XoloX connects to other clients on the Gnutella network, which has over 70 different clients.
People run those spam servers that grab search results that seem to not respond to anything popular and send you back what you search for as a ! file with crap in it.
Yes the next version should have methods to help deter this... at least it better.

These porn bombs are definitely computer generated. Someone has written a program to take just about any gnutella search and create a porn bomb from it. Fortunately, they always seem to point to the same site. I have just added these sites to PC-cillin's web trap filter. It is also pretty easy to recognize the files as they always match you search exactly and there are always three files that are always the same three different sizes. However, it ****** me off that this crap is clogging up the gnutella network. Do these losers really think we will visit their crap sites after they highjack our browsers?

Ok after some further research, I find that none of the 4 IPs listed above in this post are officially registered. However, tracert reveals that 66.250.52.45 is apprently hosted by cogentco.com, 194.237.72.231 is hosted by telia.net and 194.213.194.37 by concert.net. A quick look at my history file shows that opening the bomb redirects you to several sites: adult-erotic-guide.com (64.159.91.200) is apprently hosted by level3.net, jambalala.com by cogentco.com and venusseek.com by level3.net again. Now the bad news. I've noticed two pop up windows that open after opening the xolox main page: usapromotravel.com and rated-**************s.com. The second one sounded an awful lot like adult-erotic-guide.com in it's naming convention. Sure enough, both of these sites are also hosted by level3.net. So now my question is, is someone highjacking Xolox's searches with or without Xolox's active participation? A tracert to www.xolox.nl has confirmed my suspicion as the last hop before getting to xolox.nl (213.133.42.240) is at level3.net. So, I wouldn't expect any resolution to these porn bombs any time soon. I still think Xolox is the best gnuella client, but I am greatly sadened this tur of events. I guess I'll just keep adding these sites to my webtrap.

There's also the ~28k file that pretends to be a .mov or .mpg but as soon as it runs takes you to a web page.

The use of level3.net caould be a form of tracking where you are going online. You might want to check for some sort of program that is interfaced with your internet browser or other internet acces software.

A more likely possability...

I went to level3.net. Level 3 Communications is a company runs a large high bandwidth communications network. It could be as simple as that Xolox happens to be hosted through the same system as those other sites. (possably indirectly through a web hoasting company thet uses level 3)

I'm willing to accept the possibility that this is just a coincidence, but it seems less and less likely to me.

The faxt that these bombs show up with other clients means that whoever is doing this is infecting the entire Gnutella network. If it does turn out to be somehow tied to Xolox, I think there will be a huge backlash.

I have a feeling that it is not directly related to Xolox. I think that it ia a buch of high bandwidth servers spaming every computer on the Gnutella network they can.

Or you guys could stop d/ling porn and being infected... or is that not how it works?

k your off the hook I guess...lol