Results 1 to 2 of 2
  1. #1
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    see .. http://www.doxdesk.com/parasite/
    ‘Parasite’ is a shorthand term for “unsolicited commercial software” — that is, a program that gets installed on your computer which you never asked for, and which does something you probably don’t want it to, for someone else’s profit.

    The parasite problem has grown enormously recently, and many millions of computers are affected. Unsolicited commercial software can typically:

    plague you with unwanted advertising (‘adware’);
    watch everything you do on-line and send information back to marketing companies (‘spyware’);
    add advertising links to web pages, for which the author does not get paid, and redirect the payments from affiliate-fee schemes to the makers of the software (such software is sometimes called ‘scumware’);
    set browser home page and search settings to point to the makers’ sites (generally loaded with advertising), and prevent you changing it back (‘homepage hijackers’);
    make your modem (analogue or ISDN) call premium-rate phone numbers (‘diallers’);
    leave security holes allowing the makers of the software — or, in particularly bad cases, anyone at all — to download and run software on your machine;
    degrade system performance and cause errors thanks to being badly-written;
    provide no uninstall feature, and put its code in unexpected and hidden place to make it difficult to remove.
    All the parasites I currently know about are only compatible with Windows, and some only affect the Internet Explorer browser. The script on this site — when it is run in IE for Windows — can detect many of them. But not all, for tedious technical reasons.

    Where do they come from?
    There are three major ways unsolicited commercial software can make its way on to your machine:

    Some freeware programs are ‘bundled’ with parasites, which are installed at the same time. The P2P file-sharing programs are notorious for this; in particular, iMesh, Grokster and KaZaA come with numerous unwanted add-ons*.

    Often if you are careful to read the small print when you install the software it will warn you about this, and it is sometimes possible to opt out. So always skim the licence agreement when you install and don’t just click Next-Next-Next... but you still can’t be sure they’ll tell you.

    Many parasites load using Internet Explorer’s ActiveX installation option. When a web page includes a link to an ActiveX program, a window will appear asking the user wishes to execute it. If ‘Yes’ is clicked (or if IE security settings are set lower than normal so that it never even asks*), the software is allowed to run and can do anything at all it likes on our computer, including installing parasites.

    For this reason, you should never click ‘Yes’ to a “Do you wish to download and install...” prompt unless you are 100% sure you trust the publisher of the software, which might not be the publisher of the web site you are viewed — read the dialogue box very carefully.

    Sometimes sites (or pop-up ads) try to fool you into clicking ‘Yes’ by stating that the software is necessary to view the site, or opening endless error windows if you click ‘No’, or claiming that the digital certificate on the code means it is safe. It means no such thing. ‘Microsoft Authenticode’ means only that the company that wrote the software is the same as the company whose name appears on the download prompt, nothing more.

    Some of the really sleazy parasites, particularly homepage-hijackers and diallers, execute by exploiting security holes in Internet Explorer, ways of getting code to run that are not supposed to be possible, but are due to mistakes in the browser.

    http://www.doxdesk.com/parasite/

    Charlie ...

    If they won't adopt and feed a bird ..flip them one! BBQ some Gator and remember to flush WhenU..

  2. #2
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Some Adware gets flagged as a true computer virus by McAfee. Wonder if the networks have endorsed TellaFriend.com and ZeroPopup as Merchant Dupers.

    http://vil.nai.com/vil/content/v_100063.htm

    This trojan uses "viral" marketing techniques to send an email message to all contacts found in the Windows Address Book and Eudora Address Book. This action is considered to be that of a trojan as the user does not have sufficient opportunity to agree to the End User License Agreement (EULA) displayed on the web page associated with this trojan installer.
    A link to the web page containing an installer for this trojan may arrive in an email message as follows:

    Subject: Hi, i think you need this
    Body:

    Do you hate POPUPS ?? well i just installed this free Zero POPUP toolbar on my browser, it kills ALL popup ads and best of all it's FREE !
    Download it from here http://www.zeropopup.com (its a 10 seconds download with a 56k modem)

    I hope you'll like it alot, it also has good rating on CNET download.com

    Bye

    When a user clicks the hyperlink specified in the email message, they are taken to a web page that contains an ActiveX control. This control is loaded at startup, resulting in an immediate prompt:
    NOTE: This control is signed with an invalid signature:

    The tellafriend.exe file sends email messages to all addresses found in the Windows Address Book (WAB) and Eudora Address Book (nndbase.txt), using the default SMTP server as specified in the Internet Account Manager or OMI Account Manager.
    The zeropopupbar.dll file is an Internet Explorer Browser Helper Object designed to block popup ads from being displayed while web browsing. The EULA describes its other actions, which include changing the default start page, and search page of Internet Explorer.
    HIDDEN within the EULA -

    -- Each time you run the SOFTWARE PRODUCT you agree to have your IE search page set to our search engine, for the purpose of performing a web search. you may undo that anytime by uninstalling SOFTWARE PRODUCT and then restoring manualy your search page. --You also agree to have your Home Page changed to our search portal. --You agree SOFTWARE PRODUCT will email all your friends and contacts a short message with a link so they too can install SOFTWARE PRODUCT for FREE.....

    TellaFriend you infected their computer and turned them into a viral spamm machine ...


    Charlie ...

    If they won't adopt and feed a bird ..flip them one! BBQ some Gator and remember to flush WhenU..

  3. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Does Care2 Use a BHO?
    By affilio in forum Suspicious Activity!
    Replies: 7
    Last Post: February 12th, 2007, 05:05 AM
  2. Does Care2 Use a BHO?
    By affilio in forum Commission Junction - CJ
    Replies: 1
    Last Post: February 9th, 2007, 10:21 AM
  3. BHO???
    By Airstrip in forum Newbie Affiliate FAQs & Helpful Articles
    Replies: 3
    Last Post: September 12th, 2004, 08:23 PM
  4. Anyone know if this is a BHO?
    By smoothcorp_bryan in forum Suspicious Activity!
    Replies: 6
    Last Post: August 28th, 2003, 06:38 AM
  5. What's a BHO?
    By frankodelic in forum Newbie Affiliate FAQs & Helpful Articles
    Replies: 4
    Last Post: April 19th, 2003, 06:34 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •