• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Themexp.org Warning!!!!!!!!!

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
theMonster

theMonster

Disabled
Joined
Jul 22, 2004
Location
At the pub
fldrice said:
The theme is called "dosxaqua" (.msstyle) and I use objectdock. As for the icons, it's a combination between the original panther and snowe icon sets.
Click to expand...


WARNING!!!!

I downloaded this from ThemeXP.org and it was FULL of spyware. MS Spyware detector got it and deleted it but it hosed my XP installation, LAN adapter and Recovery points DO NOT DOWNLOAD AT ALL COSTS!!!! Repair of XP did not work, just reinstalled an now have to reregister and reinstall EVERYTHING
 
Really sorry to hear about that...I have Spybot S&D, Spyware Sweeper, SpywareGuard, and SpywareBlaster running on my current system, and neither one detected any threats when I downloaded the theme. I'll even attach my copy of the theme for anyone to verify, I'm almost positive that the theme doesn't contain any malware. Monster, what internet browser did you use at the time of the infection? Again, really sorry about what happend. :(
 

Attachments

  • DosxAqua.zip
    166.7 KB · Views: 117
Last edited:
theMonster said:
WARNING!!!!

MS Spyware detector got it and deleted it
Click to expand...

Now please do not misunderstand me or take things out of context.. But MS Spyware got my bitdefender antivirus and firewall also, this however does not make it Spyware. The reason your system very likely could not be repaired was that the application deleted major parts of your desktop shell relating to the theme.
The MS AntiSpyware application is currently in Beta... there are a already a growing number of applications and software which have been identified incorrectly as being spyware by this Application.
This situation is discussed on many reputable websites such as The register, while highly respected Spyware specialist sites such as spywareinfo or tomcoyote are not raving on about the application or even suggesting its use.

Are you certain that the theme contains malware, because like fldrice Ive tried it and it appears to be OK. Having said that NOW Ive only got.... Adaware SE Professional, Spybot S&D, Spyware Guard, Spyware Blaster, NoHosts and Bitdefender 8 Pro Plus registry and script control to help me. :D
 
Last edited:
Sorry, don't take what I said in the wrong context. I'm not blaming him AT ALL. I'm blaming the THEMEXP.ORG and yes I'm certain because I too run Spybot, MS spyware,spywareblaster and spysweeper as well. It found lots of crap as soon as the .exe was run. In fact it started asking me via VB windows if I wanted to install xyz toolbar, gain etc......I imediately did and end task and it didn't stop it, the spybot resident and spysweeper missed the boat but the MS spyware got it and deleted it. RIGHT after deleting it, my network adapter ceased operation and I tried EVERYTHING in order to get it back up. IT WAS HOSED!!!!! Rebooted and it wouldn't even go into XP. No safe mode, repair console didn't work and I had no choice but to reinstall. Now, it looks like it wiped out my iTunes files as well, so I'll have to copy them back over from the iPod. Now, I'll have to spend 2-3 hours tonight redownloading SP2 and reinstalling all my progs. I just wanted to send a warning to you guys to stay the HELL away from that site. I'm PISSED, but not at ANY of you guys. This is MY mistake, I just don't want anybody else to make it!!! I've got your back bros.

edit: forgot to mention, I use FireFox
 
Last edited:
Wait, you're telling us to stay away from the site just because one of the themes happen to contain spyware?

That's like me telling people to stay away from overclockers.com because I took some advice to overclock my CPU and now my computer won't start.

I'm sure it's just one of the themes, no need to avoid a perfectly legit site.
 
Wow,
This is new one to me. I always thought themeXP was a reasonably reputable site and that all submission were reviewed. If there is an issue they don't publish it. Have you contacted the site you are mentioning and seek package information on the file you got? I do know some sites do bundle other stuff into themes and packages for add-ons. It generally is listed though on reputable 3rd party theming sites. I never discount a warning though.
 
Yeah, I just had another look at the file and it says IN ORDER TO KEEP THEMES FROM THEMEXP.ORG FREE AND TO PAY FOR OUR OPERATING EXPENSES WE HAVE BUNDLED THE FOLLOWING SOFTWARE, Gain, some toolbar of some sort and several others. That's when I immediately did the end-task, but it was too late.....File name is 39150.exe can be found here.

http://www.themexp.org/listings.php?type=vs&cat=8&view=downloads

If you don't want to take my advice, then by all means do as thou wilt, it's your machine after all.
 
After rewriting this like 4 times (sounded to harsh for my taste). I went to the site and tried to confirm what I wrote about. My settings are lil to strange and I only get .php files. In that continued task, I browsed around looking for information on a public TOS or what is installed. I found nothing really.
I am going by memory.
If I remeber correctly it does say it has a bundle included before the download right? As you get ready to grab it? Or is it right before the install? Free is a good thing, but can bite you if your not diligent and don't have a good backup solution. I still say they are reasonably reputable, if I am correct with the mention of a bundle before pre-install. If I am incorrect then I retract it. I am sorry you got hit as hard as you did.
I believe UnseenMenace is right on track with saying a part of the shell got deleted. Due to you halting/stopping the task before completion. As it started to intergrate or modify your desktop shell. You did end the process while it was doing its thing, so the bundle didn't hose your OS. Stopping midway through might have. You had an incomplete/corrupt desktop shell. I hope this don't sound harsh, that is not my intention. I hope your repaired intall lasts forever :D.
 
yeah I launched the .exe then a VB window popped-up and it said the message I had above and do you want to install all of this BS spyware, press ok to continue, then there was no way to opt-out except for end-task. No x in the upper-right, no cancel just end-task. Viola! hosed!
 
I reviewed some older icon packages I have from that site. Yes it does say about a bundle, but I get an X.
I have installed their icon package under previous install and noticed no adverse affects or other browser anomolies. I am sorry you went through this. It does suck.
You could write them and see why there is no cancel or opting out on the install package. I could see if it was private file, but they include the package overtop the submission. So they have responsabilty for the contents. Worth a shot to see what is going on or submit a greivance with them.
 
Good idea, I shall. Too bad I can't get back the 3 hour pain in the *** that'll be restoring my system to it's previous state.
 
The theme file itself does not contain any spyware, the spyware you mentioned is in the package wrapper which is downloaded with the theme... However ThemeXP is completely transparent about this and even identify which themes have this package.

* This author has generously allowed us to wrap this file to help keep our costs down. Click Here for more information
Click to expand...

If you click the, click here button it take you to more detailed information. ThemeXP also has detailed information regarding the practices of the site in the privacy policy

Although you have my deepest sympathy regarding you current situation, the problem lays with the way in which ThemeXP distribute themes, rather than the themes themselves... Thanks for considering the forum community though its always good to discuss such things even if they do not help your situation.

As another consideration I personally set a restore point download the theme and wrapper, take the theme onto a thumb drive and just restore the system to the previous state thus removing the wrapper
 
Its also worth signing on with the NAI (Network Advertising Initiative) which is a cooperative group of network advertisers. That have developed a set of privacy principles, in conjunction with the Federal Trade Commission.

Basically you can obtain a cookie which stops certain companys rather than sites from giving you adware... Its a OPT OUT thing (when in reality it should be opt in)

http://www.networkadvertising.org
 
Yeah, I'm all good with the restore points too, but the spyware trashed my restore console, gave a gpf every time I tried to launch it. It's done now, so no crying over spilled milk. I just wanted you guys to be aware.

All done reinstalling, figuring out the mess of mydocuments folders was awful and itunes didn't want to behave properly. 4.5hrs on the dot....ugh
 
Last edited:
How is it I'm on the internet for 1-4 hours a day, and use my PC for another couple on top of that, and I haven't had a single virus or piece of ad/spyware in AGES!?? I don't even have a single continuously running ad/spybot program on my PCs, and virus protection is limited to my incoming email. :rolleyes:
 
You must log in or register to reply here.

Similar threads

c627627
How I modded my Windows 10 installation - How (not) to install Windows 10
Replies
2
Views
9K
c627627
c627627
c627627
How I installed CyanogenMod 13 on Galaxy S5 to get Android 6.0.1 Marshmallow
Replies
6
Views
8K
c627627
c627627
C
PROJECT LOG ROG Air 240
Replies
4
Views
1K
ChasBurkhart
C
c627627
How to install freeware antivirus Avira version 14
Replies
0
Views
1K
c627627
c627627
c627627
How (not) to mess w/ Galaxy S5 - last model with a removable battery & SD Card
Replies
0
Views
6K
c627627
c627627
Back