12/5/2004
How To Be De-Listed from the Rogue/Suspect Anti-Spyware Programs list
Since the Rogue/Suspect Anti-Spyware Products & Sites pages were first published in June of this year, both Eric L. Howes, author of the page, and I have been approached by a number of vendors who asked, demanded and some times used threats in an attmept to have their applications removed from the list. Eric has posted on the Spyware Warrior forum what a program or company must do in order to get de-listed. With Eric’s permission, I am quoting his entire post here:
Some folks may be interested in just what a program or company must do in order to get de-listed from the Rogue/Suspect Anti-Spyware page. The requirements differ from program to program because no two programs have exactly the same problems. Let me assure our readers, though, that anti-spyware programs listed on the Rogue/Suspect page must do more than simply sweep a few false positives under the rug.Here are some of the things we’re required anti-spyware vendors to do in order to get their applications de-listed:
1. Correct false positives and take steps to reduce the liklihood of future false postives.
2. Release major new versions of an anti-spyware application in order to correct problems with previous versions, break ties with those previous versions, and bring the development of the application firmly “in house.”
3. Correct problems with scan reporting to improve the amount of information given to trial users and to avoid hard-sell tactics.
4. Remove high pressure, false, or deceptive advertising from web pages.
5. Remove dubious, onerous, or inappropriate license terms from the application’s EULA.
6. Post a copy of the company’s privacy policy and EULA to the application’s home page.
7. Re-write the affilate contract to prohibit such affiliate behavior as:
- use of spyware and adware to promote or support the anti-spyware application or the affilate;
- association with any web site or application that employs adware, spyware, or malicious software of any kind;
- hijacking of users’ computers or web browsers;
- use of high pressure, false, or deceptive advertising;
- use of unsolicited bulk commercial email (i.e., “spam”) to promote the product and/or affiliate.
Two examples of affiliate agreements we have helped re-write are:
NoAdware
http://www.noadware.net/affiliate/agreement.htmXoftSpy
http://www.paretologic.com/affiliates.aspx?w=a8. Terminate the contracts of affiliates who are in violation of the above terms of agreement.
9. Correct other problems with the application or company web sites.
When we de-list an application, we add a note at the bottom of the main Rogue/Suspect list explaining the problems that originally caused us to list the application as well as the reasons for de-listing the application. An entry for the application is left in the main list itself, but that entry merely points to the explanatory note at the bottom of the list. We keep that entry with the pointer to the note so that visitors to the page won’t miss the note and erroneously assume that we either don’t know about the program or that we endorse its use.
One final word about the process for de-listing applications. we are always happy to work with companies and individuals who are sincerely committed to cleaning up their acts and resolving problems with their applications and web sites. Although this process can take some time (up to several months), we will work with such companies and individuals, provided there is genuine commitment to addressing and resolving the problems we’ve identified.
We do not knuckle under to threats, however, esp. legal threats. In the past few months Suzi and I have been threatened so many times that I’ve lost count. Not a single one of those threats has achieved the desired results. Indeed, threats to file lawsuits—usually on the basis of flimsy, unsupportable “defamation” claims—are not only ineffective, but completely counterproductive. Every single entity who has threatened us with a lawsuit has eventually (and wisely) decided that such a lawsuit would do more damage to themselves than any reasonable person could justify. Indeed, a number of these entities realized that it would be much more productive simply to work with us to improve their products and services than to pursue a pointless, frivolous lawsuit.
In any case, I hope our discussion here sheds some light on why applications are de-listed from the Rogue/Suspect Anti-Spyware page and what the process is for de-listing those applications.
Best,
Eric L. Howes
As of this date, several applicatons have been de-listed. They are:
SpyHunter from Enigma Software Group
SpyWare Killer and SpyWare Killer Pro from Cosmi
The links are to the notes on the Rogue/Suspect Anti-Spyware Programs page explaining why the applications were de-listed.
Updated on Dec. 8, 2004 by Suzi:
XoftSpy from Paretologic has been de-listed now.
10/4/2004
Anti-Spyware Test Results Published
New on Spyware Warrior – Anti-Spyware Test by Eric Howes.
Overview
As the the threat of “spyware” and “adware” has escalated over the past few years, the number of “anti-spyware” scanners available on the Net has grown equally fast. At present there are over 100 anti-spyware scanners available for download—some for free, some for pay. Spyware and adware are themselves complex enough to prove bewildering to most average users, however. So confusing in fact is the threat of spyware and adware that users often have trouble distinguishing effective anti-spyware scanners from less effective ones. Although a number of “tests” of anti-spyware scanners have been reported on the Net, many if not most of those tests are of limited value because the design, methodology, and execution of the tests is not fully and publicly documented, leaving even experienced users and experts to wonder just how meaningful those tests really are. Still worse, some of those “tests” are even touted by webmasters who are affiliates for the companies whose products are “tested.”
The first ten applications tested were:
Lavasoft Ad-aware SE Personal 1.05
Webroot Spy Sweeper 3.2
Spybot Search & Destroy 1.3 tx
Aluria Spyware Eliminator 3.0.32
McAfee AntiSpyware 1.00.1126
Pest Patrol 4.4.3.24
Intermute SpySubtract Pro 2.51
GIANT AntiSpyware 1.0.266
PC Tools Spyware Doctor 2.1.0.254
Xblock.com X-Cleaner Deluxe
Detailed test results are reported here.
This is an awesome work, very detailed and thorough. But do read his disclaimers also.
The results of the second series of tests will be published soon.
I aso highly recommend Eric’s personal website, which is a treasure of information about Privacy & Security.
Update: The results of the second round of testing have now been published:
Hi All:I just posted the second round of test results, which includes a number of tests with lesser known anti-spyware applications.
http://spywarewarrior.com/asw-test-results-2.htm
If you haven’t already done so, please do review the Test Guide and the disclaimers on that page:
http://spywarewarrior.com/asw-test-guide.htm
Best,
Eric L. Howes
Applications tested in the second round are:
BPS Spyware & Adware Remover 8.2.0.10
XoftSpy 3.45
NoAdware 2.01
Spyware C.O.P. 10.0
SpyHunter 1.5.83
SpyKiller 2005 1.00
SpywareNuker 2004 2.13
OmniQuad AntiSpy 4.2
SpywareStormer 1.4.7
ZeroSpyware 2004
This is another example of the excellent work by Eric Howes.
Comments (2) | Permalink | Filed under: The Fight , Weapons of Mass Spyware Destruction
9/23/2004
Anti-spyware Software Review Sites again
I posted a few days ago about the problems with anti-spyware software review sites and here’s an excellent example from a post at SpywareInfo.com’s forum. Someone posted a link to this site:
http://www.anti-spyware-review.toptenreviews.com/. The person not only posted the link, he/she went on and on about it and essentially made a fool of him/herself in the forum. I got a screenshot that perfectly demonstrates how you can tell of the products being reviewed are affiliate links. I can’t seem to make the file upload in WordPress work correctly, so click here to see the screenshot.
You can see how hovering your cursor over the “buy now” link under each product listed in the reviews, very clearly shows the affiliate ID. It’s very obvious that the site is affiliated with each of those products.
Notice the alt text that says “buy SpyHunter from the manufacturer”, then notice the URL in the status bar at the bottom of the pic. That shows the affiliate ID so the company knows who to credit for that hit or that sale.
So the question is – can the reviews be unbiased when the reviewer has a financial interest in the products being reviewed? I think not.
8/16/2004
SpyHunter Revisited
I previously blogged about SpyHunter and EnigmaSoftwareGroup including the letter I received from Mr. Stark. Now that I have a test computer set up, I decided to actually try the free scan from SpyHunter for myself. First I ran SpyHunter knowing that the machine was spyware-free. It correctly identififed a few cookies, but did not find any false positives. Then I deliberately infected the computer with a number of malware/spyware files. I ran SpySweeper and Ad-aware but did not remove anything prior to running SpyHunter.
SpyHunter identified most of the malware files that SpySweeper and Ad-aware found, but not all. See the screenshot and click for larger image.
Of course SpyHunter wouldn’t remove anything unless I paid for the program. Based on that limited testing, I would conclude that SpyHunter did a decent job of identifying the spyware files. The one thing I noticed is that the ad I saw shows a new version of SpyHunter, v. 1.5.83, but the free scan said v. 1.1.30. SpyHunter did add itself to the start up list without asking. It did not appear to install any malware itself.
SpyHunter’s advertising seems to have been toned down since a few months ago. In searching around the web for spyware products and info recently, I have not encountered the obnoxious ads for SpyHunter that I used to find.
The one thing that would make SpyHunter more seem more legitimate and desirable, in my opinion, would be for them to offer a fully functional trial version for a limited time period, like SpySweeper and other vendors.
6/24/2004
SpyHunter and Ad-aware
In a previous post, I mentioned that Ad-aware now targets and removes SpyHunter. Here is the explanation from Lavasoft as to why SpyHunter was added to it’s list of targets.
http://www.lavasoftnews.com/theeye/i19/a1.html
SpyHunter now included in Ad-aware’s database
By ?sa Karlsson – Content Manager
Enigma Software Group Inc. is the company behind the SpyHunter software. They claim that ?Our suites are built to address the need of privacy protection and computer security. We empower internet users to take control over their computers against Spyware, parasites, SPAM, and others obtaining your personal information online!? However, what?s not disclosed is the hidden transmission of the Microsoft Windows Product ID to their servers every time their software checks for an update. They also uniquely identify their users by use of a unique ID for each installation. This unique ID is also sent to their servers undisclosed. This is something we at Lavasoft find highly questionable and unethical.
A security expert and software developer who ran SpyHunter’s free scan reported to me that the unique ID that was sent to EnigmaSoftwareGroup’s servers was the MAC address of his network card. The MAC address contains the code for the manufacturer of the card and a unique number for that card on that machine. The MAC address of your NIC, or network card, has been compared to your street address, which is of course, uniquely yours.
The Lavasoft article goes into great detail about SpyHunter and why it was added to their targets.
6/8/2004
Another View of SpyHunter
I sent an email to Eric Howes, the developer of IE-SPYAD, well known author and educator who has contributed tremendously to the anti-spyware community, asking him if he had ever tested SpyHunter and if so, what were his findings. This is his reply.
I have done some limited testing with SpyHunter. I ran tests on two
different machines:
1) A clean system with no known “spyware” on it;
SpyHunter correctly reported that no known spyware was installed. This sets
the program apart from other “rogue” anti-spyware apps that I have tested,
which flag non-existent spyware on the user’s system then demand payment in
order to remove that spyware—an out-and-out scam.
2) An infested system, with several forms of “spyware”/”adware” (all of them
installed by or along with C2 Media’s Lop.com software)
SpyHunter detected almost all the “spyware” items in the infested computer,
missing a few files and registry keys here and there. It also flagged
cookies from known advertisers and spyware vendors.
When I attempted to clean the items, it demanded payment—telling me that
I had to purchase a license for the “full version” and register in order to
activate the cleaning functionality.
I should emphasize that the testing that I did was extremely limited. In
order to get a better sense for how SpyHunter compares with the more
established anti-spyware scanners like Ad-aware, Spybot S&D, and Spy
Sweeper, one would need to do much more involved comparative testing.
Suffice it to say the at least on a functional level, SpyHunter is not a
complete scam. It does not flag non-existent spyware on users’ systems in
order to extort payment out of them. It also does do a half-decent job of
scanning systems and reporting “spyware” problems.
The problem with SpyHunter is the same problem that plagues another
well-known privacy and security app: Evidence Eliminator—a program that
is now infamous on the internet. EE itself on a functional level does do
some amount of system cleaning (removing stray files and Registry entires,
et al).
Both EE and SpyHunter, however, use extremely objectionable, “in-your-face”
scare tactics and aggressive pop-up advertising to stampede users into
buying their programs, which provide functionality and protection that can
be had for free from more established programs with proven track records and
well-deserved reputations (such as Ad-aware Personal or Spybot S&D).
SpyHunter goes beyond even that, though, because the company responsible for
it, Enigma Software, deliberately attempts to confuse internet users by
using the word “spybot” and other related terms in its advertising and
domain names. It is essentially exploiting Spybot S&D’s good name and
reputation to garner sales for its own software and trick users into paying
for protection that Spybot S&D provides for free. That alone is enough to
recommend against the program.
You’ve seen one example of this: squatting on the safernetworking.org domain
in order to pick up sales from clueless users looking for the free Spybot
S&D. Enigma Software also uses advertising through Google’s “sponsored
links” “ad words” to confuse unwitting users as well. Do a search on Google
for “spyware” or even “spybot.” Last I checked, most of the “sponsored
links” are to questionable anti-spyware programs. Many of those “sponsored
links” are in fact for SpyHunter, although the ads deceptively use the term
“spybot” in one way or another.
Google does know about this problem, by the way, but has simply been
dragging its feet for months on requests from Patrick Kolla and others that
it refuse to accept such deceptive advertising that exploits the name
“spybot” in any way.
If users want a simple recommendation on what to do with SpyHunter, mine
would be this: stay away. Not only does this program provide no protection
that can’t be had for free from more established, reputable programs like
Ad-aware and Spybot S&D, but any company that engages in the kinds of
business practices that Enigma Software does deserves no business or support
from users. With its aggressive pop-up advertising and scare tactics it
contributes to the very privacy and security problems that it purports to
solve. Moreover, its deceptive attempts to exploit Spybot’s good name and
confuse users are arguably just as objectionable as slippery “spyware”
vendors who hijack users’ computers or add unwanted toolbars to users’
browsers. In both cases, users are deceived or tricked into installing
software that they don’t want or need.
Put very simply: why would anyone purchase spyware protection from a company
that engages in these kinds of business practices? Is that the kind of
company users should put their trust in for spyware protection? I think the
simple answer is no.
I have read many anecdotes of people’s experiences with SpyHunter that would indicate that SpyHunter does install bogus files. Perhaps the problem is that those people had other spyware on their system already. I have never tested SpyHunter myself and plan to do so when I get my old computer online again. At that time, I will report my findings.
If anyone has a link to a version of SpyHunter that does install spyware, please respond with the link so it can be tested.
6/7/2004
More on the SpyHunter Story
Mike Healan of SpywareInfo.com wrote about SpyHunter in last weeks SpywareWeekly newsletter.
Understandably, many people consider SpyHunter to be nothing but a scam. Those of us in the antispyware community consider it to be garbage, little different from Spywiper or SpywareNuker. Check any antispyware message board and search for Spyhunter and you’ll see what I mean.
Mike also links to my original post with the letter I received from EnigmaSoftwareGroup with their request to remove all references to them from this blog and my forum.
As of this time, neither I nor my attorney have received a reponse from EnigmaSoftwareGroup regarding my questions to them to detail their complaints.
5/23/2004
Dont Mess with the Bloggers!
The blogosphere is not easily intimidated by threats. Xrlq got things rolling and Justene at CalBlog is rallying the troups for support. Justene knows about threats from her Infotel experience.
SoCalLaw Blog says “Don’t Read This”, but you can read it anyway. And e-Claire in her inimitable style has some choice words about the whole thing.
McGehee of BlogoSERIFICS has added SpywareWarrior to his blogroll and The Interocitor mentions some of the marketing techniques used for SpyHunter as written about here and depicted here. About.com has even better screenshots of the scrolling window. Too bad they have ads for some questionable spyware removers on the page.
Patterico is on the story and asks “Why do I say that this company has engaged in questionable practices?” Tonecluster is covering the story too. The Eternal Golden Braid has a few words to say also.
If you have never checked out the blogs listed above, you really should. Some of them are already on my blogroll and the others are going there shortly.
5/21/2004
Enigma Software Group - Questions that Need Answers!
Open post to C. Stark enigmasoftwaregroup.com
I have some questions that I want you to help clear up for me.
I really have to ask just who is the real CEO of the Enigma Software Group because in the email to Suzi, ?My name is C. Stark. I am the Chairman of Enigma
Software Group?
Now the only reference to a C. Stark is listed as the President of Adorons.com which is owned by enigmasoftwaregoup. When looking at the active corporation listing in the New York State database, it states that the CEO of the Enigma Software Group is Alvin Estevez.
Source: State Corporate Database Data
Current Entity Name: ENIGMA SOFTWARE GROUP, INC.
Initial DOS Filing Date: JULY 05, 2000
County: QUEENS
Jurisdiction: DELAWARE
Entity Type: FOREIGN BUSINESS CORPORATION
Current Entity Status: ACTIVE
ENIGMA SOFTWARE GROUP, INC.
C/O ALVIN ESTEVEZ
102-30 66TH RD STE 15K
FOREST HILLS, NEW YORK 11375
Chairman or Chief Executive Officer
ALVIN ESTEVEZ
102-30 66TH RD
STE 15K
FOREST HILLS, NEW YORK 11375
Principal Executive Office
ENIGMA SOFTWARE GROUP, INC.
C/O ALVIN ESTEVEZ
FOREST HILLS, NEW YORK 11375
Registered Agent
NONE
I have seen much of your many site and affiliates registering their domains with Domains By Proxy that will hide the true identity of those selling the products.
I have also seen a change in many of the sites that in one minute are selling spyhunter and the now they are all selling xoftspy.
You also state that you are a director of enigmasoftwaregroup yet you are mainly found as the President of Adorons, Inc. that deals in software for modeling. How is it you are an expert in the field of security software to detect and remove adware/spyyware?
Source:
Adorons.com
?Adorons, Inc. was founded in 1999 as a software company to develop internet applications that aggregate and distribute data exclusively for modeling and photography. All of our proprietary software is remotely hosted; therefore requiring no installation or programming.?
Also why does it take so many different domains to sell one product?
enigmasoftwaregroup.com IP from pinging: 207.44.185.159
uninstallxupiter.com 207.44.185.159
enigmasoftwaregroup.com IP from Sam Spade 66.98.154.60
photosoftware1.com 66.98.154.60
2-spyware.com 207.44.162.14
ADORONS.COM 207.44.162.14
HOSTCOLONY.COM 207.44.176.88
spywareremove.com 207.44.176.88
ANONYMOUSSURFING.NET 207.44.176.88
shows the copyright of copyright: ? 2003 Enigma Software Group, Inc. All Rights Reserved.
REGISTRYLINE.COM 207.44.185.155 Enigma Software Group Inc
KEYSTROKERECORDER.NET 207.44.176.88
shows copyright by spywareremove.com 207.44.176.88 shows spyhunter
download goes to keylogpro.com 207.44.176.77
Now KEYSTROKERECORDER.NET when clicking on the download goes to keylogpro.com where on the page has “Design by PAL Solutions Ltd ”
http://www.palsol.com/
which sells PAL Spyware Remover that doesn’t even catch half the stuff infesting computers today:
Source:
http://www.spywarewarrior.com/viewtopic.php?t=1151
These were at one time selling spyhunter but now xoftspy..why is their product better than spyhunter.
1SPYBOT.COM: 207.44.204.85 now xoftspy
spybot-spyware.com: 207.44.204.85 xoftspy
5spynetwork.com: 207.44.218.12 net detective
safespy.net: 207.44.218.12 xoftspy
DELETESPYWARE.NET 207.44.218.12
no-spybot.com: 209.170.32.71 spyhunter affiliate now xoftspy
spybot-download.com:209.170.32.71 spyhunter affiliate Now xoftspy
adwares.net: 209.170.32.21 spyhunter affiliate now xoftspy
Also in many of the older whois (yes I collect them all) the following email address shows as Maximus but now in the many of the current email addresses show Russo: Now the india.com is only a web based that you just fill out their form an have an email in a minute, no questions asked. I know as I have one there. Why would the same email in whois databases show two different people?
older email
Maximus, Velazarious utopia013@india.com 21 Jump Street Rancho Cucamonga, California 91730 United States 310-555-1212 Fax—Current email:
Russo, Alex enigma013@india.com
****
Now for the Spyhunter EULA
THE APPLICATIONS INCLUDE SPYHUNTER? again if iolo.com has the Spyhunter as a legal trademark in Washington D.C. Patent and Trade mark Office how is it that you not only use the name but also have the tm (Trade mark) at the end of it?
ALL OF OUR APPLICATIONS COME WITH THE ADORONS TOOLBAR?
Tell me why a toolbar from a site of yours that deals with Modeling software has to do with spyware detection and removal software?
Aslo on the Adorons.com site you have a link to PlatinumRomance.com that deals with online dating. Does this help detect and remove spyware/adware?
See the bottom of the page:
http://www.adorons.com/cgi-bin/models/index.cgi?op=2
We reserve the right to add additional features or functions to the existing Applications. When installed on your computer, the Application periodically communicates with our servers. We may require the updating of the Application on your computer when we release a new version of the Application, or when we make new features available. This update may occur automatically or through other means and may occur all at once or over multiple sessions. You understand that we may require your review and acceptance of our then-current privacy policy and/or end user license agreement before you will be permitted a limited license for any subsequent versions of our Application.
Now if a customer buys the Spyhunter, why is it your right to automatically update their computers with additional features. All the legitimate security software DOES NOT UPDATE AUTOMATICALLY!
“You understand and agree that by using an Application, you may be exposed to Content that may be offensive, indecent or objectionable in your community. You agree to accept all risks associated with the use of any Content, including any reliance on the accuracy or completeness of such Content.”
exposed to Content that may be offensive, indecent or objectionable
Is it not the reason to have security software is to guard against exactly what you state will happen to users who use your Spyhunter?
5/20/2004
Email from EnigmaSoftwareGroup
A few days ago I received the following email from the chairman of Enigma Software Group, the company that markets SpyHunter.
Suzi,
My name is C. Stark. I am the Chairman of EnigmaSoftware Group. I am writing you to let you know that
that we are deeply upset by some recent forum postings
that we have come across. And I am hoping that you
will be cooperative with us at clarifying some issues
on Enigma Software Group. Your website netrn.net and a forum called
spywarewarrior.com both contain a series of false
accusations that are defamatory and quite damaging
to Enigma Software Group. We are deeply disturbed by the postings on your
forum. On these pages there are articles that accuse
us of being a scam, claim that we are putting spyware
in peoples computers, and that we are unavailable to
our customers. None of these are true and we can prove
all of this. We respect what you are doing with your website,
and are glad to see others taking a stand against
spyware. But there are many untrue things being said
about us, and it is causing us damages. I am requesting that you please contact me so that
we may clarify any misunderstandings that may have
arisen. We are quite confident after taking a good look
at who we are and what we are about you will
realize that the things being said about us on these
pages are untrue. In the meanwhile, could you please remove any
references to Enigma Software Group, inc. or Spyhunter
from your website(s) until this has been cleared up.
Sincerely,
C. Stark
The following day, I received another email
Suzi,
I sent you a message recently, but haven’t heard a reply from you. You are continuing to operate webpages that say bad things about my company. You are making some harsh accusations on your website
that are not true. Can you please tell me why you are doing this?
C. Stark
Enigma Software Group
I responded then and asked Mr. Stark a few questions myself, which he has not answered yet.
My blog and fourm are being reviewed by an attorney. This not the first time a blogger has been brought under fire for their blog postings and the postings of their commenters. Justene Adamec of calblog was served with a demand letter from a company called Infotel for her blog posts and comments about the company.
Nearly the entire blogosphere got involved with the discussion, including Citizen Smash, the Indepundit, blogoSERIFICS, the Interociter and Right on the Left Beach, to name a few.
Update on June 4, 2004. According to my attorney, nothing has been heard from EnigmaSoftwareGroup in reply to my request to them for specifics of their complaint.
5/2/2004
Ad-aware Update
A new reference file (01R301 03.05.2004) is now available.
Here is a breakdown explaining what is included:
New Items
Cermeli
ZSearch (3 variants)
Updated Items
2020Search
BDSearch Plugin
BroadCastPC (8 variants)
Claria
ClickSpring (4 variants)
CoolWebSearch (7 variants)
eAcceleration
EGroup Dialer
Enigma.SpyHunter
ePlugin
eUniverse
EzuLa
FlashTrack (5 variants)
GetMirar
HotBar (2 variants)
I-LookUp
IELoader
ImIServer IEPlugin
Jeired
Rads01.Quadrogram (3 variants)
Roings (11 variants)
ShopNav Hijacker
SecondThought
TopMoxie (2 variants)
VirtuMonde (6 variants)
VX2.BetterInternet (5 variants)
WhenU (2 variants)
If you already have Ad-aware, use the integrated update feature. If you want to download Ad-aware, click the words. Always update it before running it the first time, and check for updates frequently.
4/28/2004
Bird’s Eye View of SpyHunter
I’m using this with the pemission of the person who posted in my forum about his experience with SpyHunter. From time to time I get email and blog comments asking about SpyHunter. Here is the story.
Ok, it all began when I decided to re-install the operating system in my computer. I had too many files I needed to back up and also needed to free some space in my hard drive. After a good three hours of re-installing software and backing up files it was finally back online. Until then everything was ok. After two days I started to have some problems after surfing the web. All of a sudden either my home page had changed or I was getting ads by some casino. I figure to just uninstall whatever software was installed without my knowledge about. When that doesn?t work I usually go straight into my programs folder and delete the folders manually. (But keep in mind I?m very new to the way spy ware hides in computers.) On the next day I turned my computer back on and all of a sudden my scanner started to work on it?s own as if I was using it. Also once I was finally able to get online some programs in my computer started to work on their own and other times internet explorer would open a different home page on it?s own. Ok so I decided to find a spy ware program to fix the problems. So I typed anti-spy ware programs in my browser and I found one claiming to be a great tool find and get rid of spy ware. It was SpyHunter. I downloaded it for free as it said. Did a scan and was surprised at the number of infected files I found. But when attempted to fix the problems SpyHunter asked to register the copy. So I paid $29 dollars for it. Once I did that I scanned my system again and ?fixed? the problems. Ok the next day, I started my system again and when I got online I found out that my homepage had been changed once again. So I ran SpyHunter again, and again, and again? but my homepage keep on getting changed. Now not only that but every time I scanned my system the number of infected files seemed to double. I thought, what the hell!!!
Finally, upset and very frustrated, I decided get the new Norton Internet security and looked for a new anti-spy ware program. When I did my second search I ran into an article from CNET new and found out the straight facts about the so-called anti-spy ware programs and about how spyware is a much bigger problem than I though. I was so angry since I had been ripped off by Enigma, (makers SpyHunter) and even more pissed off at the fact that there are no laws against this kind of scam!! So I joined the Spyware Warrior forums and there I found out about the true anti-spy ware software. I downloaded Ad-aware and Spybot S&D. Finally my computer began to work properly.
Bottom line, we need laws against spy ware and fast!!!
SpyHunter is marketed by EnigmaSoftwareGroup keep reading for more info on them.
Important note – Ad-aware now removes SpyHunter. Way to go Lavasoft, makers of Ad-aware!
—> Read more3/11/2004
Spyware in the News
I have google news alerts set for the word “spyware” and today I got notified of this article, Senate takes aim at spyware. The SPYBLOCK bill was introduced about 2 weeks ago.
The legislation comes amid reports of a spyware epidemic, according to new research from the University of Washington (UW), as reported by New Scientist magazine. Scans of the 31,000 computers connected to the UW network revealed 1 in 20 were running one of four spyware programs: Cydoor, eZula, the former Gator or SaveNow. Given the university’s computer-savvy user base, researchers surmise infection rates are much higher in the general population.
Further making the case against spyware and adware, UW researchers were able to fool Gator and eZula—which have built-in mechanisms for downloading updates and further third-party software onto a user’s PC —into accepting and running executable files.
Yet could Spyblock live up to its name? Many security experts are withholding judgment. “We still need to examine it to see what the unintended consequences might be,” says Ari Schwartz, an associate director for privacy rights group the Center for Democracy and Technology (CDT).
In fact, current legislation could be enough to corral spyware companies. “We believe they’re already breaking laws by deception,” says Schwartz. For example, the CTD filed a “deceptive practices” complaint with the FTC over software company MailWiper, which develops Spy Wiper software. The complaint alleges that MailWiper hijacks users’ browsers, altering homepage settings and funneling deceptive advertising.
The problem is untangling what spyware does, and who’s behind it. “For us to track down this company, we had to work with a range of people … then spend days tracing it back,” he says. The message: enforcing Spyblock wouldn’t be easy, especially if a trace-back ends overseas.
Watch out for the Google sponsored ads on the page, including 2 ads for rogue SpyHunter. I am beginning to really hate the Google ads! One of the ads for SpyHunter uses the trademarked name “Spybot” in it’s URL. “Spybot” is a registered, copywrited name belonging to Patrck M. Kolla, the develeoper of the real Spybot Search & Destroy.
2/9/2004
Fake Domain Registration - Go to Jail?
Congress may crack down on businesses and people who provide false information when they register a website, proposing huge fines and extra jail time for those who violate copyright and trademark law.
Backers say the bill, known as the Fraudulent Online Identity Sanctions Act, targets only those who lie when submitting data to domain-registration databases and then go on to break federal laws.
For the most part I’m in favor of this law. There is a way to protect your privacy without using false information when registering a domain name. Several registrars have proxies available for an additional fee.
I think that most of the time when people use false domain registration, it’s because they are doing something they don’t want know, like spamming, scamming, or doing things like pushing spyware, hijacking etc. These are the people who should be prosecuted in my opinion.
I agree with the portion about the use of trademarks – for instance, my post about SpyHunter’s use of domains containing the trademarked name “Spybot”, which belongs to the creator of Spybot Search & Destroy.
2/6/2004
Reply From Google Ads
I got a response from Google Ads today to the complaint I sent. Here’s what it says:
Hello,
Thank you for your email. I understand your concern regarding possible
improper use of the trademark term ‘Spybot’ in certain Google AdWords ads.
As stated in our Terms and Conditions, advertisers are responsible for the
keywords and ad text that they choose to use. As a courtesy to trademark
owners, however, we do investigate such matters.
When we receive a complaint from a trademark owner, we first determine
what ads appear when the trademarked term is entered as a search query on
Google. We review the content of those ads to ensure that they are not
misleading or improperly using the trademark as a keyword trigger. If they
are, we disable those keywords from the ad campaign. We believe this
represents a fair balance of each party’s interests.
Please be assured that our editorial staff reviews all ads to make sure
that they are appropriate for our site. Since we show ads immediately,
there is often a short period of time when the ad is running before being
reviewed and approved by Google AdWords Specialists. Please note that we
try to keep this lag as short as possible.
Unfortunately, it seems that you saw the advertisement before we had a
chance to review it. Please be assured that we will take the necessary
action to remove any ads that our editorial staff finds unacceptable per
our policies. I apologize for the inconvenience.
Please feel free to reply to this email if you have additional questions
or concerns.
The commenter said in the previous post Technically, it is not Google who is doing the advertising. It’s the bad guys themselves. That is correct and is what Google said. But the fact is, some of these scumbags who have no ethics anyway as evidenced by their products and their marketing techniques, will not follow the rules and agreement. Some will try to get away with whatever they can. They need to be made accountable, and I applaud Google for holding them accountable. With SpyHunter and enigmasoftwaregroup.com, the trademarked word Spybot, is actually used in their domain names which should be illegal. Perhaps complaints to ICANN would be in order.
At this moment, the same ads remain on that page linked in the previous post. If they are still there by Monday, I will email Google again.
2/5/2004
Shame on Google!
Patrick Kolla, owner and developer of Spybot Search & Destroy has a news item of interest on his site called Big fake warning.
For the past two weeks, I got massive complaints from people who saw recommendations for Spybot-S&D on some TV show or heard about it on TV, and tried to go for it through the TV/radios website. Somehow, a bad link to Spybot-S&D is on its way and leading people to think that SpyHunter or SpyKiller would be the recommended Spybot-S&D. People downloading these two are forced to pay to remove spyware, and in the case of SpyKiller are even directed to us for support!
So my warning: please double-check what you’ve got before you pay anything!
Also, if you were mislead to SpyHunter or SpyKiller through Google AdWords, please contact Google. Google promised me some weeks ago they wouldn’t do any more advertisement on my trademarked name “spybot”, but I again receive complaints that they do, and this truggle with Google is going on for 4 months now.
This is really a travesty! SpyHunter and SpyKiller have no morals or ethics either. A send a complaint to google as Patrick Kolla requests. And I can see right now that Spyware Warrior is going to have to do some more investigation into these scumbags.
Continue on to see the complaint I sent to google.
—> Read moreComments (27) | Permalink | Filed under: About Spyware/adware/scumware , Spyware Scumbags
1/29/2004
Rogue Anti-spyware Programs Part 3
Edit by suzi on July 5, 2004. For the current list of rogues, which is updated as new ones are discovered, please see this page:
http://www.spywarewarrior.com/rogue_anti-spyware.htm
I mentioned some of these before, but this is a more inclusive list.
Spy Wiper
AdWare Remover Gold
BPS Spyware Remover
Online PC-Fix SpyFerret
SpyBan
SpyBlast
SpyGone
SpyHunter
SpyKiller
SpyKiller Pro
SpywareNuker
TZ Spyware-Adware Remover
SpyAssault
InternetAntiSpy
Virtual Bouncer
AdProtector
SpyFerret
SpyGone
SpyAssault
Pal Spyware Remover
Sources: Doxdesk.com: parasite, Tom Coyote Forums, Spywareinfo.com forums, safernetworking.org, home of Spybot Search & Destroy
Edited 02-06-04: I removed XP Antispy from the list, thanks to clarification from Mike at spywareinfo.com.
12/29/2003
Rogue Anti-Spyware Programs Part 2
Update July 4, 2004
For the latest list of anti-spyware rogues, see this link.
http://www.spywarewarrior.com/rogue_anti-spyware.htm
SpyKiller Pro causes a hijack similar to that of Spy Wiper. SpywareNuker is a product from trek blue, which I listed in the first post on this subject. SpywareNuker claims to remove spyware but was created by a company that created spyware and is promoted by spam and drive-by installs. SpyAssault also claims to be a spyware remover but installs FavoriteMan spyware. SpyBlast is another one which installed by ActiveX drive-by download, thought to be in pop-up ads.
SpyHunter is being questioned at Spywareinfo.com – is spyhunter a scam? It’s been linked to Evidence Eliminator, which is called scum in the spywareinfo newsletter. More info here on Evidence Eliminator and how it earned it’s reputation.
InternetAntiSpy is related to Zend Media, which I blogged about here. It’s page displays a warning designed to scare you into buying their software and like Spy Wiper, it causes the CD rom drive to open. I don’t know if it causes browser hijacking but I would be wary of this program. Other software promoted by Zend Media has been known to cause browser hijacking and active x drive by downloads.
The scumbags who create and promote this crapware evidently have no morals or ethics. I don’t know how they can look at themselves in the mirror and not shudder. New rogues will be listed as I discover them.
There are several good commercial spyware removal programs. The ones I have listed on the right side of the main page of this blog are all freeware – donationware. Spywareinfo.com lists some commercial programs with information about each one. Before I would purchase any such software, I would check it out with spywareinfo.com because they are the forerunners in the fight against spyware.
