Daddy-O à Go-Go (rpkrajewski) wrote,
Daddy-O à Go-Go
rpkrajewski

  • Mood:
  • Music:

The Last Thing I Need

OK, so maybe it wasn't exactly work-related, but did I really get what I deserved when I accepted an ActiveX control from musicmass.com ?

I was actually searching for information on the new album by Beth Gibbons and Rustin Man, and went to musicmass (but don't go there, you'll be sorry especially if you're running Windows !), since it looked like it was a legit download site with free MP3s (it didn't have cheesy ads) that artist-owned sites would delegate the downloads to. However, the ActiveX component (which I thought was just for navigation) is really just nasty spyware for lop.com/C2Media. Here are some of the things it did:

  • Installed a toolbar in IE.
  • Installed various browser "helpers" and COM components.
  • Changed the home and search pages to lop.com.
  • Installed a service that contacts a host (bdc.tdak.com), which is actually in the same domain as lop.com.
  • Changed the default DNS suffix for the machine and all its network interfaces so that any host named without a dot would use this lop.com-controlled domain (i.e., foo becomes foo.tdak.com). Then, any name in that domain would resolve back to the same host as www.lop.com, so you'd be directed there if your homepage was set to an intranet address. Or, in my case, if your Outlook server name was in the form of a single host name instead of an dotted Internet host name. EVIL !!!
With the help of Ad-Aware, the Sygate Personal Firewall, and some registry hacking, I managed to nuke all traces of this bullshit in software form from my machine, but who knows ? I'm gonna have that work PC reformatted anyway, just to make sure.
Tags: spyware, villainy, windows
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment