In computer news this week:

Lead: A new internet threat - your computer could be completely taken over by hostile programs , and your antivirus program probably won't stop it.

I had a call from a client of mine a week ago - her computer had been taken over by an evil spirit and she wasn't able to do anything on it. When I asked for clarification of exactly what was happening, she said that when she turned her computer on, it connected to the internet immediately all by itself, and then started going to strange websites on its own, and then she would get popup after popup ad until her computer just stopped, and she had to turn it off again. She had totally lost the use of her computer.

And that is exactly what was happening when I got there. Both her Internet Explorer and windows explorer had been replaced with an alien version. I rebooted and stopped her computer from doing its auto-connect to the internet. Then I used one of the most helpful tools you can have in a situation like this - a windows utility named msconfig.exe - which used to come with all versions of windows, but for windows 2000 and NT microsoft didn't include it. However you can download versions of it for these operating systems.

The main benefit in using msconfig in evil spirit situations like this is that you can run it, and one of the tabs you can click will show you what programs are being loaded and run when your computer starts up. Of course you have to have some idea of what the normal programs are that windows loads, and you have to know that there are some programs unique to some computers that will load, and every computer generally has some of these.

You can do some detective work here - list the programs that msconfig shows are being loaded at startup - and then use windows explorer to look at each one of these programs in their folders, and the date on it. Generally most of these programs came with the computer, and their dates should be as old as the computer, or the operating system.

But there were several programs being loaded at startup on this computer that just looked funny - with folder names and programs names like clearsearch loader, ncase, update stats, and others. And when I went to the folder these programs were in, they all had very recent dates, like a few days ago. I then asked my client when her computer started acting weird. "A few days ago" she said. Elementary, my dear Watson, I thought to myself.

Not recognizing these programs, I did an internet search for clearsearch and ncase, and immediately found that both of these are a new generation of adware programs that will install themselves on your computer without your permission and take it over. It is almost impossible to tell where you might contract these, but if a website is in cahoots with these advertisers, and you surf their site, you can pickup these programs without knowing it.

I was able to disable all these programs from starting using the msconfig utility, but I knew that they had probably imbedded themselves in the windows registry, so I went looking for a program to remove all traces of them.

I found a solution at http://www.lavasoftusa.com/ with their free program Ad-aware version 6. I downloaded and ran this program and it detected over 35 programs and deleted all traces of these malicious adbots that had taken over this computer.

These programs are such a threat to anyone surfing the internet today that many of the antivirus vendors are now adding anti-adware capability to their programs - as an additional cost of course. Remember, There's no free lunch in the computer industry.

For Raw Bytes, This is Frank Delaney

POB 222 Spangle, Wa 99031 (509)245-3736 624-7230