Jump to content


Photo

AdTools


  • Please log in to reply
14 replies to this topic

#1 Lord of The Rings

Lord of The Rings

    Lord of The Rings

  • Full Member
  • Pip
  • 57 posts

Posted 22 February 2005 - 02:12 PM

I found this little terror trying to access The Net, assumably to inform it's maker of my internal information.

Needless to say I stamped on it, just like a bug, which is what I assumed it was. Nasty little thing didn't want to go quietly, but finally with lots of arguments, it was deleted along with the rest of its files.

I did not allow it in, and found no relevant alert on my Firewall, with the exception of a note by CA that this program had been installed when I had to upgrade my FW.

Any ideas?
Lord of The Rings
aka Mike Werner
Welcome to The Lubbock Lights.

#2 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 23 February 2005 - 06:43 AM

Is this the one you are talking about ?
http://www3.ca.com/s...px?id=453082798
http://www.spyany.co...rm_AdTools.html
http://www.kephyr.co...ols/index.phtml

Edited by ErikAlbert, 23 February 2005 - 07:00 AM.

ErikAlbert
Simplicity is always brilliant.

#3 Lord of The Rings

Lord of The Rings

    Lord of The Rings

  • Full Member
  • Pip
  • 57 posts

Posted 23 February 2005 - 10:38 AM

Dear ErikAlbert, :D

Yeah, that would be the one. It professed to be a program that detected and cleared adware, but like others in the same vein, did not announce itself, or even ask if I wanted it. Although I am unable to prove it, it still arrived in my computer on the same day as my latest upgrade supplied by CAI. :(

As I am the only person that uses, or has access to my computer; to me it's suspicious. It is not something that I would miss whilst browsing, and very unlikely that I would consider downloading it, and then forgetting that I had done so. :hmmm:
Lord of The Rings
aka Mike Werner
Welcome to The Lubbock Lights.

#4 Lord of The Rings

Lord of The Rings

    Lord of The Rings

  • Full Member
  • Pip
  • 57 posts

Posted 23 February 2005 - 11:06 AM

Dear EricAlbert, :D

Further to the above, having run a search on AdTools, I found the following:

AdTools Webpage

where Adtools Inc deny any knowledge of the program concerned: "AdTools.exe"

If not them then who? :gasp:

Regards.
Lord of The Rings
aka Mike Werner
Welcome to The Lubbock Lights.

#5 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 23 February 2005 - 11:13 AM

Dear Lord of The Rings,

I have no clue how you got it, but you can be proud of yourself that you saw it and got rid of it.
Most users wouldn't even notice the malware in this case. :D

P.S. : your link "AdTools Webpage" doesn't work myLord

Edited by ErikAlbert, 23 February 2005 - 01:53 PM.

ErikAlbert
Simplicity is always brilliant.

#6 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 23 February 2005 - 11:41 AM

One of you should get Suzi to add it to Eric's list http://www.spywarewa...re.htm#products - I don't see it there.

http://www.spywarewa...r.com/index.php
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#7 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 25 February 2005 - 06:15 AM

cnm,
The domain "*.adtoolsinc.com" is already mentioned in "Restricted Sites" of MSIE
by installing IE-SPYAD, which I did awhile ago.

Maybe the adtools.exe was installed together with a downloading of free stuff.
I'm not the complainer, "Lord of The Rings" is and it seems to me that he doesn't know how he got it.
Maybe he should install IE-SPYAD also, like I did :)

Nevertheless adtools.exe is mentioned in several forums as adware and was removed each time by the experts.

Edited by ErikAlbert, 25 February 2005 - 06:21 AM.

ErikAlbert
Simplicity is always brilliant.

#8 Lord of The Rings

Lord of The Rings

    Lord of The Rings

  • Full Member
  • Pip
  • 57 posts

Posted 25 February 2005 - 11:21 AM

Dear EricAlbert, cnm and others, :D

The correct URL is:

http://www.adtoolsinc.com/

Although I cannot say for sure, the AdTools.exe file was dated 2/18/05 at the same time as I was downloading a required upgrade to CAI's EZ-Armor Suite (version 3.1.1) :angry:

I had been advised of this upgrade by CAI approx 3 weeks before, but found that their download would not complete the entire 12.1mb before cutting off. This turned out to be a fault at CAI's download site. :hmmm:

Finally on 2/18/05 they gave me a new site, and I managed to complete the download without any hitch. However, when I tried to install their update, it did so, but left one half of the suite (EZ-AV) unaltered. I only found this later, when I examined the icons shown on my programs bar. The EZ-FW was new, but the other was still the old one. Of course when I tried to download the virus signature file, it worked to a point and then threw a Fatal Exception, when they tried to install themselves. :wacko:

I tried to alter/repair the suite, but in the end had to remove the whole thing both automatically and manually. Then open the upgrade file. This time it installed both programs correctly, and the virus signature download also installed. :)

From my conversations with CAI, it would appear that their r3.1.1 upgrade, unlike previous ones, that required the uninstall of previous versions, had been "written" not to require that removal and just to overlay. Obviously this did not work for me, reasons UK, and their r3.1.1 failed to install the new version of EZ-AV. For this reason I had to remove the whole damned thing and start all over again.

The only downloads that I took on 2/18/05 were from CAI. The upgrade and then the virus signatures. I was so busy playing with these, with the lack of protection, once I had removed the Suite, that I did not visit any sites, collect my email or do anything else. I finished finally fixed the problems, reinstalling the Suite at 6.30pm. I was tired out having worked all day on the computer. Seeing the date on the AdTool.exe file I can only assume that it somehow was downloaded at the same time as the virus signature file. This should not be possible, particularly as my Fire Wall was working at that time. I did not authorize that program, and only found it later as it tried, in vain, to gain access to The Web, using my Windows Explorer. That access request, gave me the knowledge that it was in my computer. A search located it, and I removed it by using its own/M$'s uninstall program. Follow up checks showed that it was indeed gone, and an online search located the above site, where AdTools Inc stated that they were not connected to AdTools.exe in any way. :mellow:

I just thought that others might like to know, and perhaps users of CAI's EZ-Armor Suite, who have also upgraded to Version 3.1.1 might just like to search for AdTools.exe on their hard drives. I really cannot believe that I am the only one? :gasp:

Best Wishes, :rolleyes:

Edited by Lord of The Rings, 25 February 2005 - 11:38 AM.

Lord of The Rings
aka Mike Werner
Welcome to The Lubbock Lights.

#9 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 25 February 2005 - 12:56 PM

OK MyLord :) ,
I can't visit www.adtoolsinc.com anymore, because it's a restricted site in MSIE.
So Suzi and Eric know about this infected website and they probably didn't mention adtools.exe on the website
http://www.spywarewa...nti-spyware.htm
because the whole website was already blacklisted via IE-SPYAD.

If CAI's EZ-Armor Suite was free or had at least a full working trial version, I would have installed the software to see if my computer was infected with adtools.exe, but I'm too poor to buy this software.
I don't believe that this software is infected, because it's recommended by SWI at this link :
http://www.spywarein...s.php?cat=av#av

I hope you find a member at SWI, who actually use this software :)


P.S. :
It's weird that this link also sells this software, while SWI has another link :
http://home.ca.com/d...5715&CID=185351

Edited by ErikAlbert, 25 February 2005 - 01:15 PM.

ErikAlbert
Simplicity is always brilliant.

#10 eburger68

eburger68

    Advanced Member

  • Retired Staff
  • PipPipPip
  • 126 posts

Posted 26 February 2005 - 12:09 AM

Hi All:

AdTools would not be mentioned on the Rogue/Suspect Anti-Spyware page unless it were an anti-spyware program of some sort. That page isn't a general collection of "bad stuff" -- it's highly targeted and specific.

Best,

Eric L. Howes

#11 Lord of The Rings

Lord of The Rings

    Lord of The Rings

  • Full Member
  • Pip
  • 57 posts

Posted 28 February 2005 - 11:19 AM

Firstly to eburger68 (Eric L. Howes) I am sorry, but after very careful scrutiny I am unable to find any reference to AdTools.exe anywhere in: "the Rogue/Suspect Anti-Spyware page" and by this I assume you mean your:"http://www.spywarewa...i-spyware.htm"? Perhaps I am looking in the wrong place? Help please.

Secondly, to ErikAlbert: I think that you may have misread my comments. I have used EZ-Armor for a number of years, and feel that it is worth every penny of what they charge, (otherwise I wouldn't still be a customer) My inference was that somehow (and I have no idea how) whilst collecting the download of Virus Signatures, required to initiate any new copy of EZ-AV, which comes only as the bare program, the AdTools.exe program had either been included, or crept through all by itself?

EZ-Armor has been recommended by Mike at: http://www.spywarein...s.php?cat=av#av for quite sometime, and is considered, correctly to be one of the best AV and Firewall (actually ZA's) programs available.

Best Wishes,
Lord of The Rings
aka Mike Werner
Welcome to The Lubbock Lights.

#12 eburger68

eburger68

    Advanced Member

  • Retired Staff
  • PipPipPip
  • 126 posts

Posted 01 March 2005 - 07:08 AM

Lord of the Rings:

You wrote:

Firstly to eburger68 (Eric L. Howes) I am sorry, but after very careful scrutiny I am unable to find any reference to AdTools.exe anywhere in: "the Rogue/Suspect Anti-Spyware page" and by this I assume you mean your:"http://www.spywarewa...i-spyware.htm"? Perhaps I am looking in the wrong place? Help please.


That's what I said. AdTools is NOT mentioned on that page because it's not an anti-spyware program so far as I can tell. The Rogue/Suspect Anti-Spyware page covers only certain kinds of anti-spyware programs, not "bad" programs in general.

Eric L. Howes

#13 LostAccount

LostAccount

    Forum Deity

  • Trusted Advisor
  • PipPipPipPipPip
  • 1,291 posts

Posted 01 March 2005 - 08:51 AM

Anyone who has installed the MVPs HOSTS file is unable to access the site. I am unsure of the status of the other HOSTS files.
<span style='font-size:8pt;line-height:100%'><b>Useful Software</b>:</span>
<a href='https://www.kaspersky.com'target='_blank'><i>Kaspersky</i></a>, <a href='https://housecall.trendmicro.com/' target='_blank'>Housecall <i>Trendmicro</i></a>, <a href='https://www.emsisoft.com' target='_blank'><i>a2 free edition</i></a>, <a href='https://www.kerio.com' target='_blank'><i>Kerio Personal Firewall</i></a>, <a href='https://www.lavasoftusa.com' target='_blank'><i>Ad-aware SE</i></a>, <a href='https://security.kolla.de' target='_blank'><i>Spybot S&D</i></a>, <a href='https://www.merijn.org/files/hijackthis.zip' target='_blank'><i>HJT</i></a>, <a href='https://www.cwshredder.net' target='_blank'><i>CWShredder</i></a>, <a href='https://www.mvps.org/winhelp2002/hosts.htm' target='_blank'><i>MVPS HOSTS file by WinHelp2002</i></a>, <a href='https://netfiles.uiuc.edu/ehowes/www/resource.htm' target='_blank'><i>IE-SPYAD by eburger68</i></a>, <a href='https://www.javacoolsoftware.com/' target='_blank'><i>Spywareguard and Spywareblaster</i></a>, <a href='https://www.winpatrol.com' target='_blank'><i>Winpatrol</i></a>, <a href='https://www.mozilla.org' target='_blank'><i>Mozilla & Firefox</i></a>

#14 Lord of The Rings

Lord of The Rings

    Lord of The Rings

  • Full Member
  • Pip
  • 57 posts

Posted 02 March 2005 - 11:18 AM

Dear Eric L. Howes,

Must have misunderstood your post. I do now, and agree with you.

Regards,
Lord of The Rings
aka Mike Werner
Welcome to The Lubbock Lights.

#15 Lord of The Rings

Lord of The Rings

    Lord of The Rings

  • Full Member
  • Pip
  • 57 posts

Posted 26 March 2005 - 01:21 PM

Someone in Authority :alarm:

May close this subject now, please. :wave:

Thanks, :rolleyes:
Lord of The Rings
aka Mike Werner
Welcome to The Lubbock Lights.




Member of UNITE
Support SpywareInfo Forum - click the button