The Spyware Inferno

Remember Kids... by romper · 2004-08-17 08:37 · Score: 5, Informative

Claria is Gator is Spyware.

--
Right is wrong when left is right.

Re:Remember Kids... by sik0fewl · 2004-08-17 08:41 · Score: 5, Insightful

.. is apparently a good way to make cash.

I think people should be forced to take classes or seminars before using the Internet, teaching them how *not* to be fooled to install adware and spyware. They should also be told not to use Internet Explorer.

Of course, with this seminar, everyone would get a free software CD with Claria included.

--
I remember when legal used to mean lawful, now it means some kind of loophole. - Leo Kessler
Re:Remember Kids... by rjamestaylor · 2004-08-17 09:01 · Score: 3, Interesting

Why hasn't Apple/Claris sued for the obvious typo-subterfuge intended by Gator's selection of Claris^Ha as it's re-invention name?

Hmmm?

--
-- @rjamestaylor on Ello
Re:Remember Kids... by bjohnson · 2004-08-17 09:57 · Score: 5, Interesting

Because Apple "eats their own dog food"?

None of this crap targets Macs, or Mac browsers, so it's entirely possible that they haven't even noticed how much of a problem it is, or ever heard of the company.

The only reason I ever notice spyware is when I have to clean it out of yet another luser's system.

Spyware Schmyware. I use Firefox on OS X.

Problem solved.
Re:Remember Kids... by TheSpoom · 2004-08-17 11:22 · Score: 3, Informative

I had a caller recently who I was doing technical support for, and I believe the issue was that they were getting some sort of error message when they booted up. I was going through MSCONFIG and unchecking startup items as she read them to me, and the conversation went something like this:

Her: "CMESYS."
Me: "Uncheck that, it's spyware."
Her: "Isn't that Gator?"
Me: "Umm... yes."
Her: "Oh, I pay for that, I don't want that removed. It fills in my passwords for me!"

Apparently she paid $30 / yr. for the "service" that the Gator eWallet was providing. She had called them (and in hindsight I should have asked for the number) before and they assured her that the paid version doesn't come with their normal great advertising code. I was considering banning her from the internet, but I would have been fired. :^(

--
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Re:Remember Kids... by ratamacue · 2004-08-17 12:00 · Score: 2, Insightful

I think people should be forced to take classes
Sure, we'll hold them at gunpoint and educate the bastards! (What exactly do you think the word "force" means?)
And we'll make the taxpayers fund it all, whether they like it or not! ("Force" implies government, and we all know how government gets its revenue.)
But hell, if you're in power, what do you have to lose?
Re:Remember Kids... by 0racle · 2004-08-17 14:04 · Score: 2, Insightful

And while their at it they can sue Clarica, because obviously everything that starts 'Clari' must belong to Apple since they have a piece of software called claris. In fact, why don't we just give Apple ownership of the letters c,l,a,r,i, and s so they can sue everyone who uses them.

How in gods name was the parent modded interesting when its perfectly obvious why Apple doesn't sue, there's nothing to sue over.

--
"I use a Mac because I'm just better than you are."

Where do you draw the line? by VAXGeek · 2004-08-17 08:38 · Score: 5, Insightful

What's the difference between advertising supported software which gathers marketing demographics and spyware?

Sweet sweet kickbacks to Yahoo, that's what.

--
this sig limit is too small to put anything good h

Re:Where do you draw the line? by NoMercy · 2004-08-17 08:56 · Score: 4, Insightful

Disclosure is one point, the other is advert supported programs have nice little boxes and parts of the GUI they fill with an advert.

Spyware tends to work out what your doing tells it's servers that and then optionally feeds you with replacement adverts or popups, so youre looking at a shop which sells trading cards and an advert pops up for another store which claims lower prices say.

But then more and more advert supported software is going back to plain old demo/shareware/timebomb arangements (case in point getright).
Re:Where do you draw the line? by saintp · 2004-08-17 09:09 · Score: 5, Insightful

When was the last time you read an EULA in full? What about your grandma? Name the last EULA she read in full.
Disclosure really doesn't matter when "NiftyFreeWebApp" buries the fact that it requires the sacrifice of your firstborn on page 972 of a EULA written in obfuscated legalese.

--
Another one bites the dust
Re:Where do you draw the line? by ewhac · 2004-08-17 09:26 · Score: 2, Informative

Addendum: Mentioning spyware in the "license" does not constitute meaningful disclosure.
Schwab

--
Editor, A1-AAA AmeriCaptions
Re:Where do you draw the line? by afidel · 2004-08-17 09:39 · Score: 4, Informative

You don't have to bury it in the EULA and install spyware through the back door to do ad supported software. ICQ, Opera, and many shareware products incorperate ad sponsorship into the product in a manner that most users do not find offensive and which does not completely destroy the usefullness of the computer on which it is installed.

--
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Re:Where do you draw the line? by saintp · 2004-08-17 09:58 · Score: 5, Insightful

I'm aware of this. I use Opera (and love it!), used NetZero for the brief time that it was free, and other ad-supported software. Most of those practice true disclosure: You're getting a service in exchange for your eyes. And I'm fine with that.
But if someone is hawking something like EUniverse or Claria, then they're not going to be upfront and forthcoming about it, because their service isn't valuable enough. Opera is (or was; Firefox is gaining ground) a nice enough browser that I'm willing to put up with some ads, so I accept the EULA precisely because they're upfront about being ad-supported.
In contrast, no one would ever install a 404-redirect program if they knew what it would do up front. Instead, somewhere in the EULA is a paragraph explaining in euphemism a mile deep that the app hijacks your browser.
I'm not anti-ad-supported software; I think it allows some outstanding software to get into the world for free. (Obviously I'd prefer they GPL'd Opera, but I'll take what I can get.) I'm saying that forcing disclosure is basically masturbatory.

--
Another one bites the dust
Re:Where do you draw the line? by BobTheLawyer · 2004-08-17 10:08 · Score: 3, Insightful

Do you read other contracts you sign, when you sign up for a credit card or buy a plane ticket? Most people don't. This doesn't prevent those contracts being generally enforceable.

An EULA is no different.

Whether unreasonable stuff in an EULA is enforceable is a different question. Here in the UK, our various national and EU consumer protection laws mean it's probably not. I've no idea what the answer is in the US, but it probably varies State to State.
Re:Where do you draw the line? by antic · 2004-08-17 10:15 · Score: 3, Insightful

I generally do read terms, contracts, etc. I read the T&C when buying a Dell laptop and then made them take it back when there was a single dead pixel. The T&C didn't say that 4 or so stuck pixels were required for a display to be considered faulty (as their support were claiming), so I was able to argue that it was not good enough.

Know the Terms/Contracts you've signed and be persistent -- do both of these things and you're one step closer to not being totally screwed by every service you use or product you buy.

--
'Thats they exact same thing a banana wrench monkey.'
Re:Where do you draw the line? by Mateito · 2004-08-17 10:20 · Score: 2, Funny

When was the last time you read an EULA in full?
Never
What about your grandma?
No, I haven't read her in full either.

--
Norman Cook's Ode to Sl
Re:Where do you draw the line? by Chanc_Gorkon · 2004-08-17 10:38 · Score: 3, Interesting

This needs to be modded up. Big time. I run Weatherbug. It's ad supported and I know it installs the My Search toolbar as well. It also does not mind at all if you go into Add/Remove and remove it. Weatherbug continues to function after that. It tells you right upfront what it's installing and does not sneak it in. Claria probably doesn't do this sometimes.

One way we have prevented our Mom and Dad's from installing this stuff it to give them explicit instructions...now mom, everyday, you use this limited account and when you need to install something, either call me or use this Administrator sign on but DO NOT use this signon for anything but installing applications. Do not browse with it. This seemed to cure my little bro in law from having to go help his mom get rid of a virus or spyware. He also has scanners for virus and spyware installed as well and since he has to go pick his son up there every once in a while, he will do a sweep which is short instead of 3-4 hours removing spyware and viruses. Until most users adapt a UNIX like way of using their Windows machines, they will not be able to combat crap like Claria. If it starts to not work, then Claria will ahve to find another way to stay in business. Being vigilant in this battle will help us win...but being stupid and clicking OK whenever you see it WITHOUT READING THE BOX will kill you.

--
Gorkman
Re:Where do you draw the line? by jesser · 2004-08-17 11:03 · Score: 2, Interesting

AIM is advertising-supported software because it displays its ads in the AIM window.

Kazaa is adware because it displays its ads while you use Internet Explorer. Pop-up adware often makes it difficult for users to tell what application the ads sponsor, which IMO is the point at which it becomes evil. I don't know whether Kazaa's ads say "This ad is shown using Claria technology to sponsor your use of Kazaa. To stop seeing these ads, uninstall Kazaa". I'm not going to install Kazaa to find out.

--
The shareholder is always right.
Re:Where do you draw the line? by pslam · 2004-08-17 11:44 · Score: 2, Insightful

Do you read other contracts you sign, when you sign up for a credit card or buy a plane ticket? Most people don't. This doesn't prevent those contracts being generally enforceable.
An EULA is no different.
Actually, when I "agree" to an EULA, I don't expect to have someone knocking on my door in a few days time to repossess my house. I don't expect that to be followed by woman with very large hands coming through the door saying I married her by clicking on that button.
There's an expectation that people have when they sign a contract. If I'm signing a credit card or mortgage agreement, I expect lots of scary stuff to appear in the fine print. If I'm agreeing to a software license, I do NOT expect that it says "by the way we are going to spy on your every mouse click from now on" somewhere in point 23 of 54. That's underhanded and I would love think that it's somewhat illegal (fraud?), and void because it's not made in good faith. Of course it's not as simple as that otherwise they'd all be in jail by now. I can only dream.
You only have to look at the average amount of spyware installed on a computer (most people have 5+) to realise just how many people don't know what they're signing up for. Caveat empor? No, I think that idea should have died out with the Romans. It's an excuse for otherwise evil acts.
Re:Where do you draw the line? by AstroDrabb · 2004-08-17 14:27 · Score: 3, Insightful

An EULA is different. Most software EULA are _only_ readable after you purchase the software. That would be like me selling you a house and getting payment and then showing you the terms that I wasn't _really_ selling it to you, just leasing it and I can take it away at any time. Now, if I did something like that, a judge would throw it out without question. However, would a judge be just as willing to throw out an EULA? I would hope so, but you never know with the US justice system.
I cannot see a judge holding up an EULA that you only got to read _after_ the purchase. I don't think any of those EULA would be enforceable.

--
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
Re:Where do you draw the line? by Pofy · 2004-08-17 20:24 · Score: 2, Interesting

For airline and train travels and such, those agreements are typically made between some sort of organization representing those selling travels and some goverment or consumer organization. It is standard agreements that would apply to everyone selling airline travels for example and thus an individual airline can't add extra parts (like we don't do engine maintenance so tough luck if we crash).

As for software, I can see the "two separate" contracts, and of course that is not a problem, the problem is that it is a contract forced onto you AFTER you allready bought the software. If the contracts (both between shop and software compnay) were done befre the purchase, it would be another matter, now it is done after you allready bought and own a copy of the software and at that point, someone else can't force you to agree to a contract just because you want to use what you bought.

Having the contracts agreed at time of purchase is not a problöem or uncommon. When you buy a cell phone, it is not uncommon that the deal is sponsored by a company that handle the phone calls. So you also sign up with them for a year or something. However, those deals are always done, signed, agreed and so on in the shop before you buy the phone. You never see someone selling you a phone for $1 and thwn when you get home and try to use it, you are shown a contract that you can only use it when calling through company X and at specific costs and so on.

That is how software sales should be set up IF there is a need for additional contracts as part of the sale. It is worth mentioning that a huge part of many EULA are actually not needed at all since it is allready part of laws (for example copyright laws). Other parts are unenforcable anyway (depending on country and laws). The actual additional agreement is usually not that much and almpst always restrictions on what the buyer can do.

Cliche by dmayle · 2004-08-17 08:40 · Score: 5, Insightful

It's like the old detective cliche, follow the money. The problem with both spyware/adware, and spam, is that they're profitable. Beating this stuff with technological measures alone is never going to be easy. If we really want something done, we've got to find ways to make sure these people and/or companies can't make money doing it...

Re:Cliche by ciurana · 2004-08-17 08:50 · Score: 4, Insightful

Way to go, dmayle.

The URI in your .sig leads us to what at first sight seems to be a iPod pyramid scam. I find myself hard pressed to take your comments on the current topic seriously.

Cheers,

E

--
http://eugeneciurana.com | http://ciurana.eu
Re:Cliche by gl4ss · 2004-08-17 08:51 · Score: 3, Insightful

*The problem with both spyware/adware, and spam, is that they're profitable*

well, actually, they don't even need to be profitable. it just needs to APPEAR profitable for some people to try it, which will fuel other people into trying it because 'it must work since someone is doing it'.

true, mega corps like claria are on a bit different level but anyways..

--
world was created 5 seconds before this post as it is.
Re:Cliche by kneecarrot · 2004-08-17 08:52 · Score: 5, Interesting

Well, I've been watching the spam lately and to my eyes it looks like technology is slowly making spam less profitable. Spam filters are becoming so effective that spammers are being forced to litter their messages with nonsense words and mispellings. These nonsense words and mispellings make the receiver of the spam less likely to purchase anything. And so (hopefully) the cycle will continue.

--
I always save my last mod point to mod up a good troll. You people are too serious.
Re:Cliche by foobsr · 2004-08-17 09:14 · Score: 2, Interesting

If we really want something done, we've got to find ways to make sure these people and/or companies can't make money doing it...

What about something along the lines of feeding fake data back - I remember to have read an article/comment on that, but cannot remember how I found it & not in the mood to look for it again.

The key point is/was to boost processing cost on the noise side.

CC.

--
TaijiQuan (Huang, 5 loosenings)
Re:Cliche by DeepHurtn! · 2004-08-17 09:14 · Score: 2, Informative

During goldrushes, it was very seldom the prospectors that actually made any money -- the people who really got rich were the shopowners who sold supplies to the people who actually looked for gold. I think that spam, at least, is like that -- the real business is probably selling the tools of the trade to idiots who will go out of business in half a year.
Re:Cliche by dmayle · 2004-08-17 09:31 · Score: 3, Informative

The URI in my .sig is not a pyramid scam, but it is a marketing thing. If you're not interested, don't go there. This is very offtopic, but for anyone who wants to know what it is without clicking in my sig, it's a marketing company who gives rewards for getting other people to try out the services of their clients. It's not a scam, as it doesn't require you to put any money into it, and you're not getting paid off by other people. Marketing companies pay money for customer acquisition, and this marketing company has decided on a rather novel approach to getting you to try something. Giving part of the money to you. No software required, nothing installed, and if you're intelligent, you will use a one-off email address, because, even though they promise not to share your info with anyone else, their clients probably haven't (companies like AOL, columbia house, etc.)

For the record, I joined because of someone else's slashdot link, and the company has done nothing but act respectfully. No popups, no spam (so far), no attempts to misrepresent themselves, etc.

Marketing is not going to stop. People want to try to sell you stuff. What's abhorred here is companies who try to take over your computer to make money, even when you haven't given consent, or don't realize what's happening. Also, those companies who try to contact you without your permission, or prior inquiry.
Re:Cliche by multimed · 2004-08-17 09:37 · Score: 3, Insightful

This is the point I've been trying to make for awhile. Everyone always thinks it's all about the fact that spam is so cheap that it only takes a few clicks thru or purchases out of millions for them to be profitable. If this were really the case, spam would probably be about gone already because between filters at the ISP and user level and the fact the in my life, I know exactly zero people who have bought something from spam. It's not about response rate--spammers get paid to send the spam and manage to convince greedy people that if only 1% of a million buy it they'll be rich. They also get paid by selling their lists of email addresses. Think about it--if you send out a million spams, you'll get X% back as undeliverable and can update you database. In this manner they can charge a "business" to send out their "targetted marketing message" and throw in a few thousand randomly generated addresses. The undeliverables get pulled, lather rince repeat. Turn around & sell the database. And when times are slow, just send a blank message or gibberish or whatever to keep testing for new addresses. This is why you get spam with no message sometimes.

--
Vote Quimby.
Re:Cliche by dr_labrat · 2004-08-17 12:12 · Score: 2, Interesting

Which is nice... but did you get an Ipod...?

Did your friends...?

--
The secret of success is honesty and fair dealing. If you can fake those, you've got it made. (Marx)
Re:Cliche by Mycroft_VIII · 2004-08-17 20:28 · Score: 2, Informative

Well just looked at the link, shure looks borderline to me. send us $$ get 20 others to do so and get I-pod. This with non-functional links to thier terms and privacy policy. I didn't bother to try find out wich country thier operating out of to avoid the lawsuits and such when they happen.

Mycroft

--
https://signup.leagueoflegends.com/?ref=4c3ed6600b6ea

dante by websensei · 2004-08-17 08:40 · Score: 4, Interesting

(mods, this is a bit of an aside, but ontopic/relevant given the author's use of dante's levels of hell in his ranking system. consider it a footnote)

I stongly recommend reading N. Tosche's "in the hand of dante" as a circuitous but gratifying way to learn about the author and the divine comedy.
plus it's a terrific read.

--

La via sola al paradiso incommincia nel inferno

Re:dante by Anonymous Coward · 2004-08-17 08:51 · Score: 2, Informative

and btw, if you'd like to read the actual Divina Commedia for free online (with footnotes in Italian) you can see it at:

http://www.mediasoft.it/dante/
Re:dante by pilgrim23 · 2004-08-17 09:06 · Score: 2, Informative

Dorty Sayers, the Author of the Lord Peter Whimsey series of murder mysteries is also a noted translator of the Divine Comedy. Highly recomended. The mystery novels are also a ripping good read!

--
- Minutus cantorum, minutus balorum, minutus carborata descendum pantorum.

So... by Edmund+Blackadder · 2004-08-17 08:40 · Score: 4, Funny

Which circle do Cilicon Valley venture capitalists go to?

Re:So... by empaler · 2004-08-17 09:40 · Score: 2, Interesting

I'm guessing the Malebølge.

lol... by jmrobinson · 2004-08-17 08:40 · Score: 5, Funny

she called us "the slashdot crowd."

but...down to business
All right...who told her we would actually get off our asses and burn someone at the stake?

Re:lol... by happyfrogcow · 2004-08-17 08:47 · Score: 2, Funny

All right...who told her we would actually get off our asses and burn someone at the stake?

Havn't you heard? We have remote control robots to do that for us now.

Let the burning begin!

No... by Anonymous Coward · 2004-08-17 08:41 · Score: 5, Interesting

I am a windows developer of a small program with about 4000 users. Without spyware I would not be in business, since most people crack my s/w and dont pay after the trial.

Thanks to spyware, I am still make a living.

Re:No... by Anonymous Coward · 2004-08-17 08:46 · Score: 5, Funny

Thanks to spyware, I am still make a living.

Well, at least I can see why you didn't become a writer.
Re:No... by syn3rg · 2004-08-17 08:51 · Score: 5, Funny

And thanks to you, I'm making pretty good cash cleaning up these systems that you infect ^H^H^H^H install.

--
The contents of this message have been doubly encrypted by ROT13
Re:No... by NighthawkFoo · 2004-08-17 10:15 · Score: 3, Insightful

As depair.com says,

"If you're not a part of the solution, there's good money to be made by prolonging the problem."

--
"I disapprove of what you say, but I will defend to the death your right to say it."
- Evelyn Beatrice Hall
Re:No... by TheSpoom · 2004-08-17 12:39 · Score: 2, Interesting

Good for you, you take advantage of your customers' goodwill and divert their computers' resources to do God knows what for . I can sure tell you have a lot of respect for your users.

--
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs

IDS's by kc0re · 2004-08-17 08:41 · Score: 5, Informative

I run IDS's for about 9 different Class C's and a handful of Class B subnets out there. I would say Gator, (to include all of it's baddies, stuff like, PrecisionTime and PrecisionDate), are about 60% of the signatures that alert on those IDS's. Not much I can do about it except report to the SA's which in turn choose to ignore me or run with it, but malware in general is becoming more of a prevalent problem. And frankly it's annoying.

It's not just the shady companies by gbulmash · 2004-08-17 08:41 · Score: 5, Insightful

Besides spyware, what annoys me is "user agents". Quicktime, RealPlayer, and Winamp all have little TSR's that load at start-up and eat megabytes of memory for "quality assurance" and "ease of use" purposes. I don't know how many times I've tried to disable qttask.exe or realsched.exe in my start up only to have it come back unexpectedly. Winamp's is easy to disable at setup, but Quicktime and Real require you to dig.

I don't say they're delivering ads or sending back personally identifiable info to their manufacturers, but they are using my resources without giving me what I consider to be any perceptible advantage.

If we're going to legislate spyware, these user agents need to be considered and the law needs to require Apple and Real to provide better notice of them and make them easier to shut down permanently.

- Greg

--
Start a happiness pandemic

Re:It's not just the shady companies by Cowclops · 2004-08-17 08:44 · Score: 2, Informative

Are you removing them using msconfig? That seems to always do the trick for me. Just erasing them from the startup section in the start menu won't necessarily do it.
Re:It's not just the shady companies by VAXGeek · 2004-08-17 08:50 · Score: 5, Informative

Removing the Quicktime task is really pretty simple.

1) Find qttask.exe
2) Rename or delete.

Disable Real's SmartCenter by right-clicking on the real icon in your system tray (bottom right hand corner of the Windows screen) and select Disable Smartcenter.

Hardly "digging".

--
this sig limit is too small to put anything good h
Re:It's not just the shady companies by The+Bungi · 2004-08-17 08:52 · Score: 2, Informative

That piece of unadulterated excrement QTask was bad in version 5 because it could not be turned off. If you removed it from the "Run" key in the registry the player would set it every time it loaded. So, the solution was to go into the directory where the exe resided and rename it to something like "-qttask.exe" or whatever. Presto.
In version 6 you can right-click on the icon and set a preference to not have it load every time the machine starts up.
I just wish the stupid Outlook 2003 icon could be killed as well.
Re:It's not just the shady companies by throughthewire · 2004-08-17 08:54 · Score: 5, Informative

I had to grin when you referred to the tray programs as TSRs. You've been doing this awhile, eh?
One little utility I find helpful is Mike Lin's StartupMonitor. It hollers at you whenever something (AIM, Real, Quicktime, etc.) attempts to register an executable to run at startup, and allows you to approve (or more to the point, deny) the attempt. Useful and educational!
Re:It's not just the shady companies by pdh11 · 2004-08-17 09:00 · Score: 5, Interesting

I don't say they're delivering ads or sending back personally identifiable info to their manufacturers, but they are using my resources without giving me what I consider to be any perceptible advantage.

Rio Music Manager has one, too, and the reason we put it there is because there are certain things that Rio Music Manager needs to do (such as send custom USB commands to portables) which can't be done by an unprivileged user under Windows. So at install time -- assuming it's installed by an administrator -- the service gets run with admin privileges, and then later, when unprivileged Rio Music Manager runs, it can send custom USB commands via the service.

On Linux it's probably just "chmod 660 /dev/sdwhatever ; chgrp portable /dev/sdwhatever" and adding people to group portable, but on Windows it's not so easy. Not all background tasks are necessarily malicious.

Peter
Re:It's not just the shady companies by drinkypoo · 2004-08-17 09:00 · Score: 2, Informative

Been doing it wrong for a while, I'm guessing, since they are not nor do they resemble TSRs. As you probably know (but this is for the audience) TSRs only leave a piece of themselves in memory and the programs which put the icons in the system tray are full-fledged processes.

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Re:It's not just the shady companies by tuxedobob · 2004-08-17 09:01 · Score: 2, Interesting

Can anyone say what this qttask.exe actually does? There doesn't seem to be a Mac-side counterpart.
Re:It's not just the shady companies by Octos · 2004-08-17 09:08 · Score: 5, Informative

Uhhhh. Did anybody in this thread bother to check the program preferences?

In Quicktime preferences: uncheck "Quick Time system tray icon" and it will never come back.

I haven't messed with Real player in a long time, but I recall a similar option being available if you right-click the tray icon, possibly in a preference panel.

I'm sorry it's so easy.

--
"I am not a number! I am a free man!"-- The Prisoner
Re:It's not just the shady companies by cortana · 2004-08-17 09:09 · Score: 2, Informative

I have the idea that it keeps all the various settings Windows has for file association in sync with what the user has specified in the QT control panel.

But qttask is easy to get rid of! The Quicktime control panel has a checkbox for it, and once unchecked it is gone forever, inlcluding a reinstall or upgrade of QT as far as I remember.
Re:It's not just the shady companies by throughthewire · 2004-08-17 09:09 · Score: 2, Insightful

...TSRs only leave a piece of themselves in memory...
Aaaand as you probably know, TSRs are real-mode DOS giblets that wouldn't run under NT and NT-derived Windows in any case.
Thus the amusement. But we knew what he meant, no need to beat him up, eh?
Re:It's not just the shady companies by Schmucky+The+Cat · 2004-08-17 09:29 · Score: 4, Informative

There are several good suggestions here on how to disable recurring apps. Here are mine.
Set NTFS rights to the file to DENY for yourself or some subgroup. Deny rights take precedence.
For executables, setup a software restriction policy, (start, run, secpol.msc) that disables based on the path. Just enter the exe name or it has a nice handy browse button, but the path also accepts wildcards and environment variables. (Don't tell your netword administrator this, but putting %logonserver% in here prevents those annoying domain logon scripts.)
Re:It's not just the shady companies by stratjakt · 2004-08-17 09:35 · Score: 2, Interesting

Thats fine for a service thats started/stopped like all other services in the services panel.

The parent poster (and me too) are sick of every application in the world thinking it needs to stick another icon in my task bar. Another point of failure to bring down my entire desktop.

If you're starting your process in my task bar, it starts when I log in, and has my priveliges, nothing to do with Administrative stuff.. That would be a service, not a task bar "helper app".

Right now I've got them down there for Quicktime (what the hell do I need that for? What could I possibly need it for? Apple just wants some free advertising space on my screen), the HotSync software for my smartphone is there too. Again, why? Don't need it, just need a service in the background. ATI stuck one there just in case I needed another way to switch desktop resolutions or color depths. I dont.

The only useful ones in my task bar are the volume one (actually, not so useful since my keyboard has volume controls..) and the Cisco VPN one that tells me that I'm currently not connected.

WinZip puts one there, hell everything puts one there. And they don't belong there. The only reason people jam an icon there is the "advertising" value. WinZip wants everybody who sees my screen to know I have WinZip.

--
I don't need no instructions to know how to rock!!!!
Re:It's not just the shady companies by malthusan · 2004-08-17 09:45 · Score: 2, Informative

Disabling the systray icon doesn't disable qttask.exe.
Re:It's not just the shady companies by E-Rock · 2004-08-17 10:42 · Score: 2, Informative

You've turned off the icon, not the task. Also, if you delete it from the registry the little bastard puts itself back any time a quicktime is played.

I'm tempted to just remove all the permissions on the run key so nothing can put itself there.
Re:It's not just the shady companies by sootman · 2004-08-17 10:44 · Score: 2, Informative

Quicktime is even easier than another poster described--(right-?)click on the tray icon, properties (or whatever), and uncheck 'quicktime system tray icon' in the 'browser plug-ins' settings page (which, IIRC, is the first to come up.) Or go start menu - control panels - quicktime. its in the options. no need to delete files, etc. of course, I'm sure it comes back after each update, but it's not too horrid. I agree that any intrusion is too much, but still, compared to others', it's no too bad.

I hate real's with a passion, not only because it's hidden, but because once you find it, you still have to wade through a couple confusing "aren't you not sure you don't want to not have this not launch at startup?" confirmation screens.

--
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
Re:It's not just the shady companies by Anonymous Coward · 2004-08-17 11:09 · Score: 3, Informative

The RealPlayer agent keeps running even when the option is disabled. You need to remove it from the register, by hand.

QT agent runs when Windows boots, but shuts down quickly if the option is disabled.

Only WinAmp actually disables the agent from starting at all -- well done Winamp!
Re:It's not just the shady companies by jcr · 2004-08-17 11:11 · Score: 2, Informative

Uninstalling Quicktime on an MS-Windows machine is pretty straightforward.

-jcr

--
The only title of honor that a tyrant can grant is "Enemy of the State."
Re:It's not just the shady companies by rnelsonee · 2004-08-17 11:53 · Score: 2, Informative

Hehe. Starup Monitor is a TSR that loads up on startup itself! It does look pretty darn useful though. At the moment, I'm using Startup Mechanic. Same deal, but it doesn't run as a process, it's a standalone program that you run once in a while when you suspect something weird going on. Good for those who want to run as little processes as possible.
Re:It's not just the shady companies by EtherMonkey · 2004-08-17 16:47 · Score: 2, Informative

Besides spyware, what annoys me is "user agents". Quicktime, RealPlayer, and Winamp all have little TSR's that load at start-up and eat megabytes of memory for "quality assurance" and "ease of use" purposes. I don't know how many times I've tried to disable qttask.exe or realsched.exe in my start up only to have it come back unexpectedly.
Then why not use Quicktime Alternative and Real Alternative instead? They work fine for me, and don't include any spyware or other negative features that I can detect.

--
--- A man with a briefcase can steal more money, than any man with a gun. [Don Henley]
Re:It's not just the shady companies by Motherfucking+Shit · 2004-08-17 19:40 · Score: 2, Informative

Set NTFS rights to the file to DENY for yourself or some subgroup. Deny rights take precedence.
Here's a complementary tip which will work on FAT32, all versions of Windows, and most other operating systems. If an application keeps creating a file or directory you don't want it to, delete the offending file or directory, create a new one with the same name, and set its read-only attribute. On most unices, chmod 000 will do just fine; on Windows just right-click and get the properties; on a Mac (including OS X) do Get Info and tick the "Locked" checkbox.

Bonus points to anyone who reads this and thinks "thaumaturgy.log" ... :)

My favorite use for this is AOL Instant Messenger. While I love the app, it has an insatiable desire to create a directory named "filelib" within the HKCU's "My Documents," even if you never use the program's file transfer capabilities. "filelib" gets further populated with subdirectories named after each screen name you use. To fix this: exit AIM, delete the "filelib" directory, create a file named "filelib" inside of "My Documents," and set it to read-only. AIM will no longer create its unneeded tree there.

The same trick works to permanently prevent Windows ME from writing its subdirectories into C:\_RESTORE. Those who are familiar with this lovely feature, and who share the frustration that disabling it doesn't really disable it, may find this advice useful. I don't recall the subdirectory names, fortunately it's been awhile since I've had to deal with WinME.

My Documents\Application Data is another location where this comes in handy. Some versions of Windows Media Player write out a datafile on exit which contains MRU file lists among other things. I believe that some Adobe products used to write their MRUs to data files in AppData also, none installed so I can't double check.

Of course there are times when this trick won't work, several spyware apps tend to infest a system so deeply such that a) if you delete a component, another running component notices and immediately writes out a new copy; or b) some or all components run in a manner where attempting to delete them gives an error that the file is in use by the system. Safe mode, Ad-Aware, Spybot, and HijackThis - sometimes a combination of all of the above - will take care of these cretin.

--
"BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.

Comment removed by account_deleted · 2004-08-17 08:41 · Score: 5, Insightful

Comment removed based on user account deletion

Helpful tools by zokum · 2004-08-17 08:43 · Score: 5, Informative

We all know spyware is a fucking waste of both resources and internet bandwidth, please do everyone a favour and install either Ad Aware from http://www.lavasoft.de/ or Spybot Search & Destroy from http://www.spybot.info/.

If you happen to run an OS where these aren't supported (everything but win*) just ignore this post :-).

--
Rest in peace Malin "looxn" Kristiansen. We miss you...

Re:Helpful tools by Rosco+P.+Coltrane · 2004-08-17 08:47 · Score: 2, Funny

We all know spyware is a fucking waste of both resources and internet bandwidth

You just made my Bonzibuddy all cross now, you horrible thing...

--
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Re:Helpful tools by aardwolf204 · 2004-08-17 09:13 · Score: 3, Interesting

The guy upstairs from me asked me for computer advice, he was looking to get a new machine for college. He claimed that he wasnt very good with computers and just needed it for research / email / writing papers. I suggested a mac.

I have never owned a mac in my life, I have only worked on them from time to time at school, and I'm probably not going to ever own a mac unless i really start making the big bucks and can afford a disposable system, and even then i could probably only justify it for its graphics and video capabilities.

I suggested that he get a mac because I didnt want to be the guy he called when his PC got the latest crapware. I told him that from what ive read (/.) macs are great for people that want simple computers that just work. he got a ipowermacbookintosh. This morning before I left for work he thanked me and said how wonderful it was. I got in around 9 only to find 3 emails from staff infected with the latest purplemonkeytoolbarweathertellingcrap.

Moral for the story: as a geek I can keep my windows box clean, and even not being a mac fan boy i can say that apple is right on when they say "computers for the rest of us".

PS: When macs get 90% market share I'll suggest he gets windows because nobody writes crapware for it. Oh, yeah, this is slash, um, 2005 is going to be the year of linux on the desktop.

--Aard

--
Im dreaming ofa big bndwdth, That can resist the /.crowd.May ur days b merry & bright & may al
Re:Helpful tools by CSG_SurferDude · 2004-08-17 09:25 · Score: 4, Funny

I don't mind Bonzibuddy so much, but we keep getting these funky storage cabinets from someplace called www.martianbuddy.com.
And what's worse is all the SPAM we keep getting from them too...
How on Mars are we supposed to finish our teleporation chambers if all our email is filled with SPAM from those guys?

--
LongTail SSH Brute Force analysis tool is here!

But the important question remains... by GillBates0 · 2004-08-17 08:44 · Score: 3, Funny

is it Spyware or spyware?

--
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam

Re:But the important question remains... by VAXGeek · 2004-08-17 08:52 · Score: 3, Funny

Don't you mean "wired"?

--
this sig limit is too small to put anything good h

Sorry for repeating the blindingly obvious, but by Rosco+P.+Coltrane · 2004-08-17 08:44 · Score: 2, Insightful

what spywares? what spyware removal software? what worms? what "20 minutes is the average amount of time for your computer to get infected to death"?

I use Linux exclusively and I can relate less and less with what Slashdot talks about these days. Which is ironic if you think about it...

--
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash

Kill their Revenue Stream by Anonymous Coward · 2004-08-17 08:48 · Score: 5, Interesting

Seriously, as more places try to "legitimize" their revenue by branching out what they do, it'll take longer for most companies to sit back and say "we can't do this because of your questionable business model."

Yahoo took long enough, but they finally did.

What users need to do is continue to keep writing in and boycotting companies that use spyware affiliated services until they stop supporting them. Overture be damned, it's still ultimately a spyware thing. After all, it's just another way to collect information and track users. When Doubleclick decided to combine all the information... I'm sure you Slashdotters remember the response it got. Privacy is a big issue and until more companies in the playing field like Yahoo get the idea... it's going to continue being a problem.

Spyware is certainly more aggressive at this point, but ever since I installed Adaware and started using more of the extensions available for Mozilla/FireFox, it hasn't been something I've even remotely come across... unless I'm helping to clean up a friend or client's oversaturated box. I'm just wondering at this point why some of these spyware apps haven't been classified as viruses yet... they certainly act in a very similar manner: Installing without knowledge, announcement or permission... phoning home without knowledge, announcement or permission. Spreading without... ah, fook it, you get the idea. I'm just preaching to the chior here. A lot more questions than answers despite knowing exactly what is going on here. This is exactly why we shouldn't be supporting services that are running legitimately despite having that slight (or underhanded) spyware connection.

Makes Open Source More Attractive by TT+Baker · 2004-08-17 08:49 · Score: 4, Insightful

Of course, this implanting of spyware only works if you give away binary versions of your product. Open source that you compile yourself would not last long in the community if it tried to imbed spyware code. Never trust a free executable. That has been true since I got my first Amiga virus from "cracked" copy protected code, and it is true now.

Re:Makes Open Source More Attractive by stratjakt · 2004-08-17 09:11 · Score: 2, Insightful

And these windows users downloaded the source for 7-zip and firefox and compiled them themselves?

If they didn't, what makes these precompiled exe's any more trustworthy than the originals?

Anonymous OSS coders are more trustworthy than WinZip Computing or Microsoft?

Why is firefox.exe any "safer" than iexplore.exe from a "someone might have compiled in some bad shit" point of view?

Frankly, common sense would have me lean the other way. At least if WinZip or MSFT compiled in malware, I'd have someone to hold accountable (by which I mean sue/boycott/call and hangup on).

--
I don't need no instructions to know how to rock!!!!
Re:Makes Open Source More Attractive by romper · 2004-08-17 09:29 · Score: 2, Insightful

Fair point, but if an OSS application with a large user base had spyware/malware in it, we'd hear about it on Slasdot and the project would fork.

I guess I should have said I recommend OSS software that I *trust*. So, yes, we're offtopic -- but it's a nice idea. :)

--
Right is wrong when left is right.

Prepare for slashdotting and death threats... by wikdwarlock · 2004-08-17 08:49 · Score: 4, Funny

For God's sake, man, don't answer! Can you imagine the wrath of /. once they find you?

--

"I must not fear. Fear is the mind killer." -Bene Gesserit Litany Against Fear

They're hiring! by BubbaThePirate · 2004-08-17 08:51 · Score: 3, Funny

Quoth the site:
http://www.claria.com/companyinfo/careers/

"Associate General Counsel - Litigation
Redwood City, CA

The successful candidate must have the skills and experience necessary to assist the General Counsel in managing complex litigation involving IP law, advertising, technology, and the Internet. You will execute an agreed-upon strategy by, for example, independently managing discovery efforts, directing depositions, outlining and reviewing briefs and oral arguments, assist in preparing for trials, and generally providing overall guidance to, and closely working with, outside counsel.

Requirements include: Leading law school, member of the California State Bar, and at least 6 years of relevant litigation experience in a nationally recognized law firm and/or an in-house legal department; Demonstrated ability and successful history of managing large scale litigation including large discovery efforts; Demonstrated familiarity working with technology and/or Internet companies and with IP law; Ability to formulate successful, complex pre-litigation and litigation strategy; Ability to operate independently, effectively and in a professional manner in various project and cross-functional team settings, and with various external contacts; Excellent organizational, project management, communication and interpersonal skills."

--

-- "I'm not a religious man, but if you're up there, save me Superman..."

Re:They're hiring! by WombatControl · 2004-08-17 09:10 · Score: 3, Funny

Apparently the left out the part about "must have absolutely no soul or common decency".

Wait, it says "at least 6 years of relevant litigation experience in a nationally recognized law firm and/or an in-house legal department" - I suppose that's essentially saying the same thing.
Re:They're hiring! by Alex+Belits · 2004-08-17 11:07 · Score: 2, Funny

Boies?

--
Contrary to the popular belief, there indeed is no God.

Does the Internet Need a DoD/police Force? by G4from128k · 2004-08-17 08:52 · Score: 3, Interesting

National governments seem clueless/powerless/apathetic with regard to malware (spyware, phishing, viruses, etc.) The current ad hoc approach - independent semi-commercialized tracking/alert/filtering services don't do a very good job, provide less than 100% coverage (of both PCs and treats), suffer from lack due process (e.g., how does a nonspammer get unblacklisted), and are purely passive (doing nothing to halt spammers, phishers, etc.)

I wonder when the users of the internet will form their own supranational government, with a defense force and coordinated policing actvities. Taxation might be in the form of CPU cycles & bandwidth used by policing actions to DDoS convicted spammers/phishers/spyware providers.

--
Two wrongs don't make a right, but three lefts do.

Separating Linux users from Windows users by Thagg · 2004-08-17 08:52 · Score: 3, Insightful

HTML doesn't have a 'rant' tag, but consider the following as such.

I personally cannot imagine having spyware on my machine, and I similarly cannot imagine any Linux user tolerating it. Most Linux users chose it, in large part, because of the control it gives you over everything that your computer does. Having your computer hijacked by advertisers is antithetical to that concept.

But I watch Windows users tolerate truly mindboggling amounts of adware/spamware/malware. The typical windows users tolerate 100 times what I would consider completely unacceptable.

I know it's elitist to say this, but what happens is that Windows users will make the tradeoff of malware to allow them to steal music and other content. They don't protest, because deep down they know what they're doing is wrong.

Linux users, typically, have no such guilt and therefore don't tolerate that kind of intrusion onto their computer.

Thad

--
I love Mondays. On a Monday, anything is possible.

Re:Separating Linux users from Windows users by Evangelion · 2004-08-17 09:12 · Score: 5, Insightful

I know it's elitist to say this, but what happens is that Windows users will make the tradeoff of malware to allow them to steal music and other content. They don't protest, because deep down they know what they're doing is wrong.

Not really.

Being both a Linux user and a Windows user, I don't tolerate any kind of adware or spyware either.

The typical windows user:

* Does not understand that AdWare/Spyware/Malware is acutally on thier computer
* Does not understand how AdWare/Spyware/Malware gets on thier computer in the first place.
* When they realize it's on thier computer, they will often belive it's nessecary for software to function. (I tried cleaning up my sister-in-laws Win98 PC, and she immediately blamed me for screwing it up the first time something didn't work the same way -- that's the only real anecdote I have, as I stay the bloody hell away from that kind of job).
* Assuming they realize that it's on thier computer, and they realize they don't have to live with it, then they can get rid of it. Once. But being able to get rid of it by getting a friend to install AdAware and Spybot S&D in no way affects thier ability to detect it on thier computer, or realize that something might be installing it.

Comparing Windows to Linux in this regard is just ignorant. There are is basically no Malware/Spyware programs on linux (I know there's some Adware out there, but I can't imagine it being terribly successful). And Linux users as a whole are self-selecting in this regard, and are used to having to live without software that they'd like to use.

That, and there are several pieces of very popular Adware (MSN Messenger for example) that are sufficiently useful to outweigh the cons of it being Adware.

So, really, the windows users who put up with this garbage simply because they don't know any better and trust the companies when they claim this garbage is nessecary, or that they choose to put up with the Adware to use a program that they want to use.

I also find it ironic that you're saying piracy is a tradeoff for running adware, when any person who is going to pirate things won't think anything of cracking adware to get rid of ads...

BTW, if you think Linux users don't pirate media, you're on fucking crack :)
Re:Separating Linux users from Windows users by Kphrak · 2004-08-17 10:05 · Score: 4, Insightful

I can't believe something a post as stupid as the parent's gets modded up, even for a few minutes.

Windows users don't allow spamware because they're guilty about piracy. Most of the users I've seen with large amounts of spyware wouldn't even download a free MP3; the only thing they download is their email or the latest forum page refresh, off AOL. They get spyware because of cluelessness about computers, not guilt.

The 15-year-olds who install spyware-filled filesharing programs don't feel guilty either; they use them for the same reason they use Internet Explorer. They don't know any better program, and their friends all use the same thing.

On the other hand, the savvy Linux copyright violator (not thief; copyright violation is not theft according to the law) will just use Mutella to share his MP3s, which has no weird restrictions and runs on the command line if so desired.

--

There's no sig like this sig anywhere near this sig, so this must be the sig.

My Spyware Experience by BlueOtto · 2004-08-17 08:56 · Score: 5, Informative

As the Intern/Pc Support Help Desk guy at my work, I'd estimate that about half of the problems here are a result of spyware. However, I have a process that works MOST of the time to totally eliminate it it from a computer. It takes time (usually around 30 minutes), but being totally thorough makes sure that one piece doesn't get left behind and bring everything else back. This is what I do:

-Run AdAware and Spybot Search and Destroy (get latest updates!)
-Run CWS Shredder
-Run HiJackThis and locate all curious entries and remove them
-Run msconfig.exe and clear all suspicious or even borderline suspicious entries from startup
-Check running processes for suspicious entries (doing this a lot makes you familiar with what is good and not good. Stuff like WhatsUp.exe -- usually bad. Or WJLHOWPDMNW.exe)
-Try to kill the processes, and then locate and delete those files. If you cannot delete them or end the processes, write them down and boot into safe mode to delete those files
-Finally, check Program Files for suspicious folders. That's where much of spyware hides. Apoint2K and and search bars and anything else are BAD!

Re:My Spyware Experience by Johnno74 · 2004-08-17 11:57 · Score: 3, Informative

Download process explorer from www.sysinternals.com. It will tell you the full path, command line and TONS of stuff about each process.

It will even tell you what files/registry entries the process has open, and what DLLs it has loaded.

I've often seen spyware in a DLL that is open so can't be deleted. Sometimes they load themselves into explorer.exe.

Open process explorer, search for the DLL and it will tell you the processes that have it open.
Either kill the process, or force close the file handle (often nukes the process, but whatever...)
then delete the dll.

... which should be on the FRONT PAGE! by arhar · 2004-08-17 08:57 · Score: 5, Funny

I think every time Claria is mentioned, it should be mentioned on the same page - hell, in the same sentence that Claria IS Gator, and their company name, names of everyone connected to the company, their significant others, and descendants down to the fifth generation, should be recorded in human history as worthless scum and vilified forever.

Re:... which should be on the FRONT PAGE! by romper · 2004-08-17 09:03 · Score: 5, Funny

No wonder the author of TFA said us Slashdotters think authors/supporters of spyware "should be burned at the stake". :)

--
Right is wrong when left is right.
Re:... which should be on the FRONT PAGE! by DavidTC · 2004-08-17 09:48 · Score: 2

Burning at the stake's too good for them.

--
If corporations are people, aren't stockholders guilty of slavery?
Re:... which should be on the FRONT PAGE! by AndroidCat · 2004-08-17 11:58 · Score: 4, Funny

It's redundant. Besides, impalement is green-friendly.

--
One line blog. I hear that they're called Twitters now.

Black hole them by router_ninja · 2004-08-17 08:57 · Score: 5, Interesting

it's a work around, and it's not pretty, but black hole the traffic before it hits the segment you have your ids's on (if possible). Example of known spyware destination ips (google): 4.4.23.227 4.8.104.90 4.18.162.102 4.21.117.158 4.36.44.3 4.38.98.140 4.43.44.32 4.43.44.128 4.65.105.109 12.14.172.204 12.29.97.96 12.30.241.70 12.30.241.74 12.30.241.106 12.30.241.242 12.36.78.54 12.37.62.0 12.39.105.80 12.47.196.49 12.98.204.163 12.99.231.36 12.129.72.201 12.129.198.41 12.129.201.99 12.129.204.6 12.129.204.99 12.129.204.107 12.129.204.122 12.129.204.125 12.129.204.158 12.129.204.160 12.129.204.183 12.129.204.197 12.129.204.204 12.129.204.208 12.129.204.219 12.129.205.102 12.129.205.105 12.129.205.120 12.129.205.162 12.129.205.167 12.129.205.171 12.129.205.206 12.129.205.220 12.129.211.125 12.129.225.165 12.129.229.191 12.129.248.48 12.129.248.128 12.130.12.30 12.130.12.106 12.130.91.7 12.145.139.160 12.148.21.23 12.148.209.196 12.153.20.152 12.153.20.157 12.158.80.10 12.168.32.90 12.168.33.58 12.168.33.194 24.1.248.148 24.3.113.25 24.7.145.249 24.27.205.221 24.30.8.185 24.42.211.66 24.57.164.38 24.57.240.53 24.58.172.230 24.71.18.34 24.72.3.189 24.90.4.150 24.90.243.203 24.101.203.184 24.104.40.39 24.104.40.52 24.106.94.101 24.108.132.26 24.125.77.118 24.126.133.124 24.141.149.114 24.151.184.187 24.173.79.235 24.207.243.16 24.218.47.171 24.222.112.75 24.229.80.135 24.235.212.163 24.242.151.203 38.113.1.80 38.113.1.111 38.113.1.151 38.113.1.155 38.113.1.159 38.113.3.122 38.113.193.6 38.113.198.80 38.113.198.132 38.113.198.136 38.113.198.176 38.113.198.235 38.113.199.63 38.113.204.182 38.114.129.148 38.117.144.27 38.117.144.30 38.117.144.50 38.117.144.162 38.117.174.2 38.117.174.20 38.118.144.180 38.119.65.135 38.119.65.137 38.170.72.194 61.8.3.212 61.16.133.250 61.43.30.91 61.78.61.223 61.115.205.23 61.129.67.141 61.129.67.149 61.129.67.151 61.129.69.190 61.135.131.23 61.135.131.31 61.135.131.36 61.135.131.39 61.135.131.42 61.135.131.128 61.135.131.174 61.135.131.237 61.139.65.222 61.145.75.227 61.145.75.233 61.149.2.221 61.152.251.25 61.177.222.222 61.213.156.128 62.13.25.201 62.13.25.209 62.23.124.88 62.23.137.170 62.26.219.11 62.27.21.101 62.27.59.227 62.27.59.245 62.39.85.0 62.39.108.98 62.39.122.20 62.56.244.55 62.57.74.14 62.58.2.5 62.65.34.64 62.65.36.136 62.65.252.93 62.65.252.226 62.69.162.144 62.69.162.171 62.75.193.84 62.93.224.242 62.96.181.197 62.97.109.50 62.101.246.77 62.104.23.56 62.115.254.26 62.118.240.27 62.118.248.72 62.118.251.0 62.119.21.132 62.119.21.135 62.119.21.150 62.119.21.157 62.119.133.10 62.119.133.11 62.121.105.75 62.146.24.251 62.146.222.65 62.148.166.3 62.149.0.12 62.149.0.140 62.149.36.64 62.150.129.118 62.153.59.95 62.160.32.0 62.161.184.96 62.172.199.20 62.178.238.135 62.181.185.37 62.181.185.44 62.189.43.224 62.189.74.144 62.189.244.232 62.193.206.144 62.210.139.48 62.210.164.83 62.212.117.198 62.219.114.145 62.233.196.72 etc. etc. etc.

--
CINCINNATI BELL IS TEH SUCK.

Venture Capitalist? by jaxon6 · 2004-08-17 08:58 · Score: 2, Interesting

Why the fuck is Venture Capitalist capitalized? Here's a news item: Boston Student Nurse performs CPR on fellow student, saving his life.

See how stupid it looks?

--
Do you see the sig? Do you have it in your sights? Why yes, Miss Moneypenny...

Re:Easy trick by djdavetrouble · 2004-08-17 09:04 · Score: 2, Insightful

he said
Go start>run>msconfig.exe, then to the startup tab - you can disable anything you want that is set to start up automatically.

EXCEPT most spyware and malware

--
music lover since 1969

It is a good reason... by hsoft · 2004-08-17 09:13 · Score: 2, Insightful

It is a good reason not to advertise with Overture... Advertising with them is a good way to make yourself a bad name.

--
perception is reality

PDF document listing the 9 circles of spyware hell by 5amTheButcher · 2004-08-17 09:16 · Score: 5, Insightful

Here's the link - now, what in that made it necessary to be distributed as a PDF, and not as an HTML/XML document? The proliferation of PDFs for information that can be displayed consistantly in other, more compact and less processor hungry formats, is frankly disturbing.

--
Cash prize, guaranteed!

Re:9 circles???? by vrTeach · 2004-08-17 09:16 · Score: 2, Informative

Nope, 9 is correct. The Divine Comedy

--
-- Mein Systemadminstrator hat einen großen schwarzen Moustache.

Re:Really? by vrTeach · 2004-08-17 09:19 · Score: 2, Informative

Claria prefer to call it Online Behavioral Marketing, according to their web site.

--
-- Mein Systemadminstrator hat einen großen schwarzen Moustache.

Re:as long as spyware actually does something by Wescotte · 2004-08-17 09:22 · Score: 4, Informative

Just toss up a link that opens www.weather.com and puts in their zip code for them.

TSR?? makes sense by gosand · 2004-08-17 09:23 · Score: 5, Funny

I had to grin when you referred to the tray programs as TSRs. You've been doing this awhile, eh?

From everything2.com:

TSR: an acronym from the words Testosterone Sterilized (female) Rat. A TSR manifests the persistent estrus syndrome. Lacking ovulatory cycles, she is sterile. The condition is induced experimentally by injections of testosterone prior to the age of eleven days. The first five days of life are the most sensitive or critical ones. Smaller doses are then effective. The effect is life-long.

So TSRs are sterilized vermin with teeth but no balls. Sounds about right.

--

My beliefs do not require that you agree with them.

Anti spyware toolbar? by Hamster+Lover · 2004-08-17 09:24 · Score: 3, Interesting

Others may have mentioned it, but an anti-spyware toolbar is like an anti-violence machine gun.

Cold Cash by COMON$ · 2004-08-17 09:31 · Score: 3, Interesting

Malware companies are not the only ones generating revenue here. There are a lot of Techs out there who are raking in the cash removing all this malware. It would be interesting to see some stats on how much money is spent removing all that crap.

--
CS: It is all sink or swim...oh and did I mention there are sharks in that water?

Spybot S+D has REALTIME protection by gelfling · 2004-08-17 09:39 · Score: 2, Insightful

So use it and it will block nearly everything it is capable of identifying. Keep the sig file up to date and run it off the scheduler every once in a while. Blow your Browser cache away once a week. In fact blow away ALL the cookies on a regular interval.

You will have essentially no spyware.

Ok, if it's so damned profitable... by danharan · 2004-08-17 09:40 · Score: 2, Funny

and people don't seem to care...

I propose we have an OSS implementation (well, likely we'd end up with a dozen, but stay with me), and make absolutely sure that people wanting to get paid for bundling it WARN people. We also give people an easy way to uninstall the software, and design it so that we're not invading people's privacy.

Monies raised could be used to fund OSS projects, marketing, design, usability, librairies, whatever we decide is useful. (Oh, yeah, I can see that forking into a thousand camps!).

Any takers? :)

--
Information: "I want to be anthropomorphized"

You must fight evil with another kind of evil* by idontgno · 2004-08-17 09:44 · Score: 3, Insightful

Imagine you own a peer-to-peer file-sharing application (for example, Kazaa) that is being used for copyright infringement en masse. People will do almost anything to get it, short of paying for it directly. So you get an adware distributor (say Claria, formerly Gator) to pay per installation of your application if you will bundle its adware.

Given that:

(MP|RI)AA hates P2P softare;
Claria is subsidizing the installation of P2P software;
Claria is profiting from the use of P2P software;
(MP|RI)AA habitually sues those responsible for the availability or use of P2P software:

Obiously, (MP|RI)AA should be suing Claria. Hard.

*The Chronicles of Riddick

--
Welcome to the Panopticon. Used to be a prison, now it's your home.

I've never really seen spyware by jimicus · 2004-08-17 09:48 · Score: 2, Interesting

I'm serious. I've never really seen much spyware.

True, I'm an IT professional. And on my home computer I use Linux almost exclusively.

And at work: nothing. Nada. Those few who have Internet access it's closely monitored & filtered, incoming email is thoroughly scanned and systems are locked down. And I see no spyware.

Last time I booted Windows at home (just a NAT'ing firwall as protection), it was Win2K and I did see a premium dialler try and install. Seems to me that the malware vendors are yearning for the Bad Old Days of Windows '9x, complete with 9 levels of DLL hell and drivers written by barbary apes. So they're using whatever they can to bring those days back.

Things like that remind me why I stopped working with Windows.

AOL stunned me too by Lispy · 2004-08-17 10:18 · Score: 2, Insightful

when I read the button on their homepage:
"You may already have a version of AOL installed on your computer! If you'd like to check us to check for you please click here..."

This is really sad. AOL has penetrated the whole planet with CDs for so many years that they can simply assume that there might already be some version of their adware-dialup-crap on any given machine. They admit with this button that they are well aware that most users are totally clueless of what software they are running on their computers. "Save me, AOL!"

Re:Geez, talk about picky... by drinkypoo · 2004-08-17 10:23 · Score: 3, Interesting

Well I admit I was being a wanker, but we didn't exactly invent multitasking so much later, it was being done in the age of DOS too. In fact a lot of the stuff that DOS does is a Unix ripoff, like redirection and pipes, and many of the commands. Of course it doesn't do it as well as Unix, but who expects it to? We certainly have brought Multitasking more to the consumer level, though. However, the first Amiga was released in 1985 and I should not need to tell you that its multitasking abilities are not equalled by any version of Windows until Windows 95. (Its other abilities are still not equalled by Windows in some ways, and far surpassed in others, but we won't go there.)

Also, GEOS was released for the C= 64 in 1986 and had pretty credible multitasking abilities, at least the equal (heh) of Windows 3.0, which didn't come out until 1990 - interestingly the same time at which GEOS came out for the PC. It's quite a shame that Windows triumphed over the far-technically-superior GEOS... Your numbers are spot on if you only consider PCs though, since QDOS is from 1980. If that's what you meant, ignore my sideways rant.

DOS sucked, though it is okay for doing one thing at a time. TSRs regularly stepped on one another and in general were a big pain in the ass. As much as you could get done with MARK and REL back in the day, I'm glad that time is over.

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"

Re:What defines the circles? by knarfling · 2004-08-17 10:41 · Score: 4, Informative

There is a .pdf file listed in the article. Downloading it shows Claria belongs in circle 6, The Heretics. Browser hijackers are circle 7, The Violent. Software that charges you without your knowledge is circle 8, the Liars, and software that tracks you keystrokes or transmits personal information belongs in the lowest of the low, The Betrayers.

--
Great civilizations have lived and died on false theories. Don't mess up mine with a few facts.

Recovering from Spyware. by Alien54 · 2004-08-17 10:58 · Score: 5, Informative

Spyware removal can be a pain. Here is a repost of something I posted earlier, along with some added details

He went down the merry path of trying to rescue the system in order to keep customer data intact. The story is typical of someone who is entering the fray without have their tools prepared in advance. The solution always looks easier than it really is.
In his case, he needed

a CD with all of the relevent tools and updates

a windows boot disk with CD support

an understanding of the windows command line in order to copy a subset of these tools to a convenient folder on the hard drive from the CD

The knowledge to run these tools from Safe mode, and how to get there in the first place

Include in the subset of tools one that can fix the broken LSP setup.
[LSP or Layered Service Provider is a piece of software that can be inserted into the Windows TCP/IP handler like a link in a chain. However, due to bugs in the LSP software or deletion of the software, this chain can get broken, rendering the user unable to access the Internet. Spyware is good at this, and some cleaners leave a broken LSP behind.

With the correct tool, the fix takes seconds. Without the tool, you need to uninstall and re-install the winsocket, or else the same with the entire network support. Otherwise you fall into the trap this poor bloke got into.]

tips - I deal with this stuff all of the time. The best data on this stuff can be found in articles at spywareinfo.net - the forums are not bad either, although spywarewarrior.com also has good forums. also good to have is this list of known rogue spyware cleaners [spywarewarrior.com], along with this list of Anti-Spyware Orphans & Outcasts [spywarewarrior.com]

My current recommended free antivirus is Avast! Home Edition [avast.com], which is very low maintenance for the home user, and requires registration for the free license. It also protect a number of common Instant Messenger clients, as well as several common P2P clients. It is better than AVG in my opinion, and detects many trojans as well as spyware.

You can get a system that is so hosed that it will not boot, not even into safe mode, even under XP. The solution there to remove the hard drive, drop it into an external drive enclosure, and hook it up to another system where you can use scanning software to do a basic clean so you can boot in the original configuration. Once it boots you can install cleaners from safe mode, and then run cleaners from inside every user account. Note that you still need to run the clean from inside each user account because otherwise things will hide in the seperate user folders.

Re: the LSP chain break -- HijackThis can sometimes fix it. Otherwise, Spybot can fix it. Xblock will also fix it. [xblock is an excellent first pass cleaner, with a freeware version available). (Spybot second, AdAware third)I always use more than one scanner, and scan multiple times.] Immunisers such as SpywareBlaster are also nice. All of these packages are mentioned at spywareinfo.com, which sometimes goes under due to DDOS problems from people who do not like the services they provide. (insert obligatory plug for someone to help them out, one way or another.)

--
"It is a greater offense to steal men's labor, than their clothes"

Re:Recovering from Spyware. by Alien54 · 2004-08-17 12:47 · Score: 4, Informative

Unless your windows back is infected, which often happens. Often the buggers will be in there for several months, which means that your backup is infected, even if ghosted.

--
"It is a greater offense to steal men's labor, than their clothes"
Re:Recovering from Spyware. by gblues · 2004-08-17 17:19 · Score: 3, Informative

XP SP2 also includes an automatic LSP chain fix tool.

Nathan

Re:Really? by Code+Dark · 2004-08-17 11:19 · Score: 2, Funny

"I'm not a spy, I'm simply observing the behavior of your military movements..."

--
- Code Dark

Re:Adbar by Alien54 · 2004-08-17 11:25 · Score: 2, Informative

removal instructions here

--
"It is a greater offense to steal men's labor, than their clothes"

Personally by odaen · 2004-08-17 11:50 · Score: 3, Informative

I don't consider Claria all that bad. It's easiesh to remove, and can be done by practically any anti-malware program (except maybe Yahoo's earlier attempts), and actually tells you *what* is installed. (At least it did when I had it on my PC)

Possibly the most annoying ones are the anomymous ones such as 'CoolWebSearch' which you don't know what to search for to get rid of it and the ones which you have no clue how to remove 'MySearch'.

Or the worse ones at all, the ones that break the address bar so you can't access any sites via. internet Explorer. Thankfully PC Gamer has started including Mozilla Firefox on its Cd's and I reckon a few other major magaizes will follow suite.

Quite possibly the worse one is that piece of paid adware, the one which you have to format your entire P.C to get rid of all traces of it. 'AOL'.

Re:TSR?? makes sense by BillX · 2004-08-17 11:55 · Score: 2, Funny

And all this time I thought it stood for Terminate & Suckup Resources.

--
Caveat Emptor is not a business model.

Don't touch that Gator! - Claria's going *public* by AndroidCat · 2004-08-17 12:12 · Score: 3, Insightful

Adware anxiety gives Claria cold feet The decision by adware leader Claria to postpone its initial public offering comes as the fast-growing business of advertising-supported software is increasingly coming under pressure.
For years, millions of people have acquired adware as the price of using free applications such as file-trading software from the likes of Kazaa. The adware, designed to track Web-surfing behavior and deliver targeted ads such as pop-ups, has become profitable enough to draw investors' interest. (snip)

Poor babies. I hope their public offering is a burnt one.

--
One line blog. I hear that they're called Twitters now.

Rise of Black Marketing by einhverfr · 2004-08-17 12:40 · Score: 2, Insightful

One of the trends I pointed out to the article (yes, I rtfa'd a while ago) is that spyware and adware models are endgangered by another trend-- the rise of what I call "black marketing" or marketing products via international cybercryme syndicates. We already have viruses which help to relay spam, and some of these (particularly online gambling and pornography) may have ties to organized crime. Remember that there *is* a connection between human trafficking and pornography but not all pornography is bad in this way. I do however suspect a connection in the rise of porn spam and organized crime.

We are also seeing a rise in the connection of spyware and adware to these gray markets. Some sites clearly cross the line and install horrible adware on one's system by exploiting security holes in Internet Explorer.

If I was releasing shareware, I would be going as fast as I could away from these techniques which are being adopted in far more visible ways by these syndicates. So it is no wonder that spyware and adware is starting to collapse as a legitimate market. But passing laws will probably further drive the market towards illegal activies.

--

LedgerSMB: Open source Accounting/ERP

The copyright system says that the only way you can expect to receive substantial revenue from your efforts to create useful content is to prevent free access to your content. If you provide your content in the most useful form, to the largest number of people who might find it useful, your income is guaranteed to be arbitrarily close to $0.

Spyware/adware is a natural response to this problem. Closed source is less useful than open source to users of software, but the intellectual property regime says it is a better business model, precisely because customers don't know what is in the software. Spyware just takes this principle to its logical conclusion: if it is good for the customer not to know what is in their software, let's exploit this ignorance to the maximum extent possible.

This will gradually kill the market for individual developers of mass-market software. Previously you had to convince your customers that it is worth the effort to download and try out your software, and then you had to convince them to pay you for it if they liked it, even though it is dead easy for them to not pay you and to keep on using the software anyway. Now you also have the hopeless task of convincing your customers that someone they have never heard of is not a spyware author.

--
Music: a super-stimulus for the perception of musicality. Musicality: a perceived aspect of speech.

It's much worse than people think. (Rant) by Decclan+Macmanus · 2004-08-17 16:26 · Score: 5, Interesting

First let me explain what I do for a living. I am a computer technician for a Networking company that handles law firms, doctor offices and such. Each of these places will have anywhere from 5 to 100 computers in their office. I would say I am forced to clean machines of spyware, malware, adware and viruses about 90% of my work orders. I have become proficient in doing so with all the practice I've had. These office employees of my clients just download everything they see. They answer yes to every question that get asked on a website. They do not read it and wouldn't understand it if they did. I am talking about EULA agreements of course. The legalese subtly hides the subject of the agreement that even the lawyers at these law firms cannot decipher it. I've done some testing on how easy it is to get infected with spyware and viruses without the consumer's awareness. I connected a freshly installed Windows XP machine to a broadband connection with no firewall in place and no spyware or virus detection programs in place. I surfed well known websites that millions of people search everyday for about five minutes. I then installed Spybot 1.3, Adaware 6.0 and Hijackthis onto the machine. In those five minutes of unprotected internet browsing the computer had over five different spyware programs installed including: VX2 Better Internet, a CoolWebSearch varient, New.net varient and some a couple of tracking cookies. This was five minutes of browsing mind you and I got three of the worse programs in their genre. I have recently found out that New.net actually has bundle parterships with several big companys including Earthlink, Net Zero and Juno. New.net has actually threatened or sued spyware removal companys like Spybot and Adaware. Spybot backed down from them and removed any New.net detection from their program. Lavasoft who makes Adaware is fightning back in court against New.net. New.net claims these companys are giving a bad name to their software by saying they are malware programs that collect data or supply ads to the end-user. New.net says it does not do that but I know first hand they are lying. I had a machine that was infected with New.net that caused AD popups, totally screwed the clients network connections. And these companys are legal businesses!! All I know is the government needs to step in and regulate these companys. The invasion of privacy they do on our computers is no different from a voyeur peeping in your house window or somebody tapping your phone or reading your mail without your knowledge. And yes Microsoft operating systems are the easy targets because a good portion of the world and mostly home users use Microsoft OS's. Mac and Linux people think they are safe but that will change. The more people use those machines the more spyware and viruses will surface. There already is some spyware programs for the Macintosh and a couple of viruses. The best thing for the home user to do is takes steps in protecting your computer. Use a good firewall, Keep your Windows updated, Use a different browser (I use Firefox) than Internet Explorer. Have a good antivirus program installed and updated everyday. New viruses are discovered nearly everyday. Use programs like Spybot, Ad-aware and Spyblaster( (protects against bad Active X downloads.) Take the time to actually learn to use these programs fully. Spybot has some extra tools that are great. HijackThis is great but you need to know what you are looking at. If you see a EULA agreement pop-up on your screen take the time to read it and also look up the company or software you are trying to install on Google.com and do some research on what people say about their programs. Pestpatrol.com is also a great site for learning about these malicous programs. The spyware developers are getting smarter as well. There are some spyware programs that run in the background but do not show a process in Taskmanager. Some variants regenerate themselves even after removal (usually by some leftover registry entries called "tricklers" or install programs that are hiding in your Te

Re:It's much worse than people think. (Rant) by alexbartok · 2004-08-17 19:04 · Score: 2, Funny

line
breaks
make
things
easier
to
read :P

Are you all insane? by Slur · 2004-08-17 21:16 · Score: 4, Insightful

I can't believe how nearly everyone in this topic seems to accept spyware and adware as a fact of life, and that you accept the necessity of buying programs to detect and remove this stuff.

Have you all been completely brainwashed by Microsoft? The existence of spyware is Microsoft's fault, and all the time you waste over this crap is owed to you by Microsoft.

First of all, it should not be possible for software to get surreptitiously installed on your computer without your being aware of it. To the degree that this is possible it is the fault of the OS developer.

I just don't get it. If adware and spyware started showing up on Mac OS X you can bet Apple would institute sweeping changes to prevent it from happening.

Frankly I don't know why there isn't a huge class-action suit against Microsoft for encouraging spyware and adware development. And how much crossover is there between spyware and adware developers and the developers of detection/removal software.

Seriously, someone explain why you put up with it?

--
-- thinkyhead software and media

Recovering from Spyware - The easy method by Oddly_Drac · 2004-08-17 21:52 · Score: 2, Informative

"You can get a system that is so hosed that it will not boot, not even into safe mode, even under XP."

For crying out loud; Boot from the CD, go through the motions of installing Windows XP, choose 'repair this installation'.

You can now recycle the extra verbage for other things.

--
Oddly Draconis
Too cynical to live, too stubborn to die.

Trust by MightyYar · 2004-08-18 00:56 · Score: 2, Insightful

What kind of world do we live in where we can't even trust a giant faceless corporation?

--
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.

sad by Sv-Manowar · 2004-08-18 05:59 · Score: 2, Interesting

the amount of friends and families' pcs i see nowdays with spyware,adware and stuff on them is unfunny. They are going to have to start cracking down on this with law penalties like can spam (oh wait, that did nothing)

--
Business Voyeur

125 of 437 comments (clear)