Hi Chris
Have you tried checking your home page setting, as it sounds like this has been re-set (probably by a rogue email that you inadvertently opened).
In IE, go Tools - Internet Options - General Tab - and chck that the homepage is set to the URL you prefer.

If thats not it, try ALT-CTRL-DEL and check there are no rogue applications running that you weren't expecting (I'm assuming WinXP - can't remember if pre XP Windows works same way).

Option 3 - download a spyware checking program, and get it to check your system.

Hope thats of some help

Martin

Thanks Martin, I often wondered what Spyware did.

Go a copy of spyhunter for a few bob and it found quite a lot of dodgy stuff, All now gone and to my supprise the computer still works.

Many thanks

Chris

Glad you managed to get that sorted Chris.

Often, its supposedly 'free' software that delivers these nice little hidden 'presents' onto your computer. If you've ever downloaded a 'free' movie player or free calendar/birthday reminder etc, they often come with the added bonus of installing spyware/adware (terms of which you agree to in the usually miscroscopic smalll print).

On a different but related matter, did anyone else get hit by the legacy of the MyDoom virus? As far as I could tell, we didn't actually have the virus on any of our machines, but our domain was hijacked/borrowed and what must be hundreds of rogue emails sent out 'apparantly' using our email address (ie the mails were sent out as from joe@megacity, pete@megacity etc, without actually coming from our machines).
The result was (and still is, as we are still getting them) a whole hoard of bounced mail coming back at us, as the recipients (who are also unknown to us) reject the virus laden emails.
Did this hit anyone else, and any idea how we can protect against this in the future?
All our machines carry up-to-date Norton virus protection, we never open unknown attachments, and all our connections are protected by hardware firewalls.

I must have has 10,000 of Mydoom / Novarg by now. Also Klez's are still trickling in.

It's my fault as I put my personal email address into my NorTree menu (in the bit that goes into Act_Primary.html) with the result that all the people who use said menu have put my address onto every page in all of their sites.

It would be a good idea to hide your e-mail address on your web pages. Either use a contact us form or use JavaScript to obfuscate the e-mail address. I.e. Instead of:-

<a href="mailto:myname@mydomain.com">Email us</a>

use instead:-

<script language=JavaScript>
<!--
document.write('<a href="mai'
+ 'lto:'
+ 'myname@'
+ 'mydomain'
+ '.com">Email us</a>');
// -->
</script>

That should stop worms that scan the victims hard disk looking for text@text.text type patterns to replicate to.

Thanks Norman.

Will certainly try and adapt my pages along those lines.

This time around it seems particularly nasty - I don't remember ever receiving so many bounced mails, although I suppose its only recently that our site has become so high profile.

Do you think MyDoom/NoVarg has been working exclusively on picking up addresses from sites, or do you think addresses have also been harvested frrom vulnerable address books? Our main adddress will be in a lot more address books these days than it was before we launched the site.

Apart from the real pain in cleaning up the mailbox every morning, what worries me, is our domain getting blocked by spam filters, due to the large volumes of bogus mail. I assume the ISP's take into account that the virus isn't my doing when building their spam rules, but one never knows what damage it is doing to the business. I guess thats why the buggers write these viruses!

I've added filters to my default mailbox, which picks up all the mail not addressed to any genuine mailbox, to delete mail with headers such as 'Failed Mail...' etc, but have so far been unable to create a filter to delete mail with malicious attachments (exe, scr...). Claranet are my hosts, and for some reason they don't provide a filter option for specifying attachment types!
Any idea if there is any way of building such a rule into Outlook Express?

ps. Have you ever thought of entering for 'Who wants to be a millionaire?' as you have the answer to nearly every question thrown out there

Great idea Norman, I think I will be implementing that as even though all our emails are cleaned before we get them, I still get the remenents to wade through. (why do antivirus companies still send out have settings in the software 'you have a virus notification' when there hasn't been a prolific virus that uses the real email for at least 2 years.)

Mydoom/NOVarg both harvest from anywhere they can, address books, internet cache etc... These viruses have been the worst ever so with a more popular site you will get a lot of people who have your email address on their computer in some form.

As to spyware programs, HijackThis is very good for finding registry problems, and can clean up things that other programs miss http://mjc1.com/mirror/hjt/

Also adaware is a good free program for checking that you haven't picked up anything nasty http://www.lavasoftusa.com/software/adaware/