|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Computer Security News The Latest Computer Security News |
 |
|
|
LinkBack | Thread Tools |
10-29-2005, 09:23 PM
|
#1 (permalink) |
|
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,963
OS: Windows 7
  |
Anti-Spyware Coalition..Do you trust them?
In my endless search for malware related issues and keeping up on the latest developments of the security industry I came across several blogs blogging about the latest news from the Anti-Spyware Coalition. At present they are trying to come up with a definition of what spyware really is.
http://www.antispywarecoalition.org/...efinitions.htm Now....those of us that remember the organization "COAST" know that when you have members that are somewhat sympathetic to adware/spyware vendors it calls into question that organizations resulting conclusions. I was surprised to find which companies belong to this Anti-Spyware Coalition that we are supposed to trust to defend us against these bad guys. Here they are.... Aluria AOL Blue Coat Systems Canadian Coalition Against Unsolicited Commercial Email Canadian Internet Policy and Public Interest Clinic Center for Democracy & Technology Computer Associates CyberSecurity Industry Alliance Dell, Inc. EarthLink F-Secure Corporation HP ICSA Labs LANDesk Lavasoft McAfee Inc. Microsoft National Center for Victims of Crime Panda Software PC Tools Safer-Networking Ltd. Samuelson Law, Technology & Public Policy Clinic at Boalt Hall, UC Berkeley School of Law Sophos Symantec Tenebril Trend Micro Webroot Software Websense Yahoo! Inc. Now....I highlighted several in RED for a reason as I want to see if your understanding match’s mine. According to the Anti-Spyware Coalitions own definitions...several of these company’s already fall into the a "Browser Hijacking" category.
On to the "Goodies"..... Aluria Was one of the first to DELIST WhenU from their detection database. Why? Because Aluria (a Spyware detection program) went into partnership with WhenU (a known adware company) AOL Makers of that great AOL/AIM toolbar that doesn't even comply with their own privacy statements. Makers of AIM IM that installs Viewpoint without any consent from the user. O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe Dell Installs a "Browser Hijacker" Myway/Mysearch on all new Dell PC's http://www.doxdesk.com/parasite/MySearch.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll EarthLink Installs a "Browser Hijacker" along with so much junk it's unreal... R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/mo...ton/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.earthlink.net/AL/Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.earthlink.net/partner/mo...ton/search.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/ O2 - BHO: EarthLink ScamBlocker V2 - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink TotalAccess\Toolbar\EScamBlk.dll O2 - BHO: EarthLink PopUp Blocker V2 - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink TotalAccess\Toolbar\ElnkPuB.dll O2 - BHO: Earthlink Protection BHO - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink TotalAccess\Toolbar\ProtctIE.dll O2 - BHO: Uninstall Legacy Earthlink Toolbar - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink TotalAccess\Toolbar\uninsttb.dll O23 - Service: EarthLink Monitor Service (EarthLinkMonitor) - Boingo Wireless, Inc. - C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe HP Installs "Browser Hijacker" on their PC's R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop Microsoft Delists several adware/spyware products from their MS Antispyware utility and sets them to "Ignore". Basically telling you they are OK to keep. Claria, 180Solutions, WhenU, New.net, most WhenU apps, eZula,TopText, Gain/Gator, and Webhancer Yahoo! Inc Installs a "Browser Hijacker" when user installs SBC for internet access. Several ISP providers (BT, LongPond and others) also install this same hijacker. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btyahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yc.../search/ie.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yc...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/ O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll O3 - Toolbar: BT Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll O9 - Extra button: BT Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - C:\Program Files\Yahoo!\browser\ysidebarIE.dll O9 - Extra 'Tools' menuitem: BT &Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - C:\Program Files\Yahoo!\browser\ysidebarIE.dll Now I ask you....are these the kind of companys you want to rely on to set the standards for what adware/spyware definitions should be?
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!
   Spyware/Adware Removal Tools Hijackthis Ad-aware SE Spybot Search&Destroy SpywareBlaster CWShredder |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
10-30-2005, 01:45 AM
|
#2 (permalink) |
|
Moderator, Microsoft Support
Join Date: Jul 2004
Location: United Kingdom
Posts: 6,482
OS: XP SP2
|
Not to mention the connection between Vundo and Dell/Myway.
MB. You should really voice these concerns (in writing if you wish) at one of these summits. They should all be notified, especially those listed above... to leave our pcs alone!!!!  In my opinion Dave, since a few in the list fall under our definition of adware,spyware/undesirable programs, maybe this is why they are trying to define the term 'spyware'? You know - butter up the concept so that they are not considered to be such venders????
__________________
  Last edited by POADB; 10-30-2005 at 01:51 AM. |
|
|
|
|
11-01-2005, 01:45 PM
|
#3 (permalink) |
|
Manager, Security Center, TSF Academy; Analyst, Security Team
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 35,707
OS: 2000 Pro; XP Pro; XP Home
|
Ugh.....here we go again.
I've been leaving some of those alone. Armed with this info, shall I kill them all?  
__________________
Practice Safe Surfing Because what you don't know, CAN hurt you. Microsoft MVP - Consumer Security 2009
|
|
|
|
|
11-02-2005, 01:11 AM
|
#4 (permalink) |
|
Moderator, Microsoft Support
Join Date: Jul 2004
Location: United Kingdom
Posts: 6,482
OS: XP SP2
|
No Bob.
Just stick to our normal removals. As discussed with MB, removing some of the others can result in that particular service not working correctly - which in some cases includes their connection or functionality of the internet. (i.e AOL, Earthlink, Net Zero etc etc..)
__________________
|
|
|
|
|
11-03-2005, 12:11 AM
|
#5 (permalink) |
|
Lazy Bum
Join Date: Mar 2005
Location: Salt Lake
Posts: 1,015
OS: XP Home SP3/Vista
|
I think we will find the purpose of "defining" spyware is ultimately going to be geared toward future legislation. We are seeing more & more cases of malware abuse brought to the courts who all seem to be dealing with them in different ways. I think heavier & specific legislation of malware is in the near future. Companies like these know that when it comes to legality, it's all in the definitions. An organization with members like these is likely to infuence the way lawmakers & courts define spyware, and therefore may be able to make themselves loopholes before the ink even dries.
I think any 'definitions' this organization puts forth should be reviewed closely, and if found to leave holes, denounced very loudly! Last edited by RavenMind; 11-03-2005 at 12:13 AM. |
|
|
|
|
11-03-2005, 12:58 AM
|
#6 (permalink) |
|
Moderator, Microsoft Support
Join Date: Jul 2004
Location: United Kingdom
Posts: 6,482
OS: XP SP2
|
I say they actually ask the experts who deal with spyware daily to define malware. Those considered or are known to be malware/adware/spyware should have no say in the matter.
__________________
|
|
|
|
|
11-03-2005, 05:49 PM
|
#7 (permalink) |
|
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,963
OS: Windows 7
|
For the most part..they are Rich. Whats an unknown factor..is those companys I listed true stance on adware/spware. I mean if Microsoft (one of the biggest companys with an army of lawyers) caves to those adware/spyware makers how can you lend anything to their opinion on the subject?
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!
Spyware/Adware Removal Tools Hijackthis Ad-aware SE Spybot Search&Destroy SpywareBlaster CWShredder |
|
|
|
|
| Thread Tools | |
|
|
