Jeff Duntemann's Contrapositive Diary Rotating Header Image

EasyBits GO, Skype, and The Crapware Problem

EasyBitsGoDialog.jpgThis morning at 9:59 AM local time, a dialog from an unknown app popped up and asked me if it could install Adobe’s Flash player. My reaction is the one everyone should have in response to things like this: Don’t click. Stop and think. I’ve been around for awhile and I’m not stupid. I’d never heard of EasyBits Go and certainly hadn’t installed it on my system. I brought up Windows Task Manager, and sure as hell, there was a process running called easybitsgo.exe. Worse, there was an icon on my desktop that hadn’t been there a few minutes before. And the dialog had a blatant misspelling on it. “Do you wan to install it now?”

Talk about red flags!

EasyBitsRegistryKeys.jpgI immediately did a search for EasyBitsGo.exe on my system, and found the executable at Documents and Settings/All Users/Application Data/Easybits GO/ There are several subfolders as well. There was an app listed in the Add or Remove Programs applet. There was a folder (dated a few minutes later) called “go” in my user tree under Application Data. It contains some kind of a log. Last and worst of all, there were Registry keys in the HKEY_CURRENT_USER subtree under Software/EasyBits.

Only after gathering that data (and taking a quick look on Google, which showed almost nothing) did I begin removing it. Online postings just a few minutes old verified my suspicion: It had ridden in on Skype. I was using Skype at 10 AM when the dialog popped up. I did not have a browser open, and in fact was not doing anything unusual. (I was editing an Odd Lots entry for Contra.)

EasyBits is a real company, and they created and have been running Skype Game Channel for some years now. I’m not a gamer and hadn’t run across them before, but they have some history, and don’t appear to be malware vendors. (This does not mean that malware could not impersonate them.) Nonetheless, however they had pulled it off, what they’d done was utterly unacceptable: They’d installed a whole app with no obvious connection to Skype without any warning, much less any request for permission.

Too, too much. I may be done with Skype. Still thinking about that. In the meantime, if this happened to you as well, here’s how to fix it, at least under XP:

  1. In Skype, select menu option Tools | Options | Advanced, and un-check Automatically Start Extras. Click Save.
  2. Shut down Skype.
  3. Bring up Task Manager. If the EasyBits GO dialog is still visible, EasyBitsGO.exe is probably running. Kill it. The box will vanish. (Kill the process even if you’ve already closed the dialog.)
  4. Make sure the SkypePM.exe process is not running. If it is, kill it.
  5. Go to the Add or Remove Programs applet and uninstall EasyBits GO. It uninstalls almost instantly, which suggests that nothing is actually being uninstalled. This was the case as best I could tell.
  6. Find the folder tree at Documents and Settings/All Users/Application Data/Easybits GO/ and delete it.
  7. Go to the Application Data folder tree under the user that was active when the damned thing installed, and find the go folder. (It contains some kind of log file.) Delete it.
  8. Go to the Windows/Prefetch directory and look for the file EASYBITSGO.EXE-364DAFD6.pf and delete it.
  9. Search for and delete all instances of ezPMUtils.dll. They may be in different locations depending on your version of Windows.
  10. If you’re comfortable editing the Registry, get rid of the keys at Software/EasyBits as shown in the screenshot above.
  11. Reboot. Theoretically that should do it, but if Skype could push this thing down to countless users without their knowledge once, it could do so again.
  12. After rebooting, I think it might make sense to update your virus scanner signature database and do a full scan on your system.

So whatthehell is going on here? There’s still not a great deal online, but I’m seeing more and more angry people posting every hour. I have a guess: EasyBits paid Skype for the install. This is the crapware business model, in which a company pays a hardware or (less often) software vendor to install stuff that the customer did not ask for, and pays by the install. This is typically trial version software, and the crapware vendor benefits when customers cluelessly upgrade to paid versions.

The crapware business model is why I no longer buy retail PCs, which come so clogged with crapware that they can barely move. I buy either custom-built machines or used corporate machines like the SX280 USFF, which were never retail machines to begin with and came with no crapware at all.

Cheap or free stuff is often less cheap or less free than its vendors imply. Crapware is one reason retail PCs are as cheap as they are. Dell, HP, and the others take a certain profit on each retail PC selling crapware slots. Absent the crapware, the machine would cost more. I buy new custom locally or used on eBay, and the machines are as cheap as new retail PCs and work a lot better. (Why does a four-year-old P4 2.6 GHz corporate box go so much faster than a current Core 2 Quad 3 GHz retail PC? Crapware.)

This is a guess, but it makes sense. Why else but money would Skype do something so absolutely certain to get them crucified in the blogosphere? With my tinfoil hat on I could imagine that certain parties at Skype aren’t happy with being assimilated by the Borg and are getting some parting shots in. It’s too late to foul the deal, but anything that makes Ballmer itch in bad places might be worth it to them.

Finally, if this happened to you, let me know in the comments or by email. It seems like a lot of people got hit with this, at least those running current versions of Skype. What if the entire installed base of current Skype instances pushed EasyBits Go down the pipe and onto user desktops? That would be a freaky thing indeed, and will make them a Mordor horde of enemies. Stay tuned.

UPDATE: I cranked up an old XP SP2 machine with Skype 5 installed this afternoon and so far, the EasyBits install hasn’t happened. Will leave it on tonight and check it in the morning. It may be that the install requires SP3, Vista, or Win7.

75 Comments

  1. Lee johns says:

    Had exactly the same issue. It crashed my system as well. Now think I have it removed. Only installed skype a month ago. Now will never use it again. When it popped up I si sa It did not even pop up the Microsoft security question for me on vista asking if I was willing to let an app modify my system.

  2. PoW says:

    Yes I’v got the same problem… I’v fixt it with systemrecovery and deleting the folder afterwards
    Last was a automatic library lookup for “easy” and “go”

    With this i’v got rid rid of this program

    If the theorie of Skype beeing paid for this is to prove itself true
    then i fear i’v got to serch for a substitute for Skype
    unfortunately

    1. Mary says:

      Apart from searching on “easy” and “go”, you should also search on “ez”. I found some more that way. Also, check individually all users linked to the computer (not just the “all users”). Once I had clicked *x* (non-response) to the “question” whether I wanted the app, it forcibly installed itself and spread itself to another user linked to my computer who had done nothing – placing an extra folder in that user’s application data.

      It also seems (though I’m not sure) that it changed the name of one of its folders after I tried to delete it and was denied access at the first try (because Skype was running at the time).

      What happened was the following: I made a search for “easybits” and found 2 folders (and 4 files) – was denied access to deleting both folders… then closed down skype (was, by the way, also denied the option of unticking “start skype when starting the computer” (“port invalid”, the program claimed >:-) )… then chose to uninstall skype entirely (never to reinstall again… may they rot for wasting precious hours of my life, and for violating my computer)) and then searched again for the two easybits folders. Only one now popped up. Strange! I deleted it and then searched for “go”, and one such folder popped up, containing two files belonging to easybits.

  3. Rn9 says:

    Woke up this morning only to find this Easybits Go installed on my computer which had been on all night.

    Removed the thing with Advanced Systemcare 4 only to discover there were hundreds of leftovers related to the program all over my computer. A lot of registry keys.

    The only peep Skype has made so far is from Gladiator the forum mod saying it’s not Skype but Malware.

    I received this on two computers running Skype today, none of them were using any web-browser.

    Still amazed Skype hasn’t made any announcement as there are so many worried users.

  4. Zak says:

    Just happened to me as I type this. Thanks for your help on this…gotta find a way to let my friend know I can’t talk to her anymore on Skype. I sure as hell ain’t using it again.

  5. P says:

    yep, I was freaking out for a while. Im not a big computer person, and thought this maybe a virus. Thank you for this blog

  6. Shawn says:

    Same here, and I have since deleted it. The first thing I thought was I bet Skype is making money doing this, and they are not worried about the “Skype” reputation since they will be handing over the company to Microsoft. However I never would have believed that they would be capable of such an act regardless of how i feel about Microshaft.

  7. Andrew Milne says:

    Happened to me as well. Followed your instructions but have still found C:\WINDOWS\Prefetch\EASYBITSGO.EXE-364DAFD6.pf on my system after the restart. Any suggestions on what this is/what to do? Sorry, I’m tech savy enough to follow directions, but I’m still very novice on understanding what all the various files do.

    1. Prefetch files just allow Windows to load frequently used apps a little faster. There’s nothing essential about them–and although I found the file, I completely forgot to add its deletion to my instructions. I just fixed that. The file can simply be deleted and should be. Thanks for reminding me!

      1. Andrew Milne says:

        Thanks for the clarification, that had been my understanding of the prefetch folder, but I wasn’t sure. Thanks again for the instructions. Now we wait and see what Skype eventually says about this.

  8. Andrew Milne says:

    Sorry, forgot to say Thank you! Very much!

  9. A Skyp user says:

    Yeah, got the same thing just a few minutes ago.
    Thanks for this post

  10. Pag says:

    Thanks so much! Happened to me too. All of your steps except step 6 were easily transferable to Vista. So, thanks a bunch for that. It’s nice to know I’m not the only one that feels this way about crapware.

    1. tdp says:

      Did you look at the dates on the articles? those are from last year. The current exploit or whatever it is is hitting even 5.3.+ clients.

  11. Rick says:

    If you use Windows 7 check the hidden folder C:\ProgramData as well.

    1. Dale says:

      wow, thanks for that, win7 here, and like another wow and thanks for all the info here-i actually pay for skype
      i got a update for skype is ready pop up on my desktop-thought it was unusual but i sure as ____ clicked it, didn’t notice the desktop icon until just a bit ago
      glad i read this far down

    2. Dale says:

      programdata\skype extras\MLS has a whole bunch of GO*.mls files created at the same time-deleting….

  12. Eran James says:

    Infringement of my civil rights, how typically big Corporate America. Wiping Skype and never using again.

    1. Nick says:

      Skype is developed in Luxembourg. The deal with Microsoft has still not gone through so it is still very much a foreign program and developer.

  13. tdp says:

    I experienced pretty much the same thing. Opend up Skype and got promted with an instaldialog (bottom right corner of screen) giving me several options. I decided to go with none of them and just exited the dialog the normal way by ‘X’ing it away. It instantly closed but I ended up with having the program installed anyway.

    Since I did want to know what it was I did some searching and ended up on the skype forums which were just starting to become alive with other people who also felt uneasy by the random dialog or similiar occurances.

    Just like you I tried removing it via the program control interface but it didnt do anything other than remove the program from the list of installed programs, so I went ahead and got rid of all the files I could find then proceeded to run several virus and mallware scans. (for those who are curious, I didn’t get a single hit).

  14. John says:

    Thanks for the guide. What about the actual Skype folders in the App date folder? Specifically:

    Documents and Settings\All Users\Application Data\Skype\Plugins\ezPMUtils.dll

    Documents and Settings\All Users\Application Data\skype extras\ezPMUtils.dll

    C:\Documents and Settings\All Users\Application Data\Skype Extras\MLS\ (for XP at least) there will be some files starting with GO_

    1. Not sure. Like you and a lot of people, I’m still trying to figure this all out. I think, however, that I’m going to get rid of Skype Extras for now and see what the company or others may say in the next few days. That dll in particular has gotta go, and I didn’t spot that. Thanks for pitching in!

      1. John says:

        Jeff,

        No problem. I’m an IT Professional and am frankly annoyed at skype. I had a family member call me and ask me about this today as well. How many millions are possibly infected?

        Frankly, it would not surprise me in the least (as you suggested) if this was caused by some disgruntled skype employees upset about the Microsoft merger. It would also not surprise me (as you suggested) that Easybits paid skype to allow this to be installed without user permission.

        Supposedly, according to the zdnet article above later versions of skype were not affected. Has this actually been confirmed? It would put some suspicions to rest. I’m pretty sure I’ve patched skype many times since 2009.

        This is the first piece of malware I’ve had on a personal computer in over 10 years (seriously). I’m probably going to format it….sucks but that’s what I usually do when software like this is installed to make sure it’s truly gone, however, I’m going to give skype a chance to respond before taking that step.

        It looks like I made need to find an alternative program to skype…

        1. John says:

          forgive the grammar errors. also ‘merger’ should be ‘acquisition’ I’ll try to proof read next time 😉

        2. Dale says:

          i have the latest version, i also am a paying customer

  15. Felix says:

    Thanks alot! This is more than annoying! Deleted some additional GO_XYZ.mls files from C:\Users\All Users\Skype Extras\MLS

  16. Charlie says:

    Same thing happened to me today. I am really scared. Why is noone at Skype saying anything about this?

  17. Richard Tabbutt says:

    I got the same thing today. I think it’s lawyer time.

  18. André says:

    Thanks for putting this up. I’m pretty mad about this right now.

    After erasing the registry keys you mentioned, I searched the registry and found two more — under “HKEY_CLASSES_ROOT\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\”

    One was in the subfolder “InprocServer32\”, and pointed to ezGameXN.dll — one of the files you deleted. I’m not sure whether it mattered, but I deleted it anyway.

    The other is under the subfolder “ProgID”, and has the value “ezPMUtils.WindowGroup”. Do you have any idea whether I should delete it too?

    1. About that last one I’m not sure. If you can get the rest of it, hold off on that for a few days until we know exactly what we’re dealing with here. I’m guessing it’s something associated with the EasyBits GO user interface, assuming “WindowGroup” means the same thing it does in other Windows contexts. Deleting Registry keys should always be done with some hesitation. If you’re going to do it, set a restore point first!

  19. Zhen says:

    also drops something in allusers\skype\plugins\ezPMUtils.dll

    1. Definitely delete that dll. I did and suffered no ill effects, though I discovered it after I posted the article. (I just got back home from errands and will update it this evening.)

  20. Adam says:

    “at least those running current versions of Skype” Just to let you know, I’m running an old version of Skype and I still got hit.

    1. There must be a version range for vulnerability; one of my close friends is still running Skype 3 and didn’t get it. I know this because I was IMing with him when I got hit with the damned thing. Nothing happened on his side.

      So if you’re willing, please let us know what version you’re running. I thought this problem was limited to Skype 5.x.

      1. John says:

        It’s possible Skype rolled out the update in waves. Your friend may have just been lucky to not be hit.

        Someone is reporting now that this is POSSIBLY legitimate software force installed by Skype themselves without user permission. Something smells fishy, especially considering the timing of this incident (as related to the Microsoft acquisition of Skype).

        http://www.blogtechnical.com/1115/skype-installs-game-crapware-on-your-systems-without-users-prior-knowledge.bt

        I still await the official word from Skype…

        1. I’ll check with him this evening. He uses Windows 2000 on that machine (it’s basically his chat box) and Win2K may not be compatible with the plug-in. Or something.

          Forcing installs like this without asking is just freaking insane. “Fishy” is too mild a word.

          1. John says:

            Go to:

            C:\Program Files\Skype\Plugin Manager\

            right click skypepm.exe and click properties
            click the digital signatures tab
            look at the name of the signer:

            easy bits software this exe was created on March 26

            In my opinion, it seems easy bits and skype have too cozy of a relationship leading to this possibly illegal forced installation of easybits -OR- this could be a serious security breach caused by a 3rd-party (the breach could possibly have occurred at easy bits itself). Who knows… an answer from skype would be nice!

            I just find it odd that the skype plugin manager EXEcutable is signed by easy bits and not skype!

  21. Patrick says:

    Thanks for help.

    This is an extremely serious violation and usually Skype would be off the hard-drive immediately but I need the program for work! I am agog that such a well known product could allow this.

  22. OniPanda379 says:

    I had this happen to me. I wasn’t prompted or anything. I’m not going to lie, I’m not a computer genius, but I know things like that are supposed to ask you if you want it installed.

    I was playing around on my image manipulator program then the Easybits thing loaded as if it had been installed already. It freaked me out so I pulled up the Task Manager and terminated all the things I was doing. Scanned the PC then Googled Easybits and found this page.

    I don’t use Skype but I do share this PC with my brother and he uses it. I did get a Skype update dialogue box but closed it so my brother could deal with it as its his program of choice.

    I’ve followed all I could to get it off. It seems to be gone, but I don’t know how to find the registry thing. Luckily my friend’s dad is a computer geek and can help me out. But thanks to you, I got all the big noticeable stuff on my own and some info on it all. Thank you very much.

  23. DC says:

    Hi, Jeff.
    I cannot delete Easybits GO from here: C:\ProgramData\Easybits GO; I have Vista Home Premium. Any advice?

  24. Claudio says:

    Hi there,
    posting just to add a note on how it moves around: I am in Spain and I got this last night while chating with my brother who is in argentina (using skype, obvioulsly) . same thing. no browsers… the only thing i have to check now is the dll because it doesnt let me delete it for now and there is no process running which I could relate to it.

  25. Jack says:

    I did not get this so far since I customized my install to not include the Extras Manager and I’ve blocked the update server for Skype’s draconian unsolicited updates to version 5.x+

    In a Firewall, block inbound and outbound from 204.9.163.158

    I am running version 4.2.0.169 without the Extras Manager.

    After hearing this news, I’ll hold off on launching Skype for the next little while.

  26. Bob H says:

    It sounds like Skype or Easy Bit may have burned a lot of people. After following these instructions (BTW, Thanks), I filed an official complaint with the Attorney General of my state.

    I am a Software Engineer who absolutely believes that companies (and their employees) who do this kind of stuff should face serious jail time. It is not just unethical, it cost consumers a lot of money to fix. If this is as big as it sounds, this is going to cost consumers millions of dollars. Some consumers will have to make the decision between buying food for the table or fixing this.

    BTW, I am usually paid quite well for my time. If the investigation narrows onto either Skype or Easy Bit, I figure one of them owes me about $300.

  27. Bob H says:

    BTW, I might mention this in response to some of the posts. I am sure that Microsoft had nothing to do with this. The deal between Skype and Microsoft is a long way from being finalized and approved. There are numerous hurdles these companies have to navigate including attaining approval from several governments. It will be some months and maybe even years. If anything, the bad publicity may likely torpedo the deal.

  28. Benjamin says:

    This just happened to me. I’m using XP home edition, and I first noticed that I had the easybits Go icon on my desktop, and I found that odd since I actually clicked the decline option when Skype prompted me to download it. So, I actually went to Add/remove programs and uninstalled it from there. However, i do not recommend doing it that way because it left a ton of folders behind and was still running somehow. Also it seemed to take out my audio software too. All my drivers are there, but the soundbar that came with my dell remains “unistalled” I have no way of knowing how to fix this.

  29. Ophelia says:

    Thank you for the help with getting rid of it.

    I have an older version of skype and it happend to me yesterday. I liked skype so far, but now… time to change?

  30. Ewa says:

    very, very thanks! 🙂
    This advice saved me

  31. Peter says:

    Jeff,
    Do you surf the net in an admin account? I don’t, nor does Pat, nor does our son or at least that is how I set up Windows 7 on his old laptop. I’ll send you my tirade on that when I get home. I have been thinking about using Skype, but I don’t want to do so on Windows box user or admin. I am thinking about building a Linux Skype appliance. If I can swing it it won’t have a spinning hard drive either. It will be a stripped down distro that will only run Skype. That will avoid the auto install issue too. However, with Microsoft buying Skype, then I would be looking at a different service, but it MUST work with Linux.

    1. This isn’t quite the same as a drive-by install. When I get on the Web in an admin account I’m running Firefox under DropMyRights, with the NoScript and AdBlockPlus plug-ins active. That’s a pretty rugged setup. But I’m seeing people report that this install happened in a UAC as well, suggesting that it wasn’t an “install” as we ordinarily understand it. Skype did the install, and as I understand it, whatever it installs has the same privileges as Skype itself. So being in a UAC was no protection this time. That’s why I find this all so fascinating: If it’s a malware trick, it’s a trick I’ve never seen used before.

  32. Peter says:

    Jeff,
    As for crapware (all too kind a word) I do agree with you. Late last year I bought the Lenovo ThinkPad Edge 15 that I am using as I type this, in Columbus, Ohio. It only had 2 GB of RAM and a 250 GB HDD. Even before I got it or boot it for the first time I ripped out the RAM and HDD and replaced them with 8 GB of RAM and a 500 GB HDD. I installed Windows 7 Pro 4 bit and Ubuntu 10.4 LTS. I have installed various security testing and forensic software. But nothing that says “Pay for me and get the full version!” I did make a image of the original HDD using Clonezilla (good stuff and free) and am now using it in a USB external enclosure. The previous two computers in our house were built by me so NO CRAPWARE.

  33. […] Microsoft O’ Microsoft, what have you done. Skype was almost perfect before the merger. A few days back, Users were having trouble signing in and now it seems that it’s automatically installing crapware called EasyBits Go without permission. It’s basically a Malware but surprisingly, it comes out clean in anti-virus apps. Skype has also acknowledged this situation but haven’t released the official statement yet. Anyways, here’s how to remove EasyBits (source) […]

  34. tomy says:

    http://www.easybitsmedia.com/support/RemoveGO.exe – Found an uninstaller at EasyBitsMedia.com, not sure if it makes a difference, but try it I never had Skype so I don’t have this problem.

    According to the news and media – http://www.easybitsmedia.com/NewsAndMedia

    “May 27, 2011: EasyBits Media announces a gold release of EasyBits GO (Game Organizer). This is a major update for Skype Game Channel, a popular Skype Extra with over half billion games played.

    Skype Game Channel is operated by EasyBits Media since 2006 and included in Skype for Windows setup distributed by Skype.”

    So looks like you had it the whole time and this is just an update (but I’m not entirely sure). Apparently, the “Play Games” extra that came with Skype was powered by Easybits Go, and now they have a new update for it. That’s why all this nonsense is happening.

    And not to mention their Facebook account has 3804 likes ( http://www.facebook.com/EasyBitsGO ).

    I’m sorry for ya. But that’s why I use google talk.

  35. Jeff says:

    Hi, thanks for your article. I just signed on to Starbuck’s free wifi and there was the shortcut on my desktop. I haven’t made a Skype call on this machine in at least three weeks. Skype runs in the background, so it seems that EasyBits downloads quite invisibly. Perhaps naively, I was under the impression this was illegal. Well, I’d better go follow your deletion protocol — thank you!

  36. Jeff says:

    I realize I may have implicated Starbucks in my post. I rescind that unintentional implication. Apparently EasyGo got me yesterday, I just didn’t notice it until today.

  37. Joseph says:

    Just realized that I had this program on my desktop and in my applications folder. Did nothing to my PC that I know of, but I appreciate you giving instructions on how to kill it. I have XP with SP 2 on my PC, but I also have the newest version of Skype as well.

    Thanks,

    Joe

  38. Ruth says:

    Same problem here – I am furious with Skype.

  39. Andrew Milne says:

    Not sure if this is related, but I expect it is since I haven’t used this machine since following you wiping instructions yesterday. I just got three threats popping up on Microsoft Forefront:

    1) Trojan:Java/Classloader.X
    The file was in the Application Data folder of my account, under Sun\Java\Deployment\cache\javapi\v1.0\jar\gsb50.jar-29b1f120-2cb4beda.zip->AppletX.class

    2) Exploit:Java/CVE-2008-5353.YK
    Same location, except piu.bin-6f995217-38c252f8.zip->myf/y/AppletX.class

    3) Exploit:Java/CVE-2008-5353.YJ
    Same location, except piu.bin-6f995217-38c252f8.zip->myf/y/LoaderX.class

    All three were caught and (apparently) removed.

    Interestingly, the first two came as I was searching for the ezPMUtils.dll’s mentioned above, the second came as I was searching for something else. All of this happened after I uninstalled Skype _yesterday_.

  40. John says:

    http://www.threatexpert.com/report.aspx?md5=f6a970c3351815ac9d932a792f23be45

    Looks like I have some registry cleaning to perform…

  41. John says:

    http://blogs.skype.com/garage/2011/05/easybits_update_disabled_for_s.html

    “pdate delivered to Skype Extras for Windows by Easybits software.

    The software is provided by our partner EasyBits, and is part of the Skype Extras Manager. The Extras Manager has been included in Windows releases of our software since 2006. This latest update from EasyBits included elements of their desktop games organizer in error, but it neither installs nor un-installs correctly. This update has been disabled while we work with them to correct the problems and user experience.

    Skype works closely with its partners to ensure that our users receive the best possible Skype experience and is working with EasyBits to ensure this issue does not happen again. “

  42. tgraupmann says:

    Also remove the C:\programdata\EasyBitsGo folder
    c:\programdata\SkypeExtras\ezPMUtils.dll
    c:\programdata\Skyype\Plugins\ezPMUtils.dll
    c:\program files (x86)\Skype\Plugin Manager\ezPMUtils.dll

  43. […] a strange reluctance to jump on the issue, the major news outlets have begun covering the excitement of this past Saturday morning, when untold numbers of Skype users suddenly found new software installed on their Windows PCs, […]

  44. Yehuda Lavi says:

    I have XP SP2 and Skype 4.2.0.158 yet I also got this crapware, so no hope in this direction.

    I just hope they don’t have access to my credit card typings…

    My machine is DELL D430, but do you think it has anything to do with it? I cherish this machine, thinking about the Big Brother machines of the newer generation, where our Brother gets bigger and bigger…

    We, who uninstall it are not even one percent, I guess. The rest are naïve, ignurant, inocent people who are treated in a similar way animals are treated in the concentrations camps all over the globe: as money making material.

    Welcome to the Velvet Dictatorship of Technology. Here, I coin this term this very day :-).

    PS
    The dll was found in my machine at:
    C:\Program Files\Skype\Plugin Manager
    C:\Documents and Settings\All Users\Application Data\Skype\Plugins

  45. Yehuda Lavi says:

    Few more things:

    I found this file “EASYBITSGO.EXE-364DAFD6.pf” under:
    C:\WINDOWS\Prefetch

    “Bit” means prick in French. It sounds like Freud was guiding them in choosing their branding 🙂

  46. Dubravko Zgrablic says:

    There’s actually quite a bit more in registry than just the one you pointed out in Current User – also in CLSIDs, as well as in Users and Local Machine.

    I suggest you scan the complete registry for EasyBits and ezPMUtils (I found cca. a dozen instances at different places) and remove top-level key (obviously, with the assumption you’re well versed in regedit).

  47. NannyGran says:

    Hi Jeff,
    I have copy/pasted and printed out your instructions, but before I proceed I wanted to ask some questions. I so enjoy Skyping with a friend and do not want to stop using Skype. My friend kept talking about playing games that I didn’t have and that is when she told me that she got the pop up that you refer to and responded with ‘yes’. I did not get this pop up and did not have it in my programs and so I did a search for EasyBits Go download and found a ‘windows’ download for it and did jus that-downloaded it. Since then, we have been enjoying chatting and playing games with each other. A few days ago, however, we found for some reason we can still play the games individually, but when she invites me or we both get stuck on ‘loading’ (black screen with silver spiral in middle). When I invite her, my game loads, but she is still stuck on ‘loading’. She has tried numerous ways to trouble shoot, but neither of us (who so non-tech people) could figure out why. That is when I started ‘googling’ to find out how to fix the problem – and in doing so found out about the problem you described.
    So, to make a long story short (which I never do :D) I am hestitant to uninstalal the EasyBits Go due to the enjoyment my friend and I have playing the games through Skype with each other. My question is-how harmful is this to our PC’s and if it’s not major do you know of a way we can fix the problem of ‘play’ so we can continue. If indeed we need to get rid of the ‘extras’ to protect ourselves we will – and just continue to use Skype the way we did in the beginning – no gaming.
    I would appreciate you advice when you have time. Thanks, NannyGran

  48. Chip says:

    I look at all of the work you have to go through to remove this and I am amazed but not surprised. It seems that since Microsoft has bought Skype they are destined to mess up a great product.

    I have used MSft my entire career but switched to Apple 4 yrs ago since I started my business. I left behind all of the ’20 questions’ when asked to do something or add something from Microsoft. Now MSft is just another application on the Mac. I use it to run one application for my business. If I need to reload the Msft OS, it is just a file on backup and I do not need to go through all of the gyrations of reloading software, just bring a file from backup. It really is amazing.

    Apparently Easybits is not available on Apple, no .exe’s are allowed.

  49. Paulie-D says:

    In December 2011, I purchased a new Lenovo laptop. There’s an app named “EasyBits Chat” as well as several EasyBits games installed. I have not installed Skype nor is it preinstalled.

    The EXE and DLL files are located at:
    C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\

    Looking at the app properties for EasyChat.exe, it’s from “EasyBits Software AS”. However, the other game apps are from “EasyBits Media AS”. There are two DLLs in this folder as well: “ezGameXN.dll” and “ezGameXNBC.dll” whose description is “EasyBits GameTime Utilities”.

    Note that there is NO obvious uninstaller for this bloatware.

    The website’s support page also offers NO uninstaller, except for the “EasyBits GO” issue discussed within this blog.

    It’s my assumption that the developer’s website is:
    http://www.easybitsmedia.com

    I am interested in completely uninstalling this crapware. I’ve written using their Contact Us page asking for instructions.

    1. Paulie-D says:

      I am interested in completely uninstalling this crapware. I’ve written EasyBitsMedia.com using their Contact Us page asking for instructions. However, after 2 months, I have not received a single reply. They obviously agree that they apps are crapware.

Leave a Reply to Eran James Cancel reply

Your email address will not be published. Required fields are marked *