computer ad virus'---
Get rid of ads and prying: Spyware and virus warning: Radlight, Comet Cursor, Gator, Alexa, KaZaA, Aureate, Flashpoint - Flashtrack, Limewire, Grokster, Cydoor, Doubleclick, DSSAgent, EverAd, EzUla, Expedioware, Flyswat, Hotbar, OnFlow, Timesink, Web3000, Webhancer, Transponder, X10, Blackstone - Get rid of scumware and spyware!
(This text may be distributed freely if you link back to maxmagnusnorman.com)
The following might sound as a fantastic tale, a modern myth, but it is absolutely true; one of many parts in a frightening development.
Imagine that you one day discover that wherever you go a man follows you and takes notes about everything you do. Initially you do not bother; just another freak with too much time to spend. But then you enter a book shop, see a comic book with "The Smurfs" and begin to eye through it. Right away the man dials someone on his mobile phone. After a while he approaches you and starts to hold up ads for blueberry jam in your face every twentieth second. When you later enter the supermarket you notice that the man runs ahead of you and replaces the labels on all blueberry jam jars that are not of the same brand that he advertises on his placards. What on earth is going on?
Well, when the man saw that you were interested in "The Smurfs" he instantly dialed the advertising agency he works for and told them that. On the agency sharp minds are set to work:
-What can someone interested in "The Smurfs" be likely to be interested in from our clients?
-Have you considered the fact that "The Smurfs" are blue?
-Hmm... Yes! Then this person just have to be found of blueberry jam also! Lets flood this one with as many ads for "The Crocodile's Blueberry Jam" as possible!
Of course is this not happening out on the streets, not just yet, but the man with the notepad can be found in many versions in a lot of computers, often without their owner's knowledge. Small programs which are very interested in what you are doing and would be very happy to interfere with that.
Have you noticed that the flow of popup- and pop-under-windows with ads has increased lately?
That surfing the Internet is slower than ever?
That pages with apparently no ads on them throw up annoying popup-ads right in your face and that it seems to be almost impossible to get rid of these?
Then it is most likely that your computer has been invaded by a spyware or scumware virus!
And it is certain that your computer is infected if you see ads on this page.
Also, if you see that certain words on a page always are links then you have a scumware-virus. Scumware are programs hidden in your computer which automatically turns certain keywords on Internet pages into links to their advertisors. Some scumware even replace paid ads on webpages with their ads.
Scumware and spyware are exactly what they sound like. They are programs which hide in your computer and spy on you. Some log all you do - passwords and secret diaries may not be that secret anymore - and then send information to shady advertising agencies which then send you these annoying popup ads.
Why they spy on you is a mystery since most of the ads are probably about things of no interest to you; foreign casinos, pornography pay sites (which only idiots lend their VISAs to), the X10 camera and many more are the most common things you will come across whatever your interests.
The X10 ads are not necessarily launched from spyware, but annoying they are.
Click here to get rid of the X10 ads.
If you do not only wish to lose X10 but get rid of almost all Internet ads then click here to learn about a rather simple solution; how to edit the HOST-file in your computer in order to block unnecessary servers like Doubleclick etc.
Common spyware; programs, makers and distributors are:
Aadcom -Ad trojan very similar to the Blackstone Data Transponder. In other words; attaches to IE-explorer, spies on everything; what you write in forms, search for, your computer configuration etc.
Adware -Note: Not Ad Aware!
Alexa, zBubbles -Check your "Tools"-menu in Internet Explorer, if you find an option that says "Show related links" or similar then Alexa is watching you. Alexa and zBubbles log searchstrings and addresses for pages you visit. Alexa comes with Internet Explorer if you do not explicitly deselecet it.
Blackstone Data Company -The programmers behind the very bad spyware trojan named Transponder. Transponder has been remade into several other viruses such as VX2, Sputnix, RespondMiter etc. If your computer has been infected with Transponder via an ActiveX or such you do not only suffer from tons of pop-up ads but you can also be sure that everything you do or write on the net is sent to these guys. The Transponder virus used to registry itself with the key 00000000-5eb9-11d5-9d45-009027c14662 in the registry, the iehelper.dll file found in the Windows/System folder is crucial for its function.
Bonzi -Don't fall for cuteness. Besides BonziBUDDY this company markets InternetALERT, Internet ALERT '99 and Intruder ALERT '99. These programs are described in the same terms as a firewall but they do not work as a firewall, they do not protect you from anything, quite the opposite, they are classified as "Evil Port Monitors" which open ports making your computer totally open for intrusion, instead of securing your computer's ports as a real firewall would do. The Bonzi programs are also infamous for being very hard to uninstall for computer novices.
Comet Cursor -One of the most common causers of pop-up ads.
Cydoor -Cydoor is quite possibly the creators behind the infamous "Clicktilluwin"-trojan virus which was bundled with LimeWire and other "freeware".
Doubleclick -Traces you mainly with cookies, check the Windows/Cookies-folder.
Download Accelerator (DAP) -does not use popups though.
EverAd -No longer in business.
Expedioware -No longer in business.
Flashpoint / FlashTrack
Gator -The first versions of Gator had as its official function the capability to remember its users passwords and such things. (Would you also give your cash card code to the guy selling hot-dogs beside the cash dispenser machine in order to help you remember the numbers?) Gator is a real abomination since A; the program covers other advertiser's ads with Gator's ads on web sites and B; some of its ads can be interpreted as being child pornography. One version of the program uses a security leak in ActiveX to install itself from webpages without your knowledge, a behaviour suspiciously similar to the BadTrans virus.
The free URL redirection service CJB.NET is one of the largest spreaders of this version of Gator. If you use CJB.NET's services then make sure that you turn this option off if possible.
GoHip (Windows Startup) -Messes up Internet Explorer, changes your startuppage and AutoSignature. Attaches spam which you have no control over to all E-mail messages you send. Use Pegasus Mail instead of Outlook and you can stop worrying about E-mail viruses.
KaZaA and TopText, Sharman Networks -Alters things you see on the Internet, adds yellow links to the text on other people's homepages.
Magic Lantern -A codename for FBI's surveillance program, exists in several versions, amongst others a trojan which is sent to the suspect via E-mail. It's a keylogger which is used to get access to passwords and such. An other kind of police spyware are portable computers which are installed at the suspects ISP (internet service provider). The FBI-version is named Carnivore. These boxes search for certain keywords in data sent via the net, but this doesn't work if the data is encrypted. The advantage is that this kind of spying is very hard to detect.
Netscape 6 -It is not absolutely certain that this browser can be classified as spyware. But its behaviour is very suspect since the program acts as a server and when started tries to send information from your computer to someone on the net. Many of the programs which comes with NS6 are though certainly spyware. This is tragic since Netscape earlier had the position as "The Good Guys" in relation to more commercial interests.
OpenMe.exe -Ad virus which is spread via E-mail and then flows the targeted computer with pornographic pop-ups. Use Windows search function and delete the "openme.exe"-file, then clean up windows startup-settings.
Radlight -This program -a media player- is really an abomination. It's not only a spyware but a so called malware, a program which destroys other programs on your computer. Radlight has a built in function which destroys the anti-spyware program Ad-Aware, both the free and the pay version of Radlight display this behaviour. Igor Janos is the "star" behind this.
Timesink / Conducent -No longer in business.
Web3000 -Messes up important system files and covers other's ads. Like Gator another spreader of abusive pornography.
Wnad -Spyware trojan which usually comes with the Yo Mama, Osama!-game. Displays pop-up ads.
...and many more.
If you have any of these or similar suspected programs on your computer you should get rid of them right away! (But if it's stuff like Magic Lantern which is troubling you then it might not be spyware you should get rid of in the first hand but maybe your present way of life.)
A problem is that most common anti-virus programs do not detect this kind of viruses since users most times are fooled into installing them willingly, often by clicking some button on a popup-webpage which will not close otherwise.
One way to detect and remove these viruses is to download the free Ad-Aware program (this is no scumware-link), which helps quite well - sometimes you have to run it a couple of times in order to get rid of some virus-components.
Another recommended program is BHO-Cop, which helps tracking so called "browser helper objects". BHOs are add-ons to Internet Explorer, in theory the idea is quite useful but mostly BHOs are used for nothing else than spyware. This is because if a spyware uses a BHO it can leak information about you via your browser, therefore avoiding getting halted by your computer's firewall (I really hope you are using a firewall!).
To permanently disable some BHOs you can (at your own risk) remove the IEhelper.dll file found in the Windows/system-folder from time to time.
In order to prevent some web-based programs from installing by themselves without you knowing about it you should - in Internet Explorer - select "Tools" and then click on "Security". In the security settings for the Internet you select "Install on demand" regarding all ActiveX- and "Installation of desktop items"-related matters. If you later on get tired on the prompts to install these programs then either just disable all ActiveX and desktop items or choose to install only secure ActiveX items (which however is no guarantee that these programs are indeed secure).
Here are some programs which will help secure your PC:
You can also use Windows search function in order to search for and remove files on your computer related to the list of programs mentioned above. If doing so you will however find another very irritating behaviour regarding this kind of software; that they are self-healing. If you do not remove the core of the application in question the spyware will replace the files you have removed! This is due to that the makers of scum- and spyware know that people after realising the truth about them will do their best to remove these programs and therefore this self-generating viral code is added to their programs to keep them running on your PC.
Another trick is to give the virus- and spyware-programs names similar to important Windows-files such as "Explorer.exe" and "Kernel32.exe". Take for instance the program dlder.exe which was bundled with amongst others LimeWire, KaZaA and Grokster. DlDer is hidden in the Windows-folder where it downloads a program called explorer.exe, a spyware with the same name as Windows-explorer, the fake explorer is placed in the hidden folder Windows/Explorer/. If there is a hidden folder with the name Explorer in your Windows directory, then it is probably a spyware trying to camouflage itself. If you attempt to remove dlder.exe and the fake explorer on your own, then be sure not to remove the real Explorer.exe which resides in the root of the Windows-folder.
It is not often one comes across such an amount of obvious lies and wrigglishness as in the case of spyware. On the spywaremaker's homepages you can read denials under oaths that their programs do not behave in the mentioned manner. A manner which is though obvious to anyone with a firewall installed, which clearly shows how these programs make their best to submit information to their "mother servers". Promises and assurances from these people are obviously worth nothing. It almost seems like making spyware is like a drug to some programmers, it is a lot of risks involved, it opens up for a even bigger lot of unnecessary conflicts and it can not be that lucrative. The result of the prying can neighter be particulary useful considering how arbitrary and wind-driven most people's surfing habits are and most people do not consider pop-up ads as good PR for companies, ad-campaigns like these rather make people loathe them.
So, what more can one do?
If you should encounter child pornography you should report it to www.rb.se (Swedish Save The Children). They will check if the case can be taken to court and you can be anonymous as informator.
Are there any other legal actions to take against people snooping around, messing up our expensive computers and wasting our precious time? In some countries there are, yes, and if industrial espionage is suspected, yes, but since this is a global problem and there are no global laws there is not much to do except to look out for and remove these programs and never ever do any business what so ever with the kind of people who do this stuff.
Webmasters could send invoices to these companies (if they would find them), claiming them payment for ad-space. $1000 dollars a month an up is a recommended fee.
This text may be distributed freely if you link back to maxmagnusnorman.com