How is it possible that a Anti-spy program as Webroot Spy Sweeper, praised by many as one of the best in the market, installs or try to install (SILENTLY) the the file askBarSetup.exe that's infected with the virus/trojan: "Backdoor.Generic.59060" ???
See attachment

Anti-spy/malware programs installing spyware? It sounds too ridiculous to be truth....
Furthermore it doesnt go well with Vista ( at least in my case)...I got rid of this crap program as fast as I could...

Best regards
Beto_nl

Search function is useful... (http://www.wilderssecurity.com/showthread.php?t=213621&highlight=toolbar+analysis) Also see Comodo forums for related debates etc.

P.S. All-caps is considered shouting. :thumbd:

At the comodo forums they compare the askBarSetupexe. with the googlebar for instance talking about comercial issues
and stuff but the fact is that this file ( askBarSetup) is infected with a backdoor.generic tha as far as I know is a trojan horse, So here a reminder of definition:
A trojan horse is a program that disguises itself as another program. Similar to a virus, these programs are hidden and cause an unwanted effect. They differ from viruses because they are normally not designed to replicate like a virus.
A virus-like computer program that appears harmless and benign but is actually malicious in nature. Trojan Horses can act immediately or lay dormant for protracted periods before wreaking havoc.

So meanwhile my thread has been moved, I get tips about
All-caps and search functions, but what about WARNING
users about this Webroot Spy Sweeper crap???

-{ Quote: "Search function is useful... (http://www.wilderssecurity.com/showthread.php?t=213621&highlight=toolbar+analysis) Also see Comodo forums for related debates etc.

P.S. All-caps is considered shouting. :thumbd:" }-

-{ Quote: "So meanwhile my thread has been moved..." }-Your thread got moved because of where you posted it. You originally posted it in the "General Topics" forum. That section is actually meant to discuss issues related to this forum itself - i.e. problems with the vbulletin software, site outages, "how to use the forum" questions, login problems, and so on.

Since your topic was about Spy Sweeper and whether there is a spyware issue with it, the appropriate forum for such a thread is here in "other anti-malware software" which is the category products like Spy Sweeper fall into. Anyway, moving threads is not a big deal. We move a few every day that are better fitted to a different section then they were first posted in. A redirect pointer is left behind so people can see where it moved to.

-{ Quote: "but the fact is that this file ( askBarSetup) is infected with a backdoor.generic tha as far as I know is a trojan horse" }-

No, it's not infected by any trojan unless you consider Ask.com toolbar to be a trojan. This post is about the toolbar and as such discussed over and over again at lots of places. You can:

- either disable your AV temporarily when installing and uncheck the toolbar component
- or configure your Bullguard or whatever is that to not warn about potentially unwanted/unsafe apps if possible
- if not possible or if the above doesn't help, then report it as false positive to the Bullguard vendor and ask them to re-categorize it
- if they don't want to, you can either switch to a different AV or not use Spy Sweeper...

The fact is that BitDefender shouldn't have detected the Ask toolbar as Backdoor, therefore scaring the user. It should be actually considered adware.

-{ Quote: "No, it's not infected by any trojan unless you consider Ask.com toolbar to be a trojan.
You can either switch to a different AV or not use Spy Sweeper..." }-


Ok, thanks for the feedback and your time.

Well, SpySweeper is already a gonner cause
it was conflicting with the Vista (home basic 32 bits).

By the way, Adaware2008 didnt work properly on Vista as well.

I have a new PC (Asus barebone Q-Motion)and Bullguard that i'm using for the first time, came with it.
One good thing of Bullguard is it's service/support
effective and fast. Per email or live chat. So I will approach
them about this issue (askBarSetup - backdoor.Generic60690 - false-positive).

If I may ask, wich security software would you advise / use?

Thank's again,
Beto_nl

Pentium Quadcore Q6700 2.66Ghz
4 GB RAM
Vista Homa Basic Sp1
1 TB HD
Asus Mainboard VP5G31

-{ Quote: "
If I may ask, wich security software would you advise / use?
" }-

See, there's lot of AV products that trigger warnings on Ask.com toolbar. The correct solution IMHO is to include those under PUA (potentially unwanted/unsafe apps) and let user decide whether they want those detected or not. Marking it as a generic backdoor sucks.

HTH.

-{ Quote: "The fact is that BitDefender shouldn't have detected the Ask toolbar as Backdoor, therefore scaring the user. It should be actually considered adware." }-

Is BitDefender and Bullguard the same?

Same engine. But not the same definitionfiles. Correct me if I'm wrong.

-{ Quote: "See, there's lot of AV products that trigger warnings on Ask.com toolbar. The correct solution IMHO is to include those under PUA (potentially unwanted/unsafe apps) and let user decide whether they want those detected or not. Marking it as a generic backdoor sucks.

HTH." }-

Yeah it sucks, but a Anti-malware/adware program that tries
to silently install a potencially unwanted program(adware)
also sucks, doesn't it?

-{ Quote: "Same engine. But not the same definitionfiles. Correct me if I'm wrong." }-

Have no idea. But I like Bullguard's service.
BTW does superAntiSpyware works goed on vista?

-{ Quote: "Yeah it sucks, but a Anti-malware/adware program that tries
to silently install a potencially unwanted program(adware)
also sucks, doesn't it?" }-

Shrug; Money money money, must be funny, in the rich man's world... (http://billpstudios.blogspot.com/2008/01/would-you-like-toolbar-with-your.html) :-\

-{ Quote: "Same engine. But not the same definitionfiles. Correct me if I'm wrong." }-

I thought it used the same definitions too. For Example, If you read here

http://www.webuser.co.uk/products/BullGuard_Internet_Security_80_review_4168-200.html it says

-{ Quote: "BullGuard doesn't use its own virus and spyware definitions, but uses Bit Defender's (www.bitdefender.com) instead." }-

Also it wasn't tested in Anti-virus.gr's tests because
-{ Quote: "The program BullGuard uses the exact same engine as BitDefender free edition." }-

-{ Quote: "
BTW does superAntiSpyware works goed on vista?" }-

It works fine.

-{ Quote: "The fact is that BitDefender shouldn't have detected the Ask toolbar as Backdoor, therefore scaring the user. It should be actually considered adware." }-

I disagree, I consider it spyware. But let's not waste time and energy debating whether it's adware or spyware.

I don't agree with Webroot's policy to add that bar (I think it's even Opt-out:thumbd:), but I don't think it is a trojan. Most likely a FP or it's being flagged because it's a "potencially unwanted" application...

Luckily I haven't used SpySweeper in a long time. Not since it became so bloated.
Use SuperAntiSpyware or Malwarebyte's Anti-Malware, they are free (on-demand), light, and far superior than SpySweeper (and don't install a search bar)

-{ Quote: "How is it possible that a Anti-spy program as Webroot Spy Sweeper, praised by many as one of the best in the market, installs or try to install the the file askBarSetup.exe that's infected with the virus/trojan: "Backdoor.Generic.59060" ???
See attachment

Anti-spy/malware programs installing spyware? It sounds too ridiculous to be truth....
Furthermore it doesnt go well with Vista ( at least in my case)...I got rid of this crap program as fast as I could...

Best regards
Beto_nl" }-

First: did you try to install the Spy Sweeper from a legitimate website (like Webroot) ?

Assuming you did:

I don't think there was a 'real' trojan.

I consider it completely unethical to include a toolbar that's installed without the knowledge, clear understanding and consent of the user.

I actually use the Spy Sweeper (Windows XP), and although some people have complained about it being bloatware, it's light on my 4-year-old computer, and it's at least reasonably effective.

The trick is to use a customized install (uninstall first and check for any present toolbars if you have one). Then MAKE SURE you CUSTOMIZE the program to your liking when you install the program, and DON'T install the toolbar or any search assistent (service?). I believe it's opt-out.

As for security programs spying on their users: McAfee does that (shares data with Doubleclick and a ton of other companies), and there are others that spy in some way on you. That's just the way it is.

BTW, I do configure several settings of the SS, as with other security software, the out-of-the-box/default settings are rarely the best. (Except maybe if you don't know what you are doing).

How come everyone has partnered with Ask.com? Opera uses it as main page, Comodo, Nero, Spy Sweeper etc. include ask.com toolbars...:dry:

-{ Quote: "How come everyone has partnered with Ask.com? Opera uses it as main page, Comodo, Nero, Spy Sweeper etc. include ask.com toolbars...:dry:" }-
doesent avg also have an option to install ask toolbar?

-{ Quote: "doesent avg also have an option to install ask toolbar?" }-

Don't know about AVG:what: , but I forgot to mention ZoneAlarm...security software bundled with adware/spyware.:-X

-{ Quote: "Don't know about AVG:what: , but I forgot to mention ZoneAlarm...security software bundled with adware/spyware.:-X" }-

Since I once considered installing Zonealarm software: what adware/spyware comes with Zonealarm ?

-{ Quote: "How come everyone has partnered with Ask.com? Opera uses it as main page, Comodo, Nero, Spy Sweeper etc. include ask.com toolbars...:dry:" }-

Added cash flow, pure and simple. Just like programs that want to install Google Toolbar, the programs get paid for the advertisement of Ask/Google, and probably have a type of "pay per click" deal that goes by how often users use that toolbar and/or click on related ads. I wouldn't be shocked if sooner rather than later free software vendors start requiring and not having an opt-out on these types of "add-ons" in order to use their product. They need money to survive, and whoever wants to complain "well but that would be disrespecting the right to privacy" needs to look over in the privacy forums and understand they no longer can count on privacy.

-{ Quote: "Since I once considered installing Zonealarm software: what adware/spyware comes with Zonealarm ?" }-
http://sunbeltblog.blogspot.com/2007/12/another-security-company-succumbs-to.html

-{ Quote: "http://sunbeltblog.blogspot.com/2007/12/another-security-company-succumbs-to.html" }-

I suppose there is an opt-out option ? It's a shame, really.

-{ Quote: "Added cash flow, pure and simple. Just like programs that want to install Google Toolbar, the programs get paid for the advertisement of Ask/Google, and probably have a type of "pay per click" deal that goes by how often users use that toolbar and/or click on related ads. I wouldn't be shocked if sooner rather than later free software vendors start requiring and not having an opt-out on these types of "add-ons" in order to use their product. They need money to survive, and whoever wants to complain "well but that would be disrespecting the right to privacy" needs to look over in the privacy forums and understand they no longer can count on privacy." }-

Alright but security programs should never ever install third party software which are detected by other security softwares, except their own toolbars which may be used for additional protection(like symantec does). It's just stupid, how can an anti spyware install spyware?Aren't rouges supposed to do that?:thumbd:

-{ Quote: "Alright but security programs should never ever install third party software which are detected by other security softwares, except their own toolbars which may be used for additional protection(like symantec does). It's just stupid, how can an anti spyware install spyware?Aren't rouges supposed to do that?:thumbd:" }-

You're using SAS.

Are you sure it doesn't spy on you in any way ?

-{ Quote: "You're using SAS.

Are you sure it doesn't spy on you in any way ?" }-

I'm pretty sure it doesn't install spyware on my computer, and it doesn't send any info to other companies.

First of all, for me it doesn't matter now if it's a real trojan, or spyware or adware, virus etc.:

I downloaded the file : SpySweeperSNRSetup_EN.exe from webroot site and when you start to install, it immediatly try to atcivate askBarSetup.exe SILENTLY that means it doesnt give you the option or any kind of warning/conditions/info before or during install. In my case Bullguard stopped it twice ( At the beginning and at the end of installation)
SpySweeperSNRSetup_EN.exe try to install askBarSetup even before SpySweeper program or they
are integrated

Zone-Alarm like many other programs shows you the option before or during installation.

It also doesn't matter how easy or difficult you can
delete this crap adwares afterwords. A Security software should not function like this....money,money,money??? I hope it backfires on webroot and they bankrupt!!
Shame on them.

Cheers

-{ Quote: "First: did you try to install the Spy Sweeper from a legitimate website (like Webroot) ?

Assuming you did:

I don't think there was a 'real' trojan.

I consider it completely unethical to include a toolbar that's installed without the knowledge, clear understanding and consent of the user.

I actually use the Spy Sweeper (Windows XP), and although some people have complained about it being bloatware, it's light on my 4-year-old computer, and it's at least reasonably effective.

The trick is to use a customized install (uninstall first and check for any present toolbars if you have one). Then MAKE SURE you CUSTOMIZE the program to your liking when you install the program, and DON'T install the toolbar or any search assistent (service?). I believe it's opt-out.

As for security programs spying on their users: McAfee does that (shares data with Doubleclick and a ton of other companies), and there are others that spy in some way on you. That's just the way it is." }-

-{ Quote: "when you start to install, it immediatly try to atcivate askBarSetup.exe SILENTLY that means it doesnt give you the option or any kind of warning/conditions/info before or during install" }-

That's NOT true... See screenshot. And note that you have to use custom install. And there's no askBarSetup.exe running unless you forget to uncheck this component.

-{ Quote: "Alright but security programs should never ever install third party software which are detected by other security softwares, except their own toolbars which may be used for additional protection(like symantec does). It's just stupid, how can an anti spyware install spyware?Aren't rouges supposed to do that?:thumbd:" }-

The reason it's detected by other software is because as of yet, not every company uses the toolbar/ad method of making extra cash, especially the paid software, they already have a good flow coming in (not that they against it wholeheartedly, just that they don't see a need to utilize it ). Each company has a different policy, and free vendors are more likely to use this tactic. Even if such add-ons are NOT used, you still have to understand that these companies in all likelihood share your information with other companies, it's just the way things work in the online world.

-{ Quote: "The reason it's detected by other software is because as of yet, not every company uses the toolbar/ad method of making extra cash, especially the paid software, they already have a good flow coming in (not that they against it wholeheartedly, just that they don't see a need to utilize it ). Each company has a different policy, and free vendors are more likely to use this tactic. Even if such add-ons are NOT used, you still have to understand that these companies in all likelihood share your information with other companies, it's just the way things work in the online world." }-

Ok, let's accept free programs, but Spy Sweeper isn't free, and doesn't seem like a poor little uknown company which needs money.

-{ Quote: "Ok, let's accept free programs, but Spy Sweeper isn't free, and doesn't seem like a poor little uknown company which needs money." }-

As I said, each company has a different policy. I didn't mean to imply that NO paid vendor would use this, just that it isn't absolutely necessary (provided they are already successful of course). :)

-{ Quote: "That's NOT true... See screenshot. And note that you have to use custom install. And there's no askBarSetup.exe running unless you forget to uncheck this component." }-

LOL! Are working for webroot? Or...am i working against
webroot??:wacko:
The screenshot I first posted was at the end of the installation.
Now I,m placing the first screenshot and pay attention to the word welcome

Anyway for anyone that wants to try... don't take my or
doctor's word for it, download and install this from webroot site:
ht tp://www.webroot.com/shoppingcart/tryme.php?bjpc=64021&vcode=DT02A
And the file is as I already said SpySweeperSNRSetup_EN.exe and see what happens!

How old is your file anyway??

-{ Quote: "I'm pretty sure it doesn't install spyware on my computer, and it doesn't send any info to other companies." }-

That's what you hope. Can you be sure ? ;)

-{ Quote: "That's what you hope. Can you be sure ? ;)" }-

What a wonderfull world...Security software installing
spyware, anti-virus companies spreading virusses, evrybody
suspicious about windows defender...Firewall leaking...
What about spybot? Any comments?

What's the solution? Moving to Apple Macintosh? Maybe they are BEHIND all this :argh: :argh: :argh:

-{ Quote: "That's what you hope. Can you be sure ? ;)" }-

99% using my heuristics;D

-{ Quote: "LOL! Are working for webroot? Or...am i working against
webroot??:wacko:
The screenshot I first posted was at the end of the installation.
Now I,m placing the first screenshot and pay attention to the word welcome

Anyway for anyone that wants to try... don't take my or
doctor's word for it, download and install this from webroot site:
ht tp://www.webroot.com/shoppingcart/tryme.php?bjpc=64021&vcode=DT02A
And the file is as I already said SpySweeperSNRSetup_EN.exe and see what happens!

How old is your file anyway??" }-

I wonder why the specific link was edited
by moderator..
Anyway the file can be downloaded at the download
page of webroot SEE SCREENSHOT (new version 5.5)

But if you already believe me that the file
will try to silently install the askBar
don't waste your time downloading it.
Bullguard, Bitdefender and Nod32 will
stop silent installation of askBarSetup
but other programs, I dont know.

Like Hurst and Emperordarius ( thank's for the tips)
already mentioned, SuperAntiSpyware and/or Malwarebyte's Anti-Malware work fine.

And thank's evrybody for the input
Greetz
beto_nl

-{ Quote: "LOL! Are working for webroot?
" }-

No, I'm not...

-{ Quote: "
Or...am i working against webroot??:wacko:
" }-

Looks like that...

-{ Quote: "
The screenshot I first posted was at the end of the installation.
" }-

Yeah, so what?

-{ Quote: "
Anyway for anyone that wants to try... don't take my or
doctor's word for it, download and install this from webroot site:
ht tp://www.webroot.com/shoppingcart/tryme.php?bjpc=64021&vcode=DT02A
And the file is as I already said SpySweeperSNRSetup_EN.exe and see what happens!
" }-

Huh yeah, I wonder what I've been doing to get that screenshot... Lots of Photoshop work, I guess? ::)

-{ Quote: "
How old is your file anyway??" }-

Downloaded about 10 minutes before posting my screenshot, any more clever questions?

You need to run CUSTOM install to get rid of the toolbar. No toolbar will be installed if you uncheck the box, and no such process will be running... If you are unable to do it, ask someone more advanced in installing programs before posting more false claims... TIA.

P.S. I don't defend any toolbars, I hate them... Read my posts @ Comodo forums about this. But you need to stop posting plain unsubstantiated accusations here.

-{ Quote: "

You need to run CUSTOM install to get rid of the toolbar. No toolbar will be installed if you uncheck the box, and no such process will be running... If you are unable to do it, ask someone more advanced in installing programs before posting more false claims... TIA.

" }-

What's up Doc?

Lol...I must be tripping... didnt expect that much fun over here.

First of all you need to chill, there were no accusations, I was just joking of course.

Secondly, anyone else here that did download the
LAST version of Spy Sweeper (5.5) from the same location I did ( see screenshot from my last message) will verify
that THERE IS NO BOX TO UNCHECK because the screenshot you placed here,i dont get during my install
Otherwise I woudn't even start this thread Of COURSE.
Or do you think that first i leave the box unchecked so
Bullguard can get all wound up? Get a grip man!

And about what you call advanced install, i am a very advanced box unchecker, i live for it and
when I dont get a box to uncheck I get even more wound up than Bullguard...and then i go to forums;D

So grow up and admit that your screenshot is from an installation of an older version of Spy Sweeper:P

-{ Quote: "
Secondly, anyone else here that did download the
LAST version of Spy Sweeper (5.5) from the same location I did ( see screenshot from my last message) will verify
that THERE IS NO BOX TO UNCHECK because the screenshot you placed here,i dont get during my install
" }-

ROTFLMAO, yeah thanks for confirming once again what I've said. Go get someone who is able to run CUSTOM install for you. (Hint: Clicking Next - Next - Next - Next... will NOT get you there.)

What a waste of time... >:( ::)

Howto NOT install Ask.com toolbar w/ Spy Sweeper for dummies:

1/ Check you've downloaded the latest and greatest
2/ Run it, important!
3/ Welcome! - see Screen01
4/ Next
5/ Next
6/ No thanks, no updates at this time. - see Screen02
7/ Next
8/ Wheee, license! - see Screen03
9/ Next
10/ The "non-existant" Custom installation, WOW! - see Screen04
11/ Next
12/ Next
13/ Next
14/ Fill in email address
15/ Next
16/ Next
17/ Oh noes, the "non-existant" toolbar checkbox and EULA!!! Wheeeeeeeee! UNCHECK IT!!! - see Screen05
18/ Next.....

Zzzzzzzzz.... finish the install, without any toolbar!

-{ Quote: "(Hint: Clicking Next - Next - Next - Next... will NOT get you there.)

What a waste of time... >:( ::)" }-
( EDITED)
I am not religious but ..for god sakes man!!
Is that your hobby, making a fool of yourself?
I can customize anything i want when it's visible!

I dont even get to press the FIRST NEXT button!!!
When I open the setup file, askBarSetup.exe already took
the path:C:\Users\Beto\Appdata\Local\Temp\is99VM2.tmp
and gets deleted by Bullguard

Have a look on the screenshot again, Bullguard deletes
askBarSetup.exe before I can hit the VERY first next button.

EDITED: I never use typical installation; I always use custom so
I can decide if a program starts with windows etc. etc.
I CHOSE CUSTOM installation, BUT, I dont get the Free
Webroot Tool Bar screen that probably is deleted or blocked
by Bullguard.
Now if the file installed in your machine the generates the install
screen of ask bar AND installs it AND winds up some AV programs,
it's a false positive that's another question
For the moment I choose for not using Spy Sweeper

-{ Quote: "
When I open the setup file, askBarSetup.exe already took
the path:C:\Users\Beto\Appdata\Local\Temp\is99VM2.tmp
and gets deleted by Bullguard
" }-

Oh really?! :o ::) You never heard that a software needs to get unpacked to %TEMP% before install apparently, have you? That doesn't mean that it INSTALLS MALWARE! - see proof above. Get a clue, seriously. Enough time wasted here.

:thumbd: :argh:

folks please! there is no reason to not be civilized and there is certainly no reason to fight each other...

@beto:
I'm glad you found SAS and MBAM usefull :thumb:

-{ Quote: "Oh really?! :o ::) You never heard that a software needs to get unpacked to %TEMP% before install apparently, have you? That doesn't mean that it INSTALLS MALWARE! - see proof above. Get a clue, seriously. Enough time wasted here.

:thumbd: :argh:" }-

Yep enough time wasted I edited my last message

A hot shot like you could come up with the possibility that
Bullguard deletes the whole askbar install screen
from custom or typical install

-{ Quote: "folks please! there is no reason to not be civilized and there is certainly no reason to fight each other...

@beto:
I'm glad you found SAS and MBAM usefull :thumb:" }-

LOl we are being civilized and begining to cool down
It's all fun

My tip for you: Hold on windows XP for a While..I see you still have it and i miss it a little...

Cheers

-{ Quote: "
A hot shot like you could come up with the possibility that
Bullguard deletes the whole askbar install screen
from custom or typical install" }-

Yeah, it's definitely a world-wide conspiracy to invade your precious box with nasty malware. ;D

N.B. you previous post where you claim that

-{ Quote: "
In my case Bullguard stopped it twice ( At the beginning and at the end of installation)
" }-

Wow, that's sooo consistent. Either your antivirus sucks and fails to even delete the thing properly... or you are unable to operate the antivirus. Not my problem.

Either way, noone's cramming Spy Sweeper down your throat, you are free to NOT install it, together with other hundreds of apps that bundle the same toolbar and that will produce exact same thing on your box. Have a nice day.

i used spy sweeper for two years. i started using it when it had a fabulous reputation. it was always "finicky", but once i became used to the programme, i turned it into an on-demand scanner, and it became a major asset in my arcenal. it was a great scanner.
something happened to them right about the time they treamed up with sophos. i didn't have sophos, just SS, and every time i manually updated, a window blocked me so i would have to see their ad trying to sell me their AV. i know how to buy an AV, if i want one. i don't appreciate them trying to get more money out of me, when i legitimately purchased their product and just want to use it unimpeded.
right about this time the"kim komando show" quit sponsoring spy sweeper.
spy sweeper wanted to own your machine. they became sleezy nags.
after i allowed my subscription to expire, they constantly emailed me to resubscribe, until i changed may email address.

the ask toolbar is bad news whether it's adware or spyware (i do believe it's spyware). the newbie customer shouldn't be worried about spyware being installed on their computer by an antispyware programme. shame on any antimalware programme that could in any way install ask toolbar, opt-in or opt-out. installing this toolbar is hypocritical. you pay them to protect you from being spyed on, and they install a toolbar that spys on you.
for the people who have suggested "just don't use it any more". that is exactly what action i have taken, and i seriously doubt superantispyware does anything underhanded, or we would have heard about it by now.
let this be a lesson for all the companies that have stayed on the "up and up". there are people who pay attention to this and it will pay off sooner or later.

Point here is that the toolbar is NOT a trojan, it's a toolbar that may or may NOT "spy" on you. It's not some wicked software that's going to toss everything there is to know about you to everyone who wants to get there hands on it (your ISP on the other hand does do that). It's a simple toolbar that uses Ask.com's search engine as an OPTION, it does not "take over" anything. It's the same thing as Google's toolbar and Google shares a hell of a lot more about you than Ask probably ever will.

If you choose "Custom" installation and UNCHECK the toolbar install OPTION, it does NOT get installed. I am running it now, it is NOT there. All you saw with the TEMP thing was the software unpacking it's files to PREPARE for installation, not actually installing, software does that, it's a fact of life. Is Spy Sweeper any good? That's opinion based on individual results, but let's not throw a company under the bus because some AV A: Flags an FP. B: Mislabels a threat. C: Is too stupid or aggressive to be able to tell a real threat from a potential threat.

you do have a very good point about the ask toolbar. i have been asking for quite some time whether it has "reformed/rehabilitated", truthfully, i don't know. if the ask toolbar is still spying, then that makes the offense that much more reprehensible. it was a poor choice to align with the ask toolbar in the first place, because of it's bad reputation..
is the ask toolbar still spying? if so, then they are hypocritical.
none of these companies should be pushing their toolbars. we want what we want. no extras. there shouldn't be any tricks to try to put it on a users machine. a newbie isn't going to realize they've downloaded it until it's too late, and probably won't know how to remove it either, so they will be stuck with it. they know that if the option is "opt-out" that there is a certain percentage of newbies that will download it by mistake. a newbie is not going to know how to do a custom installation. that's what ask.com is hoping for.
you can call it "throwing them under the bus", i call it criticizing. it was all about the money, and to heck with everything else. i criticize spy sweeper for the path they chose to take, not the scanner.

Agree, the egregious "opt-out" sucks.
Cant blame the vendors for wanting revenue, but, it has to be clearly spelt out. Not only the presence of the toolbar, but why it is there.
Not in 0.5 point font at the end of 40 page EULA/Disclaimer document ::)

Lol: that is a frighteningly long list of 'reputable' vendors pushing the ask toolbar = immediately turns to other vendors.
I read Kevin McAleavy re Comodo and the tool bar: despite the -ahem- noninjurious nature of Ask, the issue does raise hackles all over.

Almost need a list now of vendors who DO NOT include 'little gifts' for the purchaser.

As to OP and Spysweeper: flick it: you wont regret it.

-{ Quote: "Point here is that the toolbar is NOT a trojan, it's a toolbar that may or may NOT "spy" on you. It's not some wicked software that's going to toss everything there is to know about you to everyone who wants to get there hands on it (your ISP on the other hand does do that). It's a simple toolbar that uses Ask.com's search engine as an OPTION, it does not "take over" anything. It's the same thing as Google's toolbar and Google shares a hell of a lot more about you than Ask probably ever will.

If you choose "Custom" installation and UNCHECK the toolbar install OPTION, it does NOT get installed. I am running it now, it is NOT there. All you saw with the TEMP thing was the software unpacking it's files to PREPARE for installation, not actually installing, software does that, it's a fact of life. Is Spy Sweeper any good? That's opinion based on individual results, but let's not throw a company under the bus because some AV A: Flags an FP. B: Mislabels a threat. C: Is too stupid or aggressive to be able to tell a real threat from a potential threat." }-

The point is that I have a new system with programs that i'm using for the first time such as Vista and Bullguard.

I decided to disable Windows defender and try other softwares such as Spy Sweeper.

- In the very beginning of the installation(SpySweeperSNRSetup_EN.exe) Bullguard throws the "askBarSetup.exe" fromTEMP into quarantine

- Installation proceeds ( and YES I choose for CUSTOM installation) but the askBar install screen is not there anymore (so nothing to uncheck), probably because of Bullguard!

So Bullguard gets all wound up and if it's a false positive I dont mind, I'ts a tool bar anyway and then I say to myself ok, askBar stuff is gone; But what happens at the end of installation? Spy Sweeper tries to allocate askBarSetup.exe in TEMP again! ( see screenshot of first message)

Maybe so let's make it a big MAYBE if Bullguard was not
conflicting with spy sweeper I could get the askbar install
screen and uncheck it and maybe really getting free of askBar, but how can you now really be AWARE of what kind of background activities Spy sweeper is performing?
I even read in another forum that spy sweeper was trying to install adware during UPDATE.
I am zipping and sending the whole file (SpySweeperSNRSetup_EN.exe) to Bullguard
and let's see what they have to say about it

And why the heck a security program should
be teamin up with a programs like askBar that have or had such a bad rep and therefore creating all these kind of conflicts with Anti-virus programs, be cause Bullguard is not the only one, NOD32 does it as well, unless they slowly start, one by one to team up with spy sweeper, toolbars, and all these crap.

All I did here is expose a conflict between 2 so called security programs...you take the conclusions you want

Good Luck!

-{ Quote: "All I did here is expose a conflict between 2 so called security programs...you take the conclusions you want" }-No probs with what you posted.
If I was you I'd be happy that BG is finding this as a mal. ;)

The link from BillP/WinPatrol blog is interesting reading: integrity in short supply these days.
BG not the problem.
:thumb:

-{ Quote: "No probs with what you posted.
If I was you I'd be happy that BG is finding this as a mal. ;)

The link from BillP/WinPatrol blog is interesting reading: integrity in short supply these days.
BG not the problem.
:thumb:" }-

Sure! Spy Sweeper is long gone...BG stays.

Nice blog by the way; i just installed the WinPatrol.
Talking about integrity, what about SpyBot? It offers a kind off real-time watch( tea timer) and you get
a little more grip on some background activities..
Cheers

-{ Quote: " what about SpyBot? It offers a kind off real-time watch( tea timer) and you get
a little more grip on some background activities..
Cheers" }-

IMO Spybot detection's pretty outdated nowadays, and the Tea timer just notifies about every registry key modification/creation/deletion, annoying.

-{ Quote: "IMO Spybot detection's pretty outdated nowadays, and the Tea timer just notifies about every registry key modification/creation/deletion, annoying." }-As sad as it is I tend to agree.
SpyBot was one of the first 'anti' tools I ever had, donated to the cause and never really had any issues. Price was spot on. :)
TeaTimer for me now can be a complete pain.
SS&D has barely kept pace, not a bad on demand tool, some nice features, but for real time ?? not so sure anymore. Still under active devt, never really lost my affection for them, sad to see it off :'( , just not here any more.
Still a great admirer of PK's efforts.

NOD32 Instantly detected it as a Variant and Quarentined it so it didnt even get the chance to ask whether I wanted to install it or not (which I didnt)

-{ Quote: "NOD32 Instantly detected it as a Variant and Quarentined it so it didnt even get the chance to ask whether I wanted to install it or not (which I didnt)" }-

Bullguard allows the installation of Spy Sweeper but disables
AskBar install screen ( it won't appear on custom install anymore) The problem is ( I think) Spy Sweeper will try
to allocate it again sooner or later.

Perhaps that's why NOD32 won't even allow the whole installation to proceed ( I think)

-{ Quote: "Bullguard allows the installation of Spy Sweeper but disables
AskBar install screen ( it won't appear on custom install anymore) The problem is ( I think) Spy Sweeper will try to allocate it again sooner or later.
" }-

Sigh... Seriously

- either disable the darned AV temporarily if it can't be configured to not trigger on such stuff and follow the instructions I've given above to avoid the toolbar installation,
- or report a bug to the AV vendor and ask them to classify this correctly and make PUA configurable
- or ask Spy Sweeper vendor to remove the toolbar and come back a couple years later to check
- or don't install the free Spy Sweeper and finally move on...

(as I've already told you couple days ago (http://www.wilderssecurity.com/showpost.php?p=1291908&postcount=5))

Ranting here over and over again how your AV triggers alert on install won't get you an inch further. We already know that your AV and others detect this toolbar so repeating it over and over again doesn't bring any new useful information to this thread... ::)

Perhaps we can end this discussion highlighting some excellent remarks posted on this thread ( among others of course):

-{ Quote: "you do have a very good point about the ask toolbar. i have been asking for quite some time whether it has "reformed/rehabilitated", truthfully, i don't know. if the ask toolbar is still spying, then that makes the offense that much more reprehensible. it was a poor choice to align with the ask toolbar in the first place, because of it's bad reputation..
is the ask toolbar still spying? if so, then they are hypocritical.
none of these companies should be pushing their toolbars. we want what we want. no extras. there shouldn't be any tricks to try to put it on a users machine. a newbie isn't going to realize they've downloaded it until it's too late, and probably won't know how to remove it either, so they will be stuck with it. they know that if the option is "opt-out" that there is a certain percentage of newbies that will download it by mistake. a newbie is not going to know how to do a custom installation. that's what ask.com is hoping for.
you can call it "throwing them under the bus", i call it criticizing. it was all about the money, and to heck with everything else. i criticize spy sweeper for the path they chose to take, not the scanner." }-
-{ Quote: "Agree, the egregious "opt-out" sucks.
Cant blame the vendors for wanting revenue, but, it has to be clearly spelt out. Not only the presence of the toolbar, but why it is there.
Not in 0.5 point font at the end of 40 page EULA/Disclaimer document ::)

Lol: that is a frighteningly long list of 'reputable' vendors pushing the ask toolbar = immediately turns to other vendors.
I read Kevin McAleavy re Comodo and the tool bar: despite the -ahem- noninjurious nature of Ask, the issue does raise hackles all over.

Almost need a list now of vendors who DO NOT include 'little gifts' for the purchaser.

As to OP and Spysweeper: flick it: you wont regret it." }-
-{ Quote: "No probs with what you posted.
If I was you I'd be happy that BG is finding this as a mal. ;)

The link from BillP/WinPatrol blog is interesting reading: integrity in short supply these days.
BG not the problem.
:thumb:" }-

Best Regards
Beto_nl

-{ Quote: "Sigh... Seriously

- either disable the darned AV temporarily if it can't be configured to not trigger on such stuff and follow the instructions I've given above to avoid the toolbar installation,
- or report a bug to the AV vendor and ask them to classify this correctly and make PUA configurable
- or ask Spy Sweeper vendor to remove the toolbar and come back a couple years later to check
- or don't install the free Spy Sweeper and finally move on...

(as I've already told you couple days ago (http://www.wilderssecurity.com/showpost.php?p=1291908&postcount=5))

Ranting here over and over again how your AV triggers alert on install won't get you an inch further. We already know that your AV and others detect this toolbar so repeating it over and over again doesn't bring any new useful information to this thread... ::)" }-


Step Off your Mule, Fly Boy :dry:

Who in their right mind would disable protection just to install a most definate kind of Trojan Variant..i. Its called Stupidity in its extreme to sugest such, In any light facts are these, the most thourough of AV will Block time and time again any such type of attempt to access the registry....and thats what they're supposed to do if they have any realist backbone to them.

-{ Quote: "Step Off your Mule, Fly Boy :dry:

Who in their right mind would disable protection just to install a most definate kind of Trojan Variant..i. Its called Stupidity in its extreme to sugest such" }-

Thanks for you insight; now may I suggest that you re-read this thread and check out facts. It's not a trojan, it's a damn toolbar. But sure you are free to let yourself controlled by AV misinformation, instead of using common sense and being the one who ultimately controls your computer.

-{ Quote: "Thanks for you insight; now may I suggest that you re-read this thread and check out facts. It's not a trojan, it's a damn toolbar. But sure you are free to let yourself controlled by AV misinformation, instead of using common sense and being the one who ultimately controls your computer." }-


Listen!... Its a Variant of Win32/ Adinstaller application, if you dont know what that is then look it up and read about it ::)

-{ Quote: "Listen!... Its a Variant of Win32/ Adinstaller if you dont know what that is then look it up and read about it ::)" }-

Yeah, which is an adware installer and no trojan, so yeah - go follow your own advice before posting more misinformation here. TIA.

Adware (http://www.eset.com/threat-center/threats/adware.php) vs. Trojan (http://www.eset.com/threat-center/threats/trojan.php)

I said VARIANT didnt I, or are you too obsessed to stamp your claim on lunacy to have read that, anyway, theres a moth in this room that I have to chase, so go amuse someone else with your BS, your now growing misfortunate

Oh for petesake people, it's a freaking FP already, Comodo has the same issue with their Ask toolbar! For crying out loud, if it's that damn big of a deal don't install Spysweeper PERIOD! If it were a for real trojan someone please enlighten me as to why Comodo would use it. And NO, the toolbar does NOT silently install if you uncheck the option, learn how software works before going ape-sh*t about temp directories. If you actually spend your time Googling about the toolbar, you'll see a LOT of AVs flagging it and nobody is giving two squirts of pee because it's determined as an FP.

At this point you got two choices, install or don't. If you're gonna get mad about companies putting in evil toolbars, you better start pointing your fingers in a lot of directions because tons of them do that now and they will continue to do so for revenue purposes.

Edit: Without launching back into a tirade, seriously, it's a simple FP. Go Google it and see. You guys know by now that toolbars are almost always classified as "bad" by AVs and all. Some TRULY are bad, but not all, again, seeing as how Comodo is using Ask also. And as far as the temp thing goes, entries are left over post-install sometimes. The install file for Ask is there even if you don't actually install it, so the temp folder will still show that during the install process the file was "prepared for installation". If you clean your temp files out, it's gone, don't panic.

But really, if it seriously does worry you, don't install Spysweeper. The Google Toolbar and Ask Toolbar might not be the most welcome, but I have extremely serious doubts that they are any more dangerous as far as privacy/risk as any other program thats ends information back to its servers (meaning damn near all software).

-{ Quote: "I said VARIANT didnt I" }-

Yeah, and Sun is a variant of Moon... and black is a variant of white. ;D

-{ Quote: "
theres a moth in this room that I have to chase
" }-

s/room/head/ perhaps, that'd explain all the FUD you are speading here.

Personally I dont give a toss!, I installed it without the toolbar, And NOD32 Quarentined and submitted it to ESET for Analysis. I'm just stating a fact to Lord Such up there ^^^...and anyway its Adinstaller WHICH MEANS IT WILL SOONER OR LATER DIRECT YOU TO SOME CRAP OR OTHER YOU COULD DO WITHOUT!


Case closed:

-{ Quote: "WHICH MEANS IT WILL SOONER OR LATER DIRECT YOU TO SOME CRAP OR OTHER YOU COULD DO WITHOUT!
Case closed:" }-

If you have no arguments, start shouting and spreading more FUD. ::) So yeah indeed, case closed and so should be this thread.

Read my post above guys and go do a search...then calm down :) Lest we face the wrath of the Mods button of choice "delete".

Folks,

How about dropping the posturing rhetoric a notch or two?

Depending on perspective, the detection could be viewed as a false positive or not. Ad based content is a grey zone whether anyone likes that or not. Further, it appears that the detection is generic, which reinforces the tentative nature of the assignment.

As for the thread title.... get a grip folks. Don't have a stroke on every antimalware product alert or notification. Life is too short. Pay attention to what these products flag, do some homework on the notification, and make a decision that's right for you and your needs.

Blue

-{ Quote: "Lest we face the wrath of the Mods button of choice "delete"." }-We are already there. Want the discussion closed? Continue down this particular road.

Blue

-{ Quote: "Yeah, and Sun is a variant of Moon... and black is a variant of white. ;D



s/room/head/ perhaps, that'd explain all the FUD you are speading here." }-

Sun is a star. Moon is a natural satellite/secondary planet. Two different things.

Black is not a variant of white, nor is white a variant of black. White is the opposite of black, and black is the opposite of white. Or if you wish, white, means presence of light, and black, absense of it.

Now OT, Ask.com toolbar used to be considered malware (adware/spyware) because the folks who owned it before weren't nice people, if you understand what I mean.
Now, it seems things have changed, because Ask.com has new owners, and they seem to be taking the right approach to make Ask.com decent.

That was the short story. If you (everyone) wants the whole story, dig for it.

And if I well recall, Spysweeper asks the user if wishes to install Ask.com toolbar. Therefore, not considered adware. As far as I understand adware, it installs without the user's consent. Does not seem to be the case with SS.

Perhaps, it is time for AV and AS developers to take a look into it and update their signatures not to treat it as malware.

-{ Quote: "Sun is a star. Moon is a natural satellite/secondary planet. Two different things.

Black is not a variant of white, nor is white a variant of black. White is the opposite of black, and black is the opposite of white. Or if you wish, white, means presence of light, and black, absense of it.

Now OT, Ask.com toolbar used to be considered malware (adware/spyware) because the folks who owned it before weren't nice people, if you understand what I mean.
Now, it seems things have changed, because Ask.com has new owners, and they seem to be taking the right approach to make Ask.com decent.

That was the short story. If you (everyone) wants the whole story, dig for it.

And if I well recall, Spysweeper asks the user if wishes to install Ask.com toolbar. Therefore, not considered adware. As far as I understand adware, it installs without the user's consent. Does not seem to be the case with SS.

Perhaps, it is time for AV and AS developers to take a look into it and update their signatures not to treat it as malware." }-

Exactly, it's merely an option to install it. Now you're not 100% on the mark when you say adware is installed without user consent. It's real easy to trick people into believing you can get all these "makes life easier" functions if you just install this "harmless addon that does NOT report back any personal information"....mhm hmm, heard that before. You can agree or disagree whether or not a toolbar or any other such addon is necessary and/or up to no good. But, in THIS particular case, I think things would be better if the AV vendors adjusted their flag as "riskware".

-{ Quote: "

Now OT, Ask.com toolbar used to be considered malware (adware/spyware) because the folks who owned it before weren't nice people, if you understand what I mean.
Now, it seems things have changed, because Ask.com has new owners, and they seem to be taking the right approach to make Ask.com decent.." }-

Some articles:
-{ Quote: "
Critical vulnerability found in Ask.com toolbar for IE
Buffer overflow flaw in the Ask.com toolbar for IE could allow an attacker to take control of a person's computer

By Jeremy Kirk, IDG News Service
September 25, 2007 " }-

And going back to DarkButterfly:
-{ Quote: " And if I well recall, Spysweeper asks the user if wishes to install Ask.com toolbar. Therefore, not considered adware. As far as I understand adware, it installs without the user's consent. Does not seem to be the case with SS.

Perhaps, it is time for AV and AS developers to take a look into it and update their signatures not to treat it as malware." }-

And here is why I think BG scanner does a good job
specially for newbies:
-{ Quote: " there shouldn't be any tricks to try to put it on a users machine. a newbie isn't going to realize they've downloaded it until it's too late, and probably won't know how to remove it either, so they will be stuck with it. they know that if the option is "opt-out" that there is a certain percentage of newbies that will download it by mistake. a newbie is not going to know how to do a custom installation. that's what ask.com is hoping for.ejames82" }-

More articles:
-{ Quote: "As the fifth-biggest search engine, Ask faces a clear problem: How to get users to leave their favored search engines, to conduct their searches at Ask instead? One Ask strategy is to buys ads on TV and in other media, claiming to offer a better product. But Ask also drives traffic to its search engine by enticing users to install its toolbars. This article looks at Ask's current and recent toolbar practices, including:

Promoting its toolbars on sites targeted to kids. Details.
Promoting its toolbars through ads that appear to be part of other companies' sites. Details.
Promoting its toolbars through other companies' spyware. Details.
Installing without any disclosure whatsoever and without any consent whatsoever. Details.
Soliciting installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link. Details.
Making confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit. Details.
Throughout, I compare these practices to the statements of Ask's staff, and I compare these practices with applicable legal and ethical duties.

I use the term "Ask toolbars" to refer to the IAC products at issue. Details on why I chose this name." }-

There are tons of articles about the practices of toolbars including of course Ask and Google toolbars
Newbies are the main victms so :thumb: :thumb: voor scanners like BG and NOD32 that somebody here called "darned" ...Toolbars are darned bad news

And PLEASE before placing a post re-read the last 2 pages of this thread

"Critical vulnerability found in Ask.com toolbar for IE
Buffer overflow flaw in the Ask.com toolbar for IE could allow an attacker to take control of a person's computer

By Jeremy Kirk, IDG News Service
September 25, 2007 "


was this after the new owners took over, and even if it was, possibly an honest mistake? i am not sure what a buffer overflow is, but i think it's an unanticipated interaction by the user, and inadequate coding to compensate for it. please correct me if i am wrong, i would like to know.
another question that begs to be asked is, why didn't the new owners (ask.com) change the name? that certainly would have make a difference in public opinion. many people automatically put a bad label on ask.com, because they don't know about the new management. this move would have given a "cleaning house" appearance.

-{ Quote: "was this after the new owners took over, and even if it was, possibly an honest mistake?" }-

There's about zillion buffer overflow bugs in all sorts of applications out there, I really don't see how on earth it relates to this thread.

-{ Quote: "
another question that begs to be asked is, why didn't the new owners (ask.com) change the name? that certainly would have make a difference in public opinion." }-

That's already the new name, was Ask Jeeves originally... ;D