Grokster Sending Executables

[JackSpratts]

UPDATE:

Through a combination of good advice from NU, hard work and sheer luck (mostly luck - sysrestore did the heavy lifting, I made the window by minutes), I got the junk out and managed to keep my data in the process. Big relief that, and no thanks to fastrack.

- js.

[twinspan]

now that I think more about it, I remember getting a prompt to install 'moviedownload' or something like that (I clicked more info; they were offering stuff like Late Night Bikinis and Police Videos).

This was another time when I had MS IE's internet zone security lower than usual... and was NOT running IE when the prompt appeared.

Now that I've started browsing with Opera, I realise that download dialog boxes seem to be browser-specific: Opera & IE d/l prompts are different, and this was definitely an IE prompt box. And it never happened neither before nor after playing with IE's Internet Options security levels.

So even tho Grok seems to try this stuff on its own (even when IE itself isn't running), those settings do seem to affect its ability to auto-install stuff or do pop-ups etc, and I have never had an .exe self-install via Grok, just the one prompt.

(I went frigging paranoid today and checked with MSconfig and RegCleaner and Magellan [Windows Explorer for some reason refuses to show me most of the contents of Temporary Internet Files\ IE 5.5 Content] and all my logs; it's definitely clean from Grok-caused stuff.)

[thegame412]

Is it safe to be on the fastrack network using the ads free programs such as kazaa lite and imorpheus? I'm currently using bearshare and winmx because I don't want to use fastrack after what happened. Is it safe to use kazaa lite or imorpheus? Thanks.

[JackSpratts]

tough call. in my opinion it's the best p2p ever created. but it's totally compromised by it's vendors. for those unable or unwilling to recognize or deal with the consequences i say no, stay off the network, it is dangerous. very. you could lose all your data when forced to do a restore. for more advanced computer users who may not be all that familiar with fasttrack i give them the info and it's their call.

the info as i see it simple. the fastrack network, as good as it is, cannot be trusted. it allows "advertising pop-ups" that are really executable trojans that hide their loading buttons under "close" gifs and when installed are immune to ad-aware or thecleaner (i know this from first hand experience). it is filled with spyware. it has a very strange and very hidden 2nd network that does who knows what and is who knows how vulnerable to attack.

if you're compromised in any way from using the system you will get no help at all from the managers.

but there are other sharing programs almost as good (better even in some respects) and that have none of these particular vulnerabilities, and that have hundreds of thousands of satisfied users sharing gigs and gigs of data, that make using fasttrack almost unnecessary. so fastrack can and is avoided everyday by millions of file sharers who spend none of the time or effort making sure they’re defended every minute of every day ad infinitum. they just get on, up/down load and get off.

yes, it’s great.

yes it’s evil.

no, it’s not required.

Your Call.

- js.

[colinmacc]

I think KazaaLite and the French IMorpheus should be safer than regular Kazaa, because these installations don't appear to include the CloudLoad.DAT, which it has been speculated on other forums that this is the way FastTrack loads all this scumware.

[BuzzB2K]

That's a theory, however, I don't believe Grokster had CloudLoad and it (Grokster) is the one that started downloading the "downloadware" and "movienetworks" junk...

It may help block BDE, but only time will tell. I have seen some on other forums who think they got BDE downloaded on their computer, and they were using Grokster...

[colinmacc]

You're right, Grokster doesn't have CloudLoad either.

[JackSpratts]

Web surfers brace for pop-up downloads

By Stefanie Olsen
Staff Writer, CNET News.com
April 8, 2002, 4:00 AM PT

Web surfers who thought online advertisements were becoming increasingly obtrusive may be dismayed by a new tactic: pop-up downloads.

In recent weeks, some software makers have enlisted Web site operators to entice their visitors to download software rather than simply to view some advertising. For example, when visiting a site a person may receive a pop-up box that appears as a security warning with the message: "Do you accept this download?" If the consumer clicks "Yes," an application is automatically installed.

Computer security expert Richard Smith explained that with such downloads, "You don't even know why you're getting this program, and the people who do (pop-up downloads) are relying on the fact that people tend to say 'Yes.'"

"A person should (be able to) request the download" if they want it, or decline it if they don't, he said. "It's the classic opt-in, opt- out debate."
http://news.com.com/2100-1023-877568.html c/net tech news
http://www.napsterites.net/undergrou...opup+downloads - newspaper shop, monday.

- js.

[theknife]

Quote:

...are relying on the fact that people tend to say 'Yes.'"

[BuzzB2K]

Quote:

Originally posted by JackSpratts
i've just gottten six executables, programs like "downloadware" and "movienetworks" installed and running in startup (without my permission needless to say). anyone getting these? ad-aware isn't catching a thing and my cd_clint.dll is fine. something's up and it's not good. there must be a pgm that's calling them but what and why right now? i get that "your security's been compromised" pop-up, which naturally i close using ctrl-alt-delete but they're still getting in, and fast. if i can't figure this out it's good-bye fastrack. it's that bad.

- js.

Quote:

In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."

Some Net users have complained of receiving downloads containing a virus that automatically redirects them to adult-related sites. Such downloads also have been known to install new dial-up programs replacing the existing accounts. The Federal Trade Commission recently brought a case against people who were using such tactics to install a dial-up account for expensive 1-900 numbers

They go on to say this is not common... But two people (JackSpratts & thegame412) who post here have encountered this very ad.

So technically it is not FastTrack at fault for this, but it is Groksters fault for placing the ads there...
I'm just glad I don't get any pop-ups, pop-unders etc. and so do feel OK with Grokster for now.

[ssj4_android]

I don't get any popups either . At least, from grokster, kazaalite, and imesh and stuff. Didn't on morpheus either, I hive NIX wich blocks ads. Strange this is that there wasn't ads on morpheus on my old computer that had no ad removal stuff. Maybe because it's 75 mhz?

[twinspan]

Quote:

Originally posted by Ethen
My grokster hasnt given me any extra spyware lately.
Mostly I think cause I have it firewalled up so tightly through advanced rules.
However last night during start up I did get a prompt to donwload and save to my computer a file named "index.html"
Any one else had grokster asking you to install index.html?

Not sure if it's related, but just read this post on spywareinfo.com forums saying that the aphex worm tries to infect via an 'index.html' page, and will re-create it on your computer to infect others.