While browsing a spanish site with pop-up ads , a certain adult site ad appeared blocking my view so I tried to close it by clicking [x] to get back to the page I was reading, but little did I realize that pop-up had a script running while that option was on in my Internet Settings.
Any way it was my fault leaving it turned on, but when I clicked the [x] the script just opened another site which instantly started a CGI script that installed & RAN a [censored] dialer OCX and DLL in my Downlaoded Program Files folder; plus a girl icon on my desktop.

So I don't plan on letting them get away with junking people's desktops like that. At least they didn't hijack my homepage but they are really in the same catagory as the LOP.COM crap installer.

And you guys probably remember the long discussion from a few months back about Trend House Call at:

http://www.winguides.com/forums/showflat.php?Cat=&Board=brdVirus&Number=47513&page=0&view=collapsed&sb=5&part=all

which seems to be still an active thread.

Getting back to the issue, I hope the Lavasoft people are reading this so they can add this annoying [censored] dialer OCX, called ALVANET DIALER, to their AdAware check list.

here is the info I have

The POP-UP ad took me to this site below (be aware if you go there it starts installing it instantly --no way out if scripting is on):

http://stats.misestadisticas.com/cab/index.cgi?u=mds-sexo3030

but the actual Dialer is downloaded from here:
http://stats.misestadisticas.com/autodialer/cab/

the file installed is
Alvanet.DLL
There are probably other OCX & ICO files but you already know that by now.

I hope Adaware picks up this one soon.

Regretably I did not have any registry monitoring running in the background so I don't know what & if something have been modified in my registry.
Let's hope some of the pros on this forum will help us with that.

gangsta,

Did you post this in the <a target="_blank" href=http://www.lavasoft.nu/cgi-bin/forums/ikonboard.cgi>AdAware</a> forum also? Their forums are offline at the moment, though.

That might get them on to this faster than posting it in WinGuides only, although I'm glad you put it here. I certainly appreciate the information. I hate it when you innocently go to one site and a zillion other sites start popping up.

Nana /images/forums/icons/smile.gif

thanks but their forum is still down so far, if any one wishes to copy/forward my post to Adaware forums then by all means, you have my permission to do so.

Gangsta,

Ad-Aware doesn't detect and remove dialers, nor does it claim to. That's not what it's intended for; it's not a remove everything app.

As far as dialers, you need a special removal fix. A lot of us are now running Spybot alongside Ad-Aware, and it does a lot more than remove spyware. It removes a couple dialers, too, but it's not a remove everything app either.

Spybot:

http://www.cexx.org/adware.htm (http://patrick.kolla.de/spybotsd.html>http://patrick.kolla.de/spybotsd.html</a>

One)

Also, check this thread on malicious scripts. Tony posted a lot of good info. and suggestions on that.

<a target="_blank" href=http://www.winguides.com/forums/showthreaded.php?Cat=&Board=genwin&Number=62695&page=&view=&sb=>http://www.winguides.com/forums/showthreaded.php?Cat=&Board=genwin&Number=62695&page=&view=&sb=</a>

thanks , I know Adaware is not for dialers, but I did not mention it because it was a dialer, rather it was a side-effect of unwanted & a really annoying advertiser who droped a plug-in I did not ask for, when I was clicking [x] to close that ad window, but instead their only intention was to spam people with it... whether they opt out or not.
I guess you see how pop-up ad scripts are deeply involved here.
In the the end it all add up to the same thing really.