I need to install a bunch of Spyware...

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,297
Location
I am omnipresent
Sounds like an odd request, yes? And it's funny, too, because I know about three dozen people who seem to be able to get hundreds of spyware doo-dads installed on their computers no matter what I do to prevent it.

But I'd like to create a Windows XP install with a ton of spyware already installed, so I can better demonstrate removal techniques. To date I have been installing a program called "ABC Scrabble", which installs DyFuCa and a couple other things, but despite my best efforts, machines with that particular parasite remain fairly usable.

So does anyone know of a program or web site I can hit to royally hose a computer?
 

LiamC

Storage Is My Life
Joined
Feb 7, 2002
Messages
2,016
Location
Canberra
I thought Gator, Kazaa, Comet cursor and just about any dialler from porn sites should do the trick.

Don't know where to get that stuff from though. Especially the porn.

Really.

:bleh:
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,297
Location
I am omnipresent
Well I don't, either. Even the porn, which as we all know, is something I'm more than passingly familar with.

There's a funny thing: Some of my "unsual suspects" of spyware vectors have cleaned up their act. iMesh used to be scumware armageddon. Version five installs nothing but imesh, far as I can tell.

I ended up hitting oldversion.com for a copy of imesh 4.0, which is the criminally bad one I remember. Also went ahead and grabbed Grokster, which I happen to know will actually add its parasite load to Adaware's ignore list when it installs.

... and the Radlight Media player, which actively removes Adaware as part of its install.

And I've downloaded good old Hotbar, just because.

But I'm looking for something truly crushing, a Xupiter or CoolWWWsearch, and I'm not seeing those. I know they're still out there someplace, because people still get them. I just can't figure out HOW.
 

LiamC

Storage Is My Life
Joined
Feb 7, 2002
Messages
2,016
Location
Canberra
Mercutio said:
And I've downloaded good old Hotbar, just because.

But I'm looking for something truly crushing, a Xupiter or CoolWWWsearch, and I'm not seeing those. I know they're still out there someplace, because people still get them. I just can't figure out HOW.

I must be losing my mind. How could I forget Hotbar, or Xupiter? That freakin' piece of garbage caused me no end of trouble getting it off of the in-laws 'puter.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,297
Location
I am omnipresent
Most of those viruses are Trojan Horses that are made expressly to install Spyware - that's how the ABC Scrabble payload works, for example.
But again, I don't know where people pick those things up.

Maybe non-filtered results from P2P software? IM spam?
 

Buck

Storage? I am Storage!
Joined
Feb 22, 2002
Messages
4,514
Location
Blurry.
Website
www.hlmcompany.com
Don't you have anti-virus software that quarantines these pests? Couldn't you un-quarantine them? You know, if they're exe files, run them.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,297
Location
I am omnipresent
That is an idea that I had, but the first few things I looked at didn't have links off site. I see now that in some cases doxdesk does link to offending sites.

Thanks!
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,744
Location
Horsens, Denmark
Don't forget my personal "favorites" webshots, accutime, and scheduler from our friends at Gator <ahem> Clarion. That'll get you some spiffy IE toolbars as well!
 

jtr1962

Storage? I am Storage!
Joined
Jan 25, 2002
Messages
4,379
Location
Flushing, New York
Let my niece use the computer for a few hours. My sister had her computer cleaned about four times already (three by me and once by someone else for $100) and the junk keeps coming back. They all swear that they don't go to any sites that have spyware (yeah, right). I don't know what my niece does, but my brother-in-law goes to wresting, body-building, and car sites. You might try some of those, especially the wrestling sites, to see what you might pick up.

If all else fails, let a few kids surf with the computer for a couple of hours. That'll screw up any machine. Just ghost the hard drive and then you can recreate a messed up PC at will.
 

Santilli

Hairy Aussie
Joined
Jan 27, 2002
Messages
5,285
Download the trial of Penicillin, and go bouncing around porn sites, with all no security, any music site, and download Kaaza and all that, and see how you do.

S
 

i

Wannabe Storage Freak
Joined
Feb 10, 2002
Messages
1,080
I actually saved copies of some of the spyware executables from the last system I cleaned up. I'll see if I can find them.
 

Santilli

Hairy Aussie
Joined
Jan 27, 2002
Messages
5,285
Darn, M, ....

Go for music downloads. In an hour, one high school kid put over 57 spyware programs on my computer....


s
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,297
Location
I am omnipresent
Grokster turned out to be absolutely devastating in terms of what it installed. Easily the worst thing I could find.

SurfSidekick version 3 was in either Hotbar or Grokster's installer. SurfSidekick 3 integrates into explorer; runs in safe mode and can't be removed by Housecall, Hijack This, Adaware or Spybot, although all of the above detect it, nor by direct registry editing. Process Explorer showed that the .exe and couple DLLs were opened by literally every program that had any files open. That's a pretty deep infection.

Which made it a great test case to show my students.

We found removal instructions for version 1 and 2 that didn't even touch 3. Finally found some instructions on a web forum to get rid of it, but by that point I didn't have enough time to run through them.

The possibility that something like that might've come from Hotbar is chilling. I uninstall that POS all the time. There's always someone who wants 1000 free smilies, I guess.
 

Santilli

Hairy Aussie
Joined
Jan 27, 2002
Messages
5,285
Mercutio said:
Grokster turned out to be absolutely devastating in terms of what it installed. Easily the worst thing I could find.

SurfSidekick version 3 was in either Hotbar or Grokster's installer. SurfSidekick 3 integrates into explorer; runs in safe mode and can't be removed by Housecall, Hijack This, Adaware or Spybot, although all of the above detect it, nor by direct registry editing. Process Explorer showed that the .exe and couple DLLs were opened by literally every program that had any files open. That's a pretty deep infection.

Which made it a great test case to show my students.

We found removal instructions for version 1 and 2 that didn't even touch 3. Finally found some instructions on a web forum to get rid of it, but by that point I didn't have enough time to run through them.

The possibility that something like that might've come from Hotbar is chilling. I uninstall that POS all the time. There's always someone who wants 1000 free smilies, I guess.

No BS.

The spyware problem

Grokster is a Peer-To-Peer File Sharing program. It offers free, peer-to-peer fast and detailed searches, no incomplete/failed downloads, auto resume, fast downloads, file preview, and ability to handle all file types. In an organization, Grokster can severely degrade network performance and consume vast amounts of storage. Installs numerous other products, including Active Delivery, CasinoOnNet, ClipGenie, CommonName, Cydoor, DelFin Media Viewer, DownloadWare, eUniverse, FavoriteMan, FlashTrack, Gator, IGetNet, IGetNet/ClearSearch, IncrediFind, IPInsight, Look2Me, Lycos.SideSearch, NetworkEssentials, NetworkEssentials/SCBar, PeopleOnPage, RVP, SAHAgent, Search-EXE, SearchEnhancement, TOPicks, VX2/e, VX2/f, and Webhancer.

Recent versions of Grokster the download includes additional applications that are bundled within the software's installer file, some of which may be provided by parties other than the developer of this download. These applications may deliver advertisements, collect information, overlay content or graphics on the Web site you are viewing, or modify your system settings. Pay close attention to the options presented to you during the installation process. As of 9/3/02, the version of Grokster available for download requires that you also install Cydoor and GAIN components. During installation, you will also be presented with more than 10 optional installation items and/or services from Symantec, File Freedom, New.net, eBates, GreenCarrot, and others.

Additional information from Spyware Information Center Spyware Information Center and Microsoft are the sources for this information. Source citations Computer Associates Spyware Information Center http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453060425

Microsoft Corporation http://support.microsoft.com/default.aspx?scid=kb;en-us;317013 and http://search.microsoft.com/search/results.aspx?view=en-us&st=b&na=82&qu=grokster
Can we say scary?


GS
 

Bozo

Storage? I am Storage!
Joined
Feb 12, 2002
Messages
4,396
Location
Twilight Zone
Try Yahoo IM. My sons computer was completely hosed after loading this garbage.
Also, download some software from a warrez sight.

If you are using IE, don't add any of the patches or updates and leave it connected to te net overnight.

Bozo :mrgrn:
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,931
Location
USA
Yahoo IM is fine. We have to use it at work (not my choice) and it hasn't put anything detectable on our systems.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,297
Location
I am omnipresent
Yahoo IM by itself doesn't install any Spyware at all. It's part of our classroom install. Your son is probably accepting file transfers or something.
 

Buck

Storage? I am Storage!
Joined
Feb 22, 2002
Messages
4,514
Location
Blurry.
Website
www.hlmcompany.com
Yahoo IM, or other popular IM clients are just like Incruddiemail and Outlook Express -- as has been mentioned, they don't install spyware. They have relatively little security to help protect against virus and spyware attacks. Compound this weakness with poor or no malware protection, and you are dead.
 
Top