I know how it happened. Trying desperately (in vain) to make an online purchase of a particular song for a local fundraising project, I resorted to installing LimeWire and trusted it to work. In the process, I clicked on song titles that I knew looked risky, and now I have a virus.
I am using Windows IE 7 on XP.
I have Norton Internet Security, and recently downloaded/ran Spybot and Ad-Aware 2007. Each has found problems but the situation has yet to be resolved.
What happens? When I open IE, another IE window opens. I see it starting to work in the task pane. The first one that ever came up was www.hornymatches.com. The most common one I see is www.rebateprocessortools.com/?ref=&cid=CD25092. However there are many more. I have added them to my Restricted Sites listing, but the sites still come up even after I restrict them. I noticed today that there are a LOT of sites on that restricted list that I didn't put there. They all start with an asterik and a comma *, Examples include *.1987324.com, *,1-extreme.biz, *1,1sexparty.com
I did NOT list these on my Restricted Sites. These new pages also open occasionally when navigating the web by using the Back/Forward buttons, or when clicking a link on a page I'm using.
Another thing that happens randomly is a small white box w/black letters slowly peeks from above the systray in the lower right corner. It reads "Ad served by ContextProgram". I have searched that phrase and come up with nothing in English.
I would appreciate any assistance on this topic. Can you believe I teach technology to people and warn them about downloading suspicious things, just like I did?? I am so disappointed in myself