I was looking at the broswer attacks and the author of the article said something about Microsoft. I found out a few days ago that Microsoft has hired a248.e.akamai.net . Now, I have problems with akamai. My main mailbox has been highjacked by 3 spies. They are doubleclick, served by, and a248.e.akamai. Microsoft hired akamai to develope and help keep their files. All I have seen of akamai, this is nothing but a spy network. Could this be the reason that Microsoft has to keep getting securtiy window patches to everyone? Anyone who highjacks a user mailbox can not be good. :verypisse :shootem:

Dude, I want some of the drugs you have been using..

Atleast if there are any drugs that can **** up someones logic like your post clearly shows..

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=256860#post737789) by the_JinX
Dude, I want some of the drugs you have been using..

Atleast if there are any drugs that can **** up someones logic like your post clearly shows..

I think I may be able to help you out. Feel like coming for a visit? LOL.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=256860#post737794) by gore
I think I may be able to help you out. Feel like coming for a visit? LOL.

The courts seem to think that I shouldn't leave the state... ;)

However, I'm still allowed snail mail! :D

....Your Polo sweater wearin' ass got in trouble???? What happened?

akamai is proxy/load balancer (probably better terms but can't think of them right now) for others , if you need to serve HUGE amounts of info ,and don't have the bandwidth akami will help you out, they are not malicious. http://www.akamai.com/en/html/about/overview.html

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=256860#post737797) by gore
....Your Polo sweater wearin' ass got in trouble???? What happened?

Trouble? Me? NEVER!

Good 'ole jury duty. :p

If you know anything about akami, please let me know. Do not say that I have been using drugs or anything like that. I would have given the site's name, but I did not "save" it. All I am doing is passing information on what I have. Akami is on my computer, at earthlink.net. I see it every time I go and check my mail there. This comes up as a248.akami.net. I use to not have it on my computer. Last November it got on my computer. I also have doubleclick and served by. If you think these nets are not spyware, then I got beach property in New Mexico you would be interested in. Please do not reply back to me if you are going to use disparging remarks. Use logic and do not be judgeamental. I am open to suggestions and if you can prove that Akimai.net has not been hired by microsoft and is not adware, please do so in a courteous manner. Thank you.

HAHAHAHA. I'v never had to do that so far. Imagine if I was doing jury duty for a drug offence lolololol.

"Hey man, hook me up and I'll let you walk".

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=256860#post737801) by txsidewinder1
If you know anything about akami, please let me know. Do not say that I have been using drugs or anything like that. I would have given the site's name, but I did not "save" it. All I am doing is passing information on what I have. Akami is on my computer, at earthlink.net. I see it every time I go and check my mail there. This comes up as a248.akami.net. I use to not have it on my computer. Last November it got on my computer. I also have doubleclick and served by. If you think these nets are not spyware, then I got beach property in New Mexico you would be interested in. Please do not reply back to me if you are going to use disparging remarks. Use logic and do not be judgeamental. I am open to suggestions and if you can prove that Akimai.net has not been hired by microsoft and is not adware, please do so in a courteous manner. Thank you.

try reading my last post , and then read akami's site , akami was hired by M$ to hide from a dos a while back.

Akami is on my computer, at earthlink.net. I see it every time I go and check my mail there. This comes up as a248.akami.net.
If you are trying to visit this site, and you get another akami, this might be a browser hijack, or another effect of adware. Doesn't specifically mean the akami is responsible for this either.

http://www.spywareinfo.com/~merijn/downloads.html

this has a program called hijack this... if you click scan, save the log, and post the results here, we can get enough information to help you out with your problem.

But I really don't think I understand the problem.

Lumpy: I thank you for your kind post. Mr. Jinx got me kind of upset and all my remarks were posted to him. I went to the site and emailed akamai. I do not know if it will do any good. I am sorry if you thought the remarks were directed at you. I just saw Jinx's post at the time and I immediately replied. I do hope that there are not too many like him here. I am new to this forum and it looks like a good forum. Thank you again for your post and hope to meet you again.

Soda: I have ran I do not know how many "Highjack This" logs. It is not on there. I just upgraded to XP and these three companies came with me. I started without any transferred programs. I just started all over again. My computer is now better then when I first got it. I have just about every security program on my puter. I do not download unless I know the site is clean and secure-like Wilders, spybot, computer forums, etc.

Speaking of unsafe sites. Have you ever heard of "Fresh Devices?" I was told that this was a safe site and a good place to get some tools. They advertised for a fast downloader, so I bit and downloaded it. Wound up with three parasites and weatherbug. I have heard so much of pro and cons about weatherbug, that my judgement is still out on it. Everyone else I have talked to, except one, about Fresh devices have told me they are a good company. The one that agreed with me had also downloaded the accelerator. It just might be that one program. Thanks again for emailing me.

My rule is don't download "download accelerators", as they are extremely common on computers I fix with adware problems, as is weatherbug. Take my advice, post the log! Just scanning with it won't do anything, you have to use it yourself. But the nature of HJT isn't friendly, it's best to review it with others.

Do us a favor, and be more specific. What security programs do you speak of? Have you used ad aware? You can get that at download.com, as well as spybot s&d.
How are you detecting these programs? You still haven't told us... all I know is that they are just "there".

But it sounds like you did a system restore already, so I guess you pretty much nuked the problem, just like tech support would want.

Weather Bug is infamose as spyware, but you had to agree to let it load. When you downloaded something, in the licencing agreement you agree to it would have been listed as a suplimental program that helps support the original 'free' program you downloaded.
Luckily, you can also easily remove it by using your 'add & remove' programs in your control panel.
If you just upgraded to XP and didn't reformate as part of the process, then you carried all the problems you had on your old os with you. When just upgrading you don't lose data or files.

Fresh Devices (www.freshdevices.com) website and programs are free from spyware and viruses. I just downloaded the programs and checked them out. As for your weatherbug and stuff, I have no idea where you could have picked those up from. They could have been bundles with a different program you had though.

txsidewinder1

Hi, to get back to your original post, I have encountered akamai many times over the past few years. I do not have any details on them, but I have never come to any harm as a result (and I am sure that several members on this forum will vouch for my paranoia :D )

As I see them they provide a sort of "extra resource" as I only come across them when I am downloading updates, trial versions etc.

I have never given them much thought, as I have never had any problems, but I looked on them as something like a store at Christmas.............you call the agency and they supply you with extra staff, so you don't have to employ them all year. Akamai seem to do the same with server space/bandwidth?

Having said that, they are not responsible for what their customers do, and you need to be sure that it is really them and not a spoof?

Like I said I am paranoid :)

Cheers

here is somthing you might be interested in..
its kinda realted to your issue...

http://www.antionline.com/showthread.php?threadid=256181&highlight=stunning

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=256860#post737809) by txsidewinder1
Lumpy: I thank you for your kind post. Mr. Jinx got me kind of upset and all my remarks were posted to him. I went to the site and emailed akamai. I do not know if it will do any good. I am sorry if you thought the remarks were directed at you. I just saw Jinx's post at the time and I immediately replied. I do hope that there are not too many like him here. I am new to this forum and it looks like a good forum. Thank you again for your post and hope to meet you again.

You hope not many here are like him? we need MORE like him. He is very intelligent and knows what he is talking about, and has helped a lot of people here. If you are new here, get a sence of humor. as others said your post could have been a bit more specific. It was kind of hard to tell what exactly you meant....Then again I was tired when I read it.

i take txsidewinder1's side. we are here to have a better understanding of security not make fun of someone to whom you can't understand.... i don't care if Jinx has helps lots of people... i would chose an intermediate who has a good attitude to help me, over an intelegent rude person...

as far as those who diserve to be here. only those who are willing to learn and teach should be here.
if your here to make fun of people for trying to learn, your in the wrong place

If you want niceness over intelligence call Microsoft's tech support. No one even made fun of him, they cracked a joke.

Okay. Thank you for all your replies. One: I am running spybot, adaware 6, pest patrol, win patrol, anti-trojans, Black Ice and some more programs. Two: I was running ME when I first ran my "Highjack This" log. All three of these sites were on my ME. For a while, I had adserverBonzi, z1adsever.com, and one other whose name escapes me right now. I hunted down and got rid of these pests. ALL were on my mailbox. ALL were invited into my mailbox, I believe by doubleclick. About one month ago, I upgraded to XP. When I went to my mailbox, I still had doubleclick, servedby, and akamai. Before I switched to XP, highjack this did not show any of these pests. The same thing with XP. I believe these things are embedded in my hard drive. Every time I run my trojan scan, I see akamai come up, but I am on a 30 day free trial and they will not help me right now. I have not seen the other two. It could well be that akamai was spoofed. When this first started back in November of last year, I only had doubleclick and servedby. The others started appearing later. Since I run a dail up, I always unplug my phone line everytime I am not running the internet. They can send all the commands they want to start my computer and send out adware, but since I unplugh the phone line, they cannot do this. I do not get much email except for spam. I get lots of that. All my friends, except for about two who live in my area, have died. I am a shut in due to the fact I cannot walk and have to use special equipment to get around in. I was in law enforcement for 27 years and a smart ass kid blew my legs apart with a 12 guage shotgun, so I do not have much humor anymore. I also am ate up with agent orange from the Viet Nam War. I also have some brain damage due to the fact that I died and during cpr, my brain suffered some damage before they brought me around. This is the reason why I probably do not put much information down or not enough information. Just please bear with me and ask questions and I will answer. Its is hard for me to keep things straight and sometimes I find myself writing gibberish or wandering from subject to subject. Just please bear with me and maybe I will find an answer to this problem on my computer.

OK txsidewinder1, I am sorry to learn of your situation, I doubt if I could be as positive as you are if it were me. Let's try get rid of this stuff?

I would recommend:

1. Switch off "System Restore"......instructions can be found on any AV site
2. Update all your anti spy/ad stuff then run it all in safe mode (F8 on bootup)
3. Open Winpatrol and check what is in startup, cookies and IE helpers (BHOs)
4. Open SpyBot S&D in advanced mode, go into "tools" and check what is in all those files/folders............the Windows "Hosts" file for example.

Get CWShredder and run it in safe mode......that's a complimentary product to Spybot that deals specifically with some variants of CWS that Spybot can't handle. Merijn is the author.

In spyBot, go to the "Immunization" screen, take the immunize option and install the browser helper to block bad downloads. Check the box to lock BHOs.

If your mail client is set to open messages in the preview pane.....switch it off, a lot of this crap seems to come with spam mail (just fixed a local hotel computer and got rid of 106 of the varmints....they had preview on!).

I guess that is about all I can think of right now......let us know how you get on.

Cheers


EDIT: when you load the SpyBot browser helper, WinPatrol will come up with a warning..........say "OK" we actually want that one. You also might have a BHO for Adobe Acrobat and possibly some others. My advice is that if you don't recognise it, get rid of it, if it is needed you will be prompted to load it again :)

OK, for the people who know me, don't read any farther than this, because it may make you faint with what I'm about to say.

I'm sorry for about what happened to you. I don't exactly get along with police as my best friend has had his ribs cracked by them for NO reason, but this doesn't mean all of you are alike either, which is why I don't go out of my way to get on the nerves of other police officers.

I found two so far that were actually nice people. I considered they were only doing their jobs when they made me and my friends line up ans they checked us all out for no reason, but they were doing a job, because it was the mall security guy who called them on us for standing in a shaded spot in 100 degree weather.

One of them was actually nice and wasn't pushing us into the cars like usual. You don't have to appologize, it was just hard to read at first but as I said before, I was tired when I read it.

I don't think it's right someone gets shot.

And as for war, I'm totally against it.

Do you get medication to help out at all?

I wish you all the best, maybe one day you will wake up feeling better. Do not doubt.

txsidewinder1,
don't take too much personal offense to negative responses anyone says here at AO. You got to remember that although this site is dedicated to security and security related issues, many of us still have to deal with script kiddies and people with malicious intentions that seem to think it's fun to come here and talk shit and start idiotic threads.

I'm sure no harm was intended in the responses you got. Maybe the way your post was worded, it seemed to other people that you might have just been someone screwing around or what have you. (I'm not exactly clairvoyant, so I can't tell you what people thought of your post)

Trust me though, you couldn't find a better place to get most of your techincal/security questions answered.

Nihel: I did all you ask me to do. Nothing. Everything was clean. I still think the main problem is going to be in my hard drive, but the scan I was able to do showed that it was clean.

Now when I upgraded to XP, I carried zilch with me. I personally destroyed every single file I had. My computer was clean as a new baby's behind when I upgraded.

I am also in contact with Akamai. I told them about the whole bit I have been through. I also told them that nothing shows on scans or anti-virus. I also asked them that if they had a representative in my area, which is outside Houston, that they were welcome to come look at my computer and see what is going on. The man who repairs my computer from time to time is also stumped and he builds computers. However, I notice that I seem to know a lot more about security and anti-virus then he does. He just tells me that he has never seen anything like this before.

I have spent at least 12 hours, again, working on this thing. I have run everything again in safe mode, start-up, etc. Even turning off system restore and running everything did not help. Before I upgraded, I even looked inside the registery to see if they were embedded in those files. Nothing, plus the fact that they were still there after I upgraded proves that out.

Besides hard disk, is there anything else that they could be embedded in? The only thing that came with the upgrade was hardware. There was no SOFTWARE! This thing is going to drive me :mad:

Hi txsidewinder1,

This is interesting. In answer to your question of other hiding places, I am not aware of any spyware that would store itself in the BIOS.............that would require flashing, would almost certainly damage some machines and get them sued to hell and back. So I reckon we can rule out BIOS?

Do you have any other storage devices like a USB drive (some people call them "thumb drives")?

Did you save files from your old system onto CD or floppy disk.............bit of a long shot, but that could be how re-installation is happening?

To try something else, can you get the problem to show up (akamai) then minimise the window and run HijackThis. Then save the HijackThis log and post it as an attachment...........or attach it to a PM, but it would be better if we could all look at it.

I agree that it must be on your hard drive, but I am trying to find out how it keeps coming back after all that we have done.................removable media would be the obvious one?

Cheers

nihil: No, no disks, no floppy disks. The only disks used were software from microsoft, or disks that were already scanned and found clean. Since these things are only on earthlink, do you think that maybe earthlink was hacked and myself and some others were infected before earthlink caught it? They were awful defensive when I quiered them about it. They said it was impossible. Then they told me that I was being paranoid and needed to be psychologized for thinking such a thing. This was from their security department. When I asked them if they were doctors, they ignored me. The only thing I can get out of them is that it was my fault for getting these things. This is the last thing I can think about. If they got on my hard drives and I change hard drives and they are still there, I am going to be very angry. I really cannot afford to do that since I only have a very small pension and social security.

Hi txsidewinder1,

You would not need to replace hard drives unless you wanted to do it for other reasons such as more space, faster kit and so on.

The furthest you would have to go is to reformat the drive and reinstall your operating system & software. That is a complete format of the hard drive, and fresh installation ( NOT fdisk, or "repair") This is what I recommend after a machine has been "owned", as you never know what else a perp might have left on your machine, and whilst the code/files will still be there, the links to them will have been destroyed, so they cannot work again. I AM NOT SUGGESTING THAT....YET! (It is a pain in the butt!)

I am wondering now, if it really is on your machine? You will have to be a bit patient with me, as I am in England and things are different here. I have two internet providers one is ADSL Broadband from our major telco, and the other is a 56.6 dial-up from an ISP. I pay for the ADSL but the dial-up is free. If I log on to the ADSL then I get a link and that is all.........all other software (browser, mail etc) is exactly as I loaded it. The dial up, on the other hand, defaults me to their website, with loads of adverts and a custom version of the IE browser.

My question is: are you using a mail service on the eathlink site, or are they "only" providing you with a connection?

Another "free" service that I tested a little while back was even less subtle.........it hijacked the IE6 browser so it now comes up with "Internet Explorer Provided By XYZ" even when I open IE in "offline" mode. Now that IS on my local drive.

You mention your "mailbox", what exactly is that..............are you downloading messages from their server into Outlook/Outlook Express (typical POP3 arrangement), or is the mail file (postbox) on their server, and you are using remote software to manage it?

Basically, I am asking if you can read your mail without being connected to earthlink............if you can, and you can still see this stuff, then I would say that your mail client has been hijacked, just like the IE browser I mentioned.

If you have to go onto their site to read any of your mail, and are not using Outlook/Outlook Express, then I would say that the software and files are entirely on the remote server, and it is advertising that they have put there, or at least something to do with them.

If you are paying for a service, you should NOT be getting adverts in my opinion. Is that why they were defensive?

I am sorry about this, but I am going to have to wait for you to get back to me and bring me up to speed on how things work over in the USA.

At this point, things seem to be looking a lot better................more like your ISP behaving badly than malware on your machine that we cannot destroy?

Cheers

It is a pop server. I have never tried to get my mail off line.

I do not believe that Earthlink would post something like that. I would rather believe that they would have been hacked into then place something like that on your computer. I believe it would be a matter of not admitting anything happened. No provider in the U.S. that I know about would admit to being hacked, yet we know MSN is always brought down. I honestly believe that anyone, I do not care who it is, can the hacked. If these hackers can get into military secrets, they sure can get to a provider. Also, given the chance that Earthlink could be sued would also make them very defensive on letting persons know they have been hacked. What they do not realize is that by disallowing the truth, if the truth comes out, then they will be sued.

Earthlink is my provider. I pay them a certain amount of money each month. I have 3 other mailboxes. None of the spies are on these mailboxes. This is another reason I believe that Earthlink may have been hacked. If they are embedded on my computer, how come they are not anywhere else? Now I know that other spies were invited to my computer because I use to see them. a1.adserver.com is a spy network that sends spam. When I am through with my computer, I disconnect from the internet and pull my phone plug. I live in an area of Texas where thunderstorms can pop up very fast and all that lightning we have could fry my modem. They can send all the commands they want, nothing will happen. After two or three months, a1.adserver.com disappeared from my computer. I never did find it. This was before I upgraded. I also had securebonzi.com and adserverbonzi.com that were also there. I found those two and got rid of them. They are both the same company, but do different things. If any of this helps you, let me know ASAP. I will probably be up til about 3 a.m. my time. It is 8:15 p.m. my time right now.

Well, I found out what a248.e.akamai.net does. Go to Spyblockerantispyware software forums. This is Microsoft's new updater. You have to have it to update your software. Still does not explain why it is on my mailbox, but it tracks what is being sent to you and what you send out. I guess this is given to Microsoft to use as they please. I am to disgusted to talk about it anymore. Just go to the forum and read about it. They also slow down your computer.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=256860#post737801) by txsidewinder1
If you know anything about akami, please let me know. Do not say that I have been using drugs or anything like that. I would have given the site's name, but I did not "save" it. All I am doing is passing information on what I have. Akami is on my computer, at earthlink.net. I see it every time I go and check my mail there. This comes up as a248.akami.net. I use to not have it on my computer. Last November it got on my computer. I also have doubleclick and served by. If you think these nets are not spyware, then I got beach property in New Mexico you would be interested in. Please do not reply back to me if you are going to use disparging remarks. Use logic and do not be judgeamental. I am open to suggestions and if you can prove that Akimai.net has not been hired by microsoft and is not adware, please do so in a courteous manner. Thank you.

ok i think i can help, though i don't know akami, but you can just block the site from access. go to control panel, internet options, privacy, the at the bottom you'll see web sites, hit the edit button, it will take you to a window and you can put the website in and press block access. hope this helps

Thanks for the info. I just wish I could do that and block the site. However, if I do that, then I cannot get any updates for Windows and I believe that windows may not even work if you block this site. Microsoft did it to us again. *#>%>^$ Microsoft. :drink: :killcompu

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=256860#post739315) by txsidewinder1
Thanks for the info. I just wish I could do that and block the site. However, if I do that, then I cannot get any updates for Windows and I believe that windows may not even work if you block this site. Microsoft did it to us again. *#>%>^$ Microsoft. :drink: :killcompu

well actually maybe you can change the cookie setting on the computer to be prompted about cookies coming off the site. you can block/not block as you need to. whay is akami so wrapped up with your windows program? was it always on your computer? no it came in november...um interesting as that's when i started having alot of hacker problems myself, but am now just aware of them. i don' know your computer or anything, but with mine i can take it back to a previous time, or restore it to its original specs. now if you use your computer for work this would require alot of file back up, but it may be a way to get rid of the program...i had to do it about 3 times to get rid of things that i could not delete out of my system. if windows worked before, why wouldn't it work after? did it give you a new version or something? try blocking it - you can always just unblock it if it doesn't work, mess with cookie settings. i have really tight security right now, and am blocking everything and get cookie flags alot, but since i have had so many problems and was so infected, until i learn more, i'll live with it for awhile: couldn't you manually put updated in from windows/microsoft sites?
i'm newbe and just learning, so don't be mad/or offended....hands txsidewinder1 virtual drink...

There's a thought echo~

I hadn't really considered cookies.

http://www.winpatrol.com

Use the cookie manager ("nuts") and put "akam" or whatever in the box and add it to blocked items.

You go to a site and it sends a cookie, the cookie is acknowledged then destroyed, but your contact with the site continues and the cookie cannot spy on you.

It works on partial names, which saves you typing in loads of similar sites.

Cheers

hey thanks nihil, since i'm so new i'm glad i could contribute something. if anyone (newbee's esp) needs help with 'system restore', i'm an expert now :confused: