lop.com has been a topic widely discussed on the web.

Now, a very informative "anti-lop.com" website is under siege by one and the same lop.com.

Although IMHO - from a legal point of view - the only part being fishy in regard to lop.com's activities is the fact, a registry key will be created even in case one (tries to) refuse to accept an offered plugin, I do recommend anyone interested in browser "taking over" (Hijacking doesn't seem the appropriate word here) to visit this very informative and well designed anti-lop site, and read the whole story. I assure you it's worthwhile reading:

www.nastylop.com

Looking forward to reactions!

regards.

paul

Well where I come from "lop" is a slang verb, and I'd like to apply that very verb to the heads of the c2media corp people ;)

Very nasty. *I'm happy I've got Adaware.

-{ Quote: "Although IMHO - from a legal point of view - the only part being fishy in regard to lop.com's activities is the fact, a registry key will be created even in case one (tries to) refuse to accept an offered plugin" }-

I can attest to that:

I was trying to help someone complaining about a site that tried to make itself her home page, went there myself to check it out, and immediately got a warning from my firewall that C:\WINDOWS\TEMP\SFX1015.TMP wanted to access the Net.

I declined of course and got the h*ll out of there.

I ran Ad-Aware right after that, and found the following reg key added, which Ad-Aware identified as Lop.com:

REGEDIT4

[HKEY_USERS.DEFAULT\Software\TrinityAYB]
"ts"=dword:00000001
"ld"=dword:00000000
"pn"=dword:ffffffff
"ui"=dword:00000000
"dc"=dword:00000000
"ros"=dword:00000001
"u2"=hex:35,33,64,36,35,64,34,31,36,33,65,31,39,36,39,64,00

Hi Tony,

Quite so - proof of the pudding *>:(

regards.

paul

As of May 24, 2002........

There was a battle going on..........

"Lop said that they will attempt to take the nastylop domain name and to close this site down. "

"a sustained and intensive attack from lop, with threatening legal notices sent to anyone connected with the hosting, domain name or redirector of this site"

Today..............

APOLOGY

this page has been forced to close

(If you've emailed me in the past, then drop me another note if you want to know the full story)



Damn.......Looks like the bad guys nailed 'em... >:( >:(

I would certainly like to know more.

Whatever happened to the days when things were just plain right or wrong?

Discogail,

Do you have the addy from the "nastylop" webmaster? if so, please post and/or send me an email: webmaster@wilders.org

Thanks in advance *;)

regards,

paul

Paul.....the only thing I could find that he had posted anywhere was webmaster@nastylop.com. Naturally....that may not be operative anymore. I sent an email to that address this morning. I'll let you know if I receive a response...& if/when I find an alternative address.

Thanks Discogail *;).

Looking forward to your email.

regards.

paul

Courtesy to Discogail (much obliged!) here's a copy and paste from the explanation provided by the nastylop-webmaster:

-{ Quote: "From: nastylop <nastylop@telstra.com>
To: xxxx@yahoo.com (x-out for privacy reasons -Forum Admin]
Date: Sun, 02 Jun 2002 20:41:54 +0900
Subject: Re: How can I help?

Hello Gail.. Yes, this email address is fine,
............


Yes, lop found someone with a distant connection to
the nastylop page that they were able to put some pressure on. *But the primary reason for the closure was this.

The lop people conceded that webmasters HAD used
deception to get visitors to download the lop exe. *And they admitted that the affiliate program had got a bit out of control. *They gave a full explanation as to why this had happened, which I won’t bother detailing here. *So basically they said to me ‘look, we have had lop
tested thoroughly by many lawyers, and the fact is, it’s legal. It will continue.” *But that they were genuinely interested in implementing any suggestions to improve things.

"Just tell us what you want changed and we’ll change it."

So I had the choice of either continuing to embarrass Lop with bad publicity, but allow it to continue as it is now, or take the opportunity to be positive and force fundamental changes to the way lop operates.

It was not a nice decision to make but I chose to do the latter – it means embarrassment for me in having to close the page down, but I don’t mind that if it leads to a drastic reduction in the number of people who unwittingly get lop on their computers.

So the deal is this:

- The trickery will stop. *The lop affiliates page will be
rewritten to remove any implication that webmasters
can trick visitors into downloading lop.

-If I can give the lop people the URL of any affiliate site I find that uses deception (ie pretends that the user is downloading quicktime or flash, rather than lop) the account will be terminated immediately *

-The focus of the marketing will be to XXX and mp3 sites. *These sites can genuinely offer the user content, in the way of free porn or free mp3s. *Warez or crack sites, despite their large volume of users, will not be accepted as affiliates. *The webmaster of one large crack site that was getting thousands of lop installs a day from his visitors had his account immediately terminated. *Again, I will contact lop if I have knowledge of the lop executable being offered on a warez/crack
site.

- Lop is currently in beta. *The lop people recognize that a lot of work needs to be done on the affiliate side of the operation before the launch of the program. They have given me a commitment to overhaul the affiliate program, and also to improve the way their feedback and customer service is handled. *Users will also be told more clearly how to uninstall lop from their computer.

Some of these are short term issues, such as the rewrite of the wrn.net affiliate page (changes have already been made).
Others are more long term. *When it comes to implementing those changes, the message given to the lop people was I was still here! I would strictly and
conscientiously monitor lop in light of the commitments they had given to changes that would be made.

I’m satisfied with the deal that was struck in return for closing the page. I believe the changes made will dramatically reduce the number of people unwittingly installing lop on their computers, which was always
the main aim behind the site’s creation.

I emailed Mike (Mike Helan - Forum Admin) immediately, but with everything going on probably didn't give him as coherent an explanation as this one....." }-

regards.

paul

I have a small business out of the home, plus I also have 4 family computers in the home. I have spent over 100 hours in the last 6 months ridding my computers of nasty uninvited adware which disrupts, and in many cases destroys productivity. I intend to sue the perpetrators of these "terrorist acts" in my local small claims court for the maximum amount allowed by the court. If cancer victims can sue tobacco companies; if cancer victims can sue asbestos companies; if accident victims can sue auto companies; if shooting victims can sue gun manufacturers; if scalding victims can sue McDonald's, then surely victims of this cyber-terror should be able to sue adware/spyware perpetrators for lost productivity. If a thousand people/businesses sued in 1,000 jurisdictions across the country for $5,000 each, maybe we could get these terrorists to rethink their business model.

Forget legality. I'm talking about civil suits for legimate damages. What does anyone think? I'm ready to file the first suit. I have repeatedly attempted to contact lop.com and ask them how to permanently remove their virus, and they have not responded.

I'M READY TO FACE THEIR LAWYERS IN COURT!!!!!

FLYONS

What's going on? How was nastylop.com taken down - via a DoS attack? Why the **** isn't lop.com's activity illegal, because it bloody well should be!!!

lop has now permanently embedded itself in my computer. Its items on my desktop cannot be dragged and dropped to the trash bin neither could I right click and delete them anymore and attempted removal from my processes threatens to damage my computer. Adaware cannot remove them anymore. This means war.

LOp victim

Click here (http://lop.com/new_uninstall.exe) to download the LOP uninstaller. Close all browser windows and run the uninstaller.

When it is finished restart your computer.

if you cannot get to that site then it is also available here http://www.thespykiller.co.uk/files/lopremover.exe

I have been infected by lop.com and nothing seems to work to get rid of it. I tried to download the "uninstaller" from lop.com only to find it contained a trojan horse virus. Thanks lop you b*****d muy computer is dieing cos of you. Any help people? cheers

Lop Hater

-{ Quote: "I have been infected by lop.com and nothing seems to work to get rid of it. I tried to download the "uninstaller" from lop.com only to find it contained a trojan horse virus. Thanks lop you b*****d muy computer is dieing cos of you. Any help people? cheers

Lop Hater" }-Hi there, can you please go to DVK01's site and download it from there.

You are correct there is a trojan in their new uninstaller.

Cheers ;D

I am willing to try to clean everybodies computer that is infected with this lopcom. nasty.

if you want you can post a hjt log here:

http://spyblocker-software.com/IPB/index.php?showforum=20

please read the instructions first, to avoid getting reinfected ;)

first try to uninstall it with the tool on dvk01's webpage.

Inf.

theres no trojan in the uninstaller its just detected by antivirus programs because they cant detect the program itself so they detect the file thats the same! they can already run anything on your pc if their stuff is already there so why would they install more! they updated it to remove the most recent versions so using an old copy is just silly.