Lately I’ve noticed scumware links inserted into various webpages, although not every page I view (probably 30 - 40% are effected by this). Most of the links in question are green with a double underline, the rest are orange with a single underline.
I’m running up to date versions of Ad-aware and SpyBot S&D, but they both report that my system is clean.
What can I do to identify this scumware when the above programs can’t find it. Are there any available clues beyond the link’s look and color that might help me to ID it?
A file search for VX2.dll and came up empty handed. The link you posted does not seem to work. I also can’t seem to come up with much on Google for variations of “green underlined scumware link”.
I’m not sure what scumware is, so if I’m off base here, just ignore…
I recently got bit by something called ‘luckysearch’, which infected my IE 5.0, slowing it down to a crawl and resetting my home page every time on start-up. It seems to enter IE through a flaw in the MS Java engine, then changing registry settings and the like :(. Very nasty.
When googling on ‘luckysearch’ I did find a site that described the problem and listed signs similar to those you listed: http://www.spywareinfo.com/~merijn/cwschronicles.html. The site also had a download program that did seem to cure the problem. I don’t know these guys from Adam so I don’t know whether the program is safe, but it worked for me.
From what I understood at that page, it is a specific IE problem for which there is a patch. Unfortunately it didn’t work for my machine (Win '95). So now I use Opera.