Since the beginning of October my new computer (emachine) has been acting odd. First, all sorts of weird things got downloaded somehow - no one will admit to it though. Something called Weatherbug, and a program that checks the computers clock and another one for the date. Anyway, right after all this junk appeared my Internet Explorer went hooey on me, as soon as it loads it shuts back down within 15-30 seconds or so. I transferred to MSN to go around the problem until I could find more time to solve it and now that won't load either.

I'm working on our old computer right now and there are no problems here so far *fingers crossed*. I went digging through the files on the new computer and found some stuff from Gator.com. I have no idea who they are and am afraid to go to their site in case it affects this computer too. There were some documents/files (?) with some very intimidating language running through them.

Also my Norton Anti-virus won't work on the new computer either! I tried restoring from an earlier date but it wouldn't allow me to. I'm not sure what else to try other than restoring to factory specs and losing info.

Anyone out there who may offer some help or insight would be greatly appreciated. Thanks in advance.

Gator is one of a host of insidious pieces of software called "ad-ware" and "spy-ware." Sounds like you also got Weather Bug, another common one. They get installed usually unkowingly (perhaps you inadvertantly clicked "ok" on some stupid pop-up window, or perhaps you installed something like Grokster or Kazaa which, behind the scenes, packages it with it). They do numerous things, the least of which is increase pop-ups. They also send back data about your browsing habits to the softare company. They eat up CPU and memory usage, and are all around a pain in the behind. They just barely manage to prevent themselves from being classified as viruses.

You are not out of luck. If you are comfortable with Windows and registry editing, you can do some research on the software you've noticed and remove it manually. However that's not recommended unless you know what you're doing because you can indavertantly mess things up pretty well. A more user friendly was is to use removal software. Ad-Aware from Lavasoft (http://www.lavasoft.de/) is a popular free removal tool.

Good luck!

Ah yes, spyware. The evils of the Internet. I still can't get that stupid lop.com thing out of my browser, so I am forced to endure it's evils. Good luck getting rid of it, your gonna need it :(

I've spent MANY an hour keeping the filthy bastards off of my system. I am very proud to be ad/spy-ware free, but it's a constant battle.

This site (http://www.mvps.org/inetexplorer/Darnit.htm)* has been very useful to me. He's got a huge ammount of info on remoivng a variety of these insipid progams (inlcuding lop.com, so that might be of help to you DisneyFan). As always, the "be sure you know what you are doing" warning goes along with it as you are tinkering with the registry.

*Note: For the kiddies, while I haven't notice it on this particular website, there may be un-MP like language in there somewhere (a lot of cursing tends to be associated with getting adware off a system). Just letting people know if they care.

)Originally posted by Ghoulish Delight
This site (http://www.mvps.org/inetexplorer/Darnit.htm)* has been very useful to me. He's got a huge ammount of info on remoivng a variety of these insipid progams (inlcuding lop.com, so that might be of help to you DisneyFan).




Well, it didn't help me directly, but it did encourage me to go take a look at how the stupid lop.com 404 page replaced mine. Found out that it had replaced the regular 404 page with a file called "important_file.html" in my Windows directory. Deleted it, and all is now well. Ha! Take that, lop.com!!!!


Now to try and get rid of their stupid toolbar (their "uninstall" utlity simply reinstalls the spyware :rolleyes: )

Well it looks like I'm just gonna do a total restore. I tried to restore settings to an earlier date but it didn't work so now I will just back up my files on disk and start fresh - I hope. Luckily the computer is only 4 months old so I really don't have that much to back up. I'm so disappointed and angry that these jerks can get away with this!

Thanks for the info on the removal of this spy-ware type garbage that is infecting us. I will certainly use something in the future to detect and delete these nasty programs.

Thanks again.

Originally posted by Tink
Well it looks like I'm just gonna do a total restore. I tried to restore settings to an earlier date but it didn't work so now I will just back up my files on disk and start fresh - I hope. Luckily the computer is only 4 months old so I really don't have that much to back up. I'm so disappointed and angry that these jerks can get away with this!

Thanks for the info on the removal of this spy-ware type garbage that is infecting us. I will certainly use something in the future to detect and delete these nasty programs.

Thanks again.

Why? Did SBSD and AdAware not sense it?

Originally posted by DisneyFan25863
) Now to try and get rid of their stupid toolbar (their "uninstall" utlity simply reinstalls the spyware :rolleyes: ) Hrmm, I had a similar thing a while ago, xupiter. I'm trying to remember how I got rid of it. Have you tried the usual suspects? Check the reg key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run for anything that might be launching it at startup (look for a line on there that has one of the .com or .exe file names listed on that website I linked to in the lop.com section). That's the most common way these things boot themselves up and is easy to stop, just delete the line.

Speak of the devil.

I got a fun new piece of adware today! Don't know where it came from. TopText. It parses every html page you load looking for key words, and it converts them into links to commercial site with big yellow underlines. Very obnoxious. It comes with an "uninstall" that does uninstall, but it conveniently leaves behind a file that can be launched via a single html or javascript line and it will reinstall itself silently, without downloading anything. Insipid! And this ISN'T considered a virus!!!??! Grrrrr.

Oh well, I ripped it out by its roots.

Originally posted by Ghoulish Delight
Hrmm, I had a similar thing a while ago, xupiter. I'm trying to remember how I got rid of it. Have you tried the usual suspects? Check the reg key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run for anything that might be launching it at startup (look for a line on there that has one of the .com or .exe file names listed on that website I linked to in the lop.com section). That's the most common way these things boot themselves up and is easy to stop, just delete the line.

Nope, nothing in there that I don't reconize.

:(

Then it's probably a .dll floating around somewhere. Good luck, sounds like it's got some randomly named .dll, never easy to track down. It might be in the same location as xupiters was (which also added a tool bar) which was c:\program files\browser\updates\

The only other thing I regularly check is the processes tab of the task manager. I keep my eye out for .exe's running that shouldn't be. Sometimes hard to distinguish because programmers of legitimate software have a habit of giving some cryptic names to their exe's. But if you see anything that looks suspicious, you can rule it out by finding the .exe file. Pay attention to the location (if it's in the program folder of a program you know you have, you're probably okay, if it's in the system32, be suspicious). And check the properties (the Version tab will usually list the company, that's a big clue. Legitimate software will almost always identify itself clearly). If you're still unclear, just put the .exe file name into Google and see what comes up. You'll either see a bunch of discussions about whatever piece of software or Windows component it is, or a bunch of sites about removing adware.

Aha, here's a good brute-force way for you to go DisneyFan. Found this on some message board.

Go to start/run, and type Regedit.

Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar
Highlight 'Toolbar'

In the right pane you'll find a number of values (entries), one of which ought to be your toolbar entry.

If it isn't mentioned by name, rightclick the first anonymous one, and choose 'rename'.

Let's say it's called
{x}
Put a little minus (-) sign in front of it, so that it looks like this:
-{x}

Start up IE: one toolbar will be missing.
If you've got the wrong one, remove the minus sign, and the toolbar will be back.

Eventually you'll find the one you want. When you're sure that's the one, feel free to delete it.
"

Originally posted by Ghoulish Delight
Aha, here's a good brute-force way for you to go DisneyFan. Found this on some message board.


THANK YOU!!!!!!!!!!!!

The evil demon of lop.com is Finally cast away from my computer!!!!!!!

Thank you sooo much :D

Hooray! Glad I could help.

I downloaded weather bug from the nbc4.tv website. They've been promoting it on the weather part of the news and I get my local weather. Is this the same horrible spyware adware thingie you guys are talking about?? I haven't noticed anything weird yet. Help??

And my computer is posessed, ever since I got it, whenever I turn it on I get the dial up connection screen. I don't use this to run my ISP, I constantly reset the settings to not load, to not dial a connection and to not save my password. It never works. HELP?

Weather Bug is a relatively benign one. Don't think it's spyware (which sends data back about your browsing habits), but I could be wrong. I'll do some checking. I mention it as evil ad-ware only because it's one of those that pops on websites up with a bogus dialog box that most people unwittingly click "yes" to and suddenly they have unwanted software on.

The dialup. Hmmm. Check on your start menu. Go to Start->Programs->Startup. Is the dial up connection program there? If it is, delete it.

It really pays to be careful what you download. Ad-Aware is a really good tool for removing spyware and such.

Most of the 'free' utilities you see advertised on the internet nowadays I would consider 'spyware' - else they'd make you pay for it....

For the most part, I don't download anything that I don't know exactly what it is.

Also, be watchful now for those 'messenger popups'...they come at you whenever you least expect it, and only by disabling the installed messenger client (Not the legit MSN or Yahoo messenger program) can you stop those types of popups. And they are ANNOYING!

Anyone wanting to get rid of them, I can post how to disable it for you.

-Demigod

GD,
it's not there, and I can't find the menu that lists what boots at start-up. This has booted since day 1, and it's starting to drive me batty. The normal settings method *should* fix it but it hasn't.

Make sure you have nothing that accesses the internet at startup also. Stritly, because if a program requests the internet, it will dial.

Or you can go to "Intenret Options" Jump to the Connections tab, and say "Never Dial A Connection".

Then it will not dial when the program request it, only when YOU request it. :) :D

If you have Windows XP, I am sure that someone here (myself included) would be willing to check out your system for you remotely.

Go to Start, then Help, then under Ask For Assistance, click on Remote Assistance...then you can send an email to the person you want helping you - and they can control your PC from their PC. Works great - my kid's grandma asks me for help like that all the time!....lol...

Just send me a PM and I'll give you my email addy - I could do it from work, too, so doesn't matter really when you want to do it - if I'm not busy I will help.

-Demigod