Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Deepnet Explorer and CommonName Adware

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News
View previous topic :: View next topic  
Author Message
Moore
Moderator


Joined: 31 May 2004
Last Visit: 16 Jun 2014
Posts: 758
Location: .MooreLand.

PostPosted: Tue Jul 13, 2004 4:48 am    Post subject: Deepnet Explorer and CommonName Adware Reply with quote

Heres something a bit suspicious I found with the Deepnet Explorer , and its conflicting privacy policy. Twisted Evil

Anyone tried this program before ?

####################################

All-in-one Internet Browser: Web + P2P + News

Quote:
Deepnet Explorer is a powerful Web, P2P and News Aggregation browser. Browse the web quickly, share and download files on the Gnutella P2P network, and read the latest news from your favourite sources simultaneously.


http://www.deepnetexplorer.com/default.asp

####################################

2. PRIVACY POLICY

Quote:
Deepnet believes that people should be able to use the Internet without worrying about spyware, the collection of their personal information or annoying advertising. Users who install this software can be assured that this software:
does not collect any personal information;
does not monitoring your behaviour;
does not serve pop-ups or any other form of invasive advertising;
does not attempt to connect to the Internet if you are not connected;
does not bundle any other software;
does not place cookies on your computer;
does include an uninstaller.


3. USE OF SOFTWARE

Quote:
Deepnet may provide users with a default search engine(s) to assist in internet searching. Deepnet is not responsible for the contents of those search engines or websites that they link to.


6. UPGRADE NOTIFICATION

Quote:
You may receive from us notification that a new upgrade is available. Upgrading is your choice and requires your action. The Software will contact our servers periodically to see if a new upgrade is available and may advise you if it is.


8. AMENDMENTS

Quote:
Deepnet may amend the terms and conditions of this Licence at any time by posting a notice on its website, which shall be binding upon you. You should visit the Deepnet website periodically to review the current and effective terms and conditions of use of the Software.


#########################################


#################

DEEPNETEXPLORER.COM

#################

213.86.53.251

http://www.whois.sc/213.86.53.251
http://www.whois.sc/deepnetexplorer.com


Website Title: Deepnet Explorer - Web + P2P + News Browser
Meta Description: Deepnet Explorer is the first browser with fully integrated P2P file sharing capabilities and a built-in RSS/ATOM news reader. It's free, so now it's easy to browse the web, share files and read news simultaneously.

Meta Keywords: browser, pop killer, pop blocker, p2p, peer-to-peer, free, software, freeware, file sharing, rssreader, rss reader, atom reader, rssreaders, rss, atom, reader, readers, news, feed, newsfeed, feeds, channel, form filler, password, find, highlight, keyword navigation

Response Code: 200
Server Type: Microsoft-IIS/5.0
IP Address: 213.86.53.251
IP Location: - England - London - Commonname Jb Ltd

inetnum: 213.86.53.224 - 213.86.53.255
netname: COMMONNAME
descr: COMMONNAME JB LTD
country: GB
admin-c: YL37-RIPE
tech-c: YL37-RIPE
rev-srv: ns0.uk.colt.net
rev-srv: ns1.uk.colt.net
status: ASSIGNED PA
mnt-by: COLT-UK
changed: hostmaster@uk.colt.net 20020222
source: RIPE

route: 213.86.0.0/16
descr: COLT
origin: AS8220
remarks: Abuse reports to abuse@uk.colt.net
mnt-by: COLT-UK
changed: hostmaster@uk.colt.net 20030224
source: RIPE

route: 213.86.0.0/16
descr: COLT
origin: AS8372
remarks: Abuse reports to abuse@uk.colt.net
mnt-by: COLT-UK
changed: ryan@uk.colt.net 20000608
source: RIPE

person: Yurong Lin
address: COMMONNAME JB LTD
address: 144 LIVERPOOL ROAD
address: LONDON
address: N1 1LA
address: UK
phone: +44 207 697 8888
nic-hdl: YL37-RIPE
changed: hostmaster@uk.colt.net 20020222
source: RIPE


###########################################

Registrant:
Deepnet Technologies
DEEPNET TECHNOLOGIES LIMITED
47 WESTMINSTER PALACE GARDENS
LONDON
London, SW1P 1RR
UK

Domain name: DEEPNETEXPLORER.COM

Administrative Contact:
admin, domain
DEEPNET TECHNOLOGIES LIMITED
47 WESTMINSTER PALACE GARDENS
LONDON
London, SW1P 1RR
UK
+44.2072887654
Technical Contact:
admin, domain
DEEPNET TECHNOLOGIES LIMITED
47 WESTMINSTER PALACE GARDENS
LONDON
London, SW1P 1RR
UK
+44.2072887654

Registration Service Provider:
Domainmonger.com,
+1.425-821-8032
+1.425-821-4874 (fax)
http://www.domainmonger.com

Registrar of Record: TUCOWS, INC.
Record last updated on 12-Jun-2004.
Record expires on 19-Dec-2004.
Record created on 19-Dec-2002.

Domain servers in listed order:
NS1.DOMAINMONGER.COM 216.98.150.33
NS2.DOMAINMONGER.COM 216.122.4.81


########################################


################

COMMONNAME.COM

################


http://www.whois.sc/reverse-ip/213.86.53.230
http://www.whois.sc/commonname.com


Website Title: CommonName - Keyword Navigation and Pay Per Click Search
Meta Description: CommonName is the world's largest keyword navigation and search network, combining keyword navigation and pay per click search to simplify the path to your business and maximise ROI

Meta Keywords: keyword navigation, internet keywords, natural language navigation, simplified navigation, pay per click search, browser search, pay for performance, pay for placement, online advertising, paid listings

Response Code: 200
Website Status: Active
Reverse IP: Web server hosts 8 websites
Server Type: Microsoft-IIS/5.0
IP Address: 213.86.53.230
IP Location: - England - London - Commonname Jb Ltd

Name Server: NS1.UK.COLT.NET NS0.UK.COLT.NET
ICANN Registrar: TUCOWS INC.
Created: 04-jan-2000
Expires: 04-jan-2007
Status: ACTIVE

Registrant:
CommonName Limited
144 Liverpool Road
Islington, London N1 1LA
GB

Domain name: COMMONNAME.COM

Administrative Contact:
Admin, Domain
Unit 12D
Adlington Park
Adlington, Cheshire SK104PZ
GB
+44.8702407571 Fax: +44.8702407572

Technical Contact:
Admin, Domain
Unit 12D
Adlington Park
Adlington, Cheshire SK104PZ
GB
+44.8702407571 Fax: +44.8702407572

Registrar of Record: TUCOWS, INC.
Record last updated on 09-Jul-2004.
Record expires on 04-Jan-2007.
Record created on 04-Jan-2000.

Domain servers in listed order:
NS0.UK.COLT.NET 195.110.64.10
NS1.UK.COLT.NET 195.110.64.11


#####################################


Quote:
Description
CommonName is marketed as a 'keywords' service, allowing one to enter simple names insatead of URLs.

After its original release, the software has become a complicated (and sometimes buggy) search-hijacker and adware, aggressively bundled with many third-party apps
.

http://www.doxdesk.com/parasite/CommonName.html

Distribution
Included in many file-sharing programs, such as Grokster, iMesh, FreeWire, MThree MP3 tools and older versions of KaZaA.

What it does
Advertising
Yes. All variants except Toolbar connect to their controlling servers once a day, who may ask them to open pop-under advertising. They also change search settings to point to commonname.com.

Privacy violation
Cookies are used to identify you when requests are made to CommonName. This may occur when the advertising is opened, a keyword is entered into the address bar.

When you visit a URL whose top-level-domain the CommonName/Agent or Mib software does not know about (eg. alternative TLDs or intranet hostnames; CommonName/Agent also does not know about .edu, .mil, .int, .su and .gb), a request is also made. This could allow users to be tracked across web site visits.

Security issues
Yes (Winnet, Comwiz variants): Can download and execute arbitrary code from its controlling server, as an update feature.

No (other variants).

Stability problems
Can cause Explorer to crash occasionally with a 'runtime error' in CNBabe, or an 'illegal operation' in CNMib.

CommonName/Agent also had a bug in its unknown-top-level-domain code which meant that any URL longer than 72 characters became corrupted.

The Agent and Mib variants can cause 404 pages not to be shown.

The Winnet variant can bombard you with autodial requests if you are not connected to the internet when it wants to check for updates.


###############################################

USER PROBLEM :

I engage a problem that when I attemp to browse some pages (such as www.amazon.com or www.amazon.co.jp) using Deepnet, it shows "Action canceled" or even 404 not found. But it's fine using IE.

http://www.deepnetexplorer.com/forum/forum...sp?TID=101&PN=1


################################################

Full Name: CommonName Websearch

http://www.spywareguide.com/product_show.php?id=429

Type: Adware
Also Known as: CommonName/Agent CommonName/Toolbar BabeIE BabeIE2 CNMib
Danger Level: 3
Official Description: CommonName is yet another 'keywords' service, allowing you to type a company name instead of a URL.

Originally a normal service, the software has become bundled adware.

Comment: The newer variant CommonName/Agent periodically opens pop-under advertising as well as highjacking search settings. Cookies are used to identify you when requests are made to CommonName, allowing them to track your web usage. Requests are made when advertising is opened and when you visit a web address with a top-level-domain that the CommonName software does not know about.
This includes .edu and .mil.

Information URL: hxxp://www.commonname.com/

Properties: Stealth Tactics
Changes browser
Stays Resident
Connects to the internet
Shows ads

Manual removal: Use Add/Remove Programs.


##################################

Spyware Info alert :

Quote:
Weeks ago I warned about a new version of Common Name toolbar that if removed improperly will severely damage your internet connection. Well, it seems that Common Name has updated yet again to be more resistant to removal. There are manual removal instructions at Doxdesk.com, but what appears to work just as well is to run the latest, fully updated Spybot S&D in Windows safe mode.


http://www.spywareinfo.com/newsletter/arch...02/12252002.php

###################################
_________________
| Stop Malvertising | Outpost | Blocklist Pro | Hosts |
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group