hey guys :)


I had the misfortune of coming across a site that does drive-by activex installs, it installs spyware for windupdates, they server adverts to people's desktops. The old "why on earth am i getting all these ads on my desktop" scenario.


Luckily i was using firefox and was protected, but many aren't.

I submitted a spam report about the site, will they take any notice? i see so many conflicting reports about whether spam reports are even worth the time doing. Would they be bothered by this site installing spyware? in my mind it certainly degrades the index.

This site is even doing it against windupdate's own terms as they require people to accept the activex install/download, this site installs it silently.

cheers

Xativa

I feel google will take these type of spam reports seriously, Once googleguy said google people read most of the spam reports, Just that they want to fight spam algorithmically,

I feel links from search engines which installs spywares are bad for end users, Google is always concerned about the end users, If something is damaging their search results they should be worried about it,

yeah i recall someone saying they read them all, lets hope they spot mine then and act on it. It really annoys me aswell because i asked the guy if it bothered him making money from infecting people's computers, he responded that at $1000 a month he didnt care.

greed hey! :(

I'm no too sure Google will do anything about sites that intall spyware. I would think Google is only going to act on anything that could/does harm their SERP relevancy.

I think that any site attempting to install a virus or driveby should be banned instantly and without mercy.

I can't think of any way this could happen on a site without either deliberate intent or gross negligence, so it's not like it's a coding "accident" by the owner.

Right now, Teoma (of all engines) is the worst for serving viruses, IMO, which is too bad, as it used to be a nice SE.

Note how I said that - from a user perspective, if you (as a search engine) tell me that a particular site is relevant to me, then when I click on it I expect relevance, or at least a good try. I don't remember the site that tried to feed me a virus - I DO remember that it was Teoma that sent me there. How's that for branding and consumer awareness?

And I'm now on a forum telling everyone about it. Think about that.

I can't think of any user who would consider being fed a virus or spyware "relevant" to ANY search. It's a bad result. It's also a pretty clear indicator of spam.

Another issue that I would like to point out is that I came across this because my son was searching for a "walkthrough" for a game. No P0rn, no warez. Just some help and information. Giving children viruses is evil with a capital "E".

Yes, I sent an email to them. No, I never got a response.

Ian

I agree with most of what you say. What I don't agree with you on is blaming the SE for listing a page that intalls spyware. The page (spyware and all) could still look totally relevant to a SE.

Blaming a SE for this, is a bit like blaming the taxi company that takes you to a night club where you get beat up and/or mugged.

That's a good point, of course. The website owners are to blame for their sites, not the SE. But the same thinking can be used for spam, as well.

To continue from your example, if I asked that taxidriver to take me to somewhere fun and I got rolled and beat up when I arrived, it's pretty unlikely I'd trust that cab driver again, regardless of whether he was responsible - his/her credibility would be shot.

It doesn't mean I'd necessarily have a case to sue them, but I'd certainly think twice about trusting their judgement...

Theoretical question for everyone - if you could choose between two roughly equal SE's but only one checked the sites in it's index for viruses, would that be significant to you?

How about if the SE that allowed viruses was slightly better? At which point does the added relevance overcome the virus scan? After all, you should have your own virus scanner anyway. Of course, that's like saying it's ok to spam people with anti-spam software.

Would the elimination of virus and trojan feeders improve the results, make them worse, or have no effect? I imagine if you only shop for hammers online you would be unlikly to notice a change. Would the added cost in resources for the SE be justified?

Just because an SE *can* do something doesn't mean it *should* - would virus, spyware and trojan checking be a legitimate and useful SE offering, or an unnecessary add-on?

Ian

It doesn't mean I'd necessarily have a case to sue them, but I'd certainly think twice about trusting their judgement... Arh yes but with a SE you type in the term. Just like you may have said to the Taxi driver, take me to where the nightlife is.

I believe the answers to your questions are aleady out there. That is, SE very much appear to accept no respsonsibilty for anything or any content on any sites in there Index. Quite rightly so IMO.

If SE's starting spending big $$ detecting spyware, virus sites etc the costs would have to come from somewhere. The likely case to this would be some of the good guys pay to keep the bad guys out. Also, it could open the flood gates with claims like "I used Virus-Spam-Spyware-Free-SE.com and clicked onto a site than gave my PC a virus."

It could also become the thin edge of the wedge. E.g, A surfer users some code from a site found via a SE and it wipes all their data! Who is resposible? Certainly not the SE IMO.

Another issue that I would like to point out is that I came across this because my son was searching for a "walkthrough" for a game. No P0rn, no warez. Just some help and information. Giving children viruses is evil with a capital "E".

Bang on,a nd the site in question's audience is manily youngtsers, it is an aim icon site and appears on page 2 for "aim icons" in google.

If google didn't do anything about sites that install spyware in such a manner i would be pretty dissapointed.

I agree with what has been said, and at the end of the day google is providing us a service, being free doesn't mean the quality should fail, so they are therefore the means for the "perpetrator" to spread the spyware which means they have to take some responsability for it and act on it.

I'm doing my part to try and help and remove this offending scum, i would like to think that they'll also do theirs. We'll see :)

Out of the choice of two SE's, one doing spyware/virus scans adn the other not, i would go with the one doing the scans, without a second thought!

In a perfect world I suppose the SE would weed out any such sites. But who is to decide what should be out and what should be in? Or, the even bigger problem, how would they do it?

Is a gun shop owner resposible for selling the firearm that ends up killing someone? Are people that keep guns in the house and have them stolen resposible?

Should a SE be resposible for all harmful code that it on all the pages out there?

Welcome to SEW xativa. These sites are a real pain and they do attack kids. Using Firefox is a probably the smart thing to do at least for now. It might be cool to keep an eye on the site for a few months after you file the spam report and let us all know what happens.

I know one can get sofware to remove spyware etc, but as this is after the fact, and as 'prevention is better than cure', I would think there would be software to stop it also?

Yeah i'm keeping a close eye on it, and will let you know if google removes it.

It would be nice to have an antispyware software that scanned pages whilst you visited, like a normal antivirus does (as they're put into the cache) :)

It would be nice to have an antispyware software that scanned pages whilst you visited, like a normal antivirus does (as they're put into the cache)

Actually, I've since discovered that if you install Spybot, Search and Destroy with the optional "teatimer" utility it does a pretty good job of doing just that. :)

Ian

ooo, now that's a handy little tip Mcanerin, i'll go enable the teatimer now, cheers :)

Forgot to say thanks for the welcome John :)

i see now, i went to "immunize" which told me IE was protected against acivex but under Tools > Resident it gave me the teatimer option to protect the whole system, not just ie. Which is important because many non internet M$ programs use the IE engine.

cheers :)