Quickdraw yes I uninstalled it and the game I had downloaded but I just restored it trying to fix it.

The agreement to their settlement with the FTC was that it would uninstall simply through the Add/Remove Hardware - obviously, this is not the case for me + they fucked my connections.

I 'service' friends and family's pc's every month..funny and sad at the same time.

I'm sorry, I thought you were talking about the codec exploits

The codec deals are more difficult because they don't even try to be nice. Their entire intent is to create zombies to do their work. They certainly aren't going to put that in the infobar to show what they are.

I think that if a large number of adult sites suddenly started to refuse people with these products installed, that there would be a big change. Right now, there isn't a big push either way.

Let's say the hun, freeones, and a few other larger sites suddenly declined that traffic or at least popped up something on every page. I think you would see an increase in uninstalls as a result.

A few people around here would be very sad, they would lose traffic and income as a result.

I did some digging and found a cool javascript tool: http://www.doxdesk.com/software/js/parasite.html

Basically it checks for spyware then alerts the user if he/she is infected. But the list hasn't been updated since 2005 :disgust

We put up a HTaccess like 2 months ago and if someone with Zango enters our mainpage it shows a bar on top of the page saying that spyware was detected etc. Maybe its to small to have an impact but we are very aware of the problems.

I must have misunderstood too then - yes I uninstalled the codec too but I do have it on that computer in a zipped file

Hey Zeus. I found the same thing yesterday. It's a shame it's 2 years old

Got my old laptop out, zango ready. I'll add some new entries to the js file and see if it works. I'll keep you guys posted.

Crazy shit Shap

50 Zango mutherfuckers!

Wow, alot of traffic has spyware and it seems to be increasing.

Not good.

:(

Them damn Zango banners are everywhere too. Specially on free games sites and they have some very alluring banner ads for game sites, not quite pornographic but deffinatly better chubby spank it material than I had as a kid and my mom had Vogue in the house.

Yet you promote zango to other webmasters.

Not good.

wow, very interesting stats

Those are insane numbers. This is a lot to process.

Brad

I cannot believe you actually had the nerve to post links on spywarefreaks to iDownload.com(quickbuck) products? Yeah, everyone needs even more exploits on their system.

VirushunterPDF, registrydefender / winfixer, pcvirusless is another rogue and part of the cws group

Quickdraw can you hit me up please?

Thanks

I checked our logs over a 72 hour period and these are the results I got:

zango 0.9%
seekmo 0.25%
hbtools 0.05%
funweb 2%
megaupload 1.7%

Not exactly sure what megauplod is, but when I visit their site I see they offer the MegaToolbar which sets off a red flag.
This is just from the raw logs. I am going to try to filter it down to just the main entry pages and see if the numers change.

DAMN IT. I hadn't checked megaupload

I'm seeing 1% with megaupload

OK really stupid question. How do I check the traffic for these?

I just stripped down my logs and only ran results for our top 3 traffic entry pages and the numbers were about 0.4% overall higher than what I listed above. Fuckers.

You can search your server logs.

Thanks Zebra

Fuck off and die!

I had no idea it was as high as 20%. :(

This is what we have so far.

funweb 2.85 %
megaupload 0.62 %
Zango 0.51 %
Seekmo 0.39 %
peoplepal 0.28 %
hbtools 0.22 %
hotbar 0.20 %


IM not happy at all.

You can bet that a large portion of these guys that have any of the zango family installed, also have a variation of the zlob or codec exploit as well since Zango is popping windows to places like adultdvds1.com/teen.html (visit at your own risk)

For every person that has the zlob installed, you are losing them in your organic search engine listings as well. Surfers with these codecs get their search engine results redirected to a multitude of PPC engines.

everyone should be reminded of the fact that its not "spyware" according to the FTC. so, trying to hurt their business by mischaracterizing what the software is, opens you up to civil liability.

**my post disappeared**
but wanted to add that it's a multitude of PPC engines...OR...fake TGPS/MGPS that redirect the traffic for trades of legit traffic and then ultimately resold to a traffic broker.

This thread is depressing.

I think a lot of us have surpassed the depressed part - the good thing is that finally others are taking notice. In th past 2+ years, I'd love to know how much all these companies have taken from the adult industry. I say 2+ years cuz it's around the time that the US got rid of gambling online that they replaced that income with going after adult agressively.

Sadly we will most likely find out, that this company is owned by one of our very own high rollers.

I think this could be further refined, because it's counting raw hits rather than uniques. A surfer who goes through as many FHGs as he can find and grabs 100 videos/500 images will push up the total even though his spyware 'value' is the same as a surfer who views a single hotlinked image on a forum.

Something like this would probably work better:

first, count the total number of unique IPs in your log:
cat /path/to/access_log | awk '{print $1}' | sort -u | wc -l

then for each spyware name find the number of unique IPs that reference it:
grep -ci "seekmo" /path/to/access_log | awk '{print $1}' | sort -u | wc -l

This won't work so well for logs spanning several days because the concept of a "unique" IP gets a bit blurry with different IPs being assigned as people reconnect but it will probably still be more accurate than just counting raws.

BTW the above assumes that the user-agent is actually logged... AFAIK the default Apache setup doesn't do this.

Oops, drop the "-c"

grep -i "seekmo" /path/to/access_log | awk '{print $1}' | sort -u | wc -l

Here are my stats based on unique IPs as per the above suggestion

Total measured: 196,030 uniques

seekmo: 870 (0.44%)
zango: 878 (0.45%)
hotbar: 259 (0.13%)
funweb: 4518 (2.32%)
megaupload: 1204 (0.61%)
peoplepal: 462 (0.24%)
hbtools: 418 (0.21%)

Does funweb do those smiley banners that laugh (both visibly and audibly) when you mouseover them?

Those are insane numbers. :(

Funweb sure gets around.

I assume most of you guys are checking your logs where the traffic is from a variety of sources like tgp's etc..

Anyone have a strictly SE driven site they can get stats on?

insane numbers. .thanks for sharing.

One other thing I should mention, it's also invalid to sum the total of the individual results (eg hotbar+zango+... = 19%) because some people will have more than one installed. :)

Example:

"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322; HbTools 4.8.7; Zango 10.0.275.0; Seekmo 10.0.341.0)"