Has anyone heard anything about this? http://www.adnuker.com/ Is it a hijacker on my browser? It's freeware, so there is no warrenty, but will it mess with my browser settings or ruin it in some way? It's a free download for unlimited use, but then they say "order". Does that mean "Upgrade or keep the nag screen."? Lastly, what type of server does Hotmail use? They don't specify Web based names.
Well, the order now page says this I can't tell ya much, but I find it a little disturbing that there is no privacy policy whatsoever. If one of them is interested, one of our security experts around here might fiddle with the thing and see what it does.
I'd really appreciate it if they did. At first glance it looked like just what I needed, so I was about to download it without checking it out with you guys. When I read it resides on your browser toolbar, the name "Xupiter" kept going through my mind. Could this be like that, another Orbit Xplore? Another thing, what happens if I do contact the company? As you said, they have no privacy policy, and I didn't even see a TOS anywhere.
User opinion from Download.com: There are many more reviews like that. I'm just quoting this one for it's reference to WindowsME.
It is a pretty big install. It uses a BHO to integrate in the browser. Which is only logical I guess. AdShield and others use the same method (yes, Xupiter to ) I didn't have the CLSID of that BHO so I had to install it. It looks safe to me. I didn't test it's effectiveness. The Toolbar looks a bit, well errr, needs some work. I do have a full Total Uninstall log if you are interested. Regards, Pieter
If you think the uninstall log would help, that would be nice, although after the CNet reviews, I'm a little uneasy about downloading Ad Nuker.
OK. Here goes. Have fun. 'AdNuke' wijzigingen Total Uninstall, 3-12-2003 20:25:05 Deze Computer =============== filessysteem =============== (MAP) H:\Documents and Settings\Pieter (*)(file) ntuser.dat.LOG 20:11 03-12-03 1024 bytes ==> 20:13 03-12-03 1024 bytes (+)(MAP) H:\Program Files\Ad Nuker (+)(file) mfc42.dll = 11:00 23-08-01 995383 bytes (+)(file) msvcrt.dll = 11:00 23-08-01 322560 bytes (+)(file) shlwapi.dll = 11:00 23-08-01 397824 bytes (+)(file) unins000.dat = 20:13 03-12-03 4392 bytes (+)(file) unins000.exe = 23:00 16-07-03 76959 bytes (+)(MAP) H:\Program Files\Ad Nuker\App (+)(file) AdNuker.ini = 15:19 28-05-03 274 bytes (+)(file) AdNukerAutoBlock.js = 11:29 28-05-03 1712 bytes (+)(file) BROWSER.INI = 11:29 28-05-03 150 bytes (+)(file) Mail Spam Filter.exe = 11:50 18-09-03 163840 bytes (+)(file) NukerBand.dll = 11:31 28-09-03 131072 bytes (+)(file) Popup.exe = 11:50 18-09-03 172032 bytes (+)(file) Settings.ini = 11:19 27-08-03 2675 bytes (+)(MAP) H:\Program Files\Ad Nuker\App\Ad Nuker Help (+)(file) Help.chm = 09:59 22-07-03 1892942 bytes (+)(MAP) H:\Program Files\Ad Nuker\App\Flags (+)(file) DEFAULT.BMP = 21:54 28-04-02 822 bytes (+)(file) Deutsch.bmp = 16:32 04-09-03 822 bytes (+)(file) English.bmp = 21:54 28-04-02 822 bytes (+)(file) Francais.bmp = 16:31 04-09-03 822 bytes (+)(file) Italiano.bmp = 16:31 04-09-03 822 bytes (+)(file) Spanish.bmp = 16:33 04-09-03 822 bytes (+)(MAP) H:\Program Files\Ad Nuker\App\hosts (+)(file) HOSTSD = 15:10 28-05-03 753 bytes (+)(file) HOSTSE = 15:09 28-05-03 436726 bytes (+)(MAP) H:\Program Files\Ad Nuker\App\Language (+)(file) Deutsch.ini = 17:16 04-09-03 24424 bytes (+)(file) English.ini = 17:14 04-09-03 12651 bytes (+)(file) Francais.ini = 17:15 04-09-03 14554 bytes (+)(file) Italiano.ini = 17:15 04-09-03 13817 bytes (+)(file) Spanish.ini = 17:15 04-09-03 28080 bytes (+)(MAP) H:\Program Files\Ad Nuker\App\Sounds (+)(file) Default.wav = 13:00 18-08-01 9306 bytes (+)(file) Sound1.wav = 12:09 07-02-02 2882 bytes (+)(file) Sound10.WAV = 07:00 23-08-01 1876 bytes (+)(file) Sound11.WAV = 07:00 23-08-01 3330 bytes (+)(file) Sound12.WAV = 07:00 23-08-01 8932 bytes (+)(file) Sound13.WAV = 07:00 23-08-01 9022 bytes (+)(file) Sound14.WAV = 07:00 23-08-01 3408 bytes (+)(file) Sound15.WAV = 07:00 23-08-01 6742 bytes (+)(file) Sound16.wav = 07:00 23-08-01 1192 bytes (+)(file) Sound17.wav = 02:00 23-11-99 6674 bytes (+)(file) Sound18.wav = 02:00 23-11-99 4636 bytes (+)(file) Sound19.WAV = 00:37 11-07-97 1758 bytes (+)(file) Sound2.wav = 04:35 16-11-00 6632 bytes (+)(file) Sound20.WAV = 02:00 23-11-99 2650 bytes (+)(file) Sound21.WAV = 02:00 23-11-99 2650 bytes (+)(file) Sound22.wav = 23:45 26-04-01 2578 bytes (+)(file) Sound23.WAV = 16:55 26-05-00 4028 bytes (+)(file) Sound24.wav = 21:10 10-06-98 4368 bytes (+)(file) Sound25.WAV = 16:57 26-05-00 616 bytes (+)(file) Sound26.wav = 20:27 10-09-01 2410 bytes (+)(file) Sound27.WAV = 16:57 26-05-00 4290 bytes (+)(file) Sound28.wav = 20:27 10-09-01 3891 bytes (+)(file) Sound3.wav = 20:27 10-09-01 8122 bytes (+)(file) Sound4.WAV = 07:00 23-08-01 890 bytes (+)(file) Sound5.WAV = 07:00 23-08-01 4296 bytes (+)(file) Sound6.WAV = 07:00 23-08-01 3002 bytes (+)(file) Sound7.WAV = 07:00 23-08-01 7376 bytes (+)(file) Sound8.WAV = 07:00 23-08-01 7306 bytes (+)(file) Sound9.WAV = 07:00 23-08-01 8650 bytes Register =============== (+)(REG key) HKEY_CLASSES_ROOT\NukerBand.NukerBandObj (+)(REG value) (standard) = 'Ad Nuker' (+)(REG key) HKEY_CLASSES_ROOT\NukerBand.NukerBandObj\CLSID (+)(REG value) (standard) = '{459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A}' (+)(REG key) HKEY_CLASSES_ROOT\NukerBand.NukerBandObj\CurVer (+)(REG value) (standard) = 'NukerBand.NukerBandObj.1' (+)(REG key) HKEY_CLASSES_ROOT\NukerBand.NukerBandObj.1 (+)(REG value) (standard) = 'Ad Nuker' (+)(REG key) HKEY_CLASSES_ROOT\NukerBand.NukerBandObj.1\CLSID (+)(REG value) (standard) = '{459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A}' (+)(REG key) HKEY_CLASSES_ROOT\CLSID\{459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A} (+)(REG value) (standard) = 'Ad Nuker' (+)(REG key) HKEY_CLASSES_ROOT\CLSID\{459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A}\InprocServer32 (+)(REG value) (standard) = 'H:\WINDOWS\System32\NUKERB~1.DLL' (+)(REG value) ThreadingModel = 'Apartment' (+)(REG key) HKEY_CLASSES_ROOT\CLSID\{459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A}\ProgID (+)(REG value) (standard) = 'NukerBand.NukerBandObj.1' (+)(REG key) HKEY_CLASSES_ROOT\CLSID\{459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A}\Programmable (+)(REG key) HKEY_CLASSES_ROOT\CLSID\{459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A}\TypeLib (+)(REG value) (standard) = '{681B17AD-3259-4a98-BCAD-F944777FBA21}' (+)(REG key) HKEY_CLASSES_ROOT\CLSID\{459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A}\VersionIndependentProgID (+)(REG value) (standard) = 'NukerBand.NukerBandObj' (REG key) HKEY_CLASSES_ROOT\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851} (*)(REG value) (standard) 'Font Property Page' ==> 'Eigenschappenvenster voor lettertypen' (REG key) HKEY_CLASSES_ROOT\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 (*)(REG value) (standard) 'H:\WINDOWS\System32\MFC42.DLL' ==> 'H:\PROGRA~1\ADNUKE~1\mfc42.dll' (REG key) HKEY_CLASSES_ROOT\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851} (*)(REG value) (standard) 'Color Property Page' ==> 'Eigenschappenvenster voor kleuren' (REG key) HKEY_CLASSES_ROOT\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 (*)(REG value) (standard) 'H:\WINDOWS\System32\MFC42.DLL' ==> 'H:\PROGRA~1\ADNUKE~1\mfc42.dll' (REG key) HKEY_CLASSES_ROOT\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851} (*)(REG value) (standard) 'Picture Property Page' ==> 'Eigenschappenvenster voor figuren' (REG key) HKEY_CLASSES_ROOT\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 (*)(REG value) (standard) 'H:\WINDOWS\System32\MFC42.DLL' ==> 'H:\PROGRA~1\ADNUKE~1\mfc42.dll' (+)(REG key) HKEY_CLASSES_ROOT\Interface\{D11C05E9-1B0C-4590-88FA-5F56F9497437} (+)(REG value) (standard) = 'INukerBandObj' (+)(REG key) HKEY_CLASSES_ROOT\Interface\{D11C05E9-1B0C-4590-88FA-5F56F9497437}\ProxyStubClsid (+)(REG value) (standard) = '{00020424-0000-0000-C000-000000000046}' (+)(REG key) HKEY_CLASSES_ROOT\Interface\{D11C05E9-1B0C-4590-88FA-5F56F9497437}\ProxyStubClsid32 (+)(REG value) (standard) = '{00020424-0000-0000-C000-000000000046}' (+)(REG key) HKEY_CLASSES_ROOT\Interface\{D11C05E9-1B0C-4590-88FA-5F56F9497437}\TypeLib (+)(REG value) (standard) = '{1779ABFE-E061-47EC-9883-BDE13DACC1DA}' (+)(REG value) Version = '1.0' (+)(REG key) HKEY_CLASSES_ROOT\TypeLib\{1779ABFE-E061-47EC-9883-BDE13DACC1DA} (+)(REG key) HKEY_CLASSES_ROOT\TypeLib\{1779ABFE-E061-47EC-9883-BDE13DACC1DA}\1.0 (+)(REG value) (standard) = 'NukerBand 1.0 Type Library' (+)(REG key) HKEY_CLASSES_ROOT\TypeLib\{1779ABFE-E061-47EC-9883-BDE13DACC1DA}\1.0\0 (+)(REG key) HKEY_CLASSES_ROOT\TypeLib\{1779ABFE-E061-47EC-9883-BDE13DACC1DA}\1.0\0\win32 (+)(REG value) (standard) = 'H:\WINDOWS\System32\NukerBand.dll' (+)(REG key) HKEY_CLASSES_ROOT\TypeLib\{1779ABFE-E061-47EC-9883-BDE13DACC1DA}\1.0\FLAGS (+)(REG value) (standard) = '0' (+)(REG key) HKEY_CLASSES_ROOT\TypeLib\{1779ABFE-E061-47EC-9883-BDE13DACC1DA}\1.0\HELPDIR (+)(REG value) (standard) = 'H:\WINDOWS\System32\' (+)(REG key) HKEY_LOCAL_MACHINE\SOFTWARE\Ad Nuker (+)(REG key) HKEY_LOCAL_MACHINE\SOFTWARE\Ad Nuker\King (+)(REG key) HKEY_LOCAL_MACHINE\SOFTWARE\Ad Nuker\King\Nuker (+)(REG value) Banner Block = '0' (+)(REG value) Language = 'Dutch' (+)(REG value) Path = 'H:\Program Files\Ad Nuker\App' (+)(REG value) Popup Observer = '1' (+)(REG value) Show Toolbar = '1' (+)(REG value) Sound Alert = '1' (+)(REG value) Sound Path = 'H:\Program Files\Ad Nuker\App\Sounds\Default.wav' (+)(REG value) Today Count = '' (+)(REG value) Total Count = '0' (+)(REG value) Weekly Count = '' (REG key) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG (*)(REG value) Seed ...]g`..yK..d...P.{.....X...p...mY.i.$XU.vG7..R6.Ru.....H....-................0. ==> ...#.B.....v...h...(.VL[@..."...n..1.X...".z...V,.6.W]0.(6..._.5....29......4r\. (REG key) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar (+)(REG value) {459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A} = (lege data) (REG key) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent (*)(REG value) LastTaskRun ................ ==> ................ (+)(REG key) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A} (REG key) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs (added) (REG value) H:\Program Files\Ad Nuker\mfc42.dll = 1 (added) (added) (REG value) H:\Program Files\Ad Nuker\msvcrt.dll = 1 (added) (added) (REG value) H:\Program Files\Ad Nuker\shlwapi.dll = 1 (added) (added) (REG value) H:\WINDOWS\System32\MFC42D.DLL = 1 (added) (added) (REG value) H:\WINDOWS\System32\MFCN42D.DLL = 1 (added) (added) (REG value) H:\WINDOWS\System32\MSVCRTD.DLL = 1 (added) (+)(REG key) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ad Nuker_is1 (+)(REG value) DisplayName = 'Ad Nuker 3.85' (+)(REG value) HelpLink = 'http://www.adnuker.com' (+)(REG value) Inno Setup: App Path = 'H:\Program Files\Ad Nuker' (+)(REG value) Inno Setup: Icon Group = 'Ad Nuker' (+)(REG value) Inno Setup: Setup Version = '4.0.5-beta' (+)(REG value) Inno Setup: User = 'Pieter' (+)(REG value) Publisher = 'AdNuker.Com' (+)(REG value) UninstallString = '"H:\Program Files\Ad Nuker\unins000.exe"' (+)(REG value) URLInfoAbout = 'http://www.adnuker.com' (+)(REG value) URLUpdateInfo = 'http://www.adnuker.com' (REG key) HKEY_USERS\S-1-5-21-1844237615-1563985344-854245398-1003\SessionInformation (*)(REG value) ProgramCount 7 ==> 3 (+)(REG key) HKEY_USERS\S-1-5-21-1844237615-1563985344-854245398-1003\Software\Microsoft\Internet Explorer\MenuExt\&NukerBand Serach (+)(REG value) (standard) = 'res://H:\WINDOWS\System32\NUKERB~1.DLL/MENUSEARCH.HTM' (+)(REG value) Contexts = . (REG key) HKEY_USERS\S-1-5-21-1844237615-1563985344-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings (+)(REG value) ProxyServer = 'http=AdNuker:8100' (*)(REG value) ProxyEnable 0 ==> 1 (*)(REG value) ProxyHttp1.1 0 ==> 1 (REG key) HKEY_USERS\S-1-5-21-1844237615-1563985344-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections (*)(REG value) ADSL <................................................... ==> <...............http=AdNuker:8100................... (*)(REG value) DefaultConnectionSettings <...................localhost............0../............P<.......... ==> <...............http=AdNuker:8100........0../............P<.......... (*)(REG value) MxStream <................................................... ==> <...............http=AdNuker:8100................... (REG key) HKEY_USERS\S-1-5-21-1844237615-1563985344-854245398-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\280\Shell (*)(REG value) ScrollPos800x600(1).y 1217 ==> 4074 (REG key) HKEY_CURRENT_USER\SessionInformation (*)(REG value) ProgramCount 6 ==> 3 (+)(REG key) HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&NukerBand Serach (+)(REG value) (standard) = 'res://H:\WINDOWS\System32\NUKERB~1.DLL/MENUSEARCH.HTM' (+)(REG value) Contexts = . (REG key) HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings (+)(REG value) ProxyServer = 'http=AdNuker:8100' (*)(REG value) ProxyEnable 0 ==> 1 (*)(REG value) ProxyHttp1.1 0 ==> 1 (REG key) HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections (*)(REG value) ADSL <................................................... ==> <...............http=AdNuker:8100................... (*)(REG value) DefaultConnectionSettings <...................localhost............0../............P<.......... ==> <...............http=AdNuker:8100........0../............P<.......... (*)(REG value) MxStream <................................................... ==> <...............http=AdNuker:8100................... (REG key) HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\Bags\280\Shell (*)(REG value) ScrollPos800x600(1).y 1217 ==> 4074 (REG key) HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache (+)(REG value) H:\DOCUME~1\Pieter\LOCALS~1\Temp\is-6U0NF.tmp\is-0THGV.tmp = 'is-0THGV'
I'm sorry to have made you go to the trouble of doing that. I think I'll just keep looking. Until the suspected exploit or hijacker is discovered and fixed, I'll be using something else. I also noticed it was shareware last month, but not anymore.
