Themexp.org started pushing junk?

[Atreju]

Recently I went back to themexp.org and I now find that they are
spewing tons of popups and trying to install Gain software
(mega-spyware). This used to be a pretty nice site, and it still is,
but does anyone know what has prompted them to start engaging in the
scummy practice of pushing spyware?

Of course, I have a popup blocker and I would never enable their gain
install, but still, it is sad to see a nice website go the way of
crappyville.


---Atreju---

 

[niknik1971]

Well I will not be downloading anything from them any more.

NIK

 

[Nekyinsocks]

It's sad but it happens, I use to use a program called Gphotoshow, for
making simple slideshows and such. The last time I tried to install the
newest version. Symantec warned of a virus.

 

[Atreju]

Well I will not be downloading anything from them any more.

Actually you can just skip the GAIN crap and block the popups and you
can still download stuff from the site. It's just I was extremely
dissappointed to see that they have been pushing spyware to begin
with. How much money do you think they make in commissions from that
crap?


---Atreju---

 

[§kullywag©-]

Actually you can just skip the GAIN crap and block the popups and you
can still download stuff from the site. It's just I was extremely
dissappointed to see that they have been pushing spyware to begin
with. How much money do you think they make in commissions from that
crap?


---Atreju---

Uh..... actually NO, you cannot keep the gain (and countless other
crap) from being installed on your system. Even if you "opt out" as
the site says you can do...... IT STILL INSTALLS CRAP.
Don't believe me? Opt out of everything, then run Pest Patrol, or
Spybot. I had 5 instances of spy/adware after "opting out" of ONE
single exe from their site.

The new management of the site care absolutely nothing for the
visitors that frequent their site.

I DID find a way around the crap, through a suggestion from a user of
the site, and it goes like this........
The "wrapper" is added via web, on the FIRST download per visit.
If a file you download is in "exe" form, delete it, then redownload
and you will see it is now an "unwrapped" zip file. All other files
SHOULD be in zip (nonwrapped) form during that visit. If you DO get
another.....delete it and redownload.

Worked for me downloading styles....haven't tested the procedure with
logons, wallpaper, ect yet.


§kullywag©-

 

[Atreju]

SNIP

Uh..... actually NO, you cannot keep the gain (and countless other
crap) from being installed on your system. Even if you "opt out" as
the site says you can do...... IT STILL INSTALLS CRAP.
Don't believe me? Opt out of everything, then run Pest Patrol, or
Spybot. I had 5 instances of spy/adware after "opting out" of ONE
single exe from their site.

Only if your security settings are not high enough. No site can
override a setting that tells your browser to simply not install
anything. Check your security settings.

The new management of the site care absolutely nothing for the
visitors that frequent their site.

I DID find a way around the crap, through a suggestion from a user of
the site, and it goes like this........
The "wrapper" is added via web, on the FIRST download per visit.
If a file you download is in "exe" form, delete it, then redownload
and you will see it is now an "unwrapped" zip file. All other files
SHOULD be in zip (nonwrapped) form during that visit. If you DO get
another.....delete it and redownload.

I simply avoid the .exe files. I have downloaded plenty of .zip files,
it just seems to depend on what format the author of the style/etc.
has packaged their work.

Worked for me downloading styles....haven't tested the procedure with
logons, wallpaper, ect yet.


§kullywag©-

---Atreju---

 

[Guest]

I use Spyware Blaster and I don't have any trouble with
spyware and adware downloading into my PC. Spyware
Blaster blocks it from downloading. Also, You need to go
to your internet options and change a couple of things.

Click on Tools
Click on Internet Options
Click on Advanced
Uncheck the box next to Enable Install On Demand
(Internet Explorer)
Uncheck the box net to Enable Install On Demand (Other)
Click Ok

This will take care of most of that stuff from
downloading on it's own.

 

[=?iso-8859-1?B?uyBtcnRlZSCr?=]

Just a thought, when you "opt out" a cookie has to be set to tell the server that you opted out. If you delete that cookie you are no longer on the "opt out "list"".

--
Just my 2¢ worth,
Jeff
__________in response to__________
| Uh..... actually NO, you cannot keep the gain (and countless other
| crap) from being installed on your system. Even if you "opt out" as
| the site says you can do...... IT STILL INSTALLS CRAP.
| Don't believe me? Opt out of everything, then run Pest Patrol, or
| Spybot. I had 5 instances of spy/adware after "opting out" of ONE
| single exe from their site.
|
| The new management of the site care absolutely nothing for the
| visitors that frequent their site.
|
| I DID find a way around the crap, through a suggestion from a user of
| the site, and it goes like this........
| The "wrapper" is added via web, on the FIRST download per visit.
| If a file you download is in "exe" form, delete it, then redownload
| and you will see it is now an "unwrapped" zip file. All other files
| SHOULD be in zip (nonwrapped) form during that visit. If you DO get
| another.....delete it and redownload.
|
| Worked for me downloading styles....haven't tested the procedure with
| logons, wallpaper, ect yet.
|
|
| §kullywag©-

 

[Atreju]

Just a thought, when you "opt out" a cookie has to be set to tell the server that you opted out. If you delete that cookie you are no longer on the "opt out "list"".

It's not so much a matter of opting out. When your browser pops up a
query asking you if you want to install blah blah component by GAIN
Publishing, you just tell it No.

Then you can proceed to the site. Occasionally you might hit a page
that asks you again, and just say No again.

Gee I really wish there were a way to say no permanently. After all,
you can select to "always trust content from..." but obviously it is
not very good for MS marketing to allow you to "always deny content
from..."

In any event, that's what I do and I'm able to download plenty of
stuff there.


---Atreju---

 

[Ronnie Vernon MVP]

It's not so much a matter of opting out. When your browser pops up a
query asking you if you want to install blah blah component by GAIN
Publishing, you just tell it No.

Then you can proceed to the site. Occasionally you might hit a page
that asks you again, and just say No again.

Gee I really wish there were a way to say no permanently. After all,
you can select to "always trust content from..." but obviously it is
not very good for MS marketing to allow you to "always deny content
from..."

In any event, that's what I do and I'm able to download plenty of
stuff there.


---Atreju---

Take the time to look before you leap.

That option is there. It's called the Restricted Sites Zone. Select
Tools/Internet Options/Security Tab and click the Restricted Sites Zone.

Select the Sites Button to add a website to this zone. Select the Custom
Level Button to set permissions for websites in this list. Everything should
be set as disabled in this zone and the security level set to High.

 

[Donald McDaniel]

I use Spyware Blaster and I don't have any trouble with
spyware and adware downloading into my PC. Spyware
Blaster blocks it from downloading. Also, You need to go
to your internet options and change a couple of things.

Click on Tools
Click on Internet Options
Click on Advanced
Uncheck the box next to Enable Install On Demand
(Internet Explorer)
Uncheck the box net to Enable Install On Demand (Other)
Click Ok

Unfortunately, none of this will help, since the crapware included
with the themes is not installed on demand during downloading of the
theme from their website, but is imbedded in the theme file itself,
and installed only AFTER the theme installer file has been downloaded
to your hard drive and executed.

Each theme file is wrapped with installation code which contains the
crapware bits and installs the crapware. While the installer gives
you the option to not install the crapware (you must say "NO" to each
crapware program's installer), the inclusion of the crapware is very
thoughtless. I believe that ThemeXP.org can find better ways of
financing their hosting. Perhaps they could start a subscription
service, and charge a few cents ($.49? $.79? $.99? or even a monthly
subscription rate) with each file downloaded. Some part could go to
the theme designers as compensation, and the rest could go to pay for
ThemeXP's hosting.

Donald L McDaniel
Keep the thread intact
Post reply to original newsgroup
=======================================================

 

[Atreju]

Take the time to look before you leap.

That option is there. It's called the Restricted Sites Zone. Select
Tools/Internet Options/Security Tab and click the Restricted Sites Zone.

Select the Sites Button to add a website to this zone. Select the Custom
Level Button to set permissions for websites in this list. Everything should
be set as disabled in this zone and the security level set to High.

But I don't want to do it by zone or website, I want to do it
depending on the content type.

For example, let us say I'm one of those people who refuses to allow
flash player to install (I dunno why people are afraid of it, but
whatever). I will not want to start accumulating sites that try to
install it and restricting them. Instead, I would want to tell IE to
never prompt me for FLASH PLAYER specifically, regardless of what
website tries to install it.

If there is a way to do that, please let me know.


---Atreju---

 

[Atreju]

Unfortunately, none of this will help, since the crapware included
with the themes is not installed on demand during downloading of the
theme from their website, but is imbedded in the theme file itself,
and installed only AFTER the theme installer file has been downloaded
to your hard drive and executed.

Each theme file is wrapped with installation code which contains the
crapware bits and installs the crapware.

Not all of them. I have downloaded dozens of themes that are just zip
files. I have not had to install the exe ones in order to obtain the
zip ones. There are simply different packages available. That's a bit
irritating, but I can live without the themes that are packaged as
such.

The irritation came from the IE browser plugin attempt. It is
sickening how a formerly good website has resorted to trying to bitch
its unsuspecting patrons.


---Atreju---

 

[Bill Mitchell]

Whether or not the theme is available as a zip is up to the creator. THEMEXP
wants it as a wrapped exe and the maker gets some sort of benefit from them
for allowing it to be packaged that way. When you run the installation file
you are asked if you want to install the other programs as the come up;
however, clicking on "NO" does not necessarily prevent the spyware from
being installed, sometimes it is installed anyway and if you read the
wording closely you'll notice that some of the programs are not asking
permission to be installed; they are asking if you want to "support"
something or other. You are not actually asked whether or not you want to
install it.

Bill

 

[Ronnie Vernon MVP]

But I don't want to do it by zone or website, I want to do it
depending on the content type.

For example, let us say I'm one of those people who refuses to allow
flash player to install (I dunno why people are afraid of it, but
whatever). I will not want to start accumulating sites that try to
install it and restricting them. Instead, I would want to tell IE to
never prompt me for FLASH PLAYER specifically, regardless of what
website tries to install it.

If there is a way to do that, please let me know.


---Atreju---

I know you picked Flash as a random example, but this particular application
will always ask before downloading.

If you don't want anything to "automatically" download without any user
input, you will need to lock down the browser as much as possible. Use the
settings in Tools/Internet Options/Security/Internet. Click the Custom Level
Button and scroll through the options there. Disable any type of Active
content, Scripting or Redirects there. Set the level to High.

The problem you will immediately notice is that most websites now use some
type of active scripting to configure parts of the website.

 

[§kullywag©-]

Not all of them. I have downloaded dozens of themes that are just zip
files. I have not had to install the exe ones in order to obtain the
zip ones. There are simply different packages available. That's a bit
irritating, but I can live without the themes that are packaged as
such.

The irritation came from the IE browser plugin attempt. It is
sickening how a formerly good website has resorted to trying to bitch
its unsuspecting patrons.


---Atreju---

You are not installing anything if you do not execute the exe file.
All the crap is added to the zip, making an exe file out of it during
download. Just delete the exe file, and redownload it. It will be a
zip file then....and approximately 1/3 to 1/2 the size of the previous
exe file. From my own "tests" nothing is installed during download,
only upon execution of the exe file.

Now here's the kicker....... it seems that the "wrappers" were
instituted by the new proprietors of ThemeXP Home. Who ARE the new
proprietors??? As far as I know........StyleXP.

StyleXP's homepage used to list ThemeXP as a good "Independent site"
for themes.
ThemeXP is no longer listed at TGTsoft (StyleXP) as independent, and
they now use the same server, and site templates and forums as
TGTsoft.
Check out the forums at both ThemeXP and StyleXP....... you will see
countless complaints at both sites for the sneaky tactics of ThemeXP.
The best response moderators of ThemeXP can come up with is basically
"You have to be stupid if you can't figure out how to prevent the
wrappers, and it's your own fault if you believe anything you read at
any site, or if you trust any site". In other words... they just
don't give a damn, and will continue to do whatever they want. And
for those who complain.....they are considering a separate section
where they will charge for non-infected themes.

It is a crying shame when once fantastic, and truly trusted sites turn
to the dark side.



§kullywag©-

 

[Atreju]

I know you picked Flash as a random example, but this particular application
will always ask before downloading.

If you don't want anything to "automatically" download without any user
input,

No, once again, you're not getting what I am saying.
I would like the browser to prompt me when something tries to install
_the first time_ it tries. I want to be able to then choose "Just
don't ask me again for THIS PRODUCT (eg: activex component, plugin,
etc.) on any site. Keep asking me if something new comes along, but
not for this particular item.

Your solution would have the browser never even prompt me, and simply
refuse everything. That's not quite what I am seeking.


---Atreju---

 

[Atreju]

Whether or not the theme is available as a zip is up to the creator. THEMEXP
wants it as a wrapped exe and the maker gets some sort of benefit from them
for allowing it to be packaged that way. When you run the installation file
you are asked if you want to install the other programs as the come up;
however, clicking on "NO" does not necessarily prevent the spyware from
being installed, sometimes it is installed anyway and if you read the
wording closely you'll notice that some of the programs are not asking
permission to be installed; they are asking if you want to "support"
something or other. You are not actually asked whether or not you want to
install it.

Precisely. This is why I only download the ones that are zipped up
themes with no installation. If it is an exe I just cancel it.


---Atreju---

 

[Donald McDaniel]

You are not installing anything if you do not execute the exe file.
All the crap is added to the zip, making an exe file out of it during
download. Just delete the exe file, and redownload it. It will be a
zip file then....and approximately 1/3 to 1/2 the size of the previous
exe file. From my own "tests" nothing is installed during download,
only upon execution of the exe file.

Now here's the kicker....... it seems that the "wrappers" were
instituted by the new proprietors of ThemeXP Home. Who ARE the new
proprietors??? As far as I know........StyleXP.

StyleXP's homepage used to list ThemeXP as a good "Independent site"
for themes.
ThemeXP is no longer listed at TGTsoft (StyleXP) as independent, and
they now use the same server, and site templates and forums as
TGTsoft.
Check out the forums at both ThemeXP and StyleXP....... you will see
countless complaints at both sites for the sneaky tactics of ThemeXP.
The best response moderators of ThemeXP can come up with is basically
"You have to be stupid if you can't figure out how to prevent the
wrappers, and it's your own fault if you believe anything you read at
any site, or if you trust any site". In other words... they just
don't give a damn, and will continue to do whatever they want. And
for those who complain.....they are considering a separate section
where they will charge for non-infected themes.

It is a crying shame when once fantastic, and truly trusted sites turn
to the dark side.



§kullywag©-

I tried your so-called "method". I downloaded a theme file which is
marked with a red asterisk (meaning it is wrapped with the crapware)
to my HD, then deleted that file, and downloaded the file again. Same
file was downloaded, with the same file size. You must have been
smoking some of that funny weed when you claim to have downloaded a
zip file the second time.

Donald L McDaniel
Keep the thread intact
Post reply to original newsgroup
=======================================================

 

[J. S. Pack]

Whether or not the theme is available as a zip is up to the creator. THEMEXP
wants it as a wrapped exe and the maker gets some sort of benefit from them
for allowing it to be packaged that way. When you run the installation file
you are asked if you want to install the other programs as the come up;
however, clicking on "NO" does not necessarily prevent the spyware from
being installed, sometimes it is installed anyway and if you read the
wording closely you'll notice that some of the programs are not asking
permission to be installed; they are asking if you want to "support"
something or other. You are not actually asked whether or not you want to
install it.

Bill

Oh, just make yourself a lil' ol nonpersistent virtual machine using
VMWare, install all the .exe wrappers there, and copy the good stuff back
to your real machine. You're done.