[geeks] My new laptop came with spyware

vance at neurotica.com vance at neurotica.com
Wed Jan 29 04:55:35 CST 2003


*shrug*

Delete it.  The first thing I do when I get a machine with preinstalled
software is to wipe the hard drive.

Peace...  Sridhar

On Wed, 29 Jan 2003, Gavin Hubbard wrote:

> Hi Lads
>
> I am a little disturbed. My new Thinkpad x30 (no stuck red pixels this time, god bless em) has come from IBM with spyware installed as part of the base Windows XP build.
>
> Quite by accident I noticed that my laptop had automatically opened an https connection to www-3.boulder.ibm.com on TCP port 3145 this evening. Foundstone's fport utility reveals that the process that opened the port is c:\Program Files\Support.com\bin\tgcmd.exe and it is also listening to TCP port 641 and UDP ports 123 & 3131.
>
> This process is running under the local administrator account and I know from my SANS training that tgcmd.exe is an fairly insidious remote control program (yes, spyware).
>
> I don't know if I need a tinfoil hat - but WTF did IBM open a connection to spyware on my machine? This is just plain wrong.
>
> Regards,
>
> Gavin
> _______________________________________________
> GEEKS:  http://www.sunhelp.org/mailman/listinfo/geeks


More information about the geeks mailing list