[geeks] My new laptop came with spyware
Kevin
kevin at mpcf.com
Tue Jan 28 22:22:32 CST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
That's definitely the first step i take when a new Win32
system comes in. Not only do you have the occasional oddity
like your tgcmd.exe app, but usually there is so much crap
installed and running that it makes the machine about as
responsive as a 386 with Win95. Another irritation added to
that is that half of this crap, that is always billed as
feature or a good thing, is in reality just "advertisement
demos" for various ISPs or A/V software.
Garbage.
/KRM
On Wed, 29 Jan 2003 05:55:35 -0500 (EST)
vance at neurotica.com wrote:
> *shrug*
>
> Delete it. The first thing I do when I get a machine with
> preinstalled software is to wipe the hard drive.
>
> Peace... Sridhar
>
> On Wed, 29 Jan 2003, Gavin Hubbard wrote:
>
> > Hi Lads
> >
> > I am a little disturbed. My new Thinkpad x30 (no stuck red
> > pixels this time, god bless em) has come from IBM with
> > spyware installed as part of the base Windows XP build.
> >
> > Quite by accident I noticed that my laptop had
> > automatically opened an https connection to
> > www-3.boulder.ibm.com on TCP port 3145 this evening.
> > Foundstone's fport utility reveals that the process that
> > opened the port is c:\Program
> > Files\Support.com\bin\tgcmd.exe and it is also listening
> > to TCP port 641 and UDP ports 123 & 3131.
> >
> > This process is running under the local administrator
> > account and I know from my SANS training that tgcmd.exe is
> > an fairly insidious remote control program (yes, spyware).
> >
> > I don't know if I need a tinfoil hat - but WTF did IBM
> > open a connection to spyware on my machine? This is just
> > plain wrong.
> >
> > Regards,
> >
> > Gavin
> > _______________________________________________
> > GEEKS: http://www.sunhelp.org/mailman/listinfo/geeks
> _______________________________________________
> GEEKS: http://www.sunhelp.org/mailman/listinfo/geeks
- --
keyserver: http://pgp.mit.edu/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+N1cI4pH/bZtToq0RAr4cAJ9/p8aTIQYQYmvLpY0wtbAl5pBhigCgg0m3
7acgMWKcKygYo3GKHGkRcmA=
=zfvS
-----END PGP SIGNATURE-----
More information about the geeks
mailing list