Lover Spy

Lover Spy is the first company I’ve seen to declare themselves “#1 choice in Spy-Ware Today.” Assuming “Spy-Ware Today” isn’t a morning news program with perky hosts, it looks like spyware creators are reclaiming their pejorative the way extreme geeks have in recent years.
More amusing is their delivery method:

Through our service, you compose and send your lover a normal-looking “Greeting Card” saying “I Love you” or a similar message. Because the e-mail appears to be a regular greeting card, the recipient will open the e-card and LoverSpy will be automatically and silently installed!
The program begins monitoring them IMMEDIATELY, there is no delay. It records and sends you all e-mails they view, including Hotmail, Yahoo, and Outlook emails.

Since this only works on Windows, I guess Linux geeks can cheat with impunity – assuming that they can find two members of the appropriate gender to sex them up. Also nice is how they’ve significantly lowered the barrier to entry for password grabbing, I love the idea of script kiddies being associated with the soccer mom stereotype. (via IP)

59 thoughts on “Lover Spy

  1. Sorry, this is a long post – I had to include quotes, so please bear with me.
    I’m not in the software industry or anything related – I work with intellectual property law, so forgive me if I sound naive here – but not only do they say they’re the #1 Software blah-blah, but they’re giving themselves fake endorsements.
    Today (9/23/03)I received an email solicitation from Lover Spy. Normally I just delete solicitations, but I was bored, and for amusement I looked at their website.
    They have a section with their glowing reports from outside sources, kind of a “this is what’s being said about us” thing, – comments by different publications or websites.
    I decided to check a couple of these sources…
    There was an “endorsement” allegedly by Spywareguide.com, verbatim:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    “Lover Spy can be installed from a remote location and does keystroke, screen shots, and sends this information back to the person spying. These guys are way over the top…
    send spyware as trojans attached to greeting cards… Can also be installed in the “usual” way.” – Spywareguide.com
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    So…I went to the Spywareguide site and can’t find the Loverspy anywhere!
    Next endorsement was from DCBAR.org. What Loverspy claims DCBAR.org says about them:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ” It’s as if someone invisible sneaked into the room where the computer user is and started watching everything the user is doing. Lover Spy is software that can be installed remotely through a special type of greeting card. You, the victim, receive what you think is a reunion invitation from an old buddy from law school and bingo! the software has been installed on your machine-without your even knowing it. Alternatively, the spy can forgo the greeting card and install the program from a floppy disk, but must first have physical access to that machine. Once the software is installed, in real time the spy begins receiving reports via e-mail about what the user of that machine is doing. E-mail, file sharing, chat room visits, screen captures, as well as passwords and the URL of every Web page into which they are entered, become readily accessible. It’s as if someone invisible sneaked into the room where the computer user is and started watching everything the user is doing. Perhaps the most amazing thing about this software is its price. At only $89 it isn’t especially cost prohibitive. It’s low enough that it’s reasonable to assume anyone who can afford a computer can also afford this software.” – DCBAR.org
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    So I went to dcbar.org, and actually found that language, in an article written entitled “Cyberspying” written by David Simms in January 2003. (See the site’s Tech Notes section)
    HOWEVER – the language was describing another program called “EmailPI”. Incredible!
    Neither reference listed any comments about “Lover Spy”.
    How can they get away with this crap?? Surely someone would have notified dcbar.org or spywareguide.com about this by now. I didn’t check any others. Any comments?
    Tami
    Seattle, WA

  2. OK, this spy Lover software looks ugly enough.
    Sounds sort of entertianing and possibly illegal.
    However not if it gets sent to you.
    Does nyone know how to find this damn thing if it is on your computer.
    Their claims seem to indicate that it can virtually never be found.
    Hmmm Maybe they intend to market the
    “find the spy-lover” software at a later date.

  3. I too received an email solicitation to purchase Lover Spy. I examined their spiel and clicked on the link to “greeting card questions” — I wanted to see what these e-greeting cards look like, so I’ll know if I’ve been had by one of them. There was an array of seven thumbnail renderings of their graphics, but the first one’s image didn’t appear; it was just a gray square. So I clicked on the link under it that said “Preview/Enlarge.”
    What happened next was alarming. A beautiful greeting card appeared on my screen. The image showed two cats in silhouette watching a sky that changed colors depicting the fading of daytime sky to nighttime sky, with the sun turning into a moon. Directions beside the image instructed, “Turn on your speakers, this card has music.” Well, my speakers are on, and there was no music, but I noticed my computer’s hard drive light was plenty busy.
    I believe that by clicking on that link, I initiated the installation of spy software on my computer. I fear that identity thieves may have constructed an elaborate hoax (involving actual software that they WILL sell you) primarily so THEY can have access to YOUR computer and the computer of your SPYEES. If the spy software tells YOU actual passwords entered by the person you’re spying on, it’s simple for them to use the same capability to get that information from you. Just by offering a product like this to the general public shows me that they care more about making money than about the sanctity of a person’s privacy. It’s not much of a leap to suspect that they aren’t above stealing money from people given the information with which to do it.
    My advice is that if you receive an email invitation to purchase Lover Spy, don’t click on anything. You can’t know what you’re getting into. Or what’s getting into your computer.
    As soon as I can, I’m going to log into all my accounts from another computer and change all my passwords. Do you think I’m being paranoid? I used to work in the intelligence community. The behaviors that are ESSENTIAL for keeping secrets (like passwords or national secrets) are what most ordinary people describe inaccurately and inappropriately with that clinical term.
    I’d like to hear others’ experiences with Lover Spy and/or its online marketing campaign.
    Peter

  4. After receiving an e-mail solicitation, I reported the website selling this program, along with an Australian affiliate, to FBI’s Computer Crime Division.
    Beware: knowingly sending Trojan horses to unsuspecting users is highly illegal, and not only the sellers, but also the buyers of this program can end up in a lot of trouble.
    Spreading viruses and Trojan horses in order to gain access to sensitive information can also be, depending on the chosen target, an act of terrorism.
    Finally – the e-mail address where the info is relayed remains buried in the buyer’s computer, open to forensic analysis. Unlike regular Trojan horses which may be unintentionally distributed, this program is sold via credit card – which proves intention to distribute it.

  5. I’m really keen on hearing more about Lover Spy and its creators.
    Jon, do you mind revealing the name of the au affiliate? I’m in nz and can try track them down.
    I share Peter’s concern about this being an elaborate hoax; I’ve contacted the company for comment (I’m a reporter) but, surprise, they appear not to be too keen to talk to me. Also, the response to my email was from a Hotmail account, a tad suspicious in itself. You probably noticed that they do not list their contact details anywhere on the site, at least nowhere I could find.
    It is, as my 7 yo son says in his best Joe Rogan (Fear Factor) voice when confronted by something unpleasant, nasty.
    More info please!

  6. Isnt this just a face for a trojan? Years ago there was a trojan called Sub Seven, did exactly the same as this does but it’s all free.
    SO, thier trying to get you to pay for free software…. two words… RIP OFF!!!!!

  7. Isnt this just a face for a trojan? Years ago there was a trojan called Sub Seven, did exactly the same as this does but it’s all free.
    SO, thier trying to get you to pay for free software…. two words… RIP OFF!!!!!

  8. I live in Australia. Yesterday I received an email about this Lover-Spy. I clicked on the link to be nosey but fortunately didn’t click on the link for the greeting cards.
    I also tried to return to the site today and, behold it was no longer there.
    The email I received is posted for you to see.check out this amazing software…
    send somebody an email and you will know everything
    that happens on their computer…
    http://www.gootle.us?afil=1041
    Have now downloaded Ad Aware just to check.
    Lyn Dunbar – Australia

  9. Free software that checks to see if spyware has been installed on your computer is available at xblock.com. They have a professional version that costs a few bucks, but the free one is something you could start with.
    Later…

  10. This is so scary… Does anyone know if this is REAL??? Has anyone ever heard of anyone, anywhere actually purchasing/using this or having it used against them?
    I have received at least one weird e-card a few months back from someone I didn’t know. About 5 seconds into opening I thought better and closed it down.
    I went to look at their sample e-cards to see if any of them rang a bell. When you do a mouseover the link the javascript looks like it says “open BMP” but when you click it opens a window, full-screen, and starts playing a flash file. Again, I closed it down, hopefully before it could do any damage.
    Another option they provide is a pop-up error message that states you have a missing DLL.
    Very scary.

  11. Well, I looked at it today and was alarmed myself. My ex has hacked into my computer before and I’m wary of this stuff. I figured he’d send the kids an e-card and the nightmare would start all over.
    One thing I noticed is that their site is filled with misspellings. The ‘e-card’ that is supposed to be an error message reads: “A required DLL, MFC43.DLL, was not found. The process canot continue.” Note how they spelled ‘canot’. There are a ton of simple words misspelled: “unaccetible”, “suspicsion”, etc…
    It’s really creepy.

  12. Sorry for three posts in a row–but my ex hacked me once–and it is a nightmare. This is what I found.
    LoverSpy Software Company. | 222 J St #320 San Diego CA 92101 | 619-233-0012 (Sales)
    Email PI Corporation.
    | 222 J St #320 San Diego CA 92101 | 619-233-0012 (Phone Sales)
    I found this on tek-tips.com:
    june1980 (MIS) Sep 11, 2003
    Make note, network admins. A honest to god trojan hourse software package is being marketed to the general public. Check this out!
    http://gokgle.us/index.php?afil=1021
    I downloaded to test. It does everything is says it does and is easy to use, so I’m thinking it might take of with the hackers. The goodnews is that you can block it out at YOUR e-mail server by filtering .EXE, .PIF, and .SCR files. Just a tip, every e-mail server should block these file types anyways. One of my users got it via spam and forwarded it to me – the sys admin. I copied and pasted it here. I’m trying to get the word out about this. I’ve been going around all over the internet to the forums I usually visit posting this. Just shocking to me that it’s legal to own something like that. Just think what could happen if a CEO opens an infected E-card.
    I’ve also forwarded a renamed copy of the installer for it to mcafee and symantec. After all, it installs itself without the user’s consent and allows people to hack your computer. It’s a virus!It uses an attachment just like any other virus. I’m 99% sure it comes in either .BAT, .EXE, .SCR, .PIF, or .PE file formats. Paleogryph wrote that thier hotline said “Any Attachment”, But, before a Windows can start a process, it has to begin with one of the above file types. First line O defence is probably going to be your e-mail server/client. I use Exchange 2k with GFI as the server and Outlook as the client, so I can tell you there is a way to prevent these attachments from running automatically. This seems to do the trick. Do a google search on “Mail security software” and “Securing Outlook”. You should find directions on this.
    I’m pretty sure Mcafee and Symantec are going to classify this as virus. So, second will MAYBE be your virus scanner.
    As a fail safe, make SURE your firewall is rejecting all incoming outside initiated SYC packets – if this is done, you’ve nothing to worry about even if this thing is installed on your computer. I assume that this software was designed with Windows XP’s firewall in mind, or else it wouldn’t work on half the computers out there, so don’t rely on that alone.
    So far, this is all I have.

  13. Started to recieve unsolicited mail re ‘Lover Spy’ so decided to check around a little. Here is an interesting follow up on ‘Lover Spy’. I picked this up courtesy of Clearswift at: http://www.mimesweeper.com/news/pressreleases/items/215.asp. It looks like this software is a Russian repack of “EmailPI” that TAMI mentioned in his/her post of the 23rd

    Who’s Monitoring Kids on the Internet with Spyware?
    Clearswift’s CS spamActive™ detects new email scam
    Clearswift, the world leader in the email content filtering market, identified a new entrant into the spammed products range – spy software. About 15 percent of spam email blocked overnight by Clearswift’ spamActive™ software contained the subject line “MONITOR your Kids on the Internet with Spy Software”. The spam email announced the ability to spy on anyone just by sending them an e-greeting card.
    The spam encourages potential users to spy on their spouse, kids or employees and claims that the spy software records emails, Hotmail, Yahoo, Outlook, Chatroom messages, passwords and more.
    Clearly, this represents a blatant attempt to cash in on the recent announcement from Microsoft of their intention to close down chat rooms, from October 14, in a supposed bid to reduce the vulnerability of minors to Internet stalkers.
    The spam email contains a hyperlink to gokgle.us, which in fact can be traced to a web site in Moscow. Here, the site advertises ‘LoverSpy’ – “a spy program that monitors and records the complete computer activity of a computer user”.
    According to the advertising claims, “LoverSpy opens a “Remote Connection” from their computer to yours, letting you SEE what THEY are seeing on their computer remotely in real-time, TURN ON their Web-Cam and see them remotely in real-time video, and even get complete access to the files in their computer.”.
    Furthermore, it is claimed that “LoverSpy is the ONLY spyware that can be installed by simply sending an e-card, remotely, from the comfort of this web site. LoverSpy can also be sent as ANY type of file attachment via email. For advanced users, you can compose an email with a file attachment that could be anything, that once clicked will install LoverSpy.”
    In fact, careful analysis indicates that this is, in fact, a re-packaged version of well-known spyware named emailPI, from a Washington DC-based company. The vendors advise users to package the installation program as an email attachment, disguised in a number of possible ways. They suggest that the user employ trickery to entice the victim to click on the email attachment leading to silent installation of the spy software. Despite the questionable ethics, the user is advised that such actions may not be legal in some jurisdictions.
    Commercial spyware, such as this, is fast emerging as one of the more pernicious, generally-undefended threats facing organisations. Antivirus software offers little or no defence. Indeed Clearswift’s MAILsweeper™ for SMTP has intercepted real attempts of corporate espionage, based on emailing similar software into a customer organisation.
    Notes to Editors:
    About Clearswift
    Clearswift is the world’s leading provider of software for managing and securing electronic communications. Clearswift delivers the capabilities for organizations to protect themselves against email and web-based threats, meet legal and regulatory requirements, implement productivity-saving policies and manage intellectual property passing through their network.
    The company’s expertise lies in establishing and enforcing e-policies. Content security threats include the circulation of inappropriate images and text, spam and oversize files, loss and corruption of data, breaches of confidentiality, as well as viruses and malicious code. Clearswift’s software portfolio includes Clearswift MIMEsweeper™, a product family for email and web e-policies and Clearswift ENTERPRISEsuite™, a software infrastructure for managing e-policies in complex environments. More information about Clearswift, its products and services is available at http://www.clearswift.com
    For further details, please contact:
    Toby Walsh/Rebecca Tyrer
    Brands2Life
    Tel: +44 (0) 207 386 6200
    Email: toby.walsh@brands2life.com
    Isabelle Duarte
    Director of Communications, Clearswift
    Tel: +44 (0)118 903 8302
    Email: isabelle.duarte@clearswift.com

  14. I am researching this spyware on behalf of some of my customers. I continue to hear that a lot of these emails have a domain name of Hotmail, Yahoo, etc. Does anyone know what the display name is?
    The display name I am really looking for is bluestell.@* (stars indicate random alpha/numerics).
    Currently, many servers are seeing an increase in outbound mail even with the network cable unplugged. If it is possible to see the email reaching the mail server in the outbound queue, check the header of the message and see where it is going to and where it came from.
    This will really help in my research in order to have a detection become available.

  15. Here’s mine. Display name is Perlie Kraft. And the subject line is “hiy there”
    Status: U
    Return-Path:
    Received: from cpe-68-115-237-083.spa.sc.charter.com ([68.115.237.83])
    by kestrel (Earthlink/Onemain SMTP Server) with SMTP id 1a44BE163NZFlp0
    for ; Mon, 29 Sep 2003 13:26:51 -0700 (PDT)
    Received: from (HELO s9yol) [70.115.185.236] by cpe-68-115-237-083.spa.sc.charter.com; Mon, 29 Sep 2003 17:28:16 -0400
    Message-ID:
    From: “Pearlie Kraft”
    Reply-To: “Pearlie Kraft”
    To: forms@tir.com
    Subject: re: hiy there
    Date: Mon, 29 Sep 03 17:28:16 GMT
    X-Mailer: Internet Mail Service (5.5.2650.21)
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
    boundary=”CEC_995.A3.A59_97F.FBF”
    X-Priority: 3
    X-MSMail-Priority: Normal

  16. This story is now runing on CNN – seems theres alot of interest in it. Tried to get through to the site now without success. The spam email promoting the site eventually takes you to http://www.lover-spy.com – although that appears down now,at the time of this message.
    My guess would be that with all the interest in this someone’s going to come up with another product – and quickly.

  17. Any suggestions for detecting it if its already been installed? I’m running XP at home with just the standard firewall and McAfee.
    I’m not convinced that this would have been enough to stop this though. If I opened some email at some time (and I do remember at some point getting a .DLL not found message) it seems like it would be have been easy to get around.
    I did do a sweep of my hard drive with Ad Aware and it didn’t seem to find anything except a bunch of cookies which I deleted. Would Ad Aware catch something like this running on my system? Their site claims that its so stealth that it cannot be detected.
    Now that I know I have protected myself from future attacks but I’m concerned that I may have already been “bit”. I have at least one slimey ex who would do something like this.

  18. Using the contact info from user “4WM” up there, I called their number (I live a mile from the listed address). This is what they have to say on their recorded message:
    “Thank you for calling the Spy Software company. We are no longer offering phones sales or phone support due to an enormous amount of phone calls we were getting. If you need technical support or have questions about our software, please send email to the following email address: epiteam@hotmail.com. All questions will be replied within the hour or in the order they are received, thank you.
    ::computer voice:: This mailbox is currently full…”

  19. a comment to the lover-spy discussion
    My knucklehead of roommate decided this was a good idea and attempted to purchase this software over the weekend for her personal use. They have some deal w/ an offer to use it on 5 computers for the “low, low, sales price of $89.00”
    Well, she is definitely $89.00 poorer, and did in fact recieve a Ref# to register her software-which comes back invalid.
    She has sent a grand total of 15 emails to them over the last 3 days in an attempt to get some assistance, and now a refund. No dice-not one single reponse. She even sent an email to the sister(?) company of eMailPI to no avail.
    Any one know how to go about filing an unfair business practice claim for internet sales?
    At the very least, at least she didn’t damage her computer or commit some crime against privacy laws.
    Any input on this would be helpful
    Thanks

  20. This is a felony, hands down.. You get caught using it, you invited yourself to a 10 year stay in sing sing…
    Quote by a DOJ bigwig in a cnn interview:
    Possible felony
    “That would be a felony,” said Mark Rasch, former head of the U.S. Department of Justice’s computer crime unit and chief security counsel for security company Solutionary. “Loading a program onto someone else’s computer without their authorization is patently illegal.”
    “Yikes! That is clearly a wiretapping violation,” Chris Hoofnagle, associate director of the Electronic Privacy Information Center, said when told of Lover Spy.
    “It sounds a lot like a commercial version of Magic Lantern,” the controversial program the FBI proposed a few years ago to remotely install a keystroke logger onto people under investigation, he said.
    Other spyware exists, such as eBlaster from Florida-based SpectorSoft, but it is installed manually and marketed for customers to install on their own computer, Rasch said.
    However, even installing a spyware program on your own computer may be illegal if it is recording the data of someone else without their consent, depending on the state in which the spying occurs, Hoofnagle said
    So beware!

  21. Defintely a felony. I’m a network admin for a law firm in Dallas, Texas, and my alarm about this product had nothing to do with whether or not my co-workers were being unfaithful.
    What worried me was the naivete demonstrated by many users who would simply click and install a greeting card plug-in and allow the keystroke logger to begin recording, storing, and relaying information to the Lover Spy server.
    Interestingly, their site, Gootle, and the corresponding link to their download area, are both down today.
    This program is a Trojan, but a variant. It has been altered so that it is not detected by Symantec products (I verified this by phone today) nor is it detected by WatchGuard products (also verified by phone today). However, both said they are working on detecting the script/code that is in the greeting card download.
    Until I find out how to stop it altogether, I am stopping all script/code e-mails with MailMarshall by NetIQ, a product (expensive) that snares suspiciously scripted e-mails.

  22. I thought I was smart enough to play with this fire and ended up being burned. I ordered this in response to spam out of curiosity, before I found this forum, and for some reason was lucky (?!?) enough to get through to the website and was able to order it. The site is a good front, I have to say, the spelling is a bit wacky but that’s not too unusual and they make it look legit. They give you five “slots” (installations) for $89, if you use one and turn it off you burn that slot for good. You can send the bug as an e-card (very lame choices, I think these folks are Russian) or as a .exe or .scr file attachment under any name you choose. I sent it to myself as a .scr attachment, saved it to my desktop. It showed up as an MS-DOS icon under the file name I gave it, which I clicked on. Nothing seemed to happen but it was now installed.
    Well it works too darn well, and it’s scary. It only works on SMTP mail though, it doesn’t track my Outlook mail or AOL mail. On Yahoo, it picks up everything. Passwords, e-mail. It gives a list of every program running on the computer at certain times, and another list of every website visited. The e-mail usage reports come by e-mail and they’re huge — 44k on average, and for some reason they are much much bigger than the frame. It seems like they’re capturing screen images somehow and sending those in a format I can’t determine.
    Here’s the part that’s really foolish. Having satisfied my curiosity, I wanted to try to turn it off. Naturally now I can’t get back into the website (using either the lover-spy or the emailPI
    address, they led to the same site) — I get a forbidden access message. Deleting the icon of course didn’t stop it, and the file doesn’t show up in a search. So I can’t turn the darn thing off and everything I do in Yahoo mail is generating multiple e-mails to myself telling me what I just did!
    Just deleting the stuff they had sent me before and eliminating a half-dozen other spam mails generated something like 110 messages and burned up 35% of my storage. I can wipe those out from another computer without triggering another avalanche, but this machine is now polluted for that kind of use and I have no idea how to get rid of the bug. I ran a couple of spycatcher programs and darn if they aren’t right that the spycatchers don’t catch this (although they catch a scary number of ad-related site-tracking cookies, some of which seem to take about 5 minutes to re-host after you clean them off — and I can’t tell what sites are generating them — possibly Yahoo itself?).
    Children, gaze upon my woeful countenance and learn from my mistakes!

  23. i emailed the folks at lover spy to ask if it were possible to send payment by money order so i wouldn’t have to use a check?…..
    they responded..and quickly i might add…with sure that’s an option ..just make the check out to carlos perez….their address is an apt at a beach in california…when i responded with ‘how stupid do u think i am’…did some research on your company and to no avail and i’m supposed to send ‘cash’ to some cat named carlos perez?….
    he responded with:
    our company makes 8000.00 a day
    we offered you an alternative payment method you can take it or not.
    very rude! HOAX!!!!!!

  24. THIS ONES FOR PETER…
    (I SENT THIS QUESTION(COMMENT) TO YOUR EMAIL, IM NOT SURE IF IT IS YOUR REAL EMAIL ADD THOUGH SO I AM PLACING WHAT I EMAILED YOU IN THIS COMMENT PAGE)
    Hi peter,
    My name is Geoff. I was exploring google.com to find out more about this new software “lover spy” and i found the sight, however, each time i tried clicking on the sight it gave me an error, so then i came across 90% curd and there i read your comment. I suppose you can say i am quite lucky that i couldnt get through to loverspy.com because i too am trying to find out what this e-card looks like and if i had not come across your comment then i would of opened loverspy.com, opened e-card questions, opened that sample e-card and BAMM! i am the victim that i was trying to avoid being. My question for you is , did it say under what name the card would be sent or the company name that would appear in the inbox?
    I recently opened an e-card before i knew about lover spy, i have deleted the card so i dont really remember the company name of the card, but i am sure if i see the name again i will know that it is the name of the card i opened.
    Thanks for your help.
    GEOFF

  25. I won a chatroom and I think this program could become a real danger..for example peophiles could keep track of young victims.. hot blooded lover could keep track of there married fancy.. plus gee this means i can never send the odd hugs to anyone without fear of being watched..cyber conversations could be interesting lol
    Never open any card or email that you don’t recognise the sender name..its asking for trouble

  26. My name is eyaD I was exploring google.com to find out more about this new software “lover spy” and i found the sight, however, each time i tried clicking on the sight it gave me an error, so then i came across 90% curd and there i read your comment. I suppose you can say i am quite lucky that i couldnt get through to loverspy.com because i too am trying to find out what this e-card looks like and if i had not come across your comment then i would of opened loverspy.com, opened e-card questions, opened that sample e-card and BAMM! i am the victim that i was trying to avoid being. My question for you is , did it say under what name the card would be sent or the company name that would appear in the inbox?
    I recently opened an e-card before i knew about lover spy, i have deleted the card so i dont really remember the company name of the card, but i am sure if i see the name again i will know that it is the name of the card i opened.
    Thanks for your help.

  27. Nice one, fool – allow me to quote:
    “You can send the bug as an e-card (very lame choices, I think these folks are Russian)…”
    Lame choices equal Russians? Amazingly ignorant, prejudicial and offensive. Will you amend your comments since now it appears the proprietors of this site are located in southern California? I’d suggest something to the tune of:
    “You can send the bug as an e-card (very lame choices, I think these folks are American)…”

  28. Hey Jeff, nothing against Russians — I buy Russian greeting cards any chance I get! Some of my best friends are ethically-challenged ex-Soviet Russians. And that KGB was great, wasn’t it? Speaking of which, pause to consider whether the fact that there’s some guy named Carlos in San Diego collecting money (I think they call that a front man) tells you anything about who made this software, where the servers are, or who’s actually running this little “spy” operation. I’m betting it ain’t the guy answering the phone and having checks made out to his name …
    and did anyone else notice the “Hello Baby” from someone named Karla earlier in this thread? Think that was just random?
    To Geoff, I don’t think you get infected if you open the sample greeting cards. You have to send them to yourself and then open them to be as big a fool as I was.
    BTW, the site reopened (must be the big new server in Vladivostok) and I was able to deactivate myself. Jeff, there’s a section for resellers that you might want to explore.
    I also want to report I got an e-mail (in fractured English) from someone claiming to be a BBC reporter (which he said was the UK equivalent of ABC — huh?) who said he wanted to interview me about my experience. I’m very skeptical and a little weirded out. I wonder if I’ll be hearing from him (or Jeff) again after this post …

  29. To remove this product or check to see if you’re a victim or not: http://www.spykiller.com $39.95 US
    No telling what they do with the information other than pass it on to the subscriber – and who knows what they collect and DON’T send.

  30. If you don’t want to spend $39.95 US you should check out Ad-aware which has a very nice free version. I couldn’t find on Ad-aware’s or SpyKiller’s website whether Lover Spy is covered, but personally I choose the free version first.

  31. Hi ,You are talking about lover spy how about ispy it is just as bad.Does anyone know anything about ispy? and how can you block and see if anyone is in your computer? Thanks

  32. This is a suggestion and not a guarantee.
    I had/have still an infection with Lover Spy. Here is what worked for me without anti-virus or other software. If you have a infection of Lover Spy there is just about nothing you can do with your computer. For example…I could not download antivirus definitions because the Lover Spy stopped me…it caused errors in the download..it used up all the memory…also it prevented me from going to DOS mode when I tried to do that to eliminate some files.
    Okay , again, I do not guarantee this will work. But try it out.
    1. Reboot your computer.
    2. IMMEDIATELY press the escape key down. You will suddenly hear the hard drive clicking because you are interrupting the Windows loader program. Lover Spy is a windows program that CANNOT operate in DOS.
    3. Expect that your computer will suddenly stop since the Windows loader program has been interrupted. It cannot load Windows. When your computer stops you will see a black screen with white letters showing some step in the Windows loading process.
    4. Now while the program is frozen, look to see if the “C:> prompt is there, if not, hit the escape key some more, or the enter key …. what you are looking for is the good old dependable DOS prompt on your screen…If you do not get it, then reboot again and again follow steps 2,3,and 4. Give steps 2, 3, and 4 four or five shots before you give up trying this process. It might work the fourth time..
    5. When you get the DOS prompt, Horray!!! Grab something good to drink. You are almost in control of your computer again.
    6. What the people did with Lover Spy was to put five or six files into the Windows directory that hijaack your computer. (They well have put other files on your computer that I don’t know about yet…but when you follow my instructions here, those files are going to be sick puppies and not work very well.)
    They made two of the files in the SYSTEMS directory unable to be deleted…BUT in DOS you CAN delete them.
    7. Now, type the following commands at your DOS prompt,. When you see the word ENTER, then press the enter key. You are going to erase these five or six files out of your computer.
    TYPE the following DOS commands:
    a. C:> del c:\windows\mspssvf.exe ENTER
    b. C:> del c:\windows\mspssvf.bat ENTER
    c. C:> del c:\windows\mspssvf.txt ENTER
    d. C:> del c:\windows\rec_pwd.html ENTER
    e. C:> del c:\windows\system\shellext\csrss.exe ENTER
    f. C:> del c:\windows\system\shellext\smss.exe ENTER
    Okay. here are some rules. If you are running WIn95/98/Me, then type and enter steps a-f as I have listed them.
    If you are running Win NT/2000, then change the word SYSTEM above to Winnt;
    if you are running Windows XP, then change the word SYSTEM to SYSTEM32.
    You may not have the rec-pwd file in your Windows directory. If you do not, don’t worry…
    Once you delete these five files, then reboot your computer and the Lover Spy program will be disabled…then when you have several dollars you can buy a commercial program to clean out your computer.
    I hope this works for you as well as it has worked for me..right now my computer is trying to clean out its brain)))) But the computer is back under my control once again, not under the control of some evil computer program… hopefully I won’t wake up in the morning and find it trasmitting my checking account balances))))
    The technical information on the files I was able to read on the Symantec technical paper file…thank you very much, Symantec…yes I will again subscribe to your service when I have ten dollars to spend. Thanks))))
    Good luck everyone..this is not a bogus post….it worked for me….

  33. I just ran SpyKiller and it found (among other things) registry entries for WebPI. I haven’t paid the $40 do delete anything from my computer yet. Trying to figure out a way to clean my computer without paying for $40 for SpyKiller. Through searching on Google I’ve learned WebPI is a spy program to log key strokes, log all activity, make scecret screen grabs, etc. Does anyone know how this may have gotten on my computer?? HOW DID THIS GET ON MY COMUTER? I’m wondering if it is part of the Kazaa or BearShare installs. I haven’t been able to find anyone else who has discovered WebPI on their computer, which is making me very suspicious.

  34. PART TWO

    The final thing you will want to do to regain control of your computer is to rid your hard drive of the reports that are ready to be sent to the Lover Spy server from your computer. These are reports that are stored on your hard drive waiting to be uploaded. If you have followed my instructions in my earlier post, then Lover Spy is disabled and cannot send your reports to their server; however, the reports waiting to be sent are still on your hard drive, and in my case, I had zero space left on my hard drive.
    Using your Windows explorer, look in your root directory (i.e. C:) for a file with this name: WINUNDO.

    If you look at WINUNDO with Microsoft Word you will see that it is loaded with reports from your computer. Now DELETE the file from your computer with WIndows Explorer. In my case my hard drive was freed of 500 MB of reports…an enormous amount of junk…

    My two posts will disable the spy program and then clean off the remaining reports that were not sent to their server. You then need to use software such as Norton Clean Sweep to erase the entries in the registry that are orphans; software such as Norton System Works to optimize the registry and defragment the hard drive, and a program such as Norton Anti-virus which should remove additional infected files … By now you have regained control of your computer, prevented any more communications with Lover Spy and erased out any remaining reports on your hard drive and can buy your antivirus when you can afford to do that…

  35. I’m doing an informative speech over LoverSpy and am really interested in any information anyone would have on how to prevent it from happening to you, and other personal experiences about how well it works. I am hoping to inform others so they don’t make the mistake of using this software, or if they decide to then at least they will know what risks are involved and what they are getting themselves into. any help would be apprieciated!!
    thanks
    infogirl

  36. As a persona who is always worried about spyware and unable to find any info on how to detect Lover Spy I purchased it and installed it on on of my office computers . First it caused an winsck.ocx error for which they sent me a patch file. virus infected I might add. Now there web site is down as is emailpi.com Both have been down for some time. I tested Norton and Ad-awre while the pc had the software installed and neither found the spyware. so be wary it could be on your machine. As for their site and service it sucks. Their E-mail support hasn’t responded or excepted mail for three weeks now.
    Good Luck.

  37. Since I’m in San Diego, I decided to check out the 222 J Street address for the Lover Spy team.
    It’s a fairly new hotel/apartment structure: “Located directly across the street from the Convention Center and within walking distance to the Gaslamp Quarter, Horton Plaza, Broadway Pier and Seaport Village! With the Trolley stop just outside our front door, you can’t find a better location. Studio style apartment living with all the conveniences of a thriving city center.” That’s from their web page.
    I also found the following review of the J Street Inn: “we stayed at this so called hotel and boy did I learn a lesson about roaaches bugs drug addicts alcoholics and a selection of idiots especially the staff. They looked like a bunch of morons who didn’t care about anything. It is true that the rates are low but so is a chair in the greyhound bus station which is definitely cleaner and quieter than the J street inn. Yours truly an outsider which by the way is where you should be if you think about the J street inn.”
    Lover Spy is in interesting company!

  38. There are alot of spyware programs that will help, I have run spy guardian pro for over a year now and have been really happy with it. You can find many on the web.

  39. As much as I hate to admit this, I bought and used the software from Spy lover.com It actually worked. I even have proof but, I didn’t do it to publish it all over the internet. I did it for my own piece of mind and I gotta tell you that for my own personal purposes it worked and was money well spent.
    On the other side of it though, I tried contacting the company to tell them “Thanks” for the cool software. And never got a reply. That seems very peculiar to me. Especially since all I was doing, basically, was ‘endorsing’ their product because it actually worked for me.
    Oh well, every has problems I guess!!!

  40. Did anyone take a “snaphot” of the gootle.us website.
    I am doing a research study and would appreciate
    being able to recover those web pages.

  41. Where can i download a demo version of Lover Spy??? Its very important that i know and carlos is real my brother bought Lover Spy from Carlos Perez and he recieved the Lover Spy package in just 2 days and is very pleased with it so its no HOAX!!!!!!! Does anyone know where a demo version is????

  42. I tried the demo of it and it did work well. Only tried it out of curiosity really and its all now long since gone and inactive.

  43. I can’t believe somebody would show up to admit to using this program for spying on others. No offense, but you are disgusting.
    I hope whoever you’re spying on figures out what you’re doing and dumps you for being what you really are.

  44. Okay, this is all too weird. I have to admit I downloaded the program to keep an eye on my kids who had just started chatting online. Problem is, I can’t get the darn thing off. The files that are supposed to be deleted csrss.exe and smss.exe says they are system files. I’m afraid to delete them and make my problems worse. I downloaded a program called spy sweep and it didn’t even pick up on this lover spy. Anyone have any new solutions? Where are these people? Why don’t they just come forward and tell us how to rid ourselves of this thing?

  45. I am just glad people are beginning to get upset about the threat posed by this type of software package, but unfortunately spybots like LoverSpy are not the worst threat .
    Remember when, Once upon a time, the Internet was a relatively benign, simple place that bestowed the revolutionary power of communication on all who wanted it? Somehow, in a few short years, we have let the internet change from a sunny open field of dreams into a dark menacing jungle. The Web is crawling with script kiddie hackers, shrink wrapped computer viruses, spam, password stealing packet sniffers, and identity thieves. In the e-commerce revolution there is only one commodity, your information, and thousands of cash hungry predators will do almost anything to get it.
    Guess what is worse than a spybot stealing passwords right off of your machine? Try one that doesn’t even have to be installed on your machine… its called a packet sniffer and there is a new generation of easy to use information sniffers that only need to be installed on a single machine to sniff ALL the traffic on a lan. Weakest link in the chain approach, and it’s the preferred method for real criminals.
    I wrote a nice little white paper on some of the newest of the breed if anyone is interested
    http://www.filecourier.com/htmlcontrol/documents/WhoCanReadYourEmail.PDF
    – Mark

  46. Procuro pelo software lover spy,por favor entre em contato comigo,preciso adiquirir esse software.Vou aguardar sua resposta. Denis

  47. Procuro pelo software lover spy,por favor entre em contato comigo,preciso adiquirir esse software.Vou aguardar sua resposta. Denis

  48. Christ, I’m closing comments on this post. If you came here looking for a copy of Loverspy just dump your significant other. They’re cheating on you or they aren’t, but the fact that you think that they might be means your relationship is in trouble.
    Either you’re paranoid or your S.O. is doing something to make you think they’re cheating. Do yourself and him or her a favor and pack up your stuff and leave.

Leave a Reply