Amiga.org
Amiga computer related discussion => Amiga Software Issues and Discussion => Topic started by: AndyC on February 08, 2003, 03:55:17 PM
-
Righty...
So, here I was minding my own business doing some housework with my PC playing some tunes while connected to the internet...
After about an hour, I head back to my PC to see some alarming things had happened.
Firstly, there are 2 new icons in the system tray... no idea why they were there!
Then there's the two new program groups in my Startmenu... and then I saw it.
GAIN.
Bugger.
Basically, without me clicking any buttons, or giving permission, there are now two applications running on my PC, with Gator in the background.
After a bit of searching, I found the install log... which made alarming reading... here it is for all to see...
C:\WINDOWS\TEMP\fsg_tmp\PdpSetup3201.exe v3201 starts Sat Feb 08 12:52:41 2003
Updating security...
-> Not supported on Windows 98.
DelVal HKLM\software\Gator.com, SetupStartedMessageSent... OK (didn't exist)
Fixing old-version anomalies:
Updating OC EntityFlag: Updating Gator EntityFlag: Not set.
Removing 2.x GSNInstalled value... DelVal HKLM\software\Gator.com\CMEII, GSNInstalled... OK (didn't exist)
PreviousInstallInfo:
Version: ""
AIC: ""
GatorInst: 0
OCInst: 0
CmeKeyExists: 0
LogToServer SENT: SILENTSETUP=START<^E>828957AD-5B35-4063-91C3-2768B5F59304<^E>HIC_TargetSearches<^E>3.2.0.1
WriteDW: HKLM\software\Gator.com, SetupStartedMessageSent=1... OK (0)
#STEP_EnsureOnlySetupApp:
Prev app is "None"... PdpSetup can run!
#STEP_CreateSentinel:OK
System Folders:
ProgramFilesDir = "C:\Program Files"
CommonFilesDir = "C:\Program Files\Common Files"
#STEP_CheckIfGatorAlreadyInstalled:
No previous version found.
#STEP_CheckOS: OS Version: 4.10.2222.1 - Windows 98 (allowed)
#STEP_CheckDiskSpace:
#STEP_ShutdownApp:
EnsureNoAppsRunning:
EnsureNotRunning(CME):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
EnsureNotRunning(Gator):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
EnsureNotRunning(OfferCompanion):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
EnsureNotRunning(GMT):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
#STEP_LoadInfo:
ReadSetting(SetupInf)... value="c:\windows\TEMP\fsg_tmp\files\PdpSetup.inf" OK
ReadSetting(Bundle)... value="c:\windows\TEMP\fsg_tmp\files\3305.gsz" OK
ReadSetting(OemResDllFile)... value="" OK
ReadSetting(OemResDllName)... value="" OK
#STEP_ProcessSetupInf:
WriteDW: HKLM\software\Gator.com\Gator\dyn\Settings, RequirePassword=0... OK (0)
WriteDW: HKLM\software\Gator.com\Gator\dyn\Settings, MinPasswordLength=0... OK (0)
WriteDW: HKLM\software\Gator.com\Gator\stat\GMT\Settings, IMU_Delay=0... OK (0)
WriteDW: HKLM\software\Gator.com\Gator\stat\GMT\Settings, AU_DelayHrs=0... OK (0)
-> OK
#STEP_CheckInstallGatorOffers:
ShouldInstallApp(Gator):
Install (INF flag): 0
Upgrade (file exists): 0 (C:\Program Files\Gator.com\Gator\Gator.exe)
-> NO
ShouldInstallApp(Offers):
Install (INF flag): 0
Upgrade (file exists): 0 (C:\Program Files\Gator.com\OfferCompanion\Offers.exe)
Upgrade (file exists): 0 (C:\Program Files\Gator.com\Gator\Offers.exe)
-> NO
#STEP_Migrate:
GMT.exe (C:\Program Files\Common Files\GMT\GMT.exe) NOT found, performing migration...
Migrating installed files:
Old dir is "C:\Program Files\Gator.com\Gator
New dir is "C:\Program Files\Common Files\GMT
Migration skipped: no files or subdirs
Removing pre-1.8 Uninstaller...
Deleting "C:\WINDOWS\GatorUninstaller.exe"... OK (didn't exist)
Deleting "C:\WINDOWS\Start Menu\Programs\Gator.com\Gator\GatorUninstaller.exe"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\GatorUninstaller.exe"... OK (didn't exist)
Removing 2.5/2.6 Uninstaller...
Deleting "C:\Program Files\Common Files\GMT\GSNUninstaller.exe"... OK (didn't exist)
Deleting CTB files from C:\Program Files\Common Files\GMT...
Deleting "C:\Program Files\Common Files\GMT\ctbrte2.dll"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\ctb.dat"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\upd_ctb.dat"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\last_ctb.dat"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\ctbg.xcl"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\upd_ctbg.xcl"... OK (didn't exist)
#STEP_InitBundle:
Bundle Init completed successfully.
#STEP_ExtractItems:
Extracting GMT.exe to c:\windows\TEMP\GBI42B2.TMP...
Extracting GatorStubSetup.exe to c:\windows\TEMP\GBI42B3.TMP...
Extracting GUninstaller.exe to c:\windows\TEMP\GBI42B4.TMP...
Extracting egIEEngine.dll to c:\windows\TEMP\GBI42B5.TMP...
Extracting EGIEProcess.dll to c:\windows\TEMP\GBI42B6.TMP...
Extracting EGNSEngine.dll to c:\windows\TEMP\GBI42B7.TMP...
Extracting GatorRes.dll to c:\windows\TEMP\GBI42B8.TMP...
Extracting Helper.wav to c:\windows\TEMP\GBI42B9.TMP...
Extracting FillIn.wav to c:\windows\TEMP\GBI42BA.TMP...
Extracting GMT.exe.manifest to c:\windows\TEMP\GBI42BB.TMP...
Extracting CMESys.exe to c:\windows\TEMP\GBI42BC.TMP...
Extracting CMEIIAPI.dll to c:\windows\TEMP\GBI42BD.TMP...
Extracting CMEUpd.exe to c:\windows\TEMP\GBI42BE.TMP...
Extracting GAppMgr.dll to c:\windows\TEMP\GBI42BF.TMP...
Extracting GController.dll to c:\windows\TEMP\GBI42C0.TMP...
Extracting GDwldEng.dll to c:\windows\TEMP\GBI42C1.TMP...
Extracting GFormCTM.dll to c:\windows\TEMP\GBI42C2.TMP...
Extracting GIocl.dll to c:\windows\TEMP\GBI42C3.TMP...
Extracting GIoclClient.dll to c:\windows\TEMP\GBI42C4.TMP...
Extracting GMTProxy.dll to c:\windows\TEMP\GBI42C5.TMP...
Extracting GObjs.dll to c:\windows\TEMP\GBI42C6.TMP...
Extracting GStore.dll to c:\windows\TEMP\GBI42C7.TMP...
Extracting GStoreServer.dll to c:\windows\TEMP\GBI42C8.TMP...
Extracting GSvcMgr.dll to c:\windows\TEMP\GBI42C9.TMP...
Extracting GSvcSAP.dll to c:\windows\TEMP\GBI42CA.TMP...
Extracting Gtools.dll to c:\windows\TEMP\GBI42CB.TMP...
Extracting bundle.inf to c:\windows\TEMP\GBI42CC.TMP...
#STEP_DecompressItems:
Decompressing "c:\windows\TEMP\GBI42B2.TMP" to "C:\Program Files\Common Files\GMT\GMT_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42B3.TMP" to "C:\Program Files\Common Files\GMT\GatorStubSetup_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42B4.TMP" to "C:\Program Files\Common Files\GMT\GUninstaller_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42B5.TMP" to "C:\Program Files\Common Files\GMT\egIEEngine_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42B6.TMP" to "C:\Program Files\Common Files\GMT\EGIEProcess_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42B7.TMP" to "C:\Program Files\Common Files\GMT\EGNSEngine_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42B8.TMP" to "C:\Program Files\Common Files\GMT\GatorRes_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42B9.TMP" to "C:\Program Files\Common Files\GMT\Helper_wav.INT"...
Decompressing "c:\windows\TEMP\GBI42BA.TMP" to "C:\Program Files\Common Files\GMT\FillIn_wav.INT"...
Decompressing "c:\windows\TEMP\GBI42BB.TMP" to "C:\Program Files\Common Files\GMT\GMT.exe_manifest.INT"...
Decompressing "c:\windows\TEMP\GBI42BC.TMP" to "C:\Program Files\Common Files\CMEII\CMESys_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42BD.TMP" to "C:\Program Files\Common Files\CMEII\CMEIIAPI_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42BE.TMP" to "C:\Program Files\Common Files\CMEII\CMEUpd_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42BF.TMP" to "C:\Program Files\Common Files\CMEII\GAppMgr_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C0.TMP" to "C:\Program Files\Common Files\CMEII\GController_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C1.TMP" to "C:\Program Files\Common Files\CMEII\GDwldEng_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C2.TMP" to "C:\Program Files\Common Files\CMEII\GFormCTM_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C3.TMP" to "C:\Program Files\Common Files\CMEII\GIocl_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C4.TMP" to "C:\Program Files\Common Files\CMEII\GIoclClient_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C5.TMP" to "C:\Program Files\Common Files\CMEII\GMTProxy_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C6.TMP" to "C:\Program Files\Common Files\CMEII\GObjs_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C7.TMP" to "C:\Program Files\Common Files\CMEII\GStore_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C8.TMP" to "C:\Program Files\Common Files\CMEII\GStoreServer_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C9.TMP" to "C:\Program Files\Common Files\CMEII\GSvcMgr_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42CA.TMP" to "C:\Program Files\Common Files\CMEII\GSvcSAP_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42CB.TMP" to "C:\Program Files\Common Files\CMEII\Gtools_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42CC.TMP" to "c:\windows\TEMP\bundle_inf.INT"...
#STEP_RenameItems:
Renaming "C:\Program Files\Common Files\GMT\GMT_exe.INT" to "C:\Program Files\Common Files\GMT\GMT.exe"
Renaming "C:\Program Files\Common Files\GMT\GatorStubSetup_exe.INT" to "C:\Program Files\Common Files\GMT\GatorStubSetup.exe"
Renaming "C:\Program Files\Common Files\GMT\GUninstaller_exe.INT" to "C:\Program Files\Common Files\GMT\GUninstaller.exe"
Renaming "C:\Program Files\Common Files\GMT\egIEEngine_dll.INT" to "C:\Program Files\Common Files\GMT\egIEEngine.dll"
Renaming "C:\Program Files\Common Files\GMT\EGIEProcess_dll.INT" to "C:\Program Files\Common Files\GMT\EGIEProcess.dll"
Renaming "C:\Program Files\Common Files\GMT\EGNSEngine_dll.INT" to "C:\Program Files\Common Files\GMT\EGNSEngine.dll"
Renaming "C:\Program Files\Common Files\GMT\GatorRes_dll.INT" to "C:\Program Files\Common Files\GMT\GatorRes.dll"
Renaming "C:\Program Files\Common Files\GMT\Helper_wav.INT" to "C:\Program Files\Common Files\GMT\Helper.wav"
Renaming "C:\Program Files\Common Files\GMT\FillIn_wav.INT" to "C:\Program Files\Common Files\GMT\FillIn.wav"
Renaming "C:\Program Files\Common Files\GMT\GMT.exe_manifest.INT" to "C:\Program Files\Common Files\GMT\GMT.exe.manifest"
Renaming "C:\Program Files\Common Files\CMEII\CMESys_exe.INT" to "C:\Program Files\Common Files\CMEII\CMESys.exe"
Renaming "C:\Program Files\Common Files\CMEII\CMEIIAPI_dll.INT" to "C:\Program Files\Common Files\CMEII\CMEIIAPI.dll"
Renaming "C:\Program Files\Common Files\CMEII\CMEUpd_exe.INT" to "C:\Program Files\Common Files\CMEII\CMEUpd.exe"
Renaming "C:\Program Files\Common Files\CMEII\GAppMgr_dll.INT" to "C:\Program Files\Common Files\CMEII\GAppMgr.dll"
Renaming "C:\Program Files\Common Files\CMEII\GController_dll.INT" to "C:\Program Files\Common Files\CMEII\GController.dll"
Renaming "C:\Program Files\Common Files\CMEII\GDwldEng_dll.INT" to "C:\Program Files\Common Files\CMEII\GDwldEng.dll"
Renaming "C:\Program Files\Common Files\CMEII\GFormCTM_dll.INT" to "C:\Program Files\Common Files\CMEII\GFormCTM.dll"
Renaming "C:\Program Files\Common Files\CMEII\GIocl_dll.INT" to "C:\Program Files\Common Files\CMEII\GIocl.dll"
Renaming "C:\Program Files\Common Files\CMEII\GIoclClient_dll.INT" to "C:\Program Files\Common Files\CMEII\GIoclClient.dll"
Renaming "C:\Program Files\Common Files\CMEII\GMTProxy_dll.INT" to "C:\Program Files\Common Files\CMEII\GMTProxy.dll"
Renaming "C:\Program Files\Common Files\CMEII\GObjs_dll.INT" to "C:\Program Files\Common Files\CMEII\GObjs.dll"
Renaming "C:\Program Files\Common Files\CMEII\GStore_dll.INT" to "C:\Program Files\Common Files\CMEII\GStore.dll"
Renaming "C:\Program Files\Common Files\CMEII\GStoreServer_dll.INT" to "C:\Program Files\Common Files\CMEII\GStoreServer.dll"
Renaming "C:\Program Files\Common Files\CMEII\GSvcMgr_dll.INT" to "C:\Program Files\Common Files\CMEII\GSvcMgr.dll"
Renaming "C:\Program Files\Common Files\CMEII\GSvcSAP_dll.INT" to "C:\Program Files\Common Files\CMEII\GSvcSAP.dll"
Renaming "C:\Program Files\Common Files\CMEII\Gtools_dll.INT" to "C:\Program Files\Common Files\CMEII\Gtools.dll"
Renaming "c:\windows\TEMP\bundle_inf.INT" to "c:\windows\TEMP\bundle.inf"
-> All files renamed successfully.
#STEP_InstallOemResDll:
None supplied (OK).
DelVal HKLM\software\Gator.com\Gator\dyn, OEMResDll... OK (didn't exist)
#STEP_InstallApps:
Pre-installed apps: ""
App-install requests: "DateManager$aic$$tid$CONB25PrecisionTime$aic$$tid$CONB25"
WriteCmePdpRegSettings:
(no PreInstalledApps)
AppRequests:
WriteSZ: HKLM\software\Gator.com\PDP\Install, 000="DateManagerHIC_TargetSearches3E4451CECONB25PrecisionTimeHIC_TargetSearches3E4451CECONB25"... OK (123)
SetCmePendingApps, reason=AppRequests
Updating 'OemInstall' flag...
Value not changed: OemInstall
**Installing GMT...
EnsureNotRunning(GMT):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
EnsureAppFilesLockable(GMT):
Using 3x Event... OK.
Using Pre-3x method... OK.
Installing GMT...
UnlistApp(GMT)
WriteSZ: HKLM\software\Gator.com\Gator\stat\GMT, Uninstaller="C:\Program Files\Common Files\GMT\GUninstaller.exe"... OK (0)
WriteSZ: HKLM\software\Gator.com\Gator\stat\GMT\Settings, WorkingDir="C:\Program Files\Common Files\GMT"... OK (0)
WriteSZ: HKLM\software\Gator.com\Gator\stat\GMT\Settings, GMTExe="C:\Program Files\Common Files\GMT\GMT.exe"... OK (0)
WriteSZ: HKLM\software\Gator.com\Gator\dyn, AppPath="C:\Program Files\Common Files\GMT"... OK (0)
WriteSZ: HKLM\software\Gator.com\Gator\dyn, AppExe="GMT.exe"... OK (0)
SUU_DoGainStartMenuItem(C:\Program Files\Common Files\GMT\GMT.exe):
Removing current-user Start Menu Program folder for "GAIN"... folder is "C:\WINDOWS\Start Menu\Programs\GAIN"... didn't exist (OK).
Creating Start Menu Program folder "C:\WINDOWS\Start Menu\Programs\GAIN"... OK
Adding URL to Start Menu Program folder (C:\WINDOWS\Start Menu\Programs\GAIN\GAIN Website.URL)... OK
->OK
Removing current-user Start Up Menu item for "GStartup"... File is "C:\WINDOWS\Start Menu\Programs\StartUp\GStartup.lnk"... didn't exist (OK).
-> OK
**NOT installing Gator.
**NOT installing Offers.
**Installing CMESys...
EnsureNoAppsRunning:
EnsureNotRunning(CME):
EnsureNotRunning(Gator):
EnsureNotRunning(OfferCompanion):
EnsureNotRunning(GMT):
EnsureAppFilesLockable(CMESys):
Installing CME...
UnlistApp(CME)
Successfully added "CMESys="C:\Program Files\Common Files\CMEII\CMESys.exe"" to the Start-with-Windows list
WriteSZ: HKLM\software\Gator.com\CMEII, appPath="C:\Program Files\Common Files\CMEII\CMESys.exe"... OK (0)
WriteSZ: HKLM\software\Gator.com\CMEII, Uninstall="C:\Program Files\Common Files\GMT\GUninstaller.exe /CME"... OK (0)
WriteSZ: HKLM\software\Gator.com\CMEII, server="gatorcme.gator.com"... OK (0)
WriteDW: HKLM\software\Gator.com\CMEII, port=80... OK (0)
WriteSZ: HKLM\software\Gator.com\CMEII, srvPath="gatorcme"... OK (0)
DelVal HKLM\software\Gator.com\CMEII, log... OK (didn't exist)
WriteDW: HKLM\software\Gator.com\CMEII, FirstRun=1... OK (0)
WriteDW: HKLM\software\Gator.com\CMEII, PendingApps=1... OK (0)
WriteSZ: HKLM\software\Gator.com\CMEII, GAINUpgrade="none,3.3.0.5"... OK (0)
GatorPre3XState:
Gator state: (never installed?)
OfferCompanion state: (never installed?)
WriteSZ: HKLM\software\Gator.com\CMEII, GatorPre3XState="gator::;offercompanion::"... OK (0)
-> OK
#STEP_StartApps:
WriteDW: HKLM\software\Gator.com\Gator\stat, InstallDate=1044708765... OK (0)
Setting GAIN AIC: Set value to "HIC_TargetSearches"
WriteSZ: HKLM\software\Gator.com\Gator\stat, AIC="HIC_TargetSearches"... OK (0)
Setting GAIN TID: Set value to "3E4451CE"
WriteSZ: HKLM\software\Gator.com\Gator\stat, GainTid="3E4451CE"... OK (0)
SUL_EnsureAppsRunning()...
EnsureGatorRunning():
No 'Restart' command for Gator, trying default cmdline.
No default commandline for Gator.
EnsureOffersRunning():
No 'Restart' command for OfferCompanion, trying default cmdline.
No default commandline for OfferCompanion.
EnsureGmtRunning():
No 'Restart' command for GMT, trying default cmdline.
Launching "C:\Program Files\Common Files\GMT\GMT.exe /oem"... rslt=success, err=0
**Client mutex FOUND
EnsureCMERunning():
No 'Restart' command for CME, trying default cmdline.
Launching "C:\Program Files\Common Files\CMEII\CMESys.exe"... rslt=success, err=0
SUL_LaunchSetupApps()...
(No apps in list)
DelKey HKLM\software\Gator.com\Setup\Launch... OK (didn't exist)
#STEP_LaunchIndependantExes:
(None to launch)
SilentSetup completed successfully !!!
Set completion code: "SUCCESS"
LogToServer SENT: SILENTSETUP=END<^E>828957AD-5B35-4063-91C3-2768B5F59304<^E>HIC_TargetSearches<^E>SUCCESS<^E>(no detail)
Log closes Sat Feb 08 12:52:54 2003
So there we have it.
Now i can't get the bloody thing uninstalled and I have ad popups on my machine every 2 minutes!!!
AAARRGGHHH!!
Where's my copy of AdAware????
If anyone knows how to get rid of this please help!!!
Cheers,
AndyC
-
You can only get rid of GAIN if you get rid of the app it was installed with. Gain is a lame advertising tool some idiot dreamed up to take over from shareware fees.
You probably (but not necessarily!) got GAIN from a copy of Kazaa. Remove it, and GAIN should go too. If you really have to use a p2p client, go for KazaaLite, which has no adware.
I general, I found it useful to use System Mechanic to find all the adware references in startup and delete them. You'll recognise them straight away. Also delete the CMEII drawer.
-
What's more annoying, is that you combat one annoyance (pop-up ads, programs installing behind your back, etc), and another one comes along:
I quite often (and they are increasing in number at a fair rate), get Microsoft Networking broadcast messages (advertising "pr0n" and "warez") showing on my screen on this 2000 box. I have no need to receive them at all, so disabling them completely would do the trick. Trouble is, I have no idea how to do this. I'm tempted to stop the Messenger service but am reluctant to do so in case it breaks something else. Might give it a try anyway... those messages are really starting to irritate me.
Sooner I get an AmigaOne and a decent web browser for it (even if I have to boot into Linux to use Mozilla), the better.
Chris
-
LOL Golly.
NO way am i installing windows.
Check this out.
http://www.hevanet.com/peace/microsoft.htm
-
chris wrote:
I quite often (and they are increasing in number at a fair rate), get Microsoft Networking broadcast messages (advertising "pr0n" and "warez") showing on my screen on this 2000 box. I have no need to receive them at all, so disabling them completely would do the trick. Trouble is, I have no idea how to do this. I'm tempted to stop the Messenger service but am reluctant to do so in case it breaks something else. Might give it a try anyway... those messages are really starting to irritate me.
I got this (http://hjem.get2net.dk/doomski/ARGH!.jpg) which I suspect is the same as what you are talking about ('Tjenesten Messenger' means Messenger Service). I posted about it here and got some kind advice (along with alot of mocking :-D).
I disabled the following services:
Messenger service
TCP/IP NetBIOS Helper Service
And guess what, they haven't been back since.
And I haven't noticed anything breaking as a result of this, so unless you are certain you need these services, I think it's safe to disable them.
-
That's definitely ONE excellent reason to stay away from the Windows-platform! No way i am installing Windows in my system either! Then Linux makes sense.. :-)
-
There is this great little program who removes this kind of crap.
It's called Ad-aware.
:-)
-
Ouch!
1) Install ZoneAlarm - it's free! Set Internet security to High and manually allow/disallow programs in (obviously) and OUT! Deny anything OUT that you don't expect to go out (Word wants to go online? wtf!? F**k off!)
2) Latest Ad-Aware as others have said, use RefUpdate to keep config database current.
3) Use anything other than M$ software, for everything! MP3 - WinAmp, web/mail NS7.01 or Opera 7.01 More secure, faster.
4) Block popup ads - Opera7.01 and NS7.01 do this automatically if you choose.
5) Block banner ads - AdFree. Note to Wayne, it only blocks common generic servers, not amiga.org ads, honest! :-)
6) Never submit even your e-mail address to any form online unless you TRUST the site. Have 2 e-mail accounts, 1 on PC for trusted/friends. 1 webmail for signing up to stuff.
7) Put this in your Autoexec.bat
regsvr32.exe -u regwizc.dll
8)Use RegCleaner (NOT the M$ similarly named one) to clean/remove stuff from the registry or use regedit and remove stuff (use the above if you're unsure)
9)Do the other million things you need to to get a workable, secure Winbloat system on your Piece of Crap! 8-O
-
Oh yeah - AVG Antivirus - it's free!
-
Blaming Windows when clearly the user is at fault, totally pathetic
-
I downloaded and used AdAware...
It found 44 adware files/executables.
All of them were Gator or WebHancer modules.
Suffice it to say... its gone now!
Cheers,
AndyC
-
@Paul_Gadd
Blaming Windows when clearly the user is at fault, totally pathetic
I agree, wanting to install only programs they expect? Silly users. LOL!
-
No such problems using Safari on OS X. :-D
Apart from extremely slow text scrolling. :-(
-
wanting to install only programs they expect?
No it is the STUPID USERS who do not read the Disclaimer in software which clearly says it installs additional software which may collect personal info, monitor surfing, serve ads etc,
Dont install/support software with spyware.
-
As well as AdAwareuse SpyBot Search And Destroy.
Available here: http://spybot.eon.net.au/ (http://spybot.eon.net.au/)
It is more thorough and catches out what AdAware misses.
I agree security through obscurity is beneficial but not everyone can give up windows and go non-mainstream.
-
Paul_Gadd wrote:
wanting to install only programs they expect?
No it is the STUPID USERS who do not read the Disclaimer in software which clearly says it installs additional software which may collect personal info, monitor surfing, serve ads etc,
Dont install/support software with spyware.
I have to disagree with you there. There are security vulnerabilities in Microsoft software that allow dubious webmasters
to install software on your computer without your knowledge just by visiting their websites.
Turning off ActiveX helps but you really need to to get the patches from MS aswell as
install protection software to monitor such activities.
-
Blomberg wrote:
I got this (http://hjem.get2net.dk/doomski/ARGH!.jpg) which I suspect is the same as what you are talking about ('Tjenesten Messenger' means Messenger Service). I posted about it here and got some kind advice (along with alot of mocking :-D).
I disabled the following services:
Messenger service
TCP/IP NetBIOS Helper Service
And guess what, they haven't been back since.
And I haven't noticed anything breaking as a result of this, so unless you are certain you need these services, I think it's safe to disable them.
I've disabled Messenger already, so I'll get rid of NetBIOS TCP/IP helper as well.... gone. Hopefully that will stop them, thanks.
Chris
-
@Paul_Gadd
No it is the STUPID USERS who do not read the Disclaimer in software which clearly says it installs additional software which may collect personal info, monitor surfing, serve ads etc,
This isn't always the case. Run Ad-Aware or similar routinely and you will find spy software or components which have apparently magically appeared, such as the component that is installed with IE. Similarly (although technically not the same issue) I object to applications connecting across the net without me EXPLICITLY telling them to (especially when the other end of the connection has root access via some EULA or as a built-in feature of XP). After you set up a good firewall, all and sundry wants to connect to send "something", "somewhere". I have known friends find utility software which was seemingly routinely sending packets to an unkown IP.
The issues with XP are more worrying however (although again technically a similar not identical issue). They are enabling official methods whereby a software firewall can be bypassed! WTF!? EULAS stating "give us *root* access or you can't run this" are despicable. Bargaining desire for new features versus your security! It seems to me M$ may be (allegedly :-) ) either sifting data insidiously or attempting to update the OS "behind your back" so they don't suffer the humiliation of endless "public" security disclosures. i.e. if we can update stuff sneakily it won't seem sh*t.
Isn't this approach preferable: buy RedHat, sign up for RedHat Network. THEY send you security bulletins and say "hey, come get the updates". Open. Honest. More broadly, the M$ method: as secure as a sponge until you switch more and more things off versus the linux approach: as tight as a gnat's chuff and you allow extra features as and when. If the tightness of said gnat's chuff is compromised, THEY tell YOU and the problem is fixed ASAP.
-
Dont install/support software with spyware.
That's correct. Whatever you do, don't install Windows! :-P
-
I am on about programs which tells the user it contains spyware but the users just ignores it and installs anyway, weeks later they remove the software but spyware is lett behind then more weeks go by then the #### hits the fan and the user blaims Windows.
-
@Paul_Gadd
I am on about programs which tells the user it contains spyware but the users just ignores it and installs anyway, weeks later they remove the software but spyware is lett behind then more weeks go by then the #### hits the fan and the user blaims Windows.
Well, that's fair enough if it IS clearly stated rather than obscurely worded or hidden.
I think the problem will become more pernicious in time however as such things are hidden sneakily inside half-a-dozen page EULAs or "by default" as a "feature". One to watch I think. In fact THIS is the very reason I decided maybe about a year ago to learn to be technically proficient with linux (still ongoing ). I think the time will come where Windows (and in this case I do mean the OS Windows, not just spyware enabled apps) will not be inherently secure as in you control your own bleedin' machine unless you have a hardware firewall! Imagine this too... using the "bargain features versus security" tactic, suppose M$ eventually "oh so surprisingly" phase out the ability to connect to a server yourself for updates in favour of the "superior" let-us-do-it-for-you-and-give-us-root-access(tee-hee) method. In other words, use our automatic methods or nothing, what then?
For me, linux or AmigaOS or I think (maybe the new OS from Sony/Toshiba/IBM(?) will be good)...
-
If you're going to use the most popular operating system available, then you have to expect the kind of negative attention it gets from hackers, virus writers and dodgy software writers.
If AmigaOS was as popular as Windows, do you think everything would be perfect, no problems like that at all?
Yes, there are aspects about MS's software design that leave a lot to be desired, and that doesn't help things.
But generally, you're responsible for the software you install on your system, if you're not paying attention you'll get screwed. Simple as that.
-
I had the same experience and an added feature when installing Getright on my bro-inlaws Thinkpad it literally froze the computer, the keyboard was inoperable after the install and had to do a hard shut down.
When installing s/w only install the program not the addons such as Gator as they task your sanity.
If your brave use Regedit [ms] and RegCleaner to rid the said annoying programs. I've used SystemMechanic w/little help but that depends on the user. Also don't go crazy w/the Registry.
Isn't the Amiga so much easier to deal with.
-
I hate it when Outlook Express crashes all because I want to view my mail.
I hate it when for some bizarre reason Internet Explorer crashes when I surf Microsoft's website (yes it does really happen)!
AND I HATE THAT GODDAMN WINDOWS REGISRY PROGRAM!!!!!! GRRRRRRRRRR
Bodie :pissed: :flame: > Windows Registry program.
-
I use Windows for two things: the occational game, and to
run my Canon scanner. After having scanned the image I
quickly move it over to Linux (Gimp) and/or the Amiga
(DPaintV/PPaint :-D) to actually do work on it. I try to limit
my time in Windows as much as possible - when using it I
have that gnawing and unnerving feeling that "something
is going to go very wrong, any time now"...
Everything I want to do with my computer can be
accomplished with my Amiga/Linux combo. The ultimate
solution (for me) would be to set up a skeleton Windows
install (is that even possible?), skip all the superfluous
OS-stuff and use it only to get access to the latest
drivers/hardware (I could really do without the games too,
if it came to that...).
.
SlimJim
-
Go get the Macscan (public beta) for free it searches your HD for spyware and allows you to delete it. Appartently I have no spyware on either of my partitions could be something to do with the fact I don't use Instant Messagers. (No use for them myself.)
http://macscan.securemac.com/
However the sinic in me thinks all these free spyware betas may be a cheeky way to give people a false sense of security.
Although on the forum I originally got this from many were amazed to find they had 3 or 4 spyware progs on there HD.
-
Fresh install of internet explorer 6 (maybe also 5) will ad an Alexa registry key which adaware considers spyware. I dont know what it does though.
-
"Alexa integrates seamlessly into your Internet Explorer browser and updates with site-specific information as you surf."
Spyware,
To see if it is installed click TOOLS in IE and see of Alexa is in the menu.
-
Blomberg: I got this which I suspect is the same as what you are talking about ('Tjenesten Messenger' means Messenger Service).
This is not totally the fault of Windows. I recall getting a "Messenger Service" pop-up just like yours on my system at work. The machine was freshly re-installed with only Windows 2000 and our DSL software. Nothing else. I tracked down the proram causing the pop-ups, and it turned out to be the PPPoE client, which is what the computer needs to talk to the DSL modem!!!
When I called our DSL provider about the program and the pop-ups, they insisted that since the pop-ups had "Messenger Service" in the title bar, it was probably some kind of Instant Messenger clone running in the backgroud, and it had NOTHING to do with their DSL client. We pay $60 a month for DSL, and they force ads on us, and expect us to believe that it's someone else's spamware causing the problem. I am 100% certain beyond a shade of a doubt that their software was causing the pop-ups.
I bought a router to share our DSL connection with the other computers, which has its own PPPoE client in hardware. I de-installed our DSL software, set up the router, and... VIOLA! All pop-ups disappeared! I am NOT happy with our DSL provider, and I intend to track down some kind of proof to get them to stop this. It's hard, though. Windows does a crappy job telling you what programs are doing what on your system.
Who's at fault here? The DSL guys, Windows, or us (for putting up with this crap?)...
Frankly, it's everyone's fault. Windows should provide a more robust program tracker that lets users know what messages and windows belong to what program, and exactly how each program was launched at how it was installed. Also, it should not be possible to launch a program from the registry. Only the "Startup" folder or a batch file should allow direct execution of programs. Windows has multiple startup folders to launch programs on startup, making it very hard to disable spamware. It should also be possible to "quarantine" programs, so they can't read or write anywhere except their installation directory, regardless of your account security settings. That could really help track down problem programs. Of course, Microsoft has a vested interest NOT to do these things, since the spammer market is a huge market, indeed.
The software developers are at fault for inventing all this crap to begin with. I mean, how can any company just take over your computer, and bury a cryptic liability release in their UELA? Freeware programs now have UELAs that span 20 pages or more of legal gibberish! Hell, even commercial programs are doing it. Even if you PAY for your software, they still spam you with ads. I was paying $30 for a subscription to NASCAR.com to see RealPlayer movies, and they STILL put 30 second ads in front of every movie! Needless to say, I canceled my subscripiton in a hurry.
Which leads to the last point: users don't complain. For pop-ups, only the OS can tell you what programs are causing trouble, and that's the fault of Windows. But, people are incrasingly forgiving towards programs that are obviously selling out. When you pay for a program, and it still has a 10 second nag screen, you have a moral obligation to return the software. A lot of people don't bother, especially when you can get a crack or something, ensuring that only the "legal" users have to deal with all this bull****.
Helgis75: No way i am installing Windows in my system either!
I doubt AmigaOS is immune to this crap.
My only real beef with Windows is all the ActiveX controls. If you turn them off, you can't view a lot of websites. If you put them on "Prompt", you'll get a nag box every time an ActiveX control is launched (you might get multiple nags per website, and you can't tell WHAT ActiveX controls will be launched). ActiveX is a real pain in the ActiveAss!
Paul_Gadd: Blaming Windows when clearly the user is at fault, totally pathetic
People who run .exe files they get in their e-mail deserve to get bombed by viruses. The trouble is, not everyone knows how many executable programs and scripting systems there are out there. Executables also have file extensions like ".ocx" and ".msc", for example. I know an OCX file is an ActiveX program, but I don't know what an MSC file is (other than an executable). Also, remember that bug in Outlook Express that autoatically ran Visual Basic scripts that could run program content? It's crazy. You don't even have to run attachments. Just LOOKING at your e-mail is enough to infect a bugged up system!
Paul_Gadd: Dont install/support software with spyware.
Provided the software can actually BE installed. lots of apps do "silent" installs these days. Anybody remember Comet Cursor? That would install itself on your computer via an ActiveX control, and would not put a UELA on the screen until it was already installed and ACTIVE. Basicly, it would install itself without permission, and then congratulate you for "choosing" to install the software.
This was before Microsoft introduced a more reliable version of Install on Demand. Things like Comet Cursor are more rare these days, but they still happen, and spyware developers are constantly looking for new ways to get around the security filters and run without any notification.
Not to mention all the programs that are launched by other programs. Let's suppose you install GreatPaintProgram.exe from a commercial company, which also installs SuperWare.exe. In the UELA, it only says, "allow GreatPaintProgram and our affiliates..." Not terribly specific, is it?
Every time you launch GreatPaintProgram.exe, it launches SuperWare.exe in the background, and then configures itself to run at startup and mask itself in the registry so you don't konw it's installed. You delete GreatPaintProgram because it sucks, and SuperWare is still installed. All the while, SuperWare runs on your system, hidden, launching, installing, and spying. It's a pretty complex problem with too many leads to track down. Also, this assumes that all this crap is LEGAL. Even reputable developers get caught with their pants down once in a while.
It sucks, but everyone is at fault. So long as it's profitable, it's not going to stop, and carefully reading all your UELAs may not be enough.
I really wish Windows had a "quarantine" feature. I hope a future AmigaOS does, but I doubt it will. Almost nobody offers that kind of feature in their OS (at least that I know of).
-
I also like to use Norton Systemsworks clean sweep "smart sweep" when installing software.. it helps when you want to uninstall software that you install on windows but don't like. Its not perfect, but its does the job most of the time.
I hope Norton adds spyware removal tools...
(Maybe the people who write virus-scanning software and hard drive system tools should get together and put together a commercial product suite like Norton Systemworks. I'd buy it. Good idea?)
-
Alkemyst advised:
NO way am i installing windows.
Check this out.
http://www.hevanet.com/peace/microsoft.htm (http://www.hevanet.com/peace/microsoft.htm)
;-) After reading the link provided by Alkemyst, I downloaded and installed Mozilla and am using it now. So far, it works just fine.
:-? (Although the radio buttons look a little weird...)
-
I run Pest Patrol.
Here's the latest scan report that I've just run....
Date: Feb-09-2003 12:28:26
User Name: Paull ****** Hovell
Volume Name: System
File System Name: NTFS
Volume Serial No: 6836*****
Windows Version: Microsoft Windows 2000 5.0.2195 Service Pack 2
System Root: C:\WINNT
Windows Registered Owner: Paull ****** Hovell
PestPatrol Version: Mar-1-2002
PestPatrol.DAT Version: Apr-12-2002
Scanning for: 33,235 pests in 9,066 families.
Auto Check for Spyware and Active Pests: Checked files in or referenced by 23 auto start areas of the registry, ini files, batch files, and directories, and checked for active spyware.
Registry Entries Checked: 178
Startup Files Scanned: 14
Startup Bytes Scanned: 1,594,067
Elapsed Time: 0.06 seconds
File Areas Selected for Scanning:
-
- C:\
- C:\Documents and Settings\Paull ****** Hovell\Desktop
Pest Found: CoreMetrics Spyware
Found In File: C:\Documents and Settings\Paull ****** Hovell\Cookies\paull ****** hovell@data.coremetrics[2].txt
PVT: -1319254059
MD5: a102554fc0a1c1d509e6e0bf75094c9a
Threat: This file appears to be a cookie, and might compromise your privacy when you invoke your browser.
Action: paull ****** hovell@data.coremetrics[2].txt deleted at user request.
Pest Found: DoubleClick Spyware
Found In File: C:\Documents and Settings\Paull ****** Hovell\Cookies\paull ****** hovell@doubleclick[1].txt
PVT: 1765853651
MD5: 6f673dee877df011e899fd5b460ea7f5
Threat: This file appears to be a cookie, and might compromise your privacy when you invoke your browser.
Action: paull ****** hovell@doubleclick[1].txt deleted at user request.
Pest Found: Engage Spyware
Found In File: C:\Documents and Settings\Paull ****** Hovell\Cookies\paull ****** hovell@engage.everyone[1].txt
PVT: -871291242
MD5: 36bf5597225bb4ace3ef2232329c499a
Threat: This file appears to be a cookie, and might compromise your privacy when you invoke your browser.
Action: paull ****** hovell@engage.everyone[1].txt deleted at user request.
Pest Found: WebTrends Spyware
Found In File: C:\Documents and Settings\Paull ****** Hovell\Cookies\paull ****** hovell@statse.webtrendslive[1].txt
PVT: -1141766515
MD5: 4bc4a7f586bb485ec5f79394d6ad1472
Threat: This file appears to be a cookie, and might compromise your privacy when you invoke your browser.
Action: paull ****** hovell@statse.webtrendslive[1].txt deleted at user request.
Pest Found: ValueClick Spyware
Found In File: C:\Documents and Settings\Paull ****** Hovell\Cookies\paull ****** hovell@valueclick[1].txt
PVT: 681580327
MD5: 41179ad158ea991436958641485db5e8
Threat: This file appears to be a cookie, and might compromise your privacy when you invoke your browser.
Action: paull ****** hovell@valueclick[1].txt deleted at user request.
Summary:
Files in Selected Area: 54,428
Files Scanned within Archives: 535
Total Files Scanned: 30,094
Bytes Scanned: 4,294,967,275
Elapsed Time: 354.41 seconds
Pests This Scan: 5
Scanned 30,094 files and 4,294,967,275 bytes at a rate of 121,186 bytes per second using Patent-Pending DeepSearch Technology.
@ Paul Gadd.... I.E 6 tools.. Net2Phone? WTF is that ??
-
http://www.hevanet.com/peace/microsoft.htm
While I agree with some of what the article has to say, there is a lot of FUD in it. The problem is with an article like this is that the content is so dependent on the writer's opinion of what is considered acceptable behaviour.
At the end of the day, if I were to write a similiar article, it would be very short:
"Microsoft is interested in providing functionality over security. If you value your privacy on your computer as much as most people do over anything that goes on in their home, then you have to seriously consider your choice to use MS software, and if you choose to use MS software, you have to keep on top of the latest security news on it, and read EULAs very carefully. Microsoft are interested in their increased income, not your privacy."
Having said that, the number of companies that want to do 'the right thing' when a potential conflict of interest between that and their income comes into view, are becoming few and far between.
-
- Get rid of Kazaa. You can use without any problem Kazza Lite.
- Run Ad-Aware once a day. You will see that after Ad--Aware you will not be able to run Kazaa because it's missing some components!
- Don't use M$ programs. For example, use Mozilla for browsing, IRC & e-mails and Winamp for music and videos (or ashampoo).
- If anyone can't find kazaaLite (it's veeeery good), I can send it to him. I couldn't find it at Kazaa and I found it at WinMX!
-
For example, use Mozilla for browsing
I've got a bit of a horror story about IE5. It was running on Win ME, and I'd noticed that the hard drive was very full, and that there was something huge in the Windows directory. I eventually traced it to Temporary Internet Files, but after "clearing" it, the directory was "empty", but still tool up loads of space.
Eventually, I found an article about how M$ can make files really hidden (not just hidden). I had to go to a DOS prompt and follow through some really complex instructions to wipe of a huge amount of stuff that had been left on. There was also a text file, containing every web page i'd ever been on.
That's why I don't use IE!
-
screw XP anyway...sure its better then 98...but 2K is just as stable if not more...and dosent have all the BS..
-
Agrees with Mips !!
-
screw XP anyway...sure its better then 98...but 2K is just as stable if not more...and dosent have all the BS.
True
-
thanks to google newsgroups i now have adaware 6 pro its much better than previous versions . :-)
-
i also sugest you try opera 7 web browser download free version it is less trouble than ieand 7 i have no problem with sites not yet anyway
-
thanks to google newsgroups i now have adaware 6 pro its much better than previous versions . :-)
-
"Do not attempt to adjust your WindowsXP PC.
We will control all that you see and hear.
We repeat- there is nothing wrong with your WindowsXP PC ....."
Inner voice (http://www.innermind.com/outerlimits/sounds/oolsnds/o_voice.wav)
:-?
-
@alx
I had to do the same when I was running Win98, now that I've installed Win2K, I'll have to do it again. Even though we don't use IE, it's a good idea to make these drawers visible so you can keep an eye on them.
We've got 2 accounts so, it's not quite as easy as it says here (http://www.fuckmicrosoft.com/content/ms-hidden-files.shtml) (we've to look in the seperate accounts in the "documents and settings" aswell).
Since discovering that article, I've used K-Meleon, Mozilla and Netscape. I'll never use IE again.
-
alx announced:
...Eventually, I found an article about how M$ can make files really hidden (not just hidden). I had to go to a DOS prompt and follow through some really complex instructions to wipe of a huge amount of stuff that had been left on. There was also a text file, containing every web page i'd ever been on.
:-? I've noticed that with Windows NT, the VNC server will allow my A4000 to see files on the PC that are hidden even from the PCs Administrator login.
;-) Correction: it' not VNC that allows this, it's Samba.
-
The Outer Limits...
So Kewl !!