Zango Confirmed Sponsors List

[Linkster]

Just so that there is some basic understanding here:
First zango does run an affiliate program of their own called zangocash - which allows affiliates to make money off of installs
They also work with publishers/sponsors to provide content based on keyword searches and highlighting certain words on a web page
On top of that they work with anyone that will bid on certain search terms PPC which is where I think sponsors are most vulnerable - I can sign in right now and bid on cams dot com - and put my own ad on the surfers browser even if Im not cams dot com - I can also pop any other aff programs ad for that PPC ad - so if I were say promoting another personals/cams program I could pay to have their console with my aff code show up
Second - Zango is a small part of a much larger problem - there are somewhere around 400 programs that do this same thing - while zango has received a lot of attention because of their recent myspace attention - the ad I saw said basically "to view adult content on myspace - click here" which then installed zango - and explains part of the high rate of installations recently

As far as the idea of redirecting to a removal page - I have two problems - while we should be informing surfers - which is easy to do with a java popbox and a link imbedded in that box to take them somewhere to remove it
We should not be trying to sell them off to a removal program as most of those also install another program/toolbar
We also should not be pushing most of these removal programs as they also block cookies which defeats a good 50% of the affiliates we do use normally

Just some things to start thing about

[virgohippy]

Quote:

Originally Posted by Linkster

Zango is a small part of a much larger problem - there are somewhere around 400 programs that do this same thing

Time to form our own organization to combat these sorts of threats as they arise?

Could start with a group responsible for handling and verifying anonymous tips (seems to work well with the ASACP?), another group deals with technical/creative solutions to the threat, and a third disseminates information to all parties concerned about how to deal with threat.

Obviously this sort of problem isn't going to go away if/when Zango's tamed... so why not lay down the groundwork now and create a system which treats it as such? The collaboration of ideas here, now, is really refreshing, but a more permanent system might be more efficient in the long run.

I nominate myself as the official whipping boy!

Just gotta think about funding now... money is a great motivator, afterall.

And Jim I think you make a good point about not turning this into a money making scheme to exploit the surfers. It's not in our best interest to turn them off from our valiant efforts to make the web a safe and fun place because of short sighted thinking... like the people at Zango practice.

[u-Bob]

Quote:

Originally Posted by Jim

Scare the shit out of the surfer by saying these people now know where you have been and what you are doing. And then give them a way to uninstall the toolbar. Also, recommend some anti adware software for future attacks.

Be carefull what kind of anti-adware programs you recommend/promote. Most of them block/delete cookies, so promoting them = shooting yourself in the foot.

(a good one: Spybot S&D: http://www.safer-networking.org/)

[Jim]

Yeah, I'm not talking at all about this being a money making deal. All I want to do is to educate the surfer. I don't think a popup is going to do the job. If they have zango installed, they are used to popups already. They were probably used to them before. This has to be a big surprise to them. Like I said, with zango installed, you are not going to make money from them anyway...so why not redirect them to a page that explains what has been done to them. Linkster, I have seen the same list of adware programs out there. So, we need to let them know that all cookies are not bad cookies. There is plenty of good software out there that will allow non-malicious cookies to be installed while stopping adware programs.

Right now, the issue is zango. We have a step by step guide on how to remove zango here.

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zanu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Zango [application name]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E5B57AB3-15F8-43A2-ABAC-3E58A9C25818}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21B4ACC4-8874-4AEC-AEAC-F567A249B4D4}
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Control\LoginSessionDisable=1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\[game name]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zango [application name]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zanu
HKEY_LOCAL_MACHINE\SOFTWARE\zanuHKEY_CURRENT_USER\Software\zanu
Help: how to remove registry entries

Delete files:
installershell.exe, zangoinstaller.exe, zanu.exe

Delete directories:
C:\Program Files\ZangoClient
C:\Program Files\Zango Applications
C:\Program Files\Zango Games
C:\Documents and Settings\[Current User]\Application Data\Zango [application name]
C:\Documents and Settings\[Current User]\Start Menu\Programs\Zango
C:\Documents and Settings\[Current User]\Start Menu\Programs\Zango Games

Misc:
[application name] is a name of a program installed by ZangoSearch.
[game name] is a name of a computer game installed by ZangoSearch.

We can just put those instructions on a page and offer unpaid links to good anti adware software. We can even have a single hosted page on it's own domain someplace that everyone trusts with a cool Anti-Zango and a circle with a line across it. And then at the bottom of the page, a "Back to the Page You Were On" link.

As other adware programs pop up that hurt this business, we can add the same type of pages that will give instructions again.

Above all, like most things...education is the key to this problem.

Now, if some programmer can come up with a way to do this with software that can be easily edited when the time is needed for other software, that would be great.

[GonZo]

Count Oprano in on support as well.

Post the list and I will do what I do best.

PISS!

[Jim]

I wish that were true tickler but they were suied by both bestbuy and netflix and won. It appears by zango telling the surfer what they are doing, they have themselves covered.

[jayeff]

I imagine that quite a few people run phpAdsNew or banner rotation scripts with similar features. One such feature is to block/display promos according to user agent (ZangoToolbar) which can be useful in this particular fight.

Estimates as to how many PC's are infected with scumware seem to be running from about 0.5% to 3% for Zango alone (and there are 20+ similar scumware installers). That represents a heck of a lot of surfers, although obviously leaves room for overkill. I have seen some people suggesting blocking/redirecting infected surfers completely and I think that definitely qualifies. I'm dubious about the effectiveness of most of the warnings suggested, because they not only require the surfer to believe you and care, but also he must copy a URL into an address bar (possibly the very one in which he was viewing your site).

The point is that not every promo on a page is going to make a popover appear, therefore it seems like a good first step to install scumware on a spare PC and check your sites to see which promos are affected. Then either swap them for others which are not, or if you have the right banner software, set it to show "infomercials" in place of affected promos to infected visitors.

Written to sound sincere and not as if they are selling something or offering something as bad, they could be as effective as alerts and I suspect if someone has voluntarily clicked a link, he will be more likely to follow the suggestions made on the page to which you send him.

[KG Gary]

I think I'm stating the obvious, but using lots of well-known names to alert infected users would help a lot - names that surfers already trust.
"This is a critical security alert from insert lots of names here" followed by the important removal information.

[tickler]

Quote:

Originally Posted by Jim

I wish that were true tickler but they were suied by both bestbuy and netflix and won. It appears by zango telling the surfer what they are doing, they have themselves covered.

I believe that only concerned the installs on the surfers PCs, and maybe sponsor trademarks. I was thinking when I wrote that more along criminal lines like fraud/theft. To me it should be as simple as calling the cops, but, I suppose since they are in the US that a ciminal lawyer from there could give you better ideal.

Will76 posted a screen shot(showing a zango affiliates PPC page) on another board showing some of the sponsor targeting. Hope nobody uses dating/cams sponsors much.
http://board.adultinsider.com/showpo...6&postcount=26

I don't see a lot of sponsors posting, maybe they just consider it a wash whether they pay one affiliate or another as long as they still get traffic and sales. There was a post over on B&B explaining that all the sponsors typein traffic/upsells could also be targeted. Instead of making 100% off a typein sale, they can end paying a zango affiliate the 50-60%/$30-35 instead.


Some additional links:
What we learned about 180solutions (aka Zango & MetricsDirect)
http://www.spywarewarrior.com/elh/180-summ.htm

A whole sub-forum about Zango:
http://forum.abestweb.com/forumdisplay.php?f=173
or click up one level for a bunch more sub-forums about other shitware.
http://forum.abestweb.com/forumdisplay.php?f=161

[plateman]

ok I got zango on my pc for most of the day and cams.com and AAF advertises on zango... I got rid of AAF and long time ago anf dont use the other

zango has there own search eng built into there bar and if you type in porn there's only 25 sponsored results with the above 2 in there and the others I have never heard of....and there are no others...

I tryed various pay links on my LL and a few of my free sites and have yet to get zango pop over another ad.... BUT zango can control it all from there servers...

also I wouldnt doubt a lot have pulled out of zango after the zango thing first came up to protect themselfs

[Greenguy]

Quote:

Originally Posted by plateman

ok I got zango on my pc for most of the day and cams.com and AAF advertises on zango... I got rid of AAF and long time ago anf dont use the other...

Aren't they the same program?

[plateman]

GG I couldnt tell you, and also I checked all my pay links on my webcam category and never got any ads popped over any of them...

also I clicked to your cam page and got the warning

I could bet that they shut there stealing down till they get off the hot seat or wiped off the web, who the hell is gonna steal now when everybody is watching them

[MrYum]

Quote:

Originally Posted by plateman

ok I got zango on my pc for most of the day and cams.com and AAF advertises on zango... I got rid of AAF and long time ago anf dont use the other

zango has there own search eng built into there bar and if you type in porn there's only 25 sponsored results with the above 2 in there and the others I have never heard of....and there are no others...

I tryed various pay links on my LL and a few of my free sites and have yet to get zango pop over another ad.... BUT zango can control it all from there servers...

also I wouldnt doubt a lot have pulled out of zango after the zango thing first came up to protect themselfs

Well done on installing the booger Plateman

I'm planning on doing the same in the next couple days...just to tour around and then see how hard it is to remove it.

Yea, I'd suspect they've turned things down since the defecation hit the oscillator a few weeks ago.

[Jim]

I believe I found a removal tool
I am going to get a page setup that warns the surfer that they have been infected and place a link to the removal tool after I install zango and see if it truly removes it.
Here is the tool...just in case someone already infected can check it out first.
http://411-spyware.com/remove/zango-toolbar/

[Jim]

Nevermind...it wants to get rid of cookies as well.

[Jim]

I am also thinking of including many quotes from anti-adware/spyware blogs and trusted sites. I have been doing a ton of research and have read a lot of things that just make me scratch my head. Zango actually started a lawsuit against Zone Alarm. Zone Alarm doesn't know why it ended but...DAMN.
http://download.zonelabs.com/bin/fre...2006/pr_1.html

This looks like a perfect quote from Zone Alarm
"Zango is attempting to monitor user activities on your computer. If allowed it may try to track or log keystrokes (user input), mouse movements/clicks, Web sites visited, and other user behaviors."

[babymaker]

Here's the businessweek article that was on the frontpage a month or so ago about the spyware companies, they are all in NYC in a loft:

http://www.businessweek.com/magazine...tm?chan=search

they have a few more articles now

[MrYum]

Excellent to see that so many are coming out to find ideas of how to deal with this issue

I'm about to start up a business locally...going into peoples homes to clean and secure their systems, then educate them a bit on why this happened and how to avoid it in the future. So, I probably won't have much input here...as I'm busier than a one legged man in an ass kicking contest as it is. But, I will be following these threads and contributing when possible

On that subject, be careful of linking to or suggesting spyware removers...unless it happens to be a major player in the spyware scanner market. Recent research has confirmed something I ran into several months ago on someones system. Some of these new spyware removers are spyware or ransomeware themselves

I have no idea of the ownership of the 411 spyware link you posted Jim, but that site looks pretty spammy and the domain was just registered in June...I'd be very skeptical of downloading their product.

Zone Alarm has been around for years, but I've always found and confirmed as recently as this weekend that it still slows a system...especially on reboot. Also, its real claim to fame is that it blocks outbound unknown connections. While that may sound impressive, personally I think at that point the battle is lost...as the infection is already on the machine...obviously having gotten past the ZA firewall.

Personally, I believe that a solid reputable spyware scanner/virus scanner/software firewall and hardware firewall are all that's needed to keep a system clean. Of course, combined with some education on the do's and don't's of computing. It's not unlike driving a car, surfers need to learn how to use their computers safely. Which is why I'm going to start a sideline business...from the research I've done locally, I think I'm gonna be very VERY busy!

[Jim]

The page is actually promoting nothing. As more adware software is found and we have an htaccess file for it, I will make a new directory with removal instructions.

For now, this is what I have
http://www.adwaresucks.com/zango/
You can pick up the htaccess file here.
http://www.adwaresucks.com/zango/zangohtaccess.txt

Use it if you would like. I will make a few changes but nothing that will ever hurt your traffic.

[Papa]

Guys, sponsors using hardlink code should be ok ?

I mean http://www.bigtitswhatever.com/reseller1/ can't be changed ?

Hummm shit forget about it, i think they can change it, damn

[Thumb Angels]

anyone using the free traffic script clickzs (www.clickzs.com) now support zango as well.

Users must add their button on its sites and the button now links to zango

PHP Code:

http://www.hit-now.com/l.php?id=1&pos=69&b=1621s&goto=http%3A%2F%2Fcds.zango.com%2Fdownload.aspx%3FId%3Dbf265f33e036180a63a59605e92345b3406ae13a26575e43dc73a200d593bf75a7004a5dd166693f1f33285651b319bb0ee6be4160b2fa 


[pigbait75]

I've only been a webmaster a few months I'm a newbie but before i became a wm i was an avid porn surfer of course now knowing all the little tricks wm are not suppossed to use but still do i dont go near internet porn. my point is most surfers dont even know what adware and scumware
or any of that is. hell im only learning what this stuff really does now.
when i was a surfer if i saw a pop up saying somthing needed to be installed to view porn i would go somewhere else. but alot of surfers want thier porn so their gonna let it download a toolbar or whatever else is asked if they think theier gonna see porn.lets face it your average porn surfer doesnt care whos getting the money they spend as long as they get what they want. so how do we change that?
i dont know but maybe some of you wm who have been in the biz for awhile might have and idea. if we look at this problem from the surfers side. as far as there concerned there isn't a problem theye are still getting their porn.

[Greenguy]

Quote:

Originally Posted by pigbait75

I've only been a webmaster a few months I'm a newbie but before i became a wm i was an avid porn surfer of course now knowing all the little tricks wm are not suppossed to use but still do i dont go near internet porn...

Zango has been around for 3 or 4 years - it's just in the last few months that the adult/porn side of things has come up (meaning that for 3 years, they were on mainstream sites that I assume you feel safe to surf)

Hell - look at AOL - their adware removal thing removes everything but their own adware, where pretty much ever other adware removal program out there considers AOL's adware as something they'd remove.

Please don't think this is an adult/porn thing - it's an internet thing. Jim can prove it by all the mainstream interview requests he's gotten in the last 10 days.

[Jim]

That was how one of the last interview requests kind of starts. "Question Number One: Why is it that it took until zango hit the adult world before anyone has tried to stop it?"

The next question is kind of troubling and I'm not really sure how to answer it.
"What is it that you have against programs already available that points out cookies to the user?"

[quest]

Quote:

Originally Posted by Jim

That was how one of the last interview requests kind of starts. "Question Number One: Why is it that it took until zango hit the adult world before anyone has tried to stop it?"

The next question is kind of troubling and I'm not really sure how to answer it.
"What is it that you have against programs already available that points out cookies to the user?"

Hey Jim,

Question one: Because adult webmasters work their ass off for very little money.

Question two: Nothing at all against programs that point out cookies, but programs that replace cookies to screw a fellow webmaster from his/her hard earned sells can not be tolerated and that needs to be said to the surfer that there is something on there computer that is used to steal from people.


I have added the htaccess redirect, though my traffic is no where near what LOR gets, but I figure every little bit helps.


Ben