Did I pick up spyware by visiting a Web site?
Hey Dave, I was looking at information on the Mirc website and I happened to come across a link called ircnick.com. Since the link came from an official website, I clicked on the link only to be redirected to a site called eta.us. Ever since hearing about phishing and malicious websites (e.g. Googkle) I was concerned as to whether or not the site I was redirected to was insidious in any kind of way (whether or not I had spyware, adware, trojans, etc.). I scanned my computer using various virus and adware scanners (everything was clean). Still feeling uneasy, I need advice, therefore I'm asking you.
I can understand your concern, but fortunately there are some tools available that make tracking down this sequence pretty straightforward. I'm going to use a Unix command-line based tool called lynx to step through the sequence of what was sent from the site. I'm actually doing this on the Mac OS X command line by using the Terminal application that's included with the operating system (it's in Applications --> Utilities).
The first step is to recognize that when you visit a Web page you get two things sent back to you, a HEAD and an actually web page. The header is the http protocol handshake, and you can view it with lynx by using the following command:
$ lynx -head -dump http://www.ircnick.com/ HTTP/1.1 200 OK Connection: close Date: Wed, 25 May 2005 15:24:37 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 1.1.4322 Set-Cookie: ASP.NET_SessionId=32sgufnkkyppad2nkpcqnd45; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 644
Nothing untoward here, no suspicious redirects, but do note that there's a Cookie set and that it's obviously from a Windows server (which is confirmed by the fact that it's running Microsoft's IIS server).
Next step is to see the HTML itself, which can be done from lynx too:
You can see the link to the ETA site, so let's now traverse that with the same set of commands...
$ lynx -head -dump http://www1.eta.us/default.aspx?a=ircnick.com HTTP/1.1 200 OK Connection: close Date: Wed, 25 May 2005 15:34:44 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 1.1.4322 p3p: CP="CAO PSA OUR" Set-Cookie: ASP.NET_SessionId=ghuy3yqeu4roesak3bveykyc; path=/ Set-Cookie: tengnikrap=domain=ircnick.com:ref=:refst=; path=/ Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Content-Length: 11471
$ lynx -source http://www1.eta.us/default.aspx?a=ircnick.com | \ grep -iE '(java|form|action| on|object)' <form id="parking_form" method="post" action="Default.aspx"> </form>
Looks like you're clear this time, but you might well want to check out my recent article on Safe Web Surfing and also seriously consider using a Web browser other than Internet Explorer for better security.
Oh, and if you are surfing the web - which you're obviously doing since you're here on my site! -- then you must have both a solid antivirus solution and anti-spyware solution. I recommend AVG Antivirus for the former and Spy Sweeper for the latter.
More Useful Computer and Internet Basics Articles:
✔ How do I blur my house on Google Maps Street View?
I was poking around on Google Maps looking at satellite views of my neighborhood and when I switched to street view, was upset...✔ Create a custom vanity URL for Kickstarter?
I was reading some updates on Twitter and saw someone had posted a URL that would let me see what projects they'd backed...✔ Export or Save Subscription List from Google Reader?
Just heard that Google Reader is going away this summer. That stinks! How am I supposed to read my RSS feeds? More importantly,...✔ Shrink or Reduce a Photo File Size on Mac?
I'm trying to upload some photos to a social media site and it's complaining that they're too big. They are, as they come...✔ Can I organize my Yahoo Mail with folders?
I've been on Yahoo Mail for years and while most of my friends are now on Gmail or their own Web-based email programs,...
Let's stay in touch!
Sign up for my weekly AskDaveTaylor Newsletter and you'll receive even more tech and gadget help right to your inbox, along with exclusive news and industry updates. It's good stuff. I promise!
I do have a comment, now that you mention it!
Check This Out Too...
Look for Answers
All Our Categories
Apple iPad Help
Articles and Reviews
Auctions and Online Shopping
Blogs and Blogging
Building Web Site Traffic
Business and Management
Computer and Internet Basics
d) None of the Above
Google Gmail Help
Google Plus Help
Industry News and Trade Shows
iPhone and Cell Phone Help
iPod, Sony PSP and MP3 Player Help
Kindle Fire Help
Mac OS X Help
Pay Per Click (PPC) Advertising
Search Engine Optimization (SEO)
Shell Script Programming
Tech Support Video Help
The Writing Business
Twitter, LinkedIn and Social Network Help
Unix and Linux Help
Video Game Tips and Help
Windows PC Help
Find Me on Google+
ADT on G+