I noticed this on slashdot. The latest version of Audio Galaxy includes some nasty spyware, much worse than the kind including with Kazaa. If you are currently using Audio Galaxy, or even if you aren't, I would recommend you download and run Ad-Aware ( http://download.cnet.com/downloads/0-10106-100-7302674.html?tag=st.dl.10001-103-1.lst-7-1.7302674 )

The following is from http://www.cexx.org/vx2.htm

Privacy Concerns
The software covertly collects all sorts of information about your Web surfing habits, including lists of Web sites you visit (and even sites you've visited before installing their software(!)), any terms you enter into a search engine, and contents of online forms--including "secure" forms using SSL encryption(!). The company has the audacity to claim that this is done "in order to save you the time and trouble of submitting such information to us yourself". It also stores cookies to persistently identify you across sessions.

The software also transmits back information about your computer, which can include amount of memory, hard drive size, free space, what peripherals you own, and even lists of software you have installed.

Finally, the software transmits details about your interaction with the software.

The software also includes an auto-update capability with the stated purpose of updating not only the VX2 spyware itself, but also installing additional third-party programs, including additional spyware.

Information Gathered by Transponder

Upon its first load, VX2.dll will look for a file in your Windows directory called oeminfo.ini. If present, this file contains information about your computer provided by the OEM--who you bought it from, serial #/etc., processor and configuration, tech support info, and maybe your name. (IIRC, this information is displayed if you go to Start > Settings > ControlPanel > System and view the first tab.) More information about the oeminfo.ini file is available here.

Transponder then connects to sputnik.vx2.cc and transmits data. As the data is encrypted, the exact contents of this transmission are unknown. But the Transponder folks were nice enough to enumerate some or all of the transmitted fields (unencrypted) within the DLL. These are:

Name
Email
Processor
OEMInfo
Printers
AppList
RAMSize
DiskSpace
LanguageID
TimeZone
IE
OS
<SysInfo>

-Biscuits

I read through the comments on slashdot and saw three things of interest:

1.A guy named Maurice O-Bannon has been indicted in an unrelated case for online credit card fraud. Incidentally, this is the same name as the CEO of this spyware company (http://www.ftc.gov/opa/1999/9902/petapp4.99.htm). If this is the same guy, this is disturbing, especially since this program will grab any credit card numbers you type in online.

2. Audio Galaxy claims that it changed its software in the past week or so to take out this spyware (they had not paid their bills).

3. Ad Aware does not detect this particular peice of spyware.

-Biscuits

perhaps not yet - you need to regularly update their definition file..

Yeah.. The default def file is out of date.. AdAware's update thing is bit wack, but it's worth going through a few hoops for. Download this, http://www.lsfileserv.com/aaw/binary/refupdate.exe

Here's where my friends got confused.. They downloaded it, ran the setup and thought AdAware was now updated. However, this just installs the updater util, you now need to go to Start->Programs-> etc and run the program, it will connect and download the lastest ref file.. and viola!

I know.. it's convoluted.. but it works.

It's labled as an update plugin, which implies it's a program that adds a update functionality to the ad-aware program.

Hi,

What exactly is Audio Galaxy ?

\\Kaare

Its one of the music sharing programs. Its relatively powerful, but since it is free to use, they sold out and made it full of adware and spyware (legal trojan horses). I've personally never used it.

If you actually want to download music off the internet, I'd recommend morpheus. Bear in mind that only about 1/4 of the songs downloaded off the internet are of decent quality. Most users simply don't care about their encoding.

-Biscuits

Ahh, thanks for the enlightment. When ever i need some thing, i allways revert to good old ftp'ing!.. Works like a charm, and with the right account, you'd be amazed what you can find

\\Kaare

Not that I participate in that activity, but if I did... where would I find FTP sites that could be checked out? Is there a list somewhere?

- Thanx
- Jon

:-) right..

I think you'd have to know some people, as most ftp sites are invites only. Perhaps a good starting point would be efnet on irc.

\\Kaare

Bearshare is better than Morphues

gnut is better than bearshare... LOL

Limewire is better than both of them :-)

And ripping your own CDs is better than all of the above.

And hearing the band play live is even better.

And being invited back to their hotel room to chat is even better

(i used to use limewire, but now use gnut cause it's much easier to leave running in the background on my server than some huge GUI app on my desktop).

not in all cases

And if the band happens to be Britney Spears, that's even better.