I am at work and during my break I want to check out a local restaurant called the Brass Elephant. So, I input brass elephant into google and search for their url, its the first site on the list, so I click it and my browser is forwarded to amaena.com/winantivirus thats full of popups that are telling me that me computer is full os spyware and I need to download their software and run a scan, which I don't do. I know this machine I am using is clean, so I try antoher clean machine using both google and yahoo and the same thing happens. My laptop which runs ubuntu linux is with me so I fire it up and open up firefox and type brass elephant into google and the same thing happens, but I noticed on the status bar before I was forwarded to amaena.com the browser was searching for gscript.com, which is some sort os internet Ad company. I thought that it is highly unlikely that my Linux install would have some how gotten infected. As a clincher I used remote desktop into my home PC to test this out and sure enough via msn search the same forwarding action happened. This is crazy, I tried several other search combinations and I was unable to get my browser to be forwarded again. What is up here? Is the Ad agency and amaena.com/winantivirus somehow using some new form to infect someones computer? Where and why does the search string "brass elephant" envoke the highjack? When I thought I have seen it all. Has anyone ever seen this before?
John
John