Sign in with
Sign up | Sign in
Your question

ATTACHED BY ADS

Last response: in Windows XP
Share
Anonymous
December 24, 2004 2:57:03 AM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

xp pro sp2 ie6--spent last several nights trying to get rid of
(winserver,optimizer,wsem dll and others. these ads installed themselves
through ie into ie browser add on, control panel and registry. how do i stop
this? how do i know if i got rid of all of them?
--
corn

More about : attached ads

Anonymous
December 24, 2004 8:45:06 AM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

cornfused wrote:
> also,while attempting to remove ads i can no longer click on ie and
> get on the internet. i have to go to connect to then my isp. like i
> lost a link between ie and my isp how do i recover?


Clean up first, worry about fixing the dial-up settings link later..

You can make your dial-up access automatically dial when you attempt to
access the Internet..

To have your computer automatically dial the modem whenever an application
(Internet Explorer, Outlook Express, etc.) needs a network connection, go to
the Internet Options control panel. (Start menu->Control Panel. Switch to
Classic view, double-click Internet Options).
Once you have the Internet Options control panel open, click the Connections
tab. Choose Dial whenever a network connection is not present. Select one of
your Dial-up sessions and click the Set Default button. Your computer will
now dial the modem automatically when you try to use an application that
requires it.

--
<- Shenan ->
--
The information is provided "as is", it is suggested you research for
yourself before you take any advice - you are the one ultimately
responsible for your actions/problems/solutions. Know what you are
getting into before you jump in with both feet.
Anonymous
December 24, 2004 11:36:44 AM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

Hi

Please try these programs to check for any spyware that may be on your
system:

Ad-Aware - www.lavasoftusa.com
Spybot - http://www.safer-networking.org/
CWShredder - http://forum.aumha.org/downloads/cwshredder.zip
Spy Sweeper - www.webroot.com

Try SpyWareBlaster to stop intrusions:

http://www.javacoolsoftware.com/spywareblaster.html

Also see the following links:

http://aumha.org/a/parasite.htm
http://mvps.org/winhelp2002/unwanted.htm
http://www.microsoft.com/security/articles/spyware.asp

--


Will Denny
MS-MVP Windows Shell/User
Please reply to the News Groups


"cornfused" <cornfused@fused.net> wrote in message
news:9F61751E-5EAD-4220-ACC9-86393486C37A@microsoft.com...
> xp pro sp2 ie6--spent last several nights trying to get rid of
> (winserver,optimizer,wsem dll and others. these ads installed themselves
> through ie into ie browser add on, control panel and registry. how do i
> stop
> this? how do i know if i got rid of all of them?
> --
> corn
Related resources
Anonymous
December 24, 2004 1:03:13 PM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

cornfused wrote:
> xp pro sp2 ie6--spent last several nights trying to get rid of
> (winserver,optimizer,wsem dll and others. these ads installed themselves
> through ie into ie browser add on, control panel and registry. how do i stop
> this? how do i know if i got rid of all of them?


To deal with issues caused by any sort of "adware" and/or
"spyware,"such as Gator, Comet Cursors, Smiley Central, Xupiter,
Bonzai Buddy, or KaZaA, and their remnants, that you've deliberately
(but without understanding the consequences) installed, two products
that are quite effective (at finding and removing this type of
scumware) are Ad-Aware from www.lavasoft.de and SpyBot Search &
Destroy from www.safer-networking.org/. Both have free versions.
It's even possible to use SpyBot Search & Destroy to "immunize" your
system against most future intrusions. I use both and generally
perform manual scans every week or so to clean out cookies, etc.

Additionally, manual removal instructions for the most common
varieties of scumware are available here:

PC Hell Spyware and Adware Removal Help
http://www.pchell.com/support/spyware.shtml


Neither adware nor spyware, collectively known as scumware,
magically install themselves on anyone's computer. They are almost
always deliberately installed by the computer's user, as part of some
allegedly "free" service or product.

While there are some unscrupulous malware distributors out there,
who do attempt to install and exploit malware without consent, the
majority of them simply rely upon the intellectual laziness and
gullibility of the average consumer, counting on them to quickly click
past the EULA in his/her haste to get the latest in "free" cutesy
cursors, screensavers, "utilities," and/or wallpapers.

If you were to read the EULAs that accompany, and to which the
computer user must agree before the download/installation of the
"screensaver" continues, most adware and spyware, you'll find that
they _do_ have the consumer's permission to do exactly what they're
doing. In the overwhelming majority of cases, computer users have no
one to blame but themselves.

There are several essential components to computer security: a
knowledgeable and pro-active user, a properly configured firewall,
reliable and up-to-date antivirus software, and the prompt repair (via
patches, hotfixes, or service packs) of any known vulnerabilities.

The weakest link in this "equation" is, of course, the computer
user. No software manufacturer can -- nor should they be expected
to -- protect the computer user from him/herself. All too many people
have bought into the various PC/software manufacturers marketing
claims of easy computing. They believe that their computer should be
no harder to use than a toaster oven; they have neither the
inclination or desire to learn how to safely use their computer. All
too few people keep their antivirus software current, install patches
in a timely manner, or stop to really think about that cutesy link
they're about to click.

Firewalls and anti-virus applications, which should always be used
and should always be running, are important components of "safe hex,"
but they cannot, and should not be expected to, protect the computer
user from him/herself. Ultimately, it is incumbent upon each and
every computer user to learn how to secure his/her own computer.


To learn more about practicing "safe hex," start with these links:

Protect Your PC
http://www.microsoft.com/security/protect/default.asp

Home Computer Security
http://www.cert.org/homeusers/HomeComputerSecurity/

List of Antivirus Software Vendors
http://support.microsoft.com/default.aspx?scid=kb;en-us;49500

Home PC Firewall Guide
http://www.firewallguide.com/

Scumware.com
http://www.scumware.com/


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
Anonymous
December 24, 2004 1:03:14 PM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

i have sp2, firewall on,popup blocker on, security custom ( on win me would
have been considered high), searching for camcorder info and i get a popup at
whatever site i clicked on--no bigggee--i right clicked to close the popup
and thats when all this junk got installed. its from some group in neveda it
takes over ie installs a plugin on the browser installs several programs
listed in control panel ,installs many files, installs entries in the
registry. i finally had to reboot in safe mode and search and delete what i
could find. i have since and am in process of trying to use advise givin
here. as to my updates the belarc site mentioned gave me all green checks, i
also delete temporary ie files every day or two and clean my hard disk at
least once a week, i did not have my user account password protected. by the
way iam not cleared up yet, but thanks for the help.

"Bruce Chambers" wrote:

> cornfused wrote:
> > xp pro sp2 ie6--spent last several nights trying to get rid of
> > (winserver,optimizer,wsem dll and others. these ads installed themselves
> > through ie into ie browser add on, control panel and registry. how do i stop
> > this? how do i know if i got rid of all of them?
>
>
> To deal with issues caused by any sort of "adware" and/or
> "spyware,"such as Gator, Comet Cursors, Smiley Central, Xupiter,
> Bonzai Buddy, or KaZaA, and their remnants, that you've deliberately
> (but without understanding the consequences) installed, two products
> that are quite effective (at finding and removing this type of
> scumware) are Ad-Aware from www.lavasoft.de and SpyBot Search &
> Destroy from www.safer-networking.org/. Both have free versions.
> It's even possible to use SpyBot Search & Destroy to "immunize" your
> system against most future intrusions. I use both and generally
> perform manual scans every week or so to clean out cookies, etc.
>
> Additionally, manual removal instructions for the most common
> varieties of scumware are available here:
>
> PC Hell Spyware and Adware Removal Help
> http://www.pchell.com/support/spyware.shtml
>
>
> Neither adware nor spyware, collectively known as scumware,
> magically install themselves on anyone's computer. They are almost
> always deliberately installed by the computer's user, as part of some
> allegedly "free" service or product.
>
> While there are some unscrupulous malware distributors out there,
> who do attempt to install and exploit malware without consent, the
> majority of them simply rely upon the intellectual laziness and
> gullibility of the average consumer, counting on them to quickly click
> past the EULA in his/her haste to get the latest in "free" cutesy
> cursors, screensavers, "utilities," and/or wallpapers.
>
> If you were to read the EULAs that accompany, and to which the
> computer user must agree before the download/installation of the
> "screensaver" continues, most adware and spyware, you'll find that
> they _do_ have the consumer's permission to do exactly what they're
> doing. In the overwhelming majority of cases, computer users have no
> one to blame but themselves.
>
> There are several essential components to computer security: a
> knowledgeable and pro-active user, a properly configured firewall,
> reliable and up-to-date antivirus software, and the prompt repair (via
> patches, hotfixes, or service packs) of any known vulnerabilities.
>
> The weakest link in this "equation" is, of course, the computer
> user. No software manufacturer can -- nor should they be expected
> to -- protect the computer user from him/herself. All too many people
> have bought into the various PC/software manufacturers marketing
> claims of easy computing. They believe that their computer should be
> no harder to use than a toaster oven; they have neither the
> inclination or desire to learn how to safely use their computer. All
> too few people keep their antivirus software current, install patches
> in a timely manner, or stop to really think about that cutesy link
> they're about to click.
>
> Firewalls and anti-virus applications, which should always be used
> and should always be running, are important components of "safe hex,"
> but they cannot, and should not be expected to, protect the computer
> user from him/herself. Ultimately, it is incumbent upon each and
> every computer user to learn how to secure his/her own computer.
>
>
> To learn more about practicing "safe hex," start with these links:
>
> Protect Your PC
> http://www.microsoft.com/security/protect/default.asp
>
> Home Computer Security
> http://www.cert.org/homeusers/HomeComputerSecurity/
>
> List of Antivirus Software Vendors
> http://support.microsoft.com/default.aspx?scid=kb;en-us;49500
>
> Home PC Firewall Guide
> http://www.firewallguide.com/
>
> Scumware.com
> http://www.scumware.com/
>
>
> --
>
> Bruce Chambers
>
> Help us help you:
> http://dts-l.org/goodpost.htm
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> You can have peace. Or you can have freedom. Don't ever count on having
> both at once. - RAH
>
Anonymous
December 24, 2004 1:35:01 PM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

well, thanks to you people i got rid whatever. i can connect using ie again,
thanks

"cornfused" wrote:

> xp pro sp2 ie6--spent last several nights trying to get rid of
> (winserver,optimizer,wsem dll and others. these ads installed themselves
> through ie into ie browser add on, control panel and registry. how do i stop
> this? how do i know if i got rid of all of them?
> --
> corn
Anonymous
December 25, 2004 5:11:10 AM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

To help mitigate against further infestations of parasitic malware,
download and install Spyware Blaster :
http://www.javacoolsoftware.com/spywareblaster.html

Read the FAQ'S to learn how to enable it's protection, take a system
snapshot when the system is clean, obtain updates, etc. :
http://www.javacoolsoftware.info/kb/idx/2/0/


MowGreen [MVP]
==============
*-343-* FDNY
Never Forgotten
===============


cornfused wrote:

> well, thanks to you people i got rid whatever. i can connect using ie again,
> thanks
>
> "cornfused" wrote:
>
>
>>xp pro sp2 ie6--spent last several nights trying to get rid of
>>(winserver,optimizer,wsem dll and others. these ads installed themselves
>>through ie into ie browser add on, control panel and registry. how do i stop
>>this? how do i know if i got rid of all of them?
>>--
>>corn
Anonymous
December 25, 2004 5:17:47 AM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

> Neither adware nor spyware, collectively known as scumware,
> magically install themselves on anyone's computer. They are almost
> always deliberately installed by the computer's user, as part of some
> allegedly "free" service or product.

Not true, Bruce. They also use exploits to infest unpatched systems with
NO User intervention. Lately, they've taken to exploit Sun's JRE
versions prior to 1.4.2_06. Once the system is infested, the User can no
longer update successfully either.
Misleading pop up windows are another favorite of the miscreants. "
You're system is infested with SPYWARE. Click here for a free scan !"
The system is then innundated with various malware.
The issue is the BAD GUYS that are doing their nefarious deeds, not the
naive Users. Maybe a firing squad would end this nonsense.


MowGreen [MVP]
===============
*-343-* FDNY
Never Forgotten
===============


Bruce Chambers wrote:

> cornfused wrote:
>
>> xp pro sp2 ie6--spent last several nights trying to get rid of
>> (winserver,optimizer,wsem dll and others. these ads installed
>> themselves through ie into ie browser add on, control panel and
>> registry. how do i stop this? how do i know if i got rid of all of them?
>
>
>
> To deal with issues caused by any sort of "adware" and/or
> "spyware,"such as Gator, Comet Cursors, Smiley Central, Xupiter,
> Bonzai Buddy, or KaZaA, and their remnants, that you've deliberately
> (but without understanding the consequences) installed, two products
> that are quite effective (at finding and removing this type of
> scumware) are Ad-Aware from www.lavasoft.de and SpyBot Search &
> Destroy from www.safer-networking.org/. Both have free versions.
> It's even possible to use SpyBot Search & Destroy to "immunize" your
> system against most future intrusions. I use both and generally
> perform manual scans every week or so to clean out cookies, etc.
>
> Additionally, manual removal instructions for the most common
> varieties of scumware are available here:
>
> PC Hell Spyware and Adware Removal Help
> http://www.pchell.com/support/spyware.shtml
>
>
> Neither adware nor spyware, collectively known as scumware,
> magically install themselves on anyone's computer. They are almost
> always deliberately installed by the computer's user, as part of some
> allegedly "free" service or product.
>
> While there are some unscrupulous malware distributors out there,
> who do attempt to install and exploit malware without consent, the
> majority of them simply rely upon the intellectual laziness and
> gullibility of the average consumer, counting on them to quickly click
> past the EULA in his/her haste to get the latest in "free" cutesy
> cursors, screensavers, "utilities," and/or wallpapers.
>
> If you were to read the EULAs that accompany, and to which the
> computer user must agree before the download/installation of the
> "screensaver" continues, most adware and spyware, you'll find that
> they _do_ have the consumer's permission to do exactly what they're
> doing. In the overwhelming majority of cases, computer users have no
> one to blame but themselves.
>
> There are several essential components to computer security: a
> knowledgeable and pro-active user, a properly configured firewall,
> reliable and up-to-date antivirus software, and the prompt repair (via
> patches, hotfixes, or service packs) of any known vulnerabilities.
>
> The weakest link in this "equation" is, of course, the computer
> user. No software manufacturer can -- nor should they be expected
> to -- protect the computer user from him/herself. All too many people
> have bought into the various PC/software manufacturers marketing
> claims of easy computing. They believe that their computer should be
> no harder to use than a toaster oven; they have neither the
> inclination or desire to learn how to safely use their computer. All
> too few people keep their antivirus software current, install patches
> in a timely manner, or stop to really think about that cutesy link
> they're about to click.
>
> Firewalls and anti-virus applications, which should always be used
> and should always be running, are important components of "safe hex,"
> but they cannot, and should not be expected to, protect the computer
> user from him/herself. Ultimately, it is incumbent upon each and
> every computer user to learn how to secure his/her own computer.
>
>
> To learn more about practicing "safe hex," start with these links:
>
> Protect Your PC
> http://www.microsoft.com/security/protect/default.asp
>
> Home Computer Security
> http://www.cert.org/homeusers/HomeComputerSecurity/
>
> List of Antivirus Software Vendors
> http://support.microsoft.com/default.aspx?scid=kb;en-us;49500
>
> Home PC Firewall Guide
> http://www.firewallguide.com/
>
> Scumware.com
> http://www.scumware.com/
>
>
Anonymous
December 25, 2004 2:02:26 PM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

MowGreen [MVP] wrote:

>
>
> Not true, Bruce. They also use exploits to infest unpatched systems with
> NO User intervention. Lately, they've taken to exploit Sun's JRE
> versions prior to 1.4.2_06. Once the system is infested, the User can no
> longer update successfully either.


I think the key word above is "unpatched." Remember, one of the key
components to computer security that I've identified is the maintaining
of current patch/service pack levels. I've not seen nor heard of one
that can penetrate a properly maintained (including patches) system yet,
but I wouldn't be too surprised to see one come along. I do think the
threat could be mitigated by properly managing one's Java (and ActiveX,
if applicable) security options from within the browser. Anyway, I've
always acknowledged the existence of such a possibility in a small
number of cases; such exploits can exist, but are, to my knowledge,
exceedingly rare.


> Misleading pop up windows are another favorite of the miscreants. "
> You're system is infested with SPYWARE. Click here for a free scan !"
> The system is then innundated with various malware.


Proving my point. The Black Hats mostly rely upon the gullibility (and
often greed) of their victims. The phenomenon even has a widely
publicized name: Social Engineering. A properly educated computer user
wouldn't fall for such an obvious scam.


> The issue is the BAD GUYS that are doing their nefarious deeds, not the
> naive Users.


Granted, it's ultimately the fault of the bad guys. But there always
have been, and always will be, bad guys. People need to think for
themselves and abandon their naivete; just because there are bad guys to
blame is no reason not to defend oneself.


> Maybe a firing squad would end this nonsense.
>
>

Perhaps, but that'd be too quick and painless. I prefer to envision a
fate involving partial burial, honey, and ants.


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
Anonymous
December 25, 2004 4:04:49 PM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

> Perhaps, but that'd be too quick and painless. I prefer to envision
> a fate involving partial burial, honey, and ants.

Hmmm, that sounds even better than a quick execution ;) 

Unfortunately, unpatched vulns keep appearing that require NO User
intervention :
http://freehost07.websamba.com/greyhats/sp2rc-analysis....

" Severity
---------
Critical - Remote code execution, no user intervention "

>>> Misleading pop up windows are another favorite of the miscreants. "
>>> You're system is infested with SPYWARE. Click here for a free scan !"
>>> The system is then innundated with various malware.
>>
>>
>> Proving my point. The Black Hats mostly rely upon the gullibility
>> (and often greed) of their victims. The phenomenon even has a widely
>> publicized name: Social Engineering. A properly educated computer user
>> wouldn't fall for such an obvious scam.

The misleading popups frighten the Users more than they appeal to their
collective greed what with all the media misinformation .

It appears that the only truly safe surfing must be done with all
scripting and images disabled . Yuck ...


MowGreen [MVP]
===============
Bruce Chambers wrote:

> MowGreen [MVP] wrote:
>
>>
>>
>> Not true, Bruce. They also use exploits to infest unpatched systems
>> with NO User intervention. Lately, they've taken to exploit Sun's JRE
>> versions prior to 1.4.2_06. Once the system is infested, the User can
>> no longer update successfully either.
>
>
>
> I think the key word above is "unpatched." Remember, one of the key
> components to computer security that I've identified is the maintaining
> of current patch/service pack levels. I've not seen nor heard of one
> that can penetrate a properly maintained (including patches) system yet,
> but I wouldn't be too surprised to see one come along. I do think the
> threat could be mitigated by properly managing one's Java (and ActiveX,
> if applicable) security options from within the browser. Anyway, I've
> always acknowledged the existence of such a possibility in a small
> number of cases; such exploits can exist, but are, to my knowledge,
> exceedingly rare.
>
>
>> Misleading pop up windows are another favorite of the miscreants. "
>> You're system is infested with SPYWARE. Click here for a free scan !"
>> The system is then innundated with various malware.
>
>
>
> Proving my point. The Black Hats mostly rely upon the gullibility
> (and often greed) of their victims. The phenomenon even has a widely
> publicized name: Social Engineering. A properly educated computer user
> wouldn't fall for such an obvious scam.
>
>
>> The issue is the BAD GUYS that are doing their nefarious deeds, not
>> the naive Users.
>
>
>
> Granted, it's ultimately the fault of the bad guys. But there
> always have been, and always will be, bad guys. People need to think
> for themselves and abandon their naivete; just because there are bad
> guys to blame is no reason not to defend oneself.
>
>
>> Maybe a firing squad would end this nonsense.
>>
>>
>
> Perhaps, but that'd be too quick and painless. I prefer to envision
> a fate involving partial burial, honey, and ants.
>
>
Anonymous
December 27, 2004 4:55:01 PM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

well, your right this thing is still attacking. now as clkoptimizer and
qoologic. i have adaware and spyblaster and avg. avg is calling these files
qoologic k virus. i read your last posts but not sure those actions are
within my realm. will check out blaster site for info.

"MowGreen [MVP]" wrote:

> To help mitigate against further infestations of parasitic malware,
> download and install Spyware Blaster :
> http://www.javacoolsoftware.com/spywareblaster.html
>
> Read the FAQ'S to learn how to enable it's protection, take a system
> snapshot when the system is clean, obtain updates, etc. :
> http://www.javacoolsoftware.info/kb/idx/2/0/
>
>
> MowGreen [MVP]
> ==============
> *-343-* FDNY
> Never Forgotten
> ===============
>
>
> cornfused wrote:
>
> > well, thanks to you people i got rid whatever. i can connect using ie again,
> > thanks
> >
> > "cornfused" wrote:
> >
> >
> >>xp pro sp2 ie6--spent last several nights trying to get rid of
> >>(winserver,optimizer,wsem dll and others. these ads installed themselves
> >>through ie into ie browser add on, control panel and registry. how do i stop
> >>this? how do i know if i got rid of all of them?
> >>--
> >>corn
>
Anonymous
December 27, 2004 9:35:14 PM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

Here's a thread at CastleCops that dealt with the same variant :
http://castlecops.com/postp404934.html

If you find it too difficult to carry out advise you to download Hijack
This http://castlecops.com/downloads-file-328.html then read the
guidelines : http://castlecops.com/postt8864.html for posting.
Register and then post, according to the guidelines, here :
http://castlecops.com/forum67.html


MowGreen [MVP]
===============
*-343-* FDNY
Never Forgotten
===============


cornfused wrote:
> well, your right this thing is still attacking. now as clkoptimizer and
> qoologic. i have adaware and spyblaster and avg. avg is calling these files
> qoologic k virus. i read your last posts but not sure those actions are
> within my realm. will check out blaster site for info.
>
> "MowGreen [MVP]" wrote:
>
>
>>To help mitigate against further infestations of parasitic malware,
>>download and install Spyware Blaster :
>>http://www.javacoolsoftware.com/spywareblaster.html
>>
>>Read the FAQ'S to learn how to enable it's protection, take a system
>>snapshot when the system is clean, obtain updates, etc. :
>>http://www.javacoolsoftware.info/kb/idx/2/0/
>>
>>
>>MowGreen [MVP]
>>==============
>> *-343-* FDNY
>>Never Forgotten
>>===============
>>
>>
>>cornfused wrote:
>>
>>
>>>well, thanks to you people i got rid whatever. i can connect using ie again,
>>>thanks
>>>
>>>"cornfused" wrote:
>>>
>>>
>>>
>>>>xp pro sp2 ie6--spent last several nights trying to get rid of
>>>>(winserver,optimizer,wsem dll and others. these ads installed themselves
>>>>through ie into ie browser add on, control panel and registry. how do i stop
>>>>this? how do i know if i got rid of all of them?
>>>>--
>>>>corn
>>
!