with that.
     
    Harrison, Aug 15, 2005
    #4
  5. John Dean

    Evan Platt Guest

    On Mon, 15 Aug 2005 18:05:29 +0100, "John Dean"
    <> wrote:

    >1. How come these things can spring on me without having clicked on
    >them, just by having passed my mouse over them?


    Because you use IE.

    >2. Any way I can guard against them?


    Don't use IE.

    >3. If I didn't have a download manager, would these files just install
    >on my PC?


    Depends on your security setup in IE.
    --
    To reply, remove TheObvious from my e-mail address.
     
    Evan Platt, Aug 15, 2005
    #5
  6. John Dean wrote:

    > 1. How come these things can spring on me without having clicked on
    > them, just by having passed my mouse over them?


    Internet Explorer.

    > 2. Any way I can guard against them?


    Dump Internet Explorer.

    > 3. If I didn't have a download manager, would these files just install
    > on my PC?


    If you're using Internet Explorer.

    4. http://mozilla.org

    --
    Blinky Linux Registered User 297263

    Killing All Posts from GG: http://blinkynet.net/comp/uip5.html
    End Of The Good GG Archive GUI: http://blinkynet.net/comp/gggui.html
     
    Blinky the Shark, Aug 15, 2005
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Echuca

    Malware

    Echuca, Oct 15, 2004, in forum: Firefox
    Replies:
    1
    Views:
    645
    Moz Champion
    Oct 26, 2004
  2. EDWARD DOYLE

    anti malware software

    EDWARD DOYLE, Apr 15, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    5,340
    °Mike°
    Apr 15, 2004
  3. Jaypie

    Malware

    Jaypie, Apr 16, 2004, in forum: Computer Support
    Replies:
    5
    Views:
    735
    Jaypie
    Apr 17, 2004
  4. twitchy

    Malware

    twitchy, Dec 28, 2004, in forum: Computer Support
    Replies:
    7
    Views:
    719
    Ron Martell
    Dec 29, 2004
  5. Cub

    clkuk.tradedoubler help

    Cub, Jul 9, 2006, in forum: Computer Support
    Replies:
    0
    Views:
    451
Loading...

Share This Page