Slashdot Mirror
Which Adware and Spyware are the Most Insidious?
the_dreadnought asks: "I was just asked today which adware and spyware are the most insidious by an acquaintance. He asked me if this stuff was really legal, or was it just not important enough for law enforcement to deal with? I know the porn stuff (not from experience,,,ok, from experience) that dials out to foreign countries is one of the more extreme examples, and Gator is well known, but if Slashdot readers could describe what adware and spyware they think is the sneakiest I would appreciate it. Also, any thoughts on whether some of this stuff is even legal, as it is almost certainly not ethical."
And the fun part is, if you (or the user) uncheck the New.Net software in MSCONFIG, it doesn't just stop New.Net from working... They simply stop being able to use the internet. At all. So then we have to pray that their version of New.Net has a working uninstaller, or we have to go through a huge manual uninstall that involves removing multiple registry keys. BTW, if anyone here gets this or other spyware that is difficult to remove, try using a program called HijackThis and "Fix" anything that looks out of the ordinary (use common sense... don't delete everything).
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Xupiter! Or what used to be Xupiter. In it's time it really wreaked havoc. Although going to their home page says they are out of business, ths link on their site shows that they may be up to something else soon
You can share some of the love for the Yomtobians here. These guys are right up there with Spamford Wallace and the Cantor/Siegel in the Internet Hall of Shame.
I'm sure there aren't many people who agree with me, but I personally consider RealOne to be spyware. It's intrusive and has lots of 'features' that are extremely difficult to turn off if you can turn them off at all, and it installs things without telling you. (For example, its 'message center' in the system tray that tells you to Buy RealNetworks Products(tm)(r)!0
Other than that, I don't really run into spyware much, but I find gator and its kin to be the most intrusive and common on the web.
using namespace slashdot;
troll::post();
Syptech captures pretty much everything
Should the purveyors of operating systems be prosecuted for allowing software to run on their loyal customers computers, without their knowledge or permission. I have never read a Microsoft EULA in it's entirety, does it mention that this is part of the agreement?
windows. yes...definetly windoze
Windows likes to call home whenever it can. I'm sure it reports back to the mothership far more often than anyone would like to think about.
*synches the strap on his tin foil hat a bit tighter*
Without any doubt in my mind, the most evil form of spyware I am personally aware of is the infamous insidious Gator. Booo, hisss!!!! I am sure there are others, but I'm sure of this: there is a special place in hell for these folks.
Quod scripsi, scripsi.
Here are the removal programs...
Spybot
Adware
However, this begs the more interesting questions....
Is there *nix spyware?
Why not?
Davak
That darn weatherbug thing that everyone I know has. You try to uninstall it but it manages to find a way back in :-/
Lop lop lop lop lop lop lop . . .
I runSecure OSs like OS X and Linux
I am the Alpha and the Omega-3
If somebody leaves a paper bag full of shit on your porch, rings the doorbell and runs away, does it really make any difference whether it's dog shit or cat shit?
gets my vote. Not only does it report your media files, but also any other apps you're running!
/me adjusts tinfoil hat...
Lop is by far the worse one ever... recently I convinced my cousin to switch over to Mozilla Firebird, but this article (http://www.spywareinfo.com/articles/lop/) suggested that Mozilla isn't 100% safe, but is much easier to cure than hacking the registry (apparently it's just one line in the user_prefs). One sources said that it changes 47 registry keys... I also found that it randomly mutates into new filenames (actually it downloads newer versions), making it much harder for programs like Adaware to hunt it down.
Also, Lop disguises itself as a mp3 search toolbar. It also comes with newer versions of MSN Plus.
One more thing, some people are willing to profit from lop uninstaller, such as this one - http://www.onlinepcfix.com/spyware/Lop.htm - it contains some more information related to lop.
Please direct all bug reports to
Unfortunatelly I can't remember the names of them right now, but I've encountered a few spyware things out there that hijack your browser. In other words, they set your homepage to their page (and reset it if you change it), add their links to your favorites, your desktop, and add a flash object to you Active Desktop.
:)
Of course, they aren't applications you can easily remove through control panel.
If anyone knows the names of some of these, please tack a reply onto this
no comment
When I got my computer there was some kind of software that someone had snuck onto the computer while it was at the store called "Micro Soft Window". Have you ever heard of this? And they tried to get me to agree to some long legal thing just when i turn the computer on. I don't know why they think people would fall for that. It was easy to uninstall though, which is good, most spyware is not so easy to uninstall.
One program that really annoys me is hotbar. The main reason so, it adjusts your MS Outlook settings all the time turning off using Word as your HTML editor. It also requires about 2 hours to remove the stupid program.
You remove it using AdAware and it will remove it for that user profile. Then login as another user it will actually install itself again. I logged on as each user to remove it and finally managed to get rid of it, so I thought. It has now appeared back and I know it wasnt the (l)users installing it again since I gave them a lecture about adware and installing crap on machines that I am in charge of.
If a program comes with a valid uninstall feature then I can tolerate it. When its a program thats a biatch to get rid of and keeps coming back I get really ticked off.
(\(\
(^.^)
(")")
*This is the cute bunny virus, please copy this into your sig so it can spread
DEAR GOD! My stomach turns every time that name is mentioned. I worked as a CSR at a local ISP for a year or so, and every time Xupiter was mentioned, nearly all of the employees within earshot would mutter, "Aw, jeez" or something else to that effect.
On another note, I think that Gamespot's download manager, Kontiki, is kind of sneaky.. at least sneaky in the fact that I thought it was just another humble download manager. Then again, why would anyone want you to have their download manager unless they were spying on you?
Stupid me. Oh well... thank god for Ad-aware.
Insert clever one liner here.
Hey,
A client of mine recently asked what anti-spyware program they should run alongside their anti-virus. They have lots of "less-experienced" users so thend end up with all kinds of stuff being installed on machines.
I use SpyBot Search and Destry and it does a good job. But they need something real-time, like a antivirus scanner. I mainly use Symantec Corporate Edition antivirus, but Symantec doesn't seem to have a anti-spyware program yet (maybe it's somewhere in one of their bundles, but that doesn't help me out network-wide)... Need something that automagically updates itself from the server, too, just like Symantec Corporate Edition.....
Spyware is definately an annoyance!!!
Thanks for any info....
-m
http://www.invisik.com
which Creed album is the worst?
The best spyware is the stuff that you can't un-install. I can't remember the names of this crap. But I remember one toolbar for IE that I was paid to remove. There was no way to get rid of it. Also, HotBar has to be the worst because everyone installs it without knowing just how bad it is. I've seen it cause more problems with the computer than anything else. Since it integrates into Explorer, OE, Outlook, etc, It causes major headaches. Its so poorly written, and pops up advertising all the time I can't stand it. Also, there are those damn, "Free GAMES" that people always install. Those make administration a nightmare.
But the worst software that gets onto a computer has to be any Win32 application. Windows seems to make people lazy, and they seem to forget about things like permissions. Everything you install in Windows requires "Administrator" access, which is what allows all this bullshit software to get installed.
I can't count how many times I've had to clean up certain versions of the AOL software. One could strongly consider the new AOL 9, since it turns off Windows Messenger, malware. IMHO, it's not a bad idea to kill it, but to do so and not notify the user is insidious.
How about Dell's SupportLink, which (and I have the TCPdumps to prove this) broadcasts your system's S/N, your MS Windows S/N, and several other tantalyzing bits of data back to Dell every 30 minutes or so?
Mind you, I love my Dell, but this pissed me off.
Jouster
Christ, we get enough of the 'IANAL but....' crowd sounding off on here without needing to be invited. Sounds like we'll be in for a tirade.
D.
use Blunt::Instrument;
i ilke tech support = beer. but its a lotta shit for a L-user to put up with
"You never want a serious crisis to go to waste." - Rahm Emanuel
when I worked at v!v!d V1deo, the boss loved the idea of the sneaky pr0n dialers the submitter talked about. (You click on a link that says "Free hot videos!" or whatever, and you get an active-x control which then downloads and installs a windows component and puts the icon on your desktop. Then when you doubleclick that, it actually hangs up your modem and dials out to a foreign country that has INSANE rates, several dollars a minute. Your phone bill can reach into the hundreds very quickly, and the phone company doesn't give a crap, you gotta pay if you want to keep using your phone!)
Of course old steve's house is probably burning down today, as the simi valley fire has spread into the hills above chattsworth.
Endorsing pr0n dialers will lead to your house burning down. QED.
Not necessarily through the damage it does, but through the sheer number of times I have to get rid of it. Even though I use adaware and block cookies, it still manages to get itself in through a back door (I think it runs as a java applet, which then installs a cookie).
It doesn't do anything particularly nasty (other then send tracking data out), but I find it hard to block and its used by quite a few sites that I visit often (BBC, for example).
excluding your sig and punctuation marks that is
the most evil form of spyware I am personally aware of is the infamous insidious Gator.
Gator is adware, and it may be evil adware according to some users, but but it's not spyware.
Will I retire or break 10K?
Just don't call Gator Spyware. :)
http://www.fsckin.com/
starts logging onto msFUDge.hostage.extortion.controll from as soon as you turn it on, right through the multiple re-boot process, should you be able to actually attempt to run any applications.
.compliance/liesenses not paid dupe, it gets worse right away.
when it becomes evideNT that you are out of
The worst program I've ever seen is savenow..
It starts like 5 processes on boot (using between 50-75mb of ram and 20-25% cpu), sends all of your browsing habits somewhere else, and pops up porn, and other various ads randomly while using the computer. It is by far the worst spy/ad ware I've ever seen.
Xupiter is a personal demon for me, but Gator is up there as well. Not to mention the uncountable number of little toolbars that install themselves without warning into IE. There was one some time back, I think it was called Bargains or Bargain.com or something like that which was terribly annoying. It was one of those that hijacks your browser and pops up ads whether the page you're on has ads or not.
Personally, I consider spy/adware more annoying than most viruses...
--ShadowKatmandu
"It only takes one true believer to make a thing real..."
I used to work for Customer service. A customer called in complaining about xupiter. I told them I didn't have a guide to uninstall it but that I would go the extra mile and find out how to get rid of it. I did a little googling. Found an unistall page. Got the bloody thing uninstalled while the woman on the other side of the phone is thanking me profussly (one of those customers That over reacts and it takes telling her twice to do something because, you are talking to her husband through her)
I then told them how to setup IE so that it wouldn't automatically install things.
I sent my survey out and I didn't get the greatest score from them.. But she was thanking me to the point of me wanting to tell her to shutup and listen.
So xupiter and IE get my vote.
Rant Oh and some users who can't learn what the second mouse button is.. I can see them not using it.. But when i say RIGHT mouse button hose much more discriptive can I get.. rant over
I don't use RealPlayer at all. If for some reason a website offers only RealPlayer videos I just do without. not a big deal for me. much more annoying, as you say, to remove the tentacles of Real after you've installed their "free" player.
-sweatyb
It breaks my pluginses, my precious!
I found it and uninstalled it on three employee computers while doing an Office 2000 update. One of them stated flat-out that she didn't know how it got there. I'll check up on them and find out if this bit of malware has returned.
STOP MISUSING APOSTROPHES, YOU MORONS!!!
I don't know the name of the specific spyware, but one of my clients had spyware that would have two processes running at a time. If you terminated one of the processes, a new one would pop up, probably created by the other one. The process names were also random characters, meaning you couldn't just stop certain processes from startup. I did end up using WinPatrol, which is a lifesaver. It's able to look at services, processes, and startup items. It gives more information than just the names and is useful is stopping active processes and startup items.
The FBI's virus/spyware. What makes it win? The fact that virus detection folks have agreed not to search for it.
But don't worry, I'm sure it will only be used for good.
Most of the filesharing software people are so eager to defend often install a who's who of spyware/adware today. For an interesting little test, take a clean windows system (no jokes) and install your iMesh kazaa, grokster or any other filesharing program. Then run adaware or spybot against it. You'll see new.net, shop-at-home select agent, gator, and many other nasty little goodies. File-sharing programs running on windows claim to be fighting for user/'fair use' rights, when they are simply fighting for their bottom line as a company. The fun part is that for nearly all of them, if you remove the spyware/adware the programs cease to function. Just my $0.02
1. Ask Slashdot what sort of spyware is the worst. 2. Make this sort of spyware. 3. Profit!
Boffoonery - downloadable Comedy Benefit for Bletchley Park
Let's not forget the evil that is LOP.com... this crap gets installed on peoples system when they are searching the internet for mp3 songs.
You will come across a site called mp3search.com or something to that effect that installed lop. The last time my wife got infected with it, adaware and spybot could not get rid of it...
Nasty bit of malware.
Str8Dog
using System.Darkside; public
With absolute certainty, the worst adware is the threadjack /. post
Especially evil is the sig line advertisement.
owever, this begs the more interesting questions....
"Raises", not "begs".
Anyway, there are a few reasons why there isn't any adware designed specifically to run on popular desktop *n?x systems. For one thing, there's no well-known ActiveX equivalent that lets a script on a visited web page download code and run it with the logged in user's full privileges. But the major difference is that no desktop *n?x system, not even Mac OS X, has nearly as much mindshare in residences as Microsoft Windows, so development efforts directed at Win32 have bigger results than development efforts directed at LSB or Carbon APIs. Businesses don't count because they can more strictly regulate what can be installed on a workstation, possibly through bigger budgets for licensing proprietary HTTP proxy software.
Will I retire or break 10K?
Note that you may technically (?) be breaking contracts by removing spyware/adware.
It's called a 'TV'. It is absolutely the worst adware ever. No matter how hard I try, I cannot get rid of it. I think it has some sort physicological hold on me.
I didn't think that spyware existed on MacOS X, but... my girlfriend came home from school last winter with something really odd. Internet Explorer would, no matter your user preferences, always go to a certain internet shopping site as a homepage. And would give you a barrage of popups constantly. I forget what shopping site, and back then I only had inbound firewalling, so I had no logs to check.
No toolbars installed. No plugins. I created a new user account for her, and that worked, so apparently it hadn't messed with the internals of the Internet Explorer.app (which seems like a vector they'll soon exploit). Crappy, though.
There are no trails. There are no trees out here.
The CoolWebSearch Chronicles
The story of a thousand hijacks
This is an article which details the variants of the browser hijacker known as CoolWebSearch (CWS). In the last few weeks, the people behind this name have succeeded in becoming (IMHO) an even bigger nuisance than the now infamous Lop.
The difficulty of removing CWS from a user's system has grown from slightly tricky in the first variant to virtually impossible for the latest few. Some of the variants even used methods of hiding and running themselves that had never been used before in any other spyware strains.
The chronological order in which the CWS variants appeared is detailed here, along with the approximate dates when they appeared online. However, even though the evil programmers of CWS have released over half a dozen versions of their hijacker on the advertising market in such a short time, it should be mentioned that it is very hard to catch a live installer...........
search your hdd for 'realsched', dont delete it (else it will automagically be reinstalled), just change the name to realsched.old or something. viola, no more message center system tray popups!
I don't know if its insidious, but I stopped going to tucows.com (shareware), becuase of a persistent window that would appear in the lower corner. They had a script, triggered by closing the window, that would open a new one. The only way to get rid of it was to turn off javascript, then close the window. I haven't been back. Another pain in the *ss is a 'feature' employed by mail.com. Certain functions would interrupt your session with an ad that would remain in place for a few seconds. Forcing you to view before proceeding to your mailbox. Stopped using that one as well.
kazaa and everything it bundles with it are my collective vote.
;)
I used to work tech support, where half the problems people had using our pages had to do with the numerous spyware programs installed with kazaa. It was a mess.
I'm glad that in my department now my users don't have admin priveleges. If they get themselves spywared, it is easy to fix -- if all else fails, back up their roaming profiles and blow them away, recreate settings on next login! I don't know of anything that can survive a brand new shiny profile
I think Windows XP activation and hardware modification monitoring is the worst.
This coolweb hack resets your homepage everytime you restart thanks to a trojan that is loaded via a browser hole. It did not happen to a personal machine but to a shared machine that I login to occasionally. It is a PAIN to remove.
Gorkman
All you professed Linux users really use WINDOWS!
DateManager PrecisionTime Gator eWallet OfferCompanion Dope Wars Go!Zilla MThree_Decoder MThree_Encoder MThree_Ripper DivXNetwork DivXNetwork2 Audiogalaxy Satellite MailCleaner Grokster iMesh Swaptor Shankster MediaSeek Morpheus Screen Scapes Software Supreme Sunsets Supreme Sunsets Setup Weatherscope Blubster Weatherscope SearchScout Toolbar
lol
PrecisionTime
Gator eWallet
OfferCompanion
Dope Wars
Go!Zilla
MThree_Decoder
MThree_Encoder
MThree_Ripper
DivXNetwork
DivXNetwork2
Audiogalaxy Satellite
MailCleaner
Grokster
iMesh
Swaptor
Shankster
MediaSeek
Morpheus
Screen Scapes Software
Supreme Sunsets
Supreme Sunsets Setup
Weatherscope
Blubster
Weatherscope
SearchScout Toolbar
One more time, with formatting...
i run an elementary school network of about 200 computers, all on winxp. because of the entire spyware thing, i've had to lock it down much more than i want--all activex controls are disabled if you're not an administrator. most scripting is also turned off. it sucks, too, because some of the education websites out there for the kids don't work anymore-- but it's better to have a few not work than to bring down the whole network with broadcast storms.
See The CoolWebSearch Chronicles The story of a thousand hijacks.
Quote:
The difficulty of removing CWS from a user's system has grown from slightly tricky in the first variant to virtually impossible for the latest few. Some of the variants even used methods of hiding and running themselves that had never been used before in any other spyware strains. End Quote.
15 variants so far....
Envy my 5 digit Slashdot User ID!
I have a degree in Computer Science and that makes me the computer repair man for everyone I know. The biggest problem is unsolicited adware programs.
Gator - Slows the computer and uses insane amounts of hard disk space downloading ads.
Weatherbug - SLows the computer down and is difficult to install.
Bonzai Buddy - Similar to Gator.
New.Net - Does nothing useful but slows the internet connection to unusable levels of slowness.
These programs are almost always installed by kids using the family computer. Kazaa is the biggest problem because it automatically installs adware. I can't count the number of houses I have gone to where the computer is unusable. I remove the programs I have listed and the computer is usable again. Sometimes the kids have tried uninstalling the programs incorrectly and I have to reinstall windows, all 'cause the kids wanted to check out porn on kazaa. Little bastards.
- Kill Yourself, spare us all! -
The most insidious are the ones we don't even know about.
Though it's a bitch;
you can disable every feature in Real One you were describing.
In addition it uses I.E.s security settings.
So it is a good idea to put it in your restricted site list then disable everything.
I would say the worst spyware is the spyware some cable broadband providers bundle with their service.
All these companies want to do is let you know about exciting new products and services that could entertain you, improve your life, and lengthen you genitalia.
Shutting out these innovators . . . well, it smacks of Communism, doesn't it? First TiVO, screening out the ads that broadcasters, our public servants, need to survive. Now this ungrateful attack on champions entreneurship and freedom of choice. Just a bunch of surly, consumer-choice hating Reds is what you all are.
I'm going to tell John Ashcroft what you've been up to so these SpyBot removers can be banned!
Stefan "scared to hell that someone out there might actually be thinking like this" Jones
Granted I know what I'm doing, but I've used Windows for a long time and NEVER had any of this crap on my computer (excluding Real and WMP, which is still v6.4 on my box). Even when something does slip through, it's always small and easily removed via viruscanner (which means it technically isn't adware or spyware since they didn't even pretend to ask you if you wanted it installed). I'm not running any strict proxy server or firewall either. Is this, in essence, just users (who shouldn't be users) clicking yes instead of no?
I'd love to see the day when a "define Gator" on Google returns "bottom dwelling scum sucking spyware" yeah you heard me, GATOR IS SPYWARE!
I am not sure what this thing was, but its the biggest spyware I have seen. It came installed
on my laptop, and even after I installed Linux, it continued to exists. Everytime I forget to press
arrow key while bootup, it would boot into this spyware. Once I am there, I am given a illusion that
this thing looks very similiar to my Linux system, but everything was slow. There was an ambulance
(I think thats what they use for hijacking my laptop) which would keep yelling "Click here to update".
Then it did have something that looked like konqueror and it did show some internet sites. But I couldnt
open more than one tabs in it. Also, every 2.5 seconds it used to open up a colourful window offering
me stuff I did not want.
Then I got a message saying Cindy wants to talk to me. I didnt want to talk to Cindy, but it kept yelling
at me for not saying Hi to Cindy. Cindy was barely wearing any clothes (shudders)
I finally managed to get rid of this spyware, and everytime I think about it I shudder.
DO NOT PANIC
More and more applications are becoming intrusive, software such as Winamp, Windows Media Player and Kaaza all having annoying dialog boxes which popup each time you run them if they detect a newer version which you haven't yet downloaded. MSN actually refused to do anything until I upgraded it.
A large number of applications now have an online registration feature, they dont force you to do the registration, but they will bug the hell out of you if you choose not to.
Applications such as RealPlayer try and sign you up to email based newsletters(spam), why should I have to give my details (email address, home address and hobbies for example) to a company in exchange for using their software?
There seems to be a gradual increase in the invasiveness of software, currently most of these 'features' are still optional, but I dont think it will be long before many software companies start making things like software updates, online registration and having a valid email address mandatory.
Everyone knows that you don't get these things without going to shady places. PORN!!!!!! WAREZ!!!!!! CRACKS!!!!!!
Don't lie, I know that is what you guys are doing. Everyone knows that half of these only come from clicking those "Free Movie" links.
Honestly... the funniest thing is getting dialer.exe on my Mac desktop(haha).
"Click OK to not install this program."
I think that if people make a conscious decision to install a piece of software which admits that it is spyware, even if only in the small print, there can't really be anything illegal about it.
If it doesn't, the question necessarily becomes a bit trickier. IANAL, so obviously this is just my opinion.
According to the Supreme Court (in Roe v. Wade, the abortion case), there exists an implicit "right to privacy" in the Bill of Rights. The Court used it to defend a woman's right to procure an abortion, essentially saying that the government couldn't create legislation that would violate a citizen's "right to privacy." The government being denied the ability to infringe on people's privacy (Patriot Act notwithstanding) is obviously different from corporations being denied the same--and, again, IANAL--but the fundamental legal principle seems applicable to me. That is, we as citizens should have the right not to have people snooping in on our lives and habits without our express consent.
install your iMesh kazaa, grokster or any other filesharing program. Then run adaware or spybot against it.
WinMX contains no adware or spyware. Neither does Gnucleus or eMule.
Will I retire or break 10K?
You can use this hosts file to block redsherrif. It works well for me.
This is about the nastiest one I've seen in my consulting work. On its most basic level, it inserts itself into the registry as the default proxy server for IE. Unless you get the registry entry, it'll just keep putting itself back. What gets really bad is that I've seen Netsetter break several computers' TCP/IP stacks entirely. With Netsetter ripped out you get PCs that can dial up, connect, and have complete connectivity except no DNS resolution. And you can't get DNS back without either an in-place reinstall (works for 95/98/ME/XP), or a complete format and reinstall from scratch (NT/2K).
They're on my short list of People Who Need To Be Shot.
A few days after I first updated to RealOne (when it first came out), I realized what crap it was. Since then, I've been using RealPlayer 8, which can handle all of the files, but with less hassle. Rather than go for illegal (?) alternatives, you can just go to their Legacy page (which they keep moving around - for a long time the only way to get there was to act like you couldn't get RealOne to work on your machine in the Help pages). For now, the "BlackJack" page is still there.
GL
That is a very cool tip!
Just checked out netsh. Never seen it before. It has all sorts of information in it.
Thanks!
This is one I've been trying to help various people who come to me for computer help with. It seems that certain keywords in text of websites (only in IE, as far as I can gather), get turned into ad links. I've googled for this and can't find anything. Adaware et. al find nothing. It's not in Windows startup and not a seperate process. Ir's not even a register extension to IE in the registry. I'm stumped.
That's why god created Kazaa-lite and such.
This steaming pile makes your computer join a stealth p2p network used for computer simulations, serving ads, etc...
------- Assumption is the mother of all f$#@ ups.
I'm about 90% sure it was hotbar. My mother-in-law (technophobic AOL user) had clicked on some banner ad about "Upgrade your browser for FREEEE!!!" and it installed its extra toolbars for IE. Kept getting their advertising whenever it was on. She doesn't use Outlook, so at least it only seems to have annoyed IE.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I'd have to go with scratchcards. It installs a little proggy that spawns popup ads every 30 seconds or so, even when the user is idle. Some computers at a lab got this parasite, and there were stacks and stacks of popup ads, even takes a few minutes to close all of them. So many popup ads that Internet Explorer would eventually crash every time the scumware opened a new popup ad.
Not sure what the hell this is, or who makes it but it got installed on my browser while I was surfing the internet. I know for sure it didn't come from an email message since all the viruses are stripped out on the server level.
I found it this morning when I noticed popup windows coming up at random times. Damn thing even tried to install Gator on my laptop.
But if you're really 1337 you probably don't care because you're using Linux anyway.
The one's that spy on me and show me advertisments?
--
The 10% gay figure was based on major metropolitan areas, but turned out to be biased because small groups tend to congregate in cities due to the higer absolute numbers to be found. After all 1% of a million is far more people that 1% of a hundred.
Please don't flame, I'm just passing on info.
First off, any software that changes system configuration w/ out letting you know, is bad software.(correlary, M$ is bad software too). About 3 months ago i was happily running winXP, and had been since its release, and had had next to no troubles with, and in the grandious scheme of things, i still dont, i am however now running linux, and have been for about 2 months. Basicly i got hit by why i can only describe as and adware/spyware BOMB. Unfortunatly i could never trace the source of the my problem, but in short, i spent about 2 weeks trying to elimate several add/spy ware programs from my computer, but to no avail, more just kept comming up. I finaly got so fed up w/ all these crap popus, i busted out my RH9 cd's and began the install, utterly destroying what was left on my hd. If you ask me,(and yes you did), i beleive it is illegal, in the sence that it is unauthorized access to a computer system, but good luck in court, and if it isnt illegal, it shure as hell should be. Long story short, run linux, no adware !!
--The Titanic was built by proffesionals. --The Ark was built by Amatures.
Who, you ask? The people who make Gator, Xupiter, RealPlayer, and any other software that hi-jacks your computer or psychologically tricks people into installing things they don't actually want. They are actually worse than car thieves, because at least with a car thief you know what you're getting -- he doesn't knock at your door, claim to be an auto mechanic, and then drive off with your car, all the while claiming to be a legitimate business.
People like this, quite simply, all deserve to suffer incredibly long, incredibly painful deaths. They need to be made to feel the full effect of the pain they have so selfishly inflicted on the world around them.
I suggest sending them tons of spam telling them they've won a "free" vacation into space, then loading them all on board a one-way rocket destined for an agonizing, slow-deteriotion orbit into the sun. Oh, and fill their spacecraft with fellating pirhanas and skunks. That might grant them a very small taste -- approximately 0.0001% -- of the pain and agony they inflict upon millions of other people on a daily basis.
I don't get how people like that can sleep at night. They must completely lack any form of conscience or ethics.
Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
Come on, we can talk about the programs that use TCP/IP and complain about them, or we can go to the source - the enabler of all this spying and ading, and persecute TCP/IP itself, which is what we should have been doing all along.
Take a page from the lawyers. Don't go after the file traders, go after the programs that enable file sharing. Don't go after the drug addicts, go after their dealers. Don't go after the women having abortions, get their docters. Don't go after the spammers, get their ISPs.
This whole TCP/IP thing was fun in its heyday, but it's nothing but trouble now. Let's ditch this ride while we've still got momentum, and find the next big wave.
-Adam
and run into this cr*p all the time. New.net is always fun, as are Xupiter, Xzoomy, and the newer varients (like orbitexplorer). Theres another one called lop that has been pretty fun to try to get rid of. Here is a quote from doxdesk.com about lop I find amusing "lop/Toolbar installations normally put a round icon in the system tray, try right-clicking this, choosing 'Menu', then on the resulting window, clicking 'Help', then 'Uninstall'. With newer variants you will have to answer an annoying riddle before it will go away."
I really hate dealing with this stuff over the phone with people who don't know what IE is or where the start button in any version of windows is located. It makes you wonder how they know they have a problem in the first place, did they make it to thier 3rd game of solitaire and not get any pr0n pop ups? Either way, if you don't know how to use a computer, why do you automatically click on "I agree/accept" any time it pops up on your screen? This was my short list of spy/ad/cr*pware that gets on my nerves on a daily basis. Have a nice day...
Gain / Gator seem too be the most abumdant, although not the most intrusive. Cydoor has been one i have had trouble with in the past. im glad too say i have been completely spyware free for over a year now.. learn to avoid it, learn too remove it. and worrying about it becomes nill.
Need cheap, customized, and quality bandwidth or hosting on any business scale? Visit www.ENetpresence.com
Now, let me step up and argue the other side of this one for a moment. Sure, gator sucks if it shows up when you don't expect it to, like if some shareware program you download installs it without telling you. However, I recently wanted to encode a DIVX movie. Just one or two, mind you, not a ton of them. So, I went to the DIVX website and downloaded their encoder. They will let you use the decoder for free (or they used to...) but the encoder part costs money. Alternately you can install and use the encoder for free if you agree to let gator on your system.
They're very up front and honest about it: they want money for their software, so either you fork it over or donate your eyeballs. Sounded fair, I didn't intend to have it on there for more than a month or so.
The installer was also very open about the fact that it was installing Gator, and the fact that I'd be seeing ads occasionally. After I installed it, gator came up, and I found a nice little preferences pane. After some digging through "advanced settings" I found out I could make it display ads approximately 1-3 times a week at minimum. I did that, and it never bothered me again. I think I've seen it pop up maybe a few times. I can deinstall it any time.
So what's the big deal?
Recently a client came in with a PC and said it was acting funny and suspected there was some kind of virus on it. A scan detected that there was several files that appeared to be infected with something called "Downloader-DZ" and, along with the links to porn sites (my favorite one being "Operation... SEX!") and the homepage being replaced with a porn page, there were SEVERAL dialers installed, and an attempt to just delete LiveGirls.exe did nothing... it later reapeared.
To put it short, I spent two hours running spyware removal software and manually editing out bad registry keys. A pain.
Oh... and PLEASE tell people they don't need that FUCKING SHIT like hotbar and weather bug either!! I'm sick of seeing that crap on people's PCs!
I don't know what the hell it does, other then the fact that it claims to remove spyware, but in fact is spyware as detected by spybot. So now not only are these bastards praying on security holes on machines and less-then-attentive users, they're also praying on people who are actualy trying to remove there crap.
I sware to god these motherfuckers, spammers, Spyware authors, and low-lifes in general are responsible for an over-all decline of the internet into suckattude.
Someone smarter then me needs to figure out a way to create an internet that offers both anonymity and relative accountability (like the slashdot mod system, except something that actually works).
I've only been infected with Spyware once, something called "surfer bar" which replaced IE's display, and replaced my address bar with it's own. It put in three buttons. I don't remember one, but the other two were "gambling" and "porno". I swear to god it got installed by an IE hole or something, and I switched to mozilla right after that.
Oh yeah, and ad aware didn't even detect it, I had to manually remove it by going through the registry (thankfully it was simple, just a standard COM based extension to IE, except it called itself "win32.dll" and had no references whatsoever to "surferbar" in any text anywhere in any of it's files or registry keys...)
One girl's machine I tried to fix had some process that would reinstall Spyware after it was removed by add/remove programs. I ran spybot on her system and it found 30 different types. But there was still some weirdness when we rebooted : (
autopr0n is like, down and stuff.
I recently uninstalled the Macromedia Flash plug-in from my IE browser because a few sites I would hit would run ads in Flash.
As a result, if I had several browsers open I noticed some would be taking up CPU time, and those were the ones running the Flash ads.
I'm sorry, but I'm going to let a company run a Flash-based ad on my computer using my CPU time.
Now I have to deal with the annoying "Do you want to install Flash" pop-ups from those sites, but I'm quick at clicking the "No" button.
It would be nice if IE had the ability to ignore some certificates and not take any action. Perhaps it does? Or perhaps some other browser can do that.
Real Player is by far the most intrusive spyware program out there. Having it foisted upon me in order to listen to .ram files is beyond annoying.
Some of it's not even broken ethically - if all they're doing with it is deciding which ads to show you, rather than tracking your every move online, especially if they didn't collect personal information about you, and if they didn't lie to you about what they were doing, and if they have a privacy policy that actually reflects what they're doing, that's ok. Not necessarily something you want to run, but ok. Some particular examples are the adware versions of Eudora and Opera.
European data collection laws may have terms that popular spyware violates, but usually the spyware companies aren't based in Europe so there's no legal jurisdiction. The data collection laws themselves are often effectively spyware - in return for "protecting" you, they're also subjecting you to possible audits of your machines because you *might* have personal information about other people on your computer or your PDA or your cell phone. (Sure, they mostly pretend they wouldn't do that to regular citizens, only businesses, but it's pretty much a selective enforcement thing. And you are registering all your computers with the data protection bureau, aren't you?) But at least it doesn't slow your machine down when they're not auditing you.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Call 0800-AOLHELPME.... :-)
No realy that sounds nasty. Have you done an fdisk? or format of the c-drive? Maybe there is a hidden partion that speaks Win & Linux?
NSG
Grundgesetz * 23. Mai 1949 - 30. November 2007 - http://www.vorratsdatenspeicherung.de/
... maybe this site would help:
http://www.spywareinfo.com/downloads.php
"Consensus" in science is _always_ a political construct.
Every Needs to Check there HOSTS FILE.. After you remove spyware most of the time the HOSTS file was modified to point to some other IP.. like search.msn.com gets changed and search.netscape.com gets changed and a few others.. IT is why your homepages dont work.. it does work but is using the hosts file to do the work of DNS lookup (Nice feature aye)..
Damn I just posted so I can't mod you up. Oh well, made me laugh :)
autopr0n is like, down and stuff.
i've been an earthlink user for quite a few years now and i usually tend to stay away from ISP-supplied software, but they have been putting out some pretty cool shit this year thru various 3rd-party software partnerships/cobrandizing, the latest of which being SpyWare Blocker powered by WebRoot. it is actually quite cool: it'll look for advertising companies cookies and disable'em for you, as well as offer you to remove 3rd-party spyware and trojans, i think it can do some other shit but i haven't entirely explored it yet. it maintains a constantly updated database of existing spyware. i wonder if it would catch the New.net shit. hrmzerz. and it's free for all earthlink customers.
Extraordinary Vacations. Exceptional Prices
Interesting, new.net is an idealab company, which is sort of the archetypal silicon valley pipe dream. Oh, we can't change the world and become billionaires, let's just fuck over millions of peoples computers so we can keep making payments on the cars we thought we had paid for by stock options. Pathetic.
The T&C section is pretty standard fare, try to find some license that doesn't try to get the author off the hook. The GPL certainly tries, weather you pay for it or not (like buy disks from redhat)
autopr0n is like, down and stuff.
I do tech support for *nix users and run OSX at home. I'm completely amazed I haven't heard how big this problem is. I just don't know anyone that uses Widows and seem to have missed out. I'm not a zealot just a computer guy but seriously folks this situation is *appalling* given it will only get worse in the next few years. I feel so sorry for average users that get literally traumatized by this stuff happening to them. Anyone in tech support will know what I mean. And it's so unfair they think it's their fault when it'\s really the OS.
Sorry, time to trim my beard.
I finally got fed up and told him to use Firebird rather than IE. That should solve the vast majority of his problems.
What the hell is somebody supposed to do when the internet writ large has not heard of a problem?
...but they all suck. Our helpdesk spends considerable time cleaning them out.
The meme police, They live inside of my head
Okay, it makes the program faster, but the computer slower to boot. And even then, why do they need an icon It's entirely possible to startup without having a tray icon.
autopr0n is like, down and stuff.
Or just slow. I go for slow.
Get your solder and pliers and build that laptop from a empty cerialbox.
--> Insert Funny Sig Here
I remember back in '95 or so when I had an ISDN router with autodial + autodisconnect and made the mistake of installing Real. I managed to find and turn off all but one of their annoying behind-the-back spyware features. Unfortunately that one I missed caused my ISDN router to establish a connection and then timeout and disconnect about every 5 minutes for a month, and I ended up with an extra $60 on my ISDN bill. Thanks Real!
From the website:
* Lock down sensitive areas in your memory and registry to keep them from being compromised!
* Real-time blocking of browser hijack attempts and drive by downloads!
* Real-time blocking of forced installations and activeX!
It has a pretty slick interface to boot. Worth a look.
Spybot works a lot better then ad-aware. Or hell, get 'em both.
autopr0n is like, down and stuff.
That little purple swinging fruitcake will not leave computers. I swear, he's like the freaking plague, your mother-in-law and an itch in the middle of your back where you can't scratch it all rolled into one. That's all I've got, just a rant. But an honest one at that.
-or so you'd think
Microsoft Windows and that dastardly Messenger service. (enabled by default) that would be the most insidious adware out there.
oh and i guess XP qualifies for spyware with that nasty activation "feature" (though not quite)
Don't call me back. Give me a call back. Bye. So yeah. But bye our, well, but alright we are on a shirt this chill.
I have a machine that i really don't use much running a virtualy clean install of XP. I'm also tech enough to know what programs to install and not. Inspite of this somehow some Alexia software managed to sneak on my computer even with the latest OS updates and such.
When a program can seak on the computer of a geek then the company has really done it's homework.
Xupiter by far is the worst that I have seen.
Daniel Connor
kazaa-lite still contains spyware/adware according to adaware and spybot. It's better, but it's not totally safe either.
I thought that I had it bad, but some people received bills for $500. They have gone to court, and somehow they have not been shut down (though anyone that disputes their bill gets the FTC as a third party arbiter). I encourage everyone to educate themselves about Alyon Technologies. Go read through that site, you will learn about some of the worst people in the world, and how they will take advantage of you and then tell you YOU are at fault.
I don't know if there is a Hell, but if there is, these people would be in the center of it.
In Windows XP there is a feature called Software Restriction Policies (SRP, see here). This feature allows you to deny software to run based on Certificates (and Path, and Hash, and Zone for MSI). Since all the Spyware installers use signed Active-X "drive-by" installers this is an effective way to kill them. This, however, is an arms race. You need to collect the certs you want to invalidate first (upon first encounter of a spyware safe their cert into a file and disallow it). You can find the feature in Control Panel->Administrative Tools->Local Security Policy. Have fun!
Hasn't anyone heard of Bonzai Buddy? I think it is not only the most intrusive but the most annoying... It is Microsoft's Clippy taken to a higher and more perverse level!
If what you are reading sounds funny, or sarcastic, lame, or stupid
it is because it is supposed to be. just laugh
How about slashdot goatse trolls?
Wh47 d1d j00 541, 31337 15n't t3h r0xor5 ne m0r3???
On my laptop the dns for google seems to have been overwritten. Don't know what did it, but it always redirects me to this other search engine (forgot what its name is already). I've tried resetting the DNS tables with no luck. Now, whnever I want to use google, I have to just type in the IP address. I haven't been able to fix the problem - if anyone else has come across this, I'd really appreciate it if you could post how to fix the problem.
I forgot to mention that the laptop is running windows XP pro. [I have to, to interface with the computers at work :(]
But there was one on a comp I worked on this summer that basically ran anything that wasn't a .com url through it's search engine. Made it really hard to test the stuff I was writing that was hosted on a local machine (http://localmachine/ was a search term for it, as was the ip). That probably is a lawsuit if people cared. I just ran adaware and got rid of the 60+ pieces of crap that the clueless "support staff" had installed. Given that at least one of them had full administrative access to the entire network, I'm quite glad that was just a summer job
There have been a few cases of spyware I've had to clean from student computers recently that really bothered me. One system had as much spyware as I had ever seen at once, all because it visited a site with unsafe ActiveX controls (and of course, they clicked "whatever") that installed a "searchbar" along with every other spyware I've ever encountered. Getting rid of the extra stuff was one thing, but even AdAware diddn't get rid of the searchbar, which was crashing the browser and constantly changing the home page. Only manually deleting 30-something registry entries killed it off. I also had an incident where SaveNow was eating 100% of the CPU, locking up as soon as it started, and causing all kinds of hell. Not a fan of SaveNow, either. What really bothers me about SpyWare is not its existence, but rather that so few people are aware of it and how to get rid of it. When I tell someone they're infected with SpyWare, they almost always ask "What's that?" and seem horrified when I explain it. Then they give me the usual "Can you fix it?" instead of relying on their own faculties, because they've been trained that we know how and they never will...
I dont think it will be long before many software companies start making things like software updates, online registration and having a valid email address mandatory.
:) Now if only we could convince Management...
Preaching to the converted, I realize, but this is precisely why I'm moving everything I do to OSS applications.
As "free" software becomes more and more nag/spy/ad-ridden, and worse, as software you PAY for gets like this, I'm giving up and ditching it all. I stopped using IM entirely a while back for similar reasons.
Thanks to OfficeXP and WindowsXP, Microsoft has permanently lost me as a customer. Once 2000 is no longer practical, bye bye Windows at home.
The funny part is that I'm finding the new stuff I'm using to generally be better. CDEX, Firebird, you name it, it's better. Now that mIRC is officially nagware (well, much worse than it's ever been, and not upgrading to 6.12 is suicide what with the latest exploit) there's not a hell of a lot tying me to Windows.
I never thought so many zealots could actually be right
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
Just spent way too much time clearing dreck of my B-in-law's laptop (...it used to be faster... ). The highlight was running Ad-Aware and finding some 48 different bits of Comet Cursor that it removed.
Ack.
Barry
Three Squirrels
It's "pantywaist" you "dickwad".
Spybot S&D is the best, as long as you keep it updated and "immunize."
Another good one is Spywareblaster. I don't know if it does any more in the way of ad/spyware removal than Spybot S&D does, but it's "Flash killer" is very cool to get rid of those increasingly obnoxious Flash ads. It will prevent the repeated download request (annoying!), or alternatively, it will prevent Flash animations from running once Flash is already installed (an easy click to re-enable if desired).
Although not billed as an ad/spyware removal tool, Peer Guardian blocks all known DoubleClick, Cydoor, and TRIBAL FUSION domains, as well as other ad networks known for tracking. The ads don't even load. Added benefit: Stealth Sufing Mode to RIAA, et al.
Full list of blocked IP addresses.
Slashdot "libertarians": Small government for me, big government for those I disagree with. -1, I disagree with you
Learn proper grammar, you shit-faced cockmaster!
I'm a end user admin on a small (300 machines ) network where both IE5 and Netscape4 are available ( and nothing else ) on WinNT4. I'm constantly fighting against end users that install spy/adware. I'm losing the battle and re-imaging machines on a daily basis... I'm looking for tips on reducing downtime due to this junk being installed. Any tips would be appreciated.
If the ads in Windows Messenger 6.0 for WindowsXP bother you, then just go ahead and disable them. The modifications prevent those annoying ads from showing in the "MSN MESSENGER" panel.
e nger6-r emove-ad.html
You'll need a hex-editor to make the changes yourself, at this site:
http://www.windows-help.net/microsoft/mess
I have only tested this modification with v. 6.0.0602 of MSN Messenger so I'm not sure if it works with later builds.
I found the directions easy and I never see any ads now. As for additional spware that it may contain... who knows?
uR iGn0ranc3, Their Power
I thought I had seen it all until I got the CommonName parasite. I got it from installing a game, then noticed I had strange programs tring to access the internet.
When I went to the add/remove programs section in Windows 2000, I was sent to a web page insisting that CommonName was NOT spyware and asking that I validate myself as a human so that scripts could not automatically remove the software. After that, the program removed itself from the add/remove panel but left itself in place, until I killed it with spybot. (A great program!!)
It was very irritating to have a program essentially thumbing it's nose at me and taking over my system like that.
Has all the same problems as RealOne, plus the way it gets on your computer is really insidious... it's on there before you even open the box.
Normally I don't have much of a problem with spyware. I scan at least once a day and it keeps the problems down to a minimum. But SearchSquire broke my registry and installed itself without my knowledge or consent. Of course, I was the dummy who broke my backup registry. Check out this link for official lies posted by an alleged employee of SearchSquire who says it's an ActiveX script -- which should have prompted whether or not I wanted something installed.
I've never had trouble removing New.net or any otherspyware with Spybot Search & Destroy. Sometimes one or two reboots is necessary, but other than that it seems to do the trick.
It even says, when cleaning with it, something like "Applying networking fix".
It's freeware.
spywareinfo.com has a number of good resources, along with a semi-reasonable message board. Which is where I found out about HiJack This
"It is a greater offense to steal men's labor, than their clothes"
bullshit, it's MY machine.
if this is supposed to be a new economy, how come they still want my old fashioned money?
I don't know if "dialers" are considered spyware or adware, but some dialers are pretty nasty. A friend of mine had a dialer installed on his system that would dial an offshore ISP using a 1-900 number at some absurd rate ($99.99 an hour or something like that). The dialer only activated when the computer was idle, such as when the computer was left on over night. It wasn't detected until after it had racked up over $1000 in calls.
Most spyware/adware is just a nuisance, but dialers take it to a whole new level.
Originally, yeah, but doesn't 'panty waste' conjur up much more obscene images in your head? I think I prefer his terminology.
which is not much better in most peoples minds.
Considering that I haven't used Windows in over a year and a half now I just couldn't be sure anymore.
It seems that I haven't had the joy of this type experience since June '02..
Whether it is less than 1% or more than 10% of the population that is gay, depends entirely on the political agenda of the person or organization reporting the statistic.
kiss my ass mofo cock sucker. Jerks like you wreck this world. Not everyone is fuking dilbert like you.
Go give yerself a wank, cause obviously it's been a while. prolly voted for king bush
That's a cookie. This article is about spyware.
The shareholder is always right.
Basicly, any time a program wants to do something like put something in startup or modify winsock settings or stick files in windows system folder or modify the hosts file or dns settings or things like that, windows should come up with a nicely worded warning about why clicking "yes" is a bad idea.
Also, it should log all these actions so that for example, you can see which programs installed what settings (so you know what to remove)
And it should have something that allows sysadmins to turn off these things completly (just like how its possible to turn off control panel and other system things)
That way, when some idiot wants to install kazza, the system detects that kazza wants to install "privacyviolatingspyware.exe" to c:\windows\system\importantmsfile.exe" and add it to startup and denies the request.
What should be done when the request is deined (either because its completly switched off or because the user clicked "no") is that it should return for file i/o calls "cant open file" and for registry calls whatever the appropriate error is.
Or better yet, pretend to write to the registry or the file but dont actually do it.
This is the worst I've personally come across, after pr0nsurfing willy-nilly one night. It somehow installed itself without my (knowingly) permitting it, and without Cygwin I would probably have never figured out where the crap was ('find' is your friend); I've probed 00hq.com's ssh port and found they're still running OpenSSH_3.5p1 but (oops) then again, so am I... better fix that right away...
Anyone know of an IP blacklist so that admins can block these sites/installers at the firewall? No luck finding anything that's targeted at only spyware host IPs.
To install Steam and play on any Steam-validated Half-Life servers (Including Counter-strike servers), one must agree to Valve's privacy statement. Here's a little snippet:
"Storage and Security of Information
Personally identifiable information will be processed and stored by Valve in databases hosted in the United States. Valve has taken reasonable steps to protect the information users share with us, including, but not limited to, setup of processes, equipment and software to avoid unauthorized access or disclosure of this information."
Reasonable steps, eh? Like the same steps they used to protect the Half-Life 2 source code?
Slashdot's homepage itself appears to try to install MediaPlex according to Spybot Search and Destroy , in its "resident" mode, so I'd say that the WORST spyware is the spyware that is installed when you are reading about how bad spyware is on sites like THIS ONE! :)
Science is the art of infallibility, perpetrated upon non-scientists
One reason why I have switched to full-time Linux programming is because frankly, I was getting afraid of all the crapware that was being installed on my Windows 2000 PC. One day, this crap called "Newton Knows" installed itself as a toolbar in the Explorer bar and I had no idea where it came from. It had ads and random popups that I could not control whatsoever. Then I used Adaware to remove 287 objects from my PC, and I've been using Linux ever since.
Go get a preset hosts file and put it in where your old hosts file is at on your windows and that will take care of nearly 75% of all your problems.. http://www.2fords.net/rchapin/hosts.zip Do a search for hosts and simply overwrite your old ole with the new one.. It's small, but it does take care of the top spy/mal/adware..
First rule of holes; When in one, stop digging.
Perhaps you should consider Deep Freeze. A simple reboot, and EVERY change to the machine is wiped. Even a hard disk format. Every boot is like having a freshly installed OS. Sounds too good to be true I know, but try the demo out. It doesn't require any special hardware either.
It keeps the labs at my school spyware free and virus free.
Searchdot doesn't seem to be harmful, but it's damn annoying.
Mi klopodas varbi por Esperanto.
Some of our servers send out messenger messages when they require attention. The idea being that, unlike e-mail, it will get the attention of someone immediatly.
I'm far more concerned with aspects of computing that are outside of my control, like my ISP, or the various DNS servers throughout the world, or perhaps even Google. So, my own paranoia is my vote as most annoying adware, and if I am correct, I will have also confirmed my vote for the most insidious spyware.
-
And the Angel said unto me, "These are the cries of the carrots! The cries of the carrots!"
The real problem is that you can't speak hindi, and the support people are not at their best in the middle of the night (their time).
To be quite serious however, if you get a Dell you need to track down third party parts and third party support. Unfortuately their cost cutting has set a new low standard which many other companies are also conforming too - since if Dell can get away with it, they can too.
As a service tech I see New.Net, Xupiter, Gator, and Savenow all the time, but I didn't see Marketscore in there anywhere. It proxies your connection through one of Marketscore's own servers - I'm sure its for better service not actually spying on your content ... Whatever. Sometimes MArketscore adds 2 minutes (yes minutes) to a boot time and all your info is router through through their insecure proxy server. Total garbage. It wreaks havok on our customers since our email servers will not allow email to be sent from outside our domain, so any customers that have it on their home systems and try to send email get errors. The customers I talk to have no idea how it got there or why its running. Worst part is they don't understand how software doesn't show up in their add/remove programs section while running as a background process. It requires a command line uninstall process which is a bit elusive and makes many customers squirm.
Recently TVT Media has made it onto my $#!T list - go through the uninstall process and it reports that it is gone but a reboot proves otherwise. In fact, if you remove the keys and then run the uninstaller and go back into the registry all the keys are regenerated. We'll see how much more press that kind of crap will get.
Memory Blaster seems to be another growing problem on the horizon too, but its still pretty fresh to say how bad that one will be.
In all truth new.net and Xuptier are probably the worst since they have a tendancy to destroy the winsock portion of the TCP/IP stack and take people offline when DNS queries are returned unresolved. Nice products: NOT.
"Quando Omni Flunkus Moritati" -- Red Green
Great, so my printer and modem drivers which are not signed won't run? Wonder if I can run a Linux Loader? Pththth-fit! What junk.
How about a better answer, like removing that steaming pile of excriment known as XP from your computer and using something without a designed to be rooted and sold architecture?
Friends don't help friends install M$ junk.
Now, someone please step up and let me know if this exists already but, seeing as the source of some spyware is from active x scripts that run when you visit websites why are there not blacklists for sites (just like dns blacklists for spam) that Gator and others pay to infect our machines? Just like spammers, it can all be traced back to someone paying the spammers to spam. Spyware/adware that gets installed when you visit a site to view information/photos is akin a virus infections IMO. The companies like Gator, etc pay sites to host their viruses to be put on our computers and cause us grief. Why do we visit such sites? I think that if a blacklist were set up and people used it that we would less and less instances of Gator,etc. Many sites may disappear due to lack of revenue to sustain themselves but that's fine with me. We're better off without them spewing spyware on everyone. Lepers of the internet. This does not of course account for spyware programs that people download/purchase and install on their machines. Something has really got to be done because I find it completely unacceptible and I would say illegal that companies can put their filty paws into your "PC" (personal!! computer) and handle your information. If individuals do this, it is called a 'cyber-crime'. Why is it ok for companies to do it?? Come on! Enough is enough!!! -blankoboy /me swings mace
1. Ask Slashdot what sort of spyware is the worst. 2. Make this sort of spyware. 3. Profit!
How about this instead:
A business plan can and should do good things for your customers.
Friends don't help friends install M$ junk.
http://www.google-watch.org/
Considering we use it more than any other site...
A playa hater.
George II -- Spreading Freedom and American values, one bomb at a time.
What I find funny is that when I clicked on the link to read this page, my Spybot Search and Destroy (Yes I run Windows) poped up and said that the site was trying to download Avenue A to my machine, upon sigining it to comment, I was hit with popup boxes that said that the site was trying to load mediaplex on my machine.... Perhaps the ones that are the worst are the ones from the sites that you do not think that you would get them from... The Doc.
Would you share that little trick?
I no longer use Ad-aware. After my wife previously installed a heap of spyware with a nice little Donald Duck screensaver, Ad-ware removed the Spyware, but left my TCP/IP stack screwed. Following all the HOWTOs in the world wouldn't fix it completely. Finally I am able to use every internet app on my machine except "ping.exe". For some reason, not matter which address I ping, it resolves the DNS correctly, but pings another IP - the same bogus IP address no matter which url I ping.
After doing a little googling, I found that simply nuking spyware (which is what Adaware does) is no good in some cases, as sometimes Spyware needs to be de-tangled propertly from your system (e.g. newdot.net). SpyBot Search & Destroy claims to do such. My TCP/IP stack isn't 100% ok yet, but that can wait until my next clean install of Windows.
is another one I remember. It's just as bad.
Life is not for the lazy.
Ran spy bot on neighbors machine when fixing it for them, 148 different spyware programs(including about 5 comets also). Incuding 3 adult dialers, which happened to be down loaded when son had friends over one Saturday night while parents were out. Can you say grounded? The Doc
i said the messenger serivce not MSN Messenger
similar names, functions from opposite ends of the spectrum.
Don't call me back. Give me a call back. Bye. So yeah. But bye our, well, but alright we are on a shirt this chill.
Don't hate the playa...hate the game.
.....then this was it. Nasty Nasty Nasty stuff boys and girls. I think if uncle Bill were to sit down at a workstation that was infected with these bad boys (to check on his stocks) that even he would switch to Linux.
Don't know what is worse -- the spyware/adware -- or the browser and OS that make it possible.
I have seen a machine/browser infected with a few of these buggers....and if there was ever a plug or commercial for Linux
Yes it is that bad.
(+1 Funny) only if I laugh out loud.
I don't know what she was using, but did you try this?
Now, someone please step up and let me know if this exists already but, seeing as the source of some spyware is from active x scripts that run when you visit websites why are there not blacklists for sites (just like dns blacklists for spam) that Gator and others pay to infect our machines? Just like spammers, it can all be traced back to someone paying the spammers to spam. Spyware/adware that gets installed when you visit a site to view information/photos is akin a virus infections IMO. The companies like Gator, etc pay sites to host their viruses to be put on our computers and cause us grief. Why do we visit such sites? I think that if a blacklist were set up and people used it that we would less and less instances of Gator,etc. Many sites may disappear due to lack of revenue to sustain themselves but that's fine with me. We're better off without them spewing spyware on everyone. Lepers of the internet. This does not of course account for spyware programs that people download/purchase and install on their machines. Something has really got to be done because I find it completely unacceptible and I would say illegal that companies can put their filty paws into your "PC" (personal!! computer) and handle your information. If individuals do this, it is called a 'cyber-crime'. Why is it ok for companies to do it?? Come on! Enough is enough!!!
-blankoboy
/me swings mace
There are three ways spyware gets on to someone's computer:
1) You visit a website and it installs as an ActiveX control. However you must grant permission for this to happen. By default, it will ask you on a per control basis. You may change this to always deny or always permit if you wish, but it is up to the user to make the call. MS has done nothing wrong here, they allow you to choose how you want your system security set and what you wish to permit.
2) You install an application that, as part of its install process, installs the spyware. It may or may not inform you of this. This is again, not an issue for MS. If you choose to execute software on your computer there is nothing they could or should do to stop you. It is your computer, after all, and executing software is its purpose. IF a company sneaks in spyware, it is their fault.
3) You voulantarily download and install spyware. YOu'd be amazed how much users think what some of it does is coll and wants to have it. Again, MS is not at fault.
Get off the trendy "Let's blame everything on MS" stick. It isn't there responsbility if others write malicious software and it isn't their responsbility if users install stupid shit on their computers. Linux has no protection against this either. If I send you an app that allows me to control your system, and you install it, Linux will do nothing to stop you. It's not like OSes have a built in evil dector or anything.
Also, don't forget QuickTime Alternative, assuming you're unfortunate enough to have to play QuickTime files.
They had morphed since being written about even 2 weeks before(of course I googled), and combined took me 4 hours to eliminate off of a client's Win98 PC. They used every dirty trick in the book to hide and re-install themselves: hidden startup files that rename randomly at each reboot, multiple startup locations, redundancy by installing themselves disguised as several different innocuous sounding programs, including maxmem, maxspeed, ie driver, ie update, People On Page, and more. I finally had to resort to verifying the legitimacy of every single program that was installed, and then manually scan the registry for references to all of the bad stuff. Oh, and by the way, this was after running adaware with the latest updates! (Which I still of course highly recommend, it was just behind on this one.) This stuff used every underhanded trick in the book to keep from being uninstalled. Combined these were far "stickier" than even the worst viruses I have dealt with.
While this software may have been legal, it's methods IMHO should definitely NOT be. I would jump at the chance to join the butt kicking posse going after the sleaze/parasite/spy-ware vermin!
"It's scum like this in my industry that lead to my handle"
Thanks for the tip. However, the machine is still using 98SE. Handy tip though for the XP machines!
Redsherrif is annoying, it wastes memory and slows the machine down as it starts up a Java process. I've found that you can stop it simply by blocking outgoing comms' to redsherrif on your firewall. Luckily they only have a few hostnames the data is sent to. This stops the tracking and the launch of the redsherrif applet.
/* TBD */
Is there any sort of spyware blocker? Like Norton or whatever for blcoking virus's? Lots of clients have adaware installed but getting them to run it once a week is a nightmare, updating it is even worse. I can have it run each start- up but they don't like that either. Having a piece of software that blocks spyware before it gets installed would make my life a lot easier. Thanks in advance
- iGetNet
- Bonzi Buddy
- Lycos Sidesearch
Using an application firewall like System Safety Monitor can help limit these (it intercepts calls between applications and allows you to permit or deny them) but this does require an experienced user.All of KaZZa is one big spyware application. If you run adaware over Kazza & nuke the spyware, when its re-started, it complains about "missing modules" & promptly downloads & installs it all again.. .. DMCA & all that crud...
then off course there is KaZZA lite, which doesn't have ANY spyware & is a lot better then KaZZa itself, but then by using that, your breaking the law
You tried your best, & you failed miserably,
The lesson is:
Never Try
If you'd bothered to read the posts made by Valve (somewheres on planethalflife.com) you'd find out that they were *hacked.* Trojans, keyboard loggers, and several other malicious programs were found.
So you're saying it's their fault someone broke the law stealing their stuff?
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Not quite, the number reported depends on the political agenda of the reporter. The actual percentage depends on biological, and social factors, and the precise meaning of gay.
Case in point, while the ancient Spartans took male lovers, were they gay? Careful how you answer that, Leonidas is standing next to you with a (sharp) spear. They certainly would have killed someone who is effete. Useless in war you know.
http://www.doxdesk.com/parasite/Bulla.html tells the tale of Bulla. If you've come across a PC running RB32.exe, you would know it. I've seen plenty of ad/spywares installed, working on car dealerships networks, where slimy car salesmen whack off to porn any time business is slow. To me, there really isn't any ad/spyware that is worse than the others. They are all equally worthless POS softwares that need to have thier creators shot, execution style.
use a different browser:)
I do phone support for our online courses and these crapware programs (gator sued for calling them spyware, better change your tune:) are causing hours and hours of trouble. People can't log in, can't take quizzes, can't do crap. Turns out their P2P software installed application X, toolbar Y, pop-up blocker Z....
What are the common threads with these apps? Windows, Internet Explorer, default settings. I usually send people to
http://doxdesk.com/parasite/ to help prove to them that they've got problem software on their system.
I'd love to blame Microsoft, Windows, IE, et al., but many people I've helped seem to know what they're doing. Maybe there's just a case of "click OK" going around.
My saving grace? Thank you Mozilla.
While everyone is ranting about the annoyances of windows spyware, why isn't microsoft addressing this? They're in desperate need of something to sell their upcomming longhorn in a couple of years. I'm sure I'm not the first person to bring this up, but why don't they just focus on say a firewall/antivirus/antispyware tool in windows? It would make a lot of sense and it would allow them to really make the system more secure. They could adertise it as Windows Longhorn Internet Condom Edition. Alright, that was a joke, but this is meant to be serious. I just see it as really fucking obvious for microsoft to actively take a role in windows security and not rely on smaller companies like norton or adaware to fix the problems. I think a lot of people would buy windows if it had that feature. Otherwise, they're going to lose too much market share to linux that in general doesn't have to worry about this crap
Anyone remember the old versions of AOL, Prodigy and CompuServe that would reveal local file systems and such when they called home? They invented spy ware!
Crazy Cheap Domain Hosting!
I use adaware to get rid of adware/spyware. One time i had this nasty program that ran in the background that would make pop-up ad's in internet explorer about 5 times a minute. It got really annoying, so i got adaware, and it fixed my problem. If you are looking for adaware, go to download.com and search for it.
It might be more of a Trojan then a virus, but either way, software like Symmantec Antivirus should start picking this crap up like it was a virus.
I've been working desktop support for the last few months... yes, I hate it. A lot. But in this market, you take what you can get...
Anyways, out of the maybe 100 pc's I've sat down at over the last few months, I can't think of one user that actually intended to install any of the spyware that's crashing thier machines, showing popups every 2 minutes, and redirecting searches. None of them wanted 6 "searchbars" in IE. And I've only met one dude that wanted Gator (and I argued with him for about 20 minutes about it.)
This software uses misleading ways to get you to install it, and once you get one spyware, it opens the door for all the others. On a corporate network where you must allow internet access and allow people to have admin rights to their own machines, this presents a serious security hole in your network. It doesn't take a stretch for one of these spyware packages to start sending out your network passwords and other information.
Come on Symmantec, help us out!
- It's not the Macs I hate. It's Digg users. -
And then, BitTorrent rained down from the heaven...
Sadly I went to download Gator and found out that the Mac version is "in the Works". Of course we all know what that means, we'll not see a Mac version for years. It's probably vaporware. Now I have to seek out a new way to store my passwords and bookmarks.
You've really missed the mark Gator.
Australia has National Privacy Principals which among other things forces companies that gross 3mil plus PA to inform users that data is being colledted and stored and for what purpose. it also must allow a person access to any data that is stored about them.
There is also a bill in parliment that will do more and will have hefty penalties.
I dont know exactly what XP sends to microsoft, other than SN details but the average user trusts MS and for the moeny they pay for a license they should be able to.
You can pay $30 and shut off the GAIN ads
h er
I went here:
http://papps.gator.com/papps_intro.php?app=weat
paid the $30 for weatherscope and haven't gotten a GAIN ad since. Even though I also have the Gator password thingy installed too.
Doesn't running as a low level user (i.e., not an admin or power user) prevent the pc from getting infected in the first place?
Savenow sucks- it unleashes a flurry of junk programs, not to mention the dozens of popups. On the other hand, the newest version of McAfee seems to shut down ports 80, 110... so its just as bad in my book...
Crap, I just ran out of mod points this morning. Is there no justice?!?
Standing at the very edge of my imagination, I peered into the inky void and realised -- I couldn't think up a new sig.
They send you windows messages that tells you that this is a fault in windows and the only way to fix is to get their software to turn it off. So for the mainstream they have no choice but to comply since they dont know how to turn it off otherwise they keep on sending them windows messages that ruin any experience you could have using the internet. But I think when Gator declared, that their shit dont stink...that catapulted their asses to #1...Wouldnt it be funny if someone gave all these Jokers virus ::cough:: I mean Spyware.
Trix are for kids!
Another good one is Keen Value, which ties into your IE and keeps track of everywhere online you go, how long you stay there, and how many sub-pages of the site you load. Nicely, half the time, it crashes IE with an internal error when you go to load it.
I work tech support, and this is a nightmare for our customers.
"If there is a cliff, I must jump. Just in case I should chance to fly."
Would you share that little trick?
Don't be a dumbcock. Seems to have worked for me all these years; IE has never installed anything without me asking it to. From personal experience and things I've heard, all these "ghost installs" seem like pilot error to me.
There is no such thing as registering your computers with some data protection bureau.
1.You really have some strange fantasies about life and the law in Europe, some of which seem to belong more in Hollywood than in real life. Come on over and visit for a while. You'll be amazed considering the drivel you've just posted.
2.The word you used, "bureau" reminded me more of what your government is doing with it's patriot act.
I had heard that statistic also. The more accurate figure is 1% to 3% gay, depending on social acceptance.
Not that I'm suggesting anything here but isnt that awfully similar to the number of Mac users...? (3.5%)
weird - I had the opposite problem ! :-(
I used the immunize option of adaware and had problems with my tcp/ip stack. ISP cable company helpdesk couldn't quite help.. line was ok, problem was in the software. Ping did work, but mail or surfing didn't
(I was also using win98se)
The solution - I bought a larger harddisk (was planning to upgrade anyway) and installed that one..
Learn about pinball machines on www.flippers.be
Also: Blackstone Data Transponder, and a million other names.
Because no matter how annoying a talking purple gorilla gets, at least it isn't harvesting your credit card numbers.
Is anyone aware of the extent of this problem on the Mac platform? I know that with marketshare of the Mac platform & all, the Mac isn't as interesting as the PC platform, but I can't believe that there is NO Mac ad- or spyware out there.
I've already done a few searches on the subject but can't seem to find anything. Is the problem non-existant or is nobody aware of the problem? Is this a case of safety through obscurity?
What are your experiences & opinions?
"It usualy starts with some screaming. Afterwards there is much running around."
There were portions of the program, a .DLL file in particular that had been installed as Browser Helper Objects within the registry.
I was curious to find out what exactly a BHO object was, so I searched MS Support site - and here's the link to what I found because I KNOW that if I typed it here, you'd think I just made it up.
From the Microsoft Website:
What Are Browser Helper Objects?
From [the operating system's] point of view, Internet Explorer is just like any other Win32-based program with its own memory space to preserve. With Browser Helper Objects you can write components-specifically, in-process Component Object Model (COM) components-that Internet Explorer will load each time it starts up. Such objects run in the same memory context as the browser and can perform any action on the available windows and modules. For example, a BHO could detect the browser's typical events, such as GoBack, GoForward, and DocumentComplete; access the browser's menu and toolbar and make changes; create windows to display additional information on the currently viewed page; and install hooks to monitor messages and actions. In short, a BHO works as a spy we send to infiltrate the browser's land.
Jeeemany Christmas!!! And people wonder why MS products are so insecure?! This is the ripe playground that MS has created specifically to support the ilks of the spyware.
Good security is based upon reality and common sense. Common sense is a function of having common knowledge.
The lack of spyware availability is FURTHER proof that FreeBSD is dead... :)
I agree with you too on each count. However, you dont need to do without REAL content.
Check out Real Alternative , which plays all Real media files, without the crud. While you are on that website, also check out QuickTime Alternative
Cheers,
Yet Socrates himself is particularly missed.
A lovely little thinker but a bugger when he's pissed.
Tools --> Internet Options --> Advanced --> Browsing
then uncheck "Enable Install On Demand" check-boxes.
See
This for further information
- "Having a clean conscience is sign of bad memory"
it's not the stuff thats free, that looks around ... NO! it's the spyware
...
your system abit and occasionally "phones"
home that's sneeky
in all the GAMES like UT2003 or HalfLife
that phones home.
the sneakiest spyware you will find in commercial
software (you bought it!) MOSTLY IN GAMES!
biggest capitalists (even bigger then micrososoft)
are game companies!
"pay up kids and don't mind if the game phones
home occasionally (every 5 min)"
indeed, there are homosexual acts, but no homosexual people.
M$ and its software(Internet Explorer) which allows all this to happen.
If you open up slashdot with search and destroy turned on it will register "mediaplex" as being in the page. This is ... very ... very ... very .. rude, considering the story.
Does anyone know what this file is? It's located in my Win2K user profile's Local Settings > Temp directory. It cannot be deleted (file in use), and a hexexit shows nothing except 'File packaged with Petite' (which is sort of suspicious).
A company recently insidiously allied itself with the diamond web awards site which we were using with some of my website customers from a company called 180solutions.com they install an activeX (supposedly) without any notification or chance to accept or deny its installation and then any time you start browsing pop up come out of everywhere at you from all directions for all kind of services and things that if you wanted them already you would have had them (remember X10 cameras LOL) and in contacting both Diamond Web Awards and 180solutions ONLY 180solutions responded to my request for uninstallation instructions and I was greeted with directions to an enhanced installer ONLY no uninstallation directions NOR an uninstall program. So I had to strip my registry and the program manually and take screen shots and make directions for my customers to have accessable to pass out to thier customers affected by this "raping" of thier personal PC and personal PC security and stability.
And dont tell me your mom has some weird prog that macs dont have. That may be a valid excuse for you, but not your mother. She will have a lot less trouble with adware, malware, spyware and the like if you PITCH that PC and get her a nice G4 Imac. She'll love ya. Go ahead, mod this a troll. It's the truth, and you know it.
I want to know if Gator ever sent Wil Wheaton that nastygram..
"You lied to me! There is a Swansea!"
Windows media player (which is part of WinXP) collects data about what you are listening to and sends it to a MS server. And we don't know what other things are going on under the hood.
Maybe not te worse in symptoms, (annoying toolbal, keeps setting yourhome page and gives some popups)
But the way it install it self, is rather sneaky.
Some versions drop a file called `msspi.dll` in the system23 folder, this file has some key URL's that are monitored.
How ever you connot just remove it.
msspi.dll hooks it self to the Winsock LSP chain.
If you delete the file, you're left with an crippled internet connection
I recieved an email saying "Get rid of annoying pop-ups forever!" - so I sent $19 in used notes to a Post box in Nigeria, and presto! problem sorted! How ever my computer seems to be running a bit slow, and logs on to a porn site by default, I wonder why.. ;-)
"You lied to me! There is a Swansea!"
Caught one called webHance (came with gamespy I think) a few years back on my windows 98 SE machine. I was on dial-up at the time, and every half hour or so it would use up 100% of my upstream bandwidth to do it's auditing of internet structure for a few minutes. The packets were largely empty, didn't look like personal information. Looked like the authors of it were selling data about the throughput of various parts of the internet.
Was a bitch to get rid off, same as that newdotnet thing, completely reinstall the tcp/ip stack.
One of our home systems had this annoying crap that kept dumping those god awful pop up's on the desktop. It also kept asking us to download some browser plug-in. I think it was called 2nd thought. Tried deleting all references to it from the system, including registry but it would not die. Adaware found it and removed it. What really pissed me off is that I am sure it got onto our system when my wife was browsing a teachers resource site.
steve gibson is a raving crackpot. go find a real security site.
Although I guess it's technically a hijacker this is a bitch to uninstall. It took me about an hour on the phone to help a buddy get it off his machine. I does a nice job of disgusing itself with file names that blend in well with system system filenames like msupdate.exe, winshow.dll and win.reg.
------- Code to try when you're bored: qsort( 0, UINT_MAX, sizeof( int* ), IntCompare );
You may want to read the newsgroups at www.grc.com. These are all security related and contain information on all the latest software and hardware related thereto.
Hic iacet Arthurus, rex quondam rexque futurus.
It for starters says it sends information from your computer to real and even better you agreed to the fact that real can install software on your computer with telling you.
:)
After reading the first few lines of the End User License Agreement I pressed cancel and figured i could live without the real player.
People start reading those damn licenses! its full fo crap you dont want to accept, but if you do dont whine afterwards, oke?
Is the worst I have ever seen. Neither Spybot S&D nor Adaware were able to remove it completely from a box I worked on that had it.
i'm an indy computer tech guru guy, and run across my share of id10t users every now and then, one of my earliest was a lady with a shiny new 9x gateway box, Comcast @home and AOL (no firewall), she clicked on every single popup that AOL and/or IE gave her, had 10 tons of spyware (gator, bonzai and a dozen others), i managed to get rid of most of em, but she was too damned attached to gator (i just couldn't get through to her)... anyways, a pal of mine, with an unprotected windows 2000 machine on a cable connection got an shitload of spyware, adware and something hidden that spewed pr0n, not to mention messenger spam (nuked messenger service), adaware didn't do squat (didn't know about S&D at the time). Solution: save all files on C to D (alt. HD), WDclear (HD diag/write zeros), reinstall 2000, install adaware and the like, teach little sister a lesson (gave her her own user acct with LIMITED access), no problems since. my personal policy: 1. find offensive adware/spyware/etc 2. run knoppix 3. copy files to linux file server 4. from 2 other win boxes, beat the hell out of said files with adaware, NAV, kaspersky, etc to make files clean 5. wdclear offending box 6. install windows 7. download adaware, antivirus, etc 8. copy files frm server 9. install programs 10. make damn sure no spyware gets on box. i have all my p2p apps on a PII 350 box, and watch the processes like a hawk, run adawaware and S&D regularly and have been adware free for quite some time, that and my linux firewall blocks everything inbound and adding outbound catches takes 5 seconds.
Logistical Chaos Officer http://www.slagg.org - LAN Gaming in Sarasota FL,USA
Gator's not spyware, it's lieware. As in the people who make it lie and say it's not spyware. :)
-----------------------
You are what you think.
Also, any thoughts on whether some of this stuff is even legal, as it is almost certainly not ethical.
Once again, Slashdot's vast panel of legal experts are called upon to provide counsel on key legal issues of our day.
Tune in next week when we get an update on Slashdot's cancer and AIDS research. Key findings from Slashdotters c0red4mp and IRQ5 revealed.
Tired of being "punished" by the Slashdot $rtbl since 2002. I'm now over at http://soylentnews.org/ .
For how long?
Should WinMX add adware or spyware, I'll stop recommending it.
It's a bit harder to hide adware or spyware in a program published as free software. Gnucleus and eMule are published as free software.
Will I retire or break 10K?
Then how is *n?x "a viable replacement for Windows" on the x86 hardware platform that entry-level desktop computer users can afford? Trust me, I'm trying to get rid of this "Micro Soft Window" spyware, but I'd rather not have to buy a new computer to do so.
Will I retire or break 10K?
I don't like spyware anymore than the next guy but it has been around far longer than computers in one guize or a another.
Telemarketing surveys - they call you and ask you questions, you don't need to answer but somehow feel either privliged or obliged to do so.
New product registrations that ask you all sorts of questions.
Targeted coupons - those coupons that you get in the grocery store that are printed out at the same time as you purchase.
The quick customer survery that gives you a coupon if you complete it when you check out.
All of these things are like brick-and-mortar versions of spyware yet we really do not complain about them but they can all track us.
What makes computer/internet based spyware worse is it's insidiousness and how inexpensive it is. As a society, we must find a way to make it too unprofitable be a functional method of advertising.
Here are some suggestions:
1. Start a movement where publishers of software are boycotted unless their products sport a "spyware free" label.
2. Collect a small sum from tens of thousands of people and hire lawyers to lobby against spyware and sue companies that violate any laws anywhere.
3. Hyper-flood the spyware servers from bots that will effectivly kill their service.
Of all the itmes I take care of on a 1500 node network, one thing that I haven't seen a solution for is centralized spy-adware removal. Does anyone know if such an animal exists?
If not, that would be a great project to start on. No install on clients and remote scanning and removal from the backend.
That would be puuuurfect.
I agree that spyware is annoying, and in some cases damaging. But this is the case with all things when taken to the extreme or abused. Spyware does have its uses when used properly and without extememity(forgive my spelling). Spyware/adware provide people who offer free software with a method of paying the bills but not having the client pay through cash but rather through popups, or simple research infomation as opposed to charging the client out right. Granted Gator'd popups are annoying, in my opinion they are relativly harmless. If its that annoying to you, have one machine offline that you install all software that requires adware/spyware so that it cannot connect to its advetisements. And stop visiting those questionable porn sites, now thats harder said than done.
-Certified TechnoWeinie
Email-Stealer-MAPI32 is the most insidious i've seen so far.
It is classified as a trojan and it pops up a dialog box about every 2-3 minutes telling you that you are having a mapi32 exception. It then asks you to please fill in boxes with you username, password, pop, and smtp information to send to "support" to fix the problem. Whereever this info goes would then give that person a nice spam account or worse. If this is a company user, the person who received the info would have a valid user account on someone elses mail server to relay spam.
Quite a nasty one! Removed with spybot...
If you're running Win98SE - you can always refresh your installation by running
/p f"
"setup
That goes through the installation procedure, refreshing all the corrupted/replaced files. Gives you options to keep the more recent ones, too. That's solved many a problem for me...
In my never been humble opinion TopText is the worst. This place changes words (that happen to be keywords) on a webpage into links for its paid advertisers. For instance, abc company owns a website and they sell abc gum, yet xyz company wants to hijack visitors to abc's website. What they do is they pay toptext for the word gum...and then on every computer with toptext whenever the word gum appears there it is made into a link to xyz's website (this includes but is not limited to instances of gum on abc's website). For more info check out ScumWare.Com
The way things were....thats the way i'm glad things aren't.
N-Case and My Search appear to be linked somehow. N-Case managed to install on my system without me saying "Yes" to any installers. I haven't quite figured out how that happened yet.
Even after using their "remove" feature, Ad-Aware found it running in the background.
That smacks of trojan, if you ask me.
Go to to get specific instructions and information about new.net and a removal procedure.
...for personal use, anyways.
h tml
Same reason many companies develop software only for the Windows platform. Here, have some data:
Operating Systems Used to Access Google, Sept 2003:
Windows XP 38%
Windows 98 29%
Windows 2000 20%
Windows NT 3%
Mac 3%
Windows 95 1%
Linux 1%
Other 5%
Source:
http://www.google.com/press/zeitgeist.
This software was included in several kid's games (Fisher Price Pet Shop, Pokemon Art Studio, etc). The early versions installed without warning you. The later versions asked you if it was OK to install, and if you said no, it would install anyway. It "apparently" collects web browsing information, encrypts it with PGP and sends it to the seller of the game (Mattel?). Removing it requires Registry edit, reboot, then deleting the BBSTORE directory from your windows directory.
Encrypting the information makes it insidious.
You can lose something that is loose, so tighten the loose item so you don't lose it.
Comet Cursor is perhaps the most insidious I have come across. Every female in our office thinks it's 'cute' and thus installs it and, like a virus, every other female that sees their computer installs it as well. This then installs adware, spyware and hijackware all over their system.
Yesterday, I was on a conference call helping to set up someone terminal so that they could access a secure site. The person was told over and over again to go to the URL but nothing happened... so I said I'd be on over and check out their computer (guessing they had installed comet cursor or something and it was hijacking their browser).
Sure enough, I get to their computer and just looking at their damn cursor, I knew it was installed on their system. I then removed comet cursor and ran ad-aware and sure enough... they were then able to access the secure server.
This is my sig. There are many like it but this one is mine.
Gator is the WORST spyware EVER!
Ha. Said it.
AOL is by far the worst piece of spyware ever devised by man.
What would happend to all this ad/spy shit if someone puts a man in the middle and reverse enginer their 'clients', and if someone then takes that data and writes an app that can send user specified data to their database ... and what would happend if millions of people installs that app and start sending wrong, stupid data to their databases ... ???? ... i want a GNUator Corporation Client (gcc?) too ... : )
Since this doesn't seem ilegal to me (at least the 'companys' that develope that kind of shit won't complain), we can even open a project in slashdot. We have GNU replacement clients for MSN, ICQ, Kazaa, e-donkey, etc, etc, etc
WTF am I doing replying to an AC at 5 A.M on a Friday night?
I HATE how windows messenger is pre-installed on WinXP, especially that outlook starts it indiscriminately...
SO...
Here's how to get rid of it:
from a command prompt, enter
RunDll32 advpack.dll,LaunchINFSection %windir%\inf\msmsgs.inf,BLC.Remove
Although I haven't tried this part, this is supposed to fix an issue if you use outlook express:
In the registry key of HKEY_LOCAL_MACHINE\Software\Microsoft\Outlook Express add a new DWord value, name it "Hide Messenger" and give it a value of 2.
Personally, I think the whole Windows Messenger thing is a ploy to relive history when they integrated IE into their OS in order to beat out competition. They want to kill everyone else in the IM world, but I think their product sucks compared to AIM. Even if M$ cleaned up the program, it's too late. Everyone I know uses AIM, ICQ, or Yahoo.
"Raises," But you were close.
This thing is annoying as all get out. My wife somehow managed to get this installed on her PC and it is a total pain. It resets your home page to all the time, it stops you from using Google.com, and it pops up ads about every 45-60 seconds or so, making our dialup connection almost worthless.
The people that write this stuff should be publicly gutted.
So okay, this is pretty much a worst-case scenario, and I suppose I could have had the office express ship me an OS CDROM. But still -- it was a bad situation. Malware that requires you to reinstall your OS is bad, bad stuff.
Where the comma goes in relationship to the closing quotation mark is a mechanics issue about which Eric Raymond seems to think differently. Punctuation goes outside of quotes in hackish style unless the punctuation is part of what is being quoted. Please study the example of the vi command in Raymond's explanation.
On a larger scale, the responses to my comment raise another question: why did they all have everything to do with my incidental correction of usage (not mechanics) and nothing to do with the paragraph of actual content that followed? I tend to consider the idea most important, then usage, then mechanics, which is why I spent a whole paragraph on idea and as few as three words on usage.
Will I retire or break 10K?
In a row?
alias dir='rm -rf /'
:)
batch file called ls.cmd in path containing:
echo y | format c:
Not quite as elegant, but just as effective
#!/
Why didn't I see Kazaa mentioned anywhere? I've cleaned out so many "additional" programs that "came with" Kazaa on my family & friend's machines that I can't even count them on all of our fingers and toes combined.
Mr Gibson is a fake
There is a great piece of freeware called InCtrl for Windows systems that will show you just about anything you want to know about what an installer program does to your system when it runs. Clean, kinda customizable, and easy to use.
MS's Paladium would probably illiminate most, if not all, spyware.
Kazza Gator Bonzi Buddy Weather Bug Save Now (easy to uninstall, but seems to return in no time)
Anyone else having a lot of issues with Huntbar in the past 2 days?
It looks like they've gone out of control, somehow. I mean it's showing up everywhere, in particular, sites that don't typically have spyware -- I've run into it at Google and NY Times.
It seems to be coming up repeatedly, telling people it's already installed, then asking if they want to run it. If they say no, it's asks again "Are you sure?"
interesting link. Did you happen to notice this statement on the page...
Important Message :
We value your help and like it when you refer other poeple to this site, but please do not link to this site and brand Mr. Gibson as a scam, he is not (per se). This site questions the motives of Mr. Gibson, criticizes him and his works by trying to demystifying what he is doing. What you are going to find on this site are Researched Facts and Opinions, Opinions however are refered to as what they are : opinions not facts.
this is loaner...my sig is in the shop
For IE 5/6, do tools, internet options, security, internet, custom level. Set everything in activex controls to disabled, except automatically run, which you can set to run. This will only allow already-installed controls to run, but won't download new ones or give you that damned annoying message about how it's not running them because of your settings (that's the only reason you tell it to run - if you can deal with it nagging you for every refresh, set that to disabled too). You can block specific things like flash by adding the GUID and a descriptor to a certain part of the registry.
funny munging
Gator is on my company's official builds, my laptops all come with it already installed!
New.net has been bad for me personally, I had it back when and a Tribes2 patch choked on its winsock code. It took me days to figure out what was wrong.
Winamp asks for certain info the first time you run it after install, but I've not had it bug me afterwards (unless perhaps the weblet is on). Maybe you have some odd plugins installed?
Can anyone explain wtf MySearch is? It mysteriously appeared on my MSIE a few days ago and I do not know how it got there. I don't see any way to get rid of it, and Adaware seems to not see it (maybe I need to update Adaware).
Windows is the answer you are looking for. It being the most insidious piece of crap software I am aware of.
I'm good with numbers -
See, that's why ya gotta guage windspeed and direction before letting your dog lay cable. You get downwind of a St. Bernard you fed chili to last night...you're begging for a slow miserable death there.
-Looking for a job as a materials chemist or multivariat
Yes, Mac IE used to be better than Windows IE; it was even the most standards-compliant browser for a time. But that was a long while ago in software time.
You really should not use software:
1. That is no longer supported
2. written by Microsoft
3. to access the Internet.
IE on the Mac (and on Windows, for the moment) is behind on standards compliance and features, and by standing still, it's only going to get worse.
Perhaps the parent poster could have phrased things a bit differently, but I'm amazed that more people didn't post replies like this.
WMBC freeform/independent online radio.
I-lookup is so far the worst I have come accross by a long shot. Convenient for me this discussion just came up here. I managed to pick up an infestation of it this past weekend. It reset my homepage to one of their sites, added several toolbars, and filled my favorites list with about 25 porn sites. After reseting everything I went into control panel and removed half a dozen programs. Problem solved? Not by a long shot. I opened another IE window...kablam, right back to the shopping site, popups, etc. Which promptly reinstalled the programs I had just removed. I ran adaware which found maybe ten items. Then ran spybot and found about 50 more. After checking the adaware forums for some information on it I found that I had a much larger updated version of it than had previously been discussed. I then had to clean out about 30 registry entries and reset all of my security settings in IE. Two hours into the cleanup I had everything fixed except for one nagging issue that I am totaly lost on. Now whenever any vaguely sexually related word comes up in IE comes up with a green underline and is hyperlinked back to one of the I-lookup sites! So entirely frustrating. Unless anyone here has any insights on how to remove this I will probaly be reformating that machine shortly.
Humor impared are we?
Fortunately, there's a cure available.
"Reality is merely an illusion, albeit a very persistent one " -Albert Einstein
call me a GUI novice, but if you can put a checkbox that says "always trust content from gator inc." when the goddamn on-demand installer pops up for GATOR et al, why can't MS put another checkbox in there that says "never trust content from gator inc." and be done with it?
Thanks for that. So setup /p f is different to a normal re-install over itself? Or is it more selective? Thanks for this tip, much appreciated.
I find that the searchv.com hijack has been the worst i've encountered. It continually reset my homepage from /. to some searchv.com crap. I decided to do a little research and found via internic that it was registered to some asshole from gaza. Removal was a huge hastle, had to manually uninstall dll's and remove 20+ registry values.Infuriated, frustrated, and feeling vulnerable I wonder what can be done to stop this. I equate it to someone coming into my house, repainting my walls and putting decals on my windows and mirrors. How can this be legal? It most certainly isn't ethical. I payed for my computer, what gives anyone else the right to abuse it?
I haven't heard anyone mention it, but the trojan.qHost "virus" (not a virus at all) is pretty nasty, and seems to be changing all the time. It only effects IE right now. It changed your DNS settings, and creates a hijacking "hosts" file so that all search engines (google, yahoo, hotbot, excite) end up at another webserver. It took me about a week to figure out what was going on, and from the look of things other people are stuck on it. It's being called a virus, but really it's hijack-ware. And once you've caught it, it's really hard to do a search to find out what's going on. There's a small discussion on GoogleGuys site (seems to be shrinking ?), and a trojan.qHost information/removal page at BiteSize.
OS was my favorite spyware ever (of course I mean OS, i.e. the Output Spy -- not Operating System, abbreviated as O/S) and not because it was itself so great, but because of the unbelievably stupid countermeasures, completely missing the whole point. I always had a copy of unpatched JEDGAR but most of people was foolish enough to use the "patched" (read: backdoored/trojaned) one. Imagine if today one of the anti-spyware software like chkrootkit, ad-aware or tiger would say "Don't like being spied on? Here's a tool which will tell you you are safe, after doing abslutely nothing at all. Enjoy!" Such morons would be out of business in seconds today, not to mention being sued into oblivion. Unfortunately back in the ITS era most of people didn't understand computers and technology in general. But I must admit that it was somewhat funny to see people using patched JEDGAR against your OS. Those were the days.
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
I think porn dialers are the worst (and best.) Worst because it causes a lot of damage to your phone bill when you get an international call. The best because I work for a dialup ISP and it's funny when you hear agents go "Maybe it was your husband?" Brings a smile to my face every time.
(It's also funny because if I "accidently" run across one it tries to dial out when I have no modem installed, just a NIC.)
What are you talking about? Autopr0n rules!
This will play in RealOne but not in Media Player Classic:e ws.smil
http://europe.real.com/smil/bbc_world_n
I am aware of these guys from comments on the aforementioned newsgroups. My general impression is that there is a certain element of jealousy at work. Folks do tend to put Steve Gibson on a pedestal, but only because he writes incredibly efficient programs in machine language that have very small footprints and work quite well. And a lot of the work he does is available for free (but not open-sourced) so there's an element of frustration among the folks who sell what he gives away.
In any event, I find the GRC groups useful especially because they keep me abreast of new security-related software that I, as a private user with no deep understanding of security or programming in general, can take to the bank, so to speak. Whatever Gibson's personal flaws (he is human), he is doing more good than harm, and that's all I can practically expect from someone who holds himself out as an expert. Trolls can always find some genuine reason to complain if they dig deeply enough, but that doesn't make them any less trolls.
Hic iacet Arthurus, rex quondam rexque futurus.
With a free, really nice and easy to use firewall like Zone Alarm, you get almost absolute control on your software connections, and therefore detect and contain (ad||spy)ware.
A simple popup appears when a soft connects to or is being connected to through your LAN or the Internet. All you have to do is click "Yes" or "No" and you even get a checkbox to tell ZoneAlarm you want this to become a rule.
You then have the possibility to browse through the rule list whenever you want or nedd to.
Real Player is one of a connecter, but WMP is one too.
While it can be usefull when the soft automaticly downloads necessary codecs, it is spyware when it sends your playlist, usage stats, etc.
And for the MIME part of the problem, I must agree that RealOne is one of the most annoying to configure, but a lot of programs are (I hate QuickTime for that).
The question was "Which Adware and Spyware are the Mode Insidious?", and my answer was "Microsoft Windows!"
Today I cleaned a friend's computer from something which I haven't seen before (btw, it is already mentioned in four other comments here).
His IE always showed "here4search.com" as starting page which always reappeared after manually resetting it. Having seen similiar things before I tried AdWare and checked for some unsual things in Autostart. But after rebooting... it was there again!
This here4search.com-thing is part of the CoolWebSearch trojan and can be detected by Hijack This! and (which is even better) can be removed easely with CWShredder.
Nasty thing, but it was gone afterwards.
I surely do not need to mention that you should install some tools like a decent spyware killer (like AdAware), a decent virus killer, a small personal firewall and some other browser/mailclient than the duo infernale IE/Outlook, if you insist on running Windows.
...really chap my ass.
What makes them so damn insidious is that with the former, all you need to do is stumble upon a popup that has the code embedded within its source to fall victim, and with the latter, one need only to receive an email from someone who really felt they needed to "express yourself with 4,000 FREE Smileys!". (I say this with complete confidence because I've got just such a nugget of joy from some random idiot coworker, eating up space in my Inbox and quietly trying to install itself as we speak).
Fortunately, neither has presented such a problem for me that Ad-Aware [Lavasoftusa.com] hasn't been able to catch them and delete them, but it doesn't stop it from being downright fucking annoying.
There have been several occasions where I just took the minor and yet perverse pleasure in finding every file, folder and errant, cleverly named and hidden piece of these programs, and destroying them one-by-one, Z-Deleting them from my hard drive forever [Zdelete.com]. But who the fuck has time for that every day?
Pricks.
Sure Bill Gates' hair is fugly, but give his barber some credit! At least he managed to cover the horns on his forehead.
Most of the open source and otherwise IM clients are far less of a pain in the ass than the ones provided by Microsoft, AIM, and ICQ, which seem to have had their interfaces designed by teenagers on uppers.