Spyware "Anti-spyware"

[Markel]

This is worth looking at. There are some purported anti-spyware packages that are really spyware. Take a look at the "vendors" on this page, AND STAY AWAY FROM THEM! Lousy scammers!

http://blogs.zdnet.com/Spyware/index...52&tag=nl.e589

[PoorAvatar]

Thanks. Several weeks ago my laptop was infected with the spyware called spysheriff and it took hours to get it off. It was a nightmare. I don't know how I got it. Has anyone else experienced this?

[mechmike0034]

More info: http://www.spywarewarrior.com/rogue_anti-spyware.htm

I visited the pages in the blog link, and didn't have any problems. Mainly because I visited them from a Puppy Linux box running Mozilla...

[hoey222]

i had a client computer that had spysherrif on it. i just wiped it and started over - it took less time than trying to clean it.

[theorangeone]

My friend ended up getting spysherriff on his machine from downloading pirated software. I told him it served him right!

[mechmike0034]

Another post with anti-malware links:

http://forums.gotapex.com/showpost.p...5&postcount=10

Here's some great info on running popular antivirus/antispyware apps from the command line in Safe Mode: http://www.ubcd4win.com/forum/index....ndpost&p=22634

I was a big fan of The NyQuil Kid's Public Antivirus CD, which he ceased development on last summer. Others have picked it up, and details can be found here: http://www.rescueme4win.org/UpdatePublicAntivirus.htm This runs McAfee from the command line off of a bootable CD, which is great for removing malware - much more thorough than running it from within the Windows environment where things can hide and replicate.

The Public Antivirus CD (with the latest version of Autopatcher XP aded to it) is the first thing I whip out when dealing with a "pwn3d" box...

[shocky123]

..You must be tedious and rutheless in your selections of supposed 'anti-anything' products.
More often than not, you can get burned.

I say you get what you pay for in terms of security and software.

adios,

~Kyle

[mechmike0034]

"Windows ANTI-spyware" was the first in the long line of supposed anti-spyware programs that were/are really spyware.

With all due respect - is this fact, or opinion? What makes it spyware?

[Jeffbx]

That's a lot of FUD you're spouting there, Kyle. Got anything to back it up?

[shocky123]

Yes,

windows genuine authentication was originally crammed into the windows anti-spyware suite.

since technically this was not a part of the correct working of the product, I would venture that it can be considered an 'unwanted' effect/program that is the result of the suite.

being unmentioned in the end-user agreement, this is technically spyware.

that is all I was trying to reference, my appologies if this was not as well known as I had thought.

~Kyle

[mechmike0034]

windows genuine authentication was originally crammed into the windows anti-spyware suite.

This is incorrect. Windows Genuine Authentication is a required process to get to the MS Antispyware download IF you are running XP, but WGA is not "crammed into" MS Antispyware itself.

WGA has an independently-audited privacy policy, details of which can be found here: http://www.microsoft.com/genuine/dow...displaylang=en

WGA is only required for XP. From the Genuine Windows FAQ at http://www.microsoft.com/genuine/dow...isplaylang=en:

Validation is required for all genuine Windows downloads on Microsoft Download Center. It is also required by the Windows Update service for users of Windows XP including Windows XP Home, Windows XP Professional and Windows XP Media Center Edition. All users can access security updates via Automatic Updates. Genuine Windows downloads are available, without validation, to customers running Windows 98, Windows ME, Windows 2000, Windows Server 2003, Windows XP Professional x64 Edition, Windows Vista, and Windows NT 4.0 with Service Pack 3.

MS does make MS Antispyware available (for now) as a direct download without going through WGA at the following link: http://download.microsoft.com/downlo...areInstall.exe

Besides, if the MS Antispyware application itself validated Windows (or did anything else that wasn't evident to the user or mentioned in the EULA) folks like Mark Russinovich (who discovered and publicized the Sony rootkit), Eric Howes (noted/quoted authority on spyware), et al would be all over it.

[PoorAvatar]

Thanks for all the info!

[zero2dash]

I'm still waiting for the answer as to why (at least before), MSAS didn't detect Gator as spyware, which was reported conveniently around the time the rumors sprouted about MS buying Gator.

As such - I still feel the same way about MSAS. (In the words of Public Enemy) 'Can't truss it'

[doolittle]

I was just checking out this site http://wwwStopBadware.org/ it has searchable lists of "legit" software that has Spyware hidden in their products, it was originally funded by Google and computer makers Lenovo Group and Sun Microsystems. Now the site is managed by Berkman Center for Internet & Society at Harvard and the Oxford Internet Institute. Looks reputable to me.

[Butch]

I'm still waiting for the answer as to why (at least before), MSAS didn't detect Gator as spyware, which was reported conveniently around the time the rumors sprouted about MS buying Gator.

As such - I still feel the same way about MSAS. (In the words of Public Enemy) 'Can't truss it'

It's because Gator isn't technically Spyware . . . it's Adware . . . at some point, everyone who has Gator on their computer agreed to an EULA that stipulated the downloading, installation and use of Gator . . . it's sneaky, but technically, people opted-in.

[zero2dash]

It's because Gator isn't technically Spyware . . . it's Adware . . . at some point, everyone who has Gator on their computer agreed to an EULA that stipulated the downloading, installation and use of Gator . . . it's sneaky, but technically, people opted-in.

If MSAS doesn't detect Gator as spyware (which may be true), then why doesn't it detect it as adware? 'Cause Ad-Aware and Spybot both detect Gator.

Technically - people may be 'responsible' for downloading or installing Gator. But then again, if we're going to call semantics, I'm sure if Gator said "we're gonna install a bunch of BS on your computer, click here to continue" - it'd never get installed in the first place. If people knew beforehand all of the crap that KaZaA and Ares installed, they wouldn't bother with those either. Hell you can probably come up with a couple hundred programs that fall into the "lies about what it does when installing" category that would never be installed on anyone's computer if the program vendor was truthful from the getgo.

[gwilks98]

If MSAS doesn't detect Gator as spyware (which may be true), then why doesn't it detect it as adware? 'Cause Ad-Aware and Spybot both detect Gator.

Technically - people may be 'responsible' for downloading or installing Gator. But then again, if we're going to call semantics, I'm sure if Gator said "we're gonna install a bunch of BS on your computer, click here to continue" - it'd never get installed in the first place. If people knew beforehand all of the crap that KaZaA and Ares installed, they wouldn't bother with those either. Hell you can probably come up with a couple hundred programs that fall into the "lies about what it does when installing" category that would never be installed on anyone's computer if the program vendor was truthful from the getgo.

Microsoft downgraded Claria months ago. That's why it doesn't pick it up.
http://www.eweek.com/article2/0,1895,1834607,00.asp