Slashdot Mirror
Which Adware and Spyware are the Most Insidious?
the_dreadnought asks: "I was just asked today which adware and spyware are the most insidious by an acquaintance. He asked me if this stuff was really legal, or was it just not important enough for law enforcement to deal with? I know the porn stuff (not from experience,,,ok, from experience) that dials out to foreign countries is one of the more extreme examples, and Gator is well known, but if Slashdot readers could describe what adware and spyware they think is the sneakiest I would appreciate it. Also, any thoughts on whether some of this stuff is even legal, as it is almost certainly not ethical."
And the fun part is, if you (or the user) uncheck the New.Net software in MSCONFIG, it doesn't just stop New.Net from working... They simply stop being able to use the internet. At all. So then we have to pray that their version of New.Net has a working uninstaller, or we have to go through a huge manual uninstall that involves removing multiple registry keys. BTW, if anyone here gets this or other spyware that is difficult to remove, try using a program called HijackThis and "Fix" anything that looks out of the ordinary (use common sense... don't delete everything).
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Xupiter! Or what used to be Xupiter. In it's time it really wreaked havoc. Although going to their home page says they are out of business, ths link on their site shows that they may be up to something else soon
You can share some of the love for the Yomtobians here. These guys are right up there with Spamford Wallace and the Cantor/Siegel in the Internet Hall of Shame.
I'm sure there aren't many people who agree with me, but I personally consider RealOne to be spyware. It's intrusive and has lots of 'features' that are extremely difficult to turn off if you can turn them off at all, and it installs things without telling you. (For example, its 'message center' in the system tray that tells you to Buy RealNetworks Products(tm)(r)!0
Other than that, I don't really run into spyware much, but I find gator and its kin to be the most intrusive and common on the web.
using namespace slashdot;
troll::post();
Should the purveyors of operating systems be prosecuted for allowing software to run on their loyal customers computers, without their knowledge or permission. I have never read a Microsoft EULA in it's entirety, does it mention that this is part of the agreement?
Windows likes to call home whenever it can. I'm sure it reports back to the mothership far more often than anyone would like to think about.
*synches the strap on his tin foil hat a bit tighter*
Without any doubt in my mind, the most evil form of spyware I am personally aware of is the infamous insidious Gator. Booo, hisss!!!! I am sure there are others, but I'm sure of this: there is a special place in hell for these folks.
Quod scripsi, scripsi.
Here are the removal programs...
Spybot
Adware
However, this begs the more interesting questions....
Is there *nix spyware?
Why not?
Davak
That darn weatherbug thing that everyone I know has. You try to uninstall it but it manages to find a way back in :-/
If somebody leaves a paper bag full of shit on your porch, rings the doorbell and runs away, does it really make any difference whether it's dog shit or cat shit?
gets my vote. Not only does it report your media files, but also any other apps you're running!
/me adjusts tinfoil hat...
Lop is by far the worse one ever... recently I convinced my cousin to switch over to Mozilla Firebird, but this article (http://www.spywareinfo.com/articles/lop/) suggested that Mozilla isn't 100% safe, but is much easier to cure than hacking the registry (apparently it's just one line in the user_prefs). One sources said that it changes 47 registry keys... I also found that it randomly mutates into new filenames (actually it downloads newer versions), making it much harder for programs like Adaware to hunt it down.
Also, Lop disguises itself as a mp3 search toolbar. It also comes with newer versions of MSN Plus.
One more thing, some people are willing to profit from lop uninstaller, such as this one - http://www.onlinepcfix.com/spyware/Lop.htm - it contains some more information related to lop.
Please direct all bug reports to
One program that really annoys me is hotbar. The main reason so, it adjusts your MS Outlook settings all the time turning off using Word as your HTML editor. It also requires about 2 hours to remove the stupid program.
You remove it using AdAware and it will remove it for that user profile. Then login as another user it will actually install itself again. I logged on as each user to remove it and finally managed to get rid of it, so I thought. It has now appeared back and I know it wasnt the (l)users installing it again since I gave them a lecture about adware and installing crap on machines that I am in charge of.
If a program comes with a valid uninstall feature then I can tolerate it. When its a program thats a biatch to get rid of and keeps coming back I get really ticked off.
(\(\
(^.^)
(")")
*This is the cute bunny virus, please copy this into your sig so it can spread
DEAR GOD! My stomach turns every time that name is mentioned. I worked as a CSR at a local ISP for a year or so, and every time Xupiter was mentioned, nearly all of the employees within earshot would mutter, "Aw, jeez" or something else to that effect.
On another note, I think that Gamespot's download manager, Kontiki, is kind of sneaky.. at least sneaky in the fact that I thought it was just another humble download manager. Then again, why would anyone want you to have their download manager unless they were spying on you?
Stupid me. Oh well... thank god for Ad-aware.
Insert clever one liner here.
which Creed album is the worst?
How about Dell's SupportLink, which (and I have the TCPdumps to prove this) broadcasts your system's S/N, your MS Windows S/N, and several other tantalyzing bits of data back to Dell every 30 minutes or so?
Mind you, I love my Dell, but this pissed me off.
Jouster
when I worked at v!v!d V1deo, the boss loved the idea of the sneaky pr0n dialers the submitter talked about. (You click on a link that says "Free hot videos!" or whatever, and you get an active-x control which then downloads and installs a windows component and puts the icon on your desktop. Then when you doubleclick that, it actually hangs up your modem and dials out to a foreign country that has INSANE rates, several dollars a minute. Your phone bill can reach into the hundreds very quickly, and the phone company doesn't give a crap, you gotta pay if you want to keep using your phone!)
Of course old steve's house is probably burning down today, as the simi valley fire has spread into the hills above chattsworth.
Endorsing pr0n dialers will lead to your house burning down. QED.
Not necessarily through the damage it does, but through the sheer number of times I have to get rid of it. Even though I use adaware and block cookies, it still manages to get itself in through a back door (I think it runs as a java applet, which then installs a cookie).
It doesn't do anything particularly nasty (other then send tracking data out), but I find it hard to block and its used by quite a few sites that I visit often (BBC, for example).
The worst program I've ever seen is savenow..
It starts like 5 processes on boot (using between 50-75mb of ram and 20-25% cpu), sends all of your browsing habits somewhere else, and pops up porn, and other various ads randomly while using the computer. It is by far the worst spy/ad ware I've ever seen.
Xupiter is a personal demon for me, but Gator is up there as well. Not to mention the uncountable number of little toolbars that install themselves without warning into IE. There was one some time back, I think it was called Bargains or Bargain.com or something like that which was terribly annoying. It was one of those that hijacks your browser and pops up ads whether the page you're on has ads or not.
Personally, I consider spy/adware more annoying than most viruses...
--ShadowKatmandu
"It only takes one true believer to make a thing real..."
I don't use RealPlayer at all. If for some reason a website offers only RealPlayer videos I just do without. not a big deal for me. much more annoying, as you say, to remove the tentacles of Real after you've installed their "free" player.
-sweatyb
It breaks my pluginses, my precious!
I don't know the name of the specific spyware, but one of my clients had spyware that would have two processes running at a time. If you terminated one of the processes, a new one would pop up, probably created by the other one. The process names were also random characters, meaning you couldn't just stop certain processes from startup. I did end up using WinPatrol, which is a lifesaver. It's able to look at services, processes, and startup items. It gives more information than just the names and is useful is stopping active processes and startup items.
Most of the filesharing software people are so eager to defend often install a who's who of spyware/adware today. For an interesting little test, take a clean windows system (no jokes) and install your iMesh kazaa, grokster or any other filesharing program. Then run adaware or spybot against it. You'll see new.net, shop-at-home select agent, gator, and many other nasty little goodies. File-sharing programs running on windows claim to be fighting for user/'fair use' rights, when they are simply fighting for their bottom line as a company. The fun part is that for nearly all of them, if you remove the spyware/adware the programs cease to function. Just my $0.02
1. Ask Slashdot what sort of spyware is the worst. 2. Make this sort of spyware. 3. Profit!
Boffoonery - downloadable Comedy Benefit for Bletchley Park
With absolute certainty, the worst adware is the threadjack /. post
Especially evil is the sig line advertisement.
owever, this begs the more interesting questions....
"Raises", not "begs".
Anyway, there are a few reasons why there isn't any adware designed specifically to run on popular desktop *n?x systems. For one thing, there's no well-known ActiveX equivalent that lets a script on a visited web page download code and run it with the logged in user's full privileges. But the major difference is that no desktop *n?x system, not even Mac OS X, has nearly as much mindshare in residences as Microsoft Windows, so development efforts directed at Win32 have bigger results than development efforts directed at LSB or Carbon APIs. Businesses don't count because they can more strictly regulate what can be installed on a workstation, possibly through bigger budgets for licensing proprietary HTTP proxy software.
Will I retire or break 10K?
I didn't think that spyware existed on MacOS X, but... my girlfriend came home from school last winter with something really odd. Internet Explorer would, no matter your user preferences, always go to a certain internet shopping site as a homepage. And would give you a barrage of popups constantly. I forget what shopping site, and back then I only had inbound firewalling, so I had no logs to check.
No toolbars installed. No plugins. I created a new user account for her, and that worked, so apparently it hadn't messed with the internals of the Internet Explorer.app (which seems like a vector they'll soon exploit). Crappy, though.
There are no trails. There are no trees out here.
search your hdd for 'realsched', dont delete it (else it will automagically be reinstalled), just change the name to realsched.old or something. viola, no more message center system tray popups!
kazaa and everything it bundles with it are my collective vote.
;)
I used to work tech support, where half the problems people had using our pages had to do with the numerous spyware programs installed with kazaa. It was a mess.
I'm glad that in my department now my users don't have admin priveleges. If they get themselves spywared, it is easy to fix -- if all else fails, back up their roaming profiles and blow them away, recreate settings on next login! I don't know of anything that can survive a brand new shiny profile
DateManager PrecisionTime Gator eWallet OfferCompanion Dope Wars Go!Zilla MThree_Decoder MThree_Encoder MThree_Ripper DivXNetwork DivXNetwork2 Audiogalaxy Satellite MailCleaner Grokster iMesh Swaptor Shankster MediaSeek Morpheus Screen Scapes Software Supreme Sunsets Supreme Sunsets Setup Weatherscope Blubster Weatherscope SearchScout Toolbar
See The CoolWebSearch Chronicles The story of a thousand hijacks.
Quote:
The difficulty of removing CWS from a user's system has grown from slightly tricky in the first variant to virtually impossible for the latest few. Some of the variants even used methods of hiding and running themselves that had never been used before in any other spyware strains. End Quote.
15 variants so far....
Envy my 5 digit Slashdot User ID!
The most insidious are the ones we don't even know about.
All these companies want to do is let you know about exciting new products and services that could entertain you, improve your life, and lengthen you genitalia.
Shutting out these innovators . . . well, it smacks of Communism, doesn't it? First TiVO, screening out the ads that broadcasters, our public servants, need to survive. Now this ungrateful attack on champions entreneurship and freedom of choice. Just a bunch of surly, consumer-choice hating Reds is what you all are.
I'm going to tell John Ashcroft what you've been up to so these SpyBot removers can be banned!
Stefan "scared to hell that someone out there might actually be thinking like this" Jones
I'd love to see the day when a "define Gator" on Google returns "bottom dwelling scum sucking spyware" yeah you heard me, GATOR IS SPYWARE!
I am not sure what this thing was, but its the biggest spyware I have seen. It came installed
on my laptop, and even after I installed Linux, it continued to exists. Everytime I forget to press
arrow key while bootup, it would boot into this spyware. Once I am there, I am given a illusion that
this thing looks very similiar to my Linux system, but everything was slow. There was an ambulance
(I think thats what they use for hijacking my laptop) which would keep yelling "Click here to update".
Then it did have something that looked like konqueror and it did show some internet sites. But I couldnt
open more than one tabs in it. Also, every 2.5 seconds it used to open up a colourful window offering
me stuff I did not want.
Then I got a message saying Cindy wants to talk to me. I didnt want to talk to Cindy, but it kept yelling
at me for not saying Hi to Cindy. Cindy was barely wearing any clothes (shudders)
I finally managed to get rid of this spyware, and everytime I think about it I shudder.
DO NOT PANIC
More and more applications are becoming intrusive, software such as Winamp, Windows Media Player and Kaaza all having annoying dialog boxes which popup each time you run them if they detect a newer version which you haven't yet downloaded. MSN actually refused to do anything until I upgraded it.
A large number of applications now have an online registration feature, they dont force you to do the registration, but they will bug the hell out of you if you choose not to.
Applications such as RealPlayer try and sign you up to email based newsletters(spam), why should I have to give my details (email address, home address and hobbies for example) to a company in exchange for using their software?
There seems to be a gradual increase in the invasiveness of software, currently most of these 'features' are still optional, but I dont think it will be long before many software companies start making things like software updates, online registration and having a valid email address mandatory.
This is about the nastiest one I've seen in my consulting work. On its most basic level, it inserts itself into the registry as the default proxy server for IE. Unless you get the registry entry, it'll just keep putting itself back. What gets really bad is that I've seen Netsetter break several computers' TCP/IP stacks entirely. With Netsetter ripped out you get PCs that can dial up, connect, and have complete connectivity except no DNS resolution. And you can't get DNS back without either an in-place reinstall (works for 95/98/ME/XP), or a complete format and reinstall from scratch (NT/2K).
They're on my short list of People Who Need To Be Shot.
and run into this cr*p all the time. New.net is always fun, as are Xupiter, Xzoomy, and the newer varients (like orbitexplorer). Theres another one called lop that has been pretty fun to try to get rid of. Here is a quote from doxdesk.com about lop I find amusing "lop/Toolbar installations normally put a round icon in the system tray, try right-clicking this, choosing 'Menu', then on the resulting window, clicking 'Help', then 'Uninstall'. With newer variants you will have to answer an annoying riddle before it will go away."
I really hate dealing with this stuff over the phone with people who don't know what IE is or where the start button in any version of windows is located. It makes you wonder how they know they have a problem in the first place, did they make it to thier 3rd game of solitaire and not get any pr0n pop ups? Either way, if you don't know how to use a computer, why do you automatically click on "I agree/accept" any time it pops up on your screen? This was my short list of spy/ad/cr*pware that gets on my nerves on a daily basis. Have a nice day...
Now, let me step up and argue the other side of this one for a moment. Sure, gator sucks if it shows up when you don't expect it to, like if some shareware program you download installs it without telling you. However, I recently wanted to encode a DIVX movie. Just one or two, mind you, not a ton of them. So, I went to the DIVX website and downloaded their encoder. They will let you use the decoder for free (or they used to...) but the encoder part costs money. Alternately you can install and use the encoder for free if you agree to let gator on your system.
They're very up front and honest about it: they want money for their software, so either you fork it over or donate your eyeballs. Sounded fair, I didn't intend to have it on there for more than a month or so.
The installer was also very open about the fact that it was installing Gator, and the fact that I'd be seeing ads occasionally. After I installed it, gator came up, and I found a nice little preferences pane. After some digging through "advanced settings" I found out I could make it display ads approximately 1-3 times a week at minimum. I did that, and it never bothered me again. I think I've seen it pop up maybe a few times. I can deinstall it any time.
So what's the big deal?
Recently a client came in with a PC and said it was acting funny and suspected there was some kind of virus on it. A scan detected that there was several files that appeared to be infected with something called "Downloader-DZ" and, along with the links to porn sites (my favorite one being "Operation... SEX!") and the homepage being replaced with a porn page, there were SEVERAL dialers installed, and an attempt to just delete LiveGirls.exe did nothing... it later reapeared.
To put it short, I spent two hours running spyware removal software and manually editing out bad registry keys. A pain.
Oh... and PLEASE tell people they don't need that FUCKING SHIT like hotbar and weather bug either!! I'm sick of seeing that crap on people's PCs!
Some of it's not even broken ethically - if all they're doing with it is deciding which ads to show you, rather than tracking your every move online, especially if they didn't collect personal information about you, and if they didn't lie to you about what they were doing, and if they have a privacy policy that actually reflects what they're doing, that's ok. Not necessarily something you want to run, but ok. Some particular examples are the adware versions of Eudora and Opera.
European data collection laws may have terms that popular spyware violates, but usually the spyware companies aren't based in Europe so there's no legal jurisdiction. The data collection laws themselves are often effectively spyware - in return for "protecting" you, they're also subjecting you to possible audits of your machines because you *might* have personal information about other people on your computer or your PDA or your cell phone. (Sure, they mostly pretend they wouldn't do that to regular citizens, only businesses, but it's pretty much a selective enforcement thing. And you are registering all your computers with the data protection bureau, aren't you?) But at least it doesn't slow your machine down when they're not auditing you.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
... maybe this site would help:
http://www.spywareinfo.com/downloads.php
"Consensus" in science is _always_ a political construct.
i've been an earthlink user for quite a few years now and i usually tend to stay away from ISP-supplied software, but they have been putting out some pretty cool shit this year thru various 3rd-party software partnerships/cobrandizing, the latest of which being SpyWare Blocker powered by WebRoot. it is actually quite cool: it'll look for advertising companies cookies and disable'em for you, as well as offer you to remove 3rd-party spyware and trojans, i think it can do some other shit but i haven't entirely explored it yet. it maintains a constantly updated database of existing spyware. i wonder if it would catch the New.net shit. hrmzerz. and it's free for all earthlink customers.
Extraordinary Vacations. Exceptional Prices
Microsoft Windows and that dastardly Messenger service. (enabled by default) that would be the most insidious adware out there.
oh and i guess XP qualifies for spyware with that nasty activation "feature" (though not quite)
Don't call me back. Give me a call back. Bye. So yeah. But bye our, well, but alright we are on a shirt this chill.
I thought that I had it bad, but some people received bills for $500. They have gone to court, and somehow they have not been shut down (though anyone that disputes their bill gets the FTC as a third party arbiter). I encourage everyone to educate themselves about Alyon Technologies. Go read through that site, you will learn about some of the worst people in the world, and how they will take advantage of you and then tell you YOU are at fault.
I don't know if there is a Hell, but if there is, these people would be in the center of it.
In Windows XP there is a feature called Software Restriction Policies (SRP, see here). This feature allows you to deny software to run based on Certificates (and Path, and Hash, and Zone for MSI). Since all the Spyware installers use signed Active-X "drive-by" installers this is an effective way to kill them. This, however, is an arms race. You need to collect the certs you want to invalidate first (upon first encounter of a spyware safe their cert into a file and disallow it). You can find the feature in Control Panel->Administrative Tools->Local Security Policy. Have fun!
On my laptop the dns for google seems to have been overwritten. Don't know what did it, but it always redirects me to this other search engine (forgot what its name is already). I've tried resetting the DNS tables with no luck. Now, whnever I want to use google, I have to just type in the IP address. I haven't been able to fix the problem - if anyone else has come across this, I'd really appreciate it if you could post how to fix the problem.
I'm a end user admin on a small (300 machines ) network where both IE5 and Netscape4 are available ( and nothing else ) on WinNT4. I'm constantly fighting against end users that install spy/adware. I'm losing the battle and re-imaging machines on a daily basis... I'm looking for tips on reducing downtime due to this junk being installed. Any tips would be appreciated.
Has all the same problems as RealOne, plus the way it gets on your computer is really insidious... it's on there before you even open the box.
Yes! Nasty little purple bastard. I informed one of our directors that it was a pest when I saw it on his home computer and he just said to leave it on there because "his kid likes it"... scary social engineering...
Basicly, any time a program wants to do something like put something in startup or modify winsock settings or stick files in windows system folder or modify the hosts file or dns settings or things like that, windows should come up with a nicely worded warning about why clicking "yes" is a bad idea.
Also, it should log all these actions so that for example, you can see which programs installed what settings (so you know what to remove)
And it should have something that allows sysadmins to turn off these things completly (just like how its possible to turn off control panel and other system things)
That way, when some idiot wants to install kazza, the system detects that kazza wants to install "privacyviolatingspyware.exe" to c:\windows\system\importantmsfile.exe" and add it to startup and denies the request.
What should be done when the request is deined (either because its completly switched off or because the user clicked "no") is that it should return for file i/o calls "cant open file" and for registry calls whatever the appropriate error is.
Or better yet, pretend to write to the registry or the file but dont actually do it.
As a service tech I see New.Net, Xupiter, Gator, and Savenow all the time, but I didn't see Marketscore in there anywhere. It proxies your connection through one of Marketscore's own servers - I'm sure its for better service not actually spying on your content ... Whatever. Sometimes MArketscore adds 2 minutes (yes minutes) to a boot time and all your info is router through through their insecure proxy server. Total garbage. It wreaks havok on our customers since our email servers will not allow email to be sent from outside our domain, so any customers that have it on their home systems and try to send email get errors. The customers I talk to have no idea how it got there or why its running. Worst part is they don't understand how software doesn't show up in their add/remove programs section while running as a background process. It requires a command line uninstall process which is a bit elusive and makes many customers squirm.
Recently TVT Media has made it onto my $#!T list - go through the uninstall process and it reports that it is gone but a reboot proves otherwise. In fact, if you remove the keys and then run the uninstaller and go back into the registry all the keys are regenerated. We'll see how much more press that kind of crap will get.
Memory Blaster seems to be another growing problem on the horizon too, but its still pretty fresh to say how bad that one will be.
In all truth new.net and Xuptier are probably the worst since they have a tendancy to destroy the winsock portion of the TCP/IP stack and take people offline when DNS queries are returned unresolved. Nice products: NOT.
"Quando Omni Flunkus Moritati" -- Red Green
There are three ways spyware gets on to someone's computer:
1) You visit a website and it installs as an ActiveX control. However you must grant permission for this to happen. By default, it will ask you on a per control basis. You may change this to always deny or always permit if you wish, but it is up to the user to make the call. MS has done nothing wrong here, they allow you to choose how you want your system security set and what you wish to permit.
2) You install an application that, as part of its install process, installs the spyware. It may or may not inform you of this. This is again, not an issue for MS. If you choose to execute software on your computer there is nothing they could or should do to stop you. It is your computer, after all, and executing software is its purpose. IF a company sneaks in spyware, it is their fault.
3) You voulantarily download and install spyware. YOu'd be amazed how much users think what some of it does is coll and wants to have it. Again, MS is not at fault.
Get off the trendy "Let's blame everything on MS" stick. It isn't there responsbility if others write malicious software and it isn't their responsbility if users install stupid shit on their computers. Linux has no protection against this either. If I send you an app that allows me to control your system, and you install it, Linux will do nothing to stop you. It's not like OSes have a built in evil dector or anything.
They had morphed since being written about even 2 weeks before(of course I googled), and combined took me 4 hours to eliminate off of a client's Win98 PC. They used every dirty trick in the book to hide and re-install themselves: hidden startup files that rename randomly at each reboot, multiple startup locations, redundancy by installing themselves disguised as several different innocuous sounding programs, including maxmem, maxspeed, ie driver, ie update, People On Page, and more. I finally had to resort to verifying the legitimacy of every single program that was installed, and then manually scan the registry for references to all of the bad stuff. Oh, and by the way, this was after running adaware with the latest updates! (Which I still of course highly recommend, it was just behind on this one.) This stuff used every underhanded trick in the book to keep from being uninstalled. Combined these were far "stickier" than even the worst viruses I have dealt with.
While this software may have been legal, it's methods IMHO should definitely NOT be. I would jump at the chance to join the butt kicking posse going after the sleaze/parasite/spy-ware vermin!
"It's scum like this in my industry that lead to my handle"
- iGetNet
- Bonzi Buddy
- Lycos Sidesearch
Using an application firewall like System Safety Monitor can help limit these (it intercepts calls between applications and allows you to permit or deny them) but this does require an experienced user.Not quite, the number reported depends on the political agenda of the reporter. The actual percentage depends on biological, and social factors, and the precise meaning of gay.
Case in point, while the ancient Spartans took male lovers, were they gay? Careful how you answer that, Leonidas is standing next to you with a (sharp) spear. They certainly would have killed someone who is effete. Useless in war you know.
That's interesting, but Idealab is not a Silicon Valley company. It's based in Pasadena, which means that it missed Silicon Valley by about 350 miles.
There's no point in questioning authority if you aren't going to listen to the answers.
Autopr0n, your sig is an especially insipid sort of inline advert, because your website is so terrible.
I would never think of advertising my ventures in a slashdot post.
Hey freaks: now you're ju
Australia has National Privacy Principals which among other things forces companies that gross 3mil plus PA to inform users that data is being colledted and stored and for what purpose. it also must allow a person access to any data that is stored about them.
There is also a bill in parliment that will do more and will have hefty penalties.
I dont know exactly what XP sends to microsoft, other than SN details but the average user trusts MS and for the moeny they pay for a license they should be able to.
Windows media player (which is part of WinXP) collects data about what you are listening to and sends it to a MS server. And we don't know what other things are going on under the hood.
If you're running Win98SE - you can always refresh your installation by running
/p f"
"setup
That goes through the installation procedure, refreshing all the corrupted/replaced files. Gives you options to keep the more recent ones, too. That's solved many a problem for me...
AOL is by far the worst piece of spyware ever devised by man.
For IE 5/6, do tools, internet options, security, internet, custom level. Set everything in activex controls to disabled, except automatically run, which you can set to run. This will only allow already-installed controls to run, but won't download new ones or give you that damned annoying message about how it's not running them because of your settings (that's the only reason you tell it to run - if you can deal with it nagging you for every refresh, set that to disabled too). You can block specific things like flash by adding the GUID and a descriptor to a certain part of the registry.
funny munging