• by Mark Naples , March 17, 2006

Have you ever had your computer seemingly taken over by invaders?

I wrote a column here more than two years ago on how to remove certain spyware applications, and I was inundated with thank-you notes from readers. These tiny .exe files that get dropped on users' hard drives can corrupt hard drives, take over users' search functions, and basically distract anyone from what they do online. They make unwanted e-mail or pop-ups look like dust in the wind.

Spyware companies generally traffic in user data that is collected illicitly, and they do a ton of damage here in the U.S., though many are based overseas. Do you use Microsoft Anti Spyware software? I do, which is why I was so affronted by the applications that infested my hard drive this week--because Microsoft Anti Spyware software is what these guys were claiming to be selling! Obviously, they were selling something else that looked very much like this free tool, which makes the invasion and deception all the worse.

I wish someone in authority would do some good for users who have their days ruined by the complete takeovers these companies' software conducts on users' hard drives. It's bad for our industry that columnists and bloggers have to take this on alone. Where is the enforcement of the laws that have been passed these past few years?

It's left to me and others like me to tell you, the consumer, how to exorcise these demons from your hard drive. I've tried since Tuesday to get anyone at these companies to stand up and share some insight with me, or just return a phone call. You really didn't think they would, did you?

After all, when your company has a name like Winfixer.com, Amaena, or SoftwareProfit.com, do you really think you tell your parents what it is that you do for a living? I mean, we all know the affiliate space has a lot of shadows. But, these guys are so bald-faced under the trench coats they skulk around in, I was increasingly shocked by their hubris the deeper I dug.

After Winfixer's main page takes over your screen to alert you that you have something called the Blackworm virus, they also tell you that you have multiple other worms, etc., that must be removed immediately. WinFixer is a commercial product that pretends to be a "complete professional system optimization, protection and recovery solution." However, it is actually malware, which continuously displays annoying false reports of purportedly detected system problems, errors and potential threats. Such reports are used to deceive the user and trick him or her into purchasing full registered version of WinFixer. The risk is dropped by certain parasites, but can also be manually installed. WinFixer automatically runs on every Windows startup.

When their warning first appeared on my screen, I was surprised of course, but nothing like the surprise I felt when I saw that they had an affiliate tab on the bottom of the page. Clicking that led me to SoftwareProfit.com's main page, where I found this amazing copy:

"Software Profit affiliate program deals with security and privacy software which sells on any type of traffic. Users are scared to death by internet threats and parasites and buy antiparasite, antispy and utility software in panic.

Webmaster gets up to $30 per each sale and 6% for referral. Convert ratio for untargeted traffic is 1/1000. (so you get $30 on each kilo of traffic). Statistics is updated every minute to make your sales tracking easy and accurate. Twice a month payouts are made accurately and timely. Bank of more than 50 flash/GIF banners, descriptions and other promo materials is updated and refilled constantly. The bank contains also localized software, landings and banners in French, Deutch, Italian, Spanish and more.

You can ask questions or help to online support by ICQ, by e-mail or through internal messaging system. Become an affiliate and start earning money now!"

I can't tell you where I got this offending executable--the one that continues to lob screen takeovers every time you open a new browser or do a search - because I don't know. What is at the root of these ingenious sales tactics is the part I put in bold face above. Pretty amazing, isn't it? There are numerous blogs and user groups that inform as to how one can remove these files--I used this one: http://www.2-spyware.com/remove-winfixer.html

Being of the nerd set, I'm used to checking the source code when possible to see where these things come from. So I know that one of the largest ad serving companies in the business was the one that served the initial pop-up that I saw. There are so many reputable companies in our space that do business with the bad guys. Our industry is so fast-moving that if you're in the affiliate space, the lesson to learn is that you ARE your brother's keeper. Know whose ads you're serving, and know exactly what it is they're selling. I'm just a lowly columnist, trying to do some good here. There are others out there who can really do some damage to your company if you're doing business with these malware vendors. So--watch your back.