Heads-up to Jason & co.

[mechBgon]

Bogus ripoff "antispyware":

http://www.omnicast.net/~tmcfadden/movies/AT1.wmv

More info here: http://www.sysinternals.com/blog/2006/01/antispyware-conspiracy.html MySpywareCleaner isn't quite as pernicious as SpyAxe et al, since it will actually let itself be uninstalled without the computer equivalent of a SWAT team... but still probably not up to AnandTech's standards for what you willingly would advertise to your readers.

:beer:

 

[compuwiz1]

Whoaaaa!! :shocked:

 

[SagaLore]

I love it when you videotape this stuff. 😀 "Scareware" is a cool term, did you just make that up or have you heard it from somewhere else?

 

[JEDIYoda]

ya wanna know what the kicker is to this whole thing????
alot of us who know how to track down the spyware and maually remove it via deletion....
when you do track something down like that and delete it...it fubar`s your computer!!

Very good heads up by the way!!:thumbsup:

 

[mechBgon]

Originally posted by: SagaLore
I love it when you videotape this stuff. 😀 "Scareware" is a cool term, did you just make that up or have you heard it from somewhere else?

I appropriated the "scareware" term from Sunbelt, who also calls the perpetrators of this stuff "gutter slime" :evil: Yeah, tell it like it is, baby!

It worries me to think that these ethic-less goons are getting hold of a bunch of peoples' credit-card numbers, not just that they're ripping people off for $40-$50 apiece to "remove" fictitious dangers like MSN cookies. What do you bet they turn around and sell those CC numbers to carders later? :|

by the pricking of my thumbs
something wicked this way comes...

 

[mechBgon]

Intriguingly enough, I'm now getting Data Execution Prevention shutdowns when viewing AnandTech.com's articles:

http://pics.bbzzdd.com/users/mechBgon/DEP_SHUTDOWN.gif

Verrrrry interesting. New ad supplier or anything?

 

[fbrdphreak]

Lovely

 

[ViRGE]

Originally posted by: mechBgon
Intriguingly enough, I'm now getting Data Execution Prevention shutdowns when viewing AnandTech.com's articles:

http://pics.bbzzdd.com/users/mechBgon/DEP_SHUTDOWN.gif

Verrrrry interesting. New ad supplier or anything?

Good catch Mech, that's pretty damning indeed. How often have you been able to make the DEP problem or the evil ad come up? I haven't been able to trigger it myself.

 

[mechBgon]

Originally posted by: ViRGE

Originally posted by: mechBgon
Intriguingly enough, I'm now getting Data Execution Prevention shutdowns when viewing AnandTech.com's articles:

http://pics.bbzzdd.com/users/mechBgon/DEP_SHUTDOWN.gif

Verrrrry interesting. New ad supplier or anything?

Good catch Mech, that's pretty damning indeed. How often have you been able to make the DEP problem or the evil ad come up? I haven't been able to trigger it myself.

It was fairly repeatable. I'd get to the Celeron D page (haha, revenge of the Celerons 😛) and the browswer would lock, followed by the DEP alert.

After a while I recalled the Flash 7.x vulnerability and did a couple experiments. First I disabled Flash in IE. No more DEP shutdowns. Then I updated to Flash 8 and enabled Flash again. No more DEP shutdowns. Interesting. DEP shutdowns can occur from entirely harmless stuff, of course, so I'm not going to jump to conclusions.

Nice to see that the MySpywareCleaner ads are gone. :thumbsup:

 

[ViRGE]

Originally posted by: mechBgon

Originally posted by: ViRGE

Originally posted by: mechBgon
Intriguingly enough, I'm now getting Data Execution Prevention shutdowns when viewing AnandTech.com's articles:

http://pics.bbzzdd.com/users/mechBgon/DEP_SHUTDOWN.gif

Verrrrry interesting. New ad supplier or anything?

Good catch Mech, that's pretty damning indeed. How often have you been able to make the DEP problem or the evil ad come up? I haven't been able to trigger it myself.

It was fairly repeatable. I'd get to the Celeron D page (haha, revenge of the Celerons 😛) and the browswer would lock, followed by the DEP alert.

After a while I recalled the Flash 7.x vulnerability and did a couple experiments. First I disabled Flash in IE. No more DEP shutdowns. Then I updated to Flash 8 and enabled Flash again. No more DEP shutdowns. Interesting. DEP shutdowns can occur from entirely harmless stuff, of course, so I'm not going to jump to conclusions.

Nice to see that the MySpywareCleaner ads are gone. :thumbsup:

Ahh, good to see they've corrected it so quickly. Anyhow, I agree that there doesn't seem to be anything malicious going on. On the Celeron D page, I have only been able to make the following flash ads come up:

Zalman
Vonage
Newegg
Corsair
Intel
HP
ZZF
AMD
Crucial
HEC
Is it me or are there a lot of Flash ads on the site?

Save HEC, all the companies listed are well known, so I really doubt anything is going on. The only anomoly is that the ValueClick ad spot is sometimes blank, I don't know if this is related to the removal of the evil ad or what.

 

[mechBgon]

I spoke too soon. My computer "may be infected with spyware," and "immediate removal may be required." The advertisement said so.

:roll: ~ not this baloney again... do they think AnandTech is AOL Central or something?

 

[ViRGE]

Originally posted by: mechBgon
I spoke too soon. My computer "may be infected with spyware," and "immediate removal may be required." The advertisement said so.

:roll: ~ not this baloney again... do they think AnandTech is AOL Central or something?

They must not have purchased very many impressions, I still can't get it to come up.

On the other hand, I've finally found one of the audio-enabled Vonage ads people are always bitching about.😀

And a Vonage "scratch & win" ad where if you "win" you get a month free, even though that's the current deal listed on their own front page. Oh, and there's also an ad for a mortgage company that invites you to enter a contest to win a free month's mortgage. Now that I pay attention to some of these ads, I'm starting to find that they're getting really, really shady. This is bad mojo.

 

[mechBgon]

Just to help keep tabs on this, I got a DEP shutdown of Internet Explorer at home, as well as at work. The Celeron D page again, why am I not surprised... 😉 It took me about three trips through the CPU-pricing article to get a DEP shutdown this time.

http://pics.bbzzdd.com/users/mechBgon/CELERONS_ARE_EVIL.gif

And I saw one more MySpywareCleaner ad. Then there is the mystical completely-transparent ValueClick invisible advertisement. Why one marketing outfit would buy ads from another, and then make them invisible ads... 😕

< Spock > It is not logical, Captain. < / Spock >


/me will have to contemplate the meaning of all this over a circular food module and some coffee

 

[ViRGE]

Originally posted by: mechBgon
Just to help keep tabs on this, I got a DEP shutdown of Internet Explorer at home, as well as at work. The Celeron D page again, why am I not surprised... 😉 It took me about three trips through the CPU-pricing article to get a DEP shutdown this time.

http://pics.bbzzdd.com/users/mechBgon/CELERONS_ARE_EVIL.gif

And I saw one more MySpywareCleaner ad. Then there is the mystical completely-transparent ValueClick invisible advertisement. Why one marketing outfit would buy ads from another, and then make them invisible ads... 😕

< Spock > It is not logical, Captain. < / Spock >


/me will have to contemplate the meaning of all this over a circular food module and some coffee

*tosses Mech some pizza and doughnuts*

Shall we call it a stakeout?😉

 

[gsellis]

Originally posted by: SagaLore
I love it when you videotape this stuff. 😀 "Scareware" is a cool term, did you just make that up or have you heard it from somewhere else?

You too can "videotape" it. Windows Media Encoder has a screen capture capability that will allow you to capture what is currently on the screen. You can set resolution accordingly (and is somewhat dependent on the recording machine).