Do I have spyware?

None of the usual programs have caught it, but sometimes when I try to go to www.ebay.com, I get redirected through an adfarm.mediaplex.something site. Is there something wrong?

I don’t know who they are either, but whenever I’m checking items I’ve got on my Bidnapper list, the connection routes through mediaplex.

Mediaplex.com is owned by someone called ValueClick.com - either entity appears to be in the business of tracking your activity on the web.

Yes, you have spyware on your computer. But, then every computer on the Internet has some type of spyware on it. :slight_smile:

However, in your case, it’s more than just tracking cookies. I suggest you go and download Microsoft Antispyware at http://www.microsoft.com/athome/security/spyware/software/default.mspx It should clean things up.

Have you made sure to get the most recent updates of your adware removal programs?

Check your " HOSTS " file.

Possibly spyware has made the change. Even though the spyware has been removed, the changes to your HOSTS file have remained.

Open ’ My Computer ’

Go to ’ Tools ’

Choose ’ Folder Options ’

Choose the 'View ’ tab

Check the circle next to ’ Show hidden files and folders ’

Uncheck the square next to ’ Hide protected operating system files ’

Tell the computer that you’re sure of what you’re doing.

Close the ’ Folder options ’ dialogue box.

Search your computer for the file named HOSTS (depending on which windows you’re using it could be in different places)

Go to ’ Properties ’ of the HOSTS file and make sure that it’s no ’ Read-Only. ’

Copy the file.

Paste it into the same folder window.

Rename the copy HOSTS.txt

Open it and see what it says.

Delete the entry w/ ebay in it. It probably looks something like xxx.xxx.xxx.xxx ebay.com where the exes (xxx) represent the ip address of adfarm.mediaplex.something

Then add this entry ’ 127.0.0.1 adfarm.mediaplex.something ’

Go to the ’ File ’ button in the tool bar.

Choose ’ Save As… ’

Save as HOSTS (no extension)

Go to ’ Properties ’ of the new HOSTS file and set it to ’ Read-Only ’

Close your windows and you’re good to go.[/list]

Though you may have other erroneous/malicious entries in your HOSTS file. If you like you may simply overwrite the entire things with this…

Here is the original contents of Windows 2000’s HOSTS file:



# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost


If you email me I will email you a HOSTS file w/ 3000+ entries. It keeps you from being able to connnect to various spyware sites and prevents some ads from displaying.

If you mess with HOSTS, you may have trouble - On both my home and work computers, cookies from mediaplex are blocked. But, at home, mediaplex was being kicked over to 127.0.0.1, effectively disabling Bidnapper.

Try CWShredder. Intermute
Download the stand-alone version and run it.

Also Spybot Search and Destroy