Spyware bundled with IE???
Posted on 2004-09-03
This is a creepy story so make sure you read it with your lights on. Since I noticed the problem I've replicated it with the same result. Here it goes:
I'm helping a friend of mine build his first machine from scratch. Brand new case, mobo, CPU, hd, and a his own clean legal Windows XP CD. Recycled CD-RW and RAM.
After the first boot he's beaming at seeing his machine actually work. XP is installed with default settings. Then we install Norton Internet Security and Norton Systemworks. GoBack comes next. Then we install Spybot S&D and AdAware. Nothing else is installed in the machine and the box has not been connected to the Net. We run Spybot and it finds a DSO Exploit and the Alexa browser object. AdAware finds two more Alexa-related files and removes them.
Where did these come from? The box hasn't been connected to the Net once since it was built and no other software was installed besides the mentioned above.
Here's another example. While resetting one of my machines, I reinstalled W2K and after installing a couple drivers I proceed to install NAV, Internet Security, and GoBack. Again, I install Spybot S&D and AdAware. Again, Spybot detects the DSO Exploit and Alexa. Again AdAware detects two more Alexa files. All in removed. I run Windows Update and install SP4. After rebooting Spybot and AdAware report nothing. I run Windows Update again and install the Update for IE 6. Machine is rebooted after that. This time Spybot and AdAware find the same DSO and Alexa files... again! And this time the DSO is proving a bit harder to remove. I'll figure that out, tho. What is really bothering me is the possibility that Microsoft is bundling this Alexa crapware INSIDE distributions of IE? and why? The only thing that was installed in between a clean machine and an Alexa report was the IE update.
If any of you guys have an extra box that you can use for a test, give it a try. Since this is not really a Question I'm offering the points as an incentive to test this stuff and try to figure out what's going on with IE and Alexa.