New Morpheus Contains Spyware
 

Short story: I have found that Morpheus Preview Edition (the new version
of Morpheus) contains spyware which launches everytime Internet Explorer
is invoked.

Long story: I noticed that Internet Explorer was being very slow to
launch as of a few days ago. I also noticed that my computer's webserver
logs contained an odd line, which seemed to coincide with my Internet
Explorer launches:

05:05:40 127.0.0.1 HEAD /bpboh.dll - 404 162 150 0 HTTP/1.1
rdxrDLL;SID=b0000001;DllVers=1.0.0.0

I decided to a bit of digging. I first confirmed that this hit to my
local webserver does occur each time Internet Explorer is launched. Then, I launched File Monitor (free tool from www.sysinternals.com) to see
what files IE was launching at startup. Turns out it was running this
bpboh.dll file:

12:07:48 AM IEXPLORE.EXE:1208 IRP_MJ_CREATE
D:\WINDOWS\bpboh.dll SUCCESS Attributes: N Options: Open

Interesting. So I decided to rename the file to hide it. Launching
Internet Explorer again did not cause my webserver to log the "bpboh.dll"
hit.

Next I examined the bpboh.dll file, and found all sorts of curious
references in it: one to "BuyersPort" (the 'Shop' page on the new
Morpheus), a few to Barnes and Noble, Sephora, and two very curious ones:

www.rdxrp.com - visiting this site takes you to Morpheus' Homepage

"morph" - possible a reference to Morpheus?

I then went to the Morpheus directory, and saw that the installer log left this behind

RegDB Key: SOFTWARE\rdxr
RegDB Val: 1.3.3.1
RegDB Name: mv
RegDB Root: 2
RegDB Old: 1.3.3.1
Self-Register: D:\WINDOWS\bpboh.dll
User Rights: Admin

Clearly, this means that Morpheus is installing Spyware.

Please announce this on your website, and also tell people that they can delete the spyware simply by deleting the bpboh.dll. It may also be a good idea to search through the registry for references to bpboh.dll and delete them; though only experienced users should do that.

Info on Scumware in Morpheous
 

There is an article on slashdot.org about this. Here's the link:
http://slashdot.org/article.pl?sid=0...99&threshold=3

Microsoft added a great feture to Internet Explorer to make it easy to install "helper" programs. Thank you Microsoft, oh joy joy joy.

What this nifty little "helper" does is watch every address you go to. If you try to go to certain sites it invisibly bounces you off of a MusicCity server so that when get where you are going it lists MusicCity as the refferer. MusicCity gets paid for every person they reffer.

Not only is this NOT something you want, not only does this slow browsing, not only does this make some systems unstable, not only are MusicCity's advertizing affiliates are getting screwed paying for visitors that they would have gotten anyway for free, but MusicCity is STEALING the payments that should have gone to the actual reffering page.

I *was* planning to stick with MusicCity because they really seemed like the goodguys. F*CK that. I am now downloading the normal NON-MusicCity version of Gnutella. I just need to figure out which one :)

-Alsee

And you still use Morpheus, and you still use Microsoft products.
YOU ARE THE PROBLEM!

Re: Info on Scumware in Morpheous
 

Just go download Gnucleus. Basically Morpheus used the Gnucleus code base to create their "Preview Editions" (because Gnucleus is open source). In fact, aside from a few obvious differences in the interface (button bars, a couple menu items, etc.), the Morpheus Preview Edition is basically a Gnucleus clone.

[Edit:] Oh and I forgot to mention Gnucleus doesn't have any spyware.

Suspicious File
 

I also found another file that gets downloaded. It's hidden in your windows\temporary internet files folder. Just do a find file for travelerredirect(1).xml

I believe this is the file that swipes affiliate commissions and credits the music city or buyersport account! Very underhanded tactics.

;) You got a point there.

Re: New Morpheus Contains Spyware
 

From the Morpheus web site, "We remain committed to providing you with a free software without spyware. " :o

Clearly someone is full of Sh** and I don't think it is Unregistered.

morpheus preview edition is loaded with spyware and so is Grockster
I only ran Ad-Aware as an afterthought
wow-now I'm glad I did
Limewire is spyware free ( I haven't upgraded that one either)and the older version of Bearshare too

morpheus preview edition is loaded with spyware and so is Grokster
I only ran Ad-Aware as an afterthought
wow-now I'm glad I did
Limewire is spyware free ( I haven't upgraded that one either)and the older version of Bearshare too

Just for the record, I have a slightly earlier version of the Morpheus Preview Edition that doesn't have spyware in it. In fact, I wouldn't be surprised if Music City actually released the latest Morpheus PE with the only change being that they've added the spyware components... I don't suspect them to spend time issuing bug fix releases if they're moving away from Gnutella once they release version 2.0.

As for LimeWire, the newest versions certainly do have spyware except if you purchase LimeWire Pro. I know Ad Aware doesn't actually pick up some of the components that LimeWire uses (I use Ad Aware myself). My guess is that it's because Ad Aware doesn't bother to scan for Java applications... but that's only my guess.