WordPress allowing spyware to be installed?

No sites related to WordPress are installing any spyware. My guess is one of the following:

A) You run something like AOL instant messager, which allows spyware in because its built in browser is IE and it allows spyware through.

B) You’re on an unupgraded windows box not behind a firewall or router. The average time for a computer to be compromised is about 12 minutes.

C) You got spyware in the past and your spyware removal programs are not doing their job entirely correctly.

I just ran Spybot S&D. I don’t run it real often, because I never really have any problems since I pay a great deal of attention to WHERE I go online…. last time I ran it was a couple of days back after I installed something new (my usual mode/op), and I had nothing there to “fix” – not one thing.

I spend a lot of time with wp and here at support. I hit the codex when I need something specific – at least once a week, sometimes more often.

After just now running Spybot (latest updated version, btw), I have no spyware, no adware, no malware. So I don’t think it’s wordpress…. you probably need to look somewhere else. Whatever is doing this may have been on your machine before you ever installed wp.

I also just ran Adaware from Lavasoft: nothing there either.

IE (and anything that relies on IE for it’s HTML rendering engine) is sadly extremely vulnerable to various nastiness.

Masquarade is right on all accounts. Nothing WP related is installing spyware. The other 3 scenarios pointed are all highly likely sources of infection.

Now that you’ve heard this on two threads, I hope you realize the problem is only in your machine, so we can get back to WP business.

Any banner ad and any popup ad that you run across while using Internet Explorer may install spyware. WordPress, and the sites on www.ads-software.com do not install spyware.

note that some programs show >cookies< as spyware, which they aren’t. it’s a fallacy that’s continuing to undermine legitimate sites’ ability to track and aid your use of their content.

-d

Most of the more insidious spyware is very good at *reinstalling* itself. The detection tools are often a step or two behind the malware writers. AdAware, Spybot and the like will happily detect and remove the visible signs of infection, but they can miss the little hooks in the registry that reinstall the malware on the next restart (or sooner in some cases).

Microsoft’s AntiSpyware Beta (bought in from Giant) sometimes does a better job. And sometimes nothing works other than wiping the machine.

@davidchait – most scanners show tracking cookies from known advertising sites as potential problems rather than cookies in general. Users can then make their own decisions about whether to delete them or not. So doubleclick’s cookies will be flagged up, but amazon’s won’t be, for example.

(I spend *far* too much time cleaning up infected PCs….)

As has been said, WP has nothing bad in it.
But for those needing help – in case you land here – go to these forums and be VERY patient. I have known a response take 3-4 days – but your choice is a full reinstall. Take your pick.

https://forums.spywareinfo.com/
https://forums.tomcoyote.org/
https://boards.cexx.org/

Microsoft’s tool has also been questioned as it now lets ad-ware through unless you know exactly what it is (and most people will not)
https://www.neowin.net/forum/lofiversion/index.php/t341288.html