It seem Anton and some others have contracted something that attachs links to porn sites to there messages. It is not there doing! It is some kind of hack or virus that is doing it. If anybody knows how to deal with it, please post it. Thank you!

First thing I'd do is have windoze search for "Raven". Had that one once. If you find it, delete it. Linking to porn sites is all it does. Might run "Adaware" or Spybot if you have them.

Check the Downloaded Program Files folder for anything you do not recognize. This is where many rogue BHOs (Browser Helper Objects) reside due to "click-by" installations (ie, you hit a site and, without warning, they install a malicious plugin for IE). Since it happens on R'osity, it must be able to know exactly which site you are at in order to post the links.

I just get a swarm of "Paris Hilton P0rn" e-mails at the moment. Highly irritating, but once I set up a filter in my MailWasher I am at least not SEEING them anymore :) The other one sounds nasty, you mean it attaches links HERE? Puts them in the URL field? :o( I didn't know those programs could be so smart, nasty buggers. Thanks for the heads up anyway, it's nice to know if you click a link and thinks WTF?! :o)

I was speaking to a user on a Poser mailing list who was experiencing the exact same problems. Apparently, it's a form of browser hijacker, similar to those adware toolbars "enhancements" except more malicious. This is one reason why it's good idea to turn off the automatic installation of desktop items in Internet Explorer's 'Internet' Security Zone. Why this is even turned ON as a default setting for IE is beyond me. Stupid M$!

"Why this is even turned ON as a default setting for IE is beyond me."

Because if it was not on, 99.9% of the users would be calling/writing to find out how to turn it on because they do not like to read nor try to find out for themselves. It is a no-win situation.

Hijacked links are usually the result of a BHO or Browser helper Object..Ad-Aware should fix it... Most of the time these things are a result of visiting Porn sites or using P2p apps like Kazza... I'm not throwing out accusations, this is just what I discovered while researching this issue... Best advice, stay away from things like downloadgator and things like that....Don't click on OK, unless you know what your installing...

*"Because if it was not on, 99.9% of the users would be calling/writing to find out how to turn it on because they do not like to read nor try to find out for themselves. It is a no-win situation."*Major security hole vs. tech support handling basic inquiries? That's hardly a contest between the two. That's like leaving your home's doors unlocked all the time so you have the convenience of not having to reach for your keys all the time. :-)

Lazy users is precisely a reason why this sort of option should be turned off by default. If users are inclined to not delve deeply into anything, including Internet security, then make sure their systems are fairly secure upon default.

(BTW, M$ charges for tech support calls after the third incident. If anyone wants more tech support calls, it'd be M$. ;-)

The user I mentioned used Ad-aware and it failed to find the hijacker. He then used "HijackThis" which is a "brute force" scanner. Instead of trying to uniquely identify the hijacker, it simply lists all pertinent files and registry entries and leaves it up to the user to decide what to delete.

HijackThis is fairly popular and there are plenty of tech forums on which you can copy and paste your scanning results. The knowledgeable people there can tell a user what should and should not be deleted.

There is also a HijackThis log tutorial which can help users figure out what you should delete.

We're rapidly flying off topic here so I'll leave this alone. Hopefully those links will help some people.

If it is the same one I picked up from here or AS or where ever, it was the wsearch.vbs bho. Only took a couple of minutes to manually fix the problem, though it is aggrevating to be hijacked. My own fault I must admit, I had disabled some safety features on Nav AV and Firewall as well as Win2k while testing something else and then forgot to reenable the features. STUPID STUPID STUPID ! :) BabaLouie

If you have vbs files set to open automatically in Notepad, they can't execute themselves. It has been suggested to use a graphics app or a text app as the default opener for any scripts, that way the user can determine if s/he really wants to open the can of worms after reading the label.