Here is my analysis.
On a bright sunny day, I decided to go to
http://toolbar.isearch.com/
I downloaded the "install.exe"; a rather quick download if I must note.
I run it.
http://img199.exs.cx/img199/9341/12fz.png
Whoa! What's this?!
As blind as a bat, I click on Allow.
http://img122.exs.cx/img122/4544/20qo.png
Again, as blind as a bat, I click on Yes.
The installation finishes, and it asks me if I would like to start iSearch. I say OK.
I do a simple search with Barney. I type this in the toolbar.
On the right-hand side of the window, I see this:
http://img77.exs.cx/img77/6522/31lw.png
Sex?! Casino?! WHOA!
Let me ask you this: If your little 5-year-old child liked Barney, and somehow searched for Barney through iSearch, they could accidently be exposed to a whole different world through that small 3 char link. Smart? Absolutely not.
Anyways, back to my little journey.
I close Internet Explorer. I re-open it again.
I see this:
http://img231.exs.cx/img231/4941/42qf.png
WHOA! WE HAVE MADE CONTACT! (Well, almost.)
I block the attempt, and I jot down the IP.
I fire up SmartWhois, and enter the IP.
http://img59.exs.cx/img59/4373/59nd.png
http://www.webair.net/ was the host iSearch was trying to connect to.
I had no idea what iSearch was about to send or where it was exactly connecting to, but things were getting weird, and I decided that I've had enough of this.
I start Microsoft Antispyware:
http://img77.exs.cx/img77/2775/64rg.png
It detects "iSearch.Toolbar". I wonder why?
Anyways, MAS froze midway, so I decided to go searching on Google for a removal tool. I found one on:
http://toolbar.isearch.com/uninstall/
I download and I run it.
http://img26.exs.cx/img26/1827/70en.png
After "removing it" *cough* I open HijackThis.
http://img150.exs.cx/img150/13/81gv.png
WHAT?!
/VERYSILENT?! The context-menu option is still installed?! WHOA!
I'm still in the process of removing it completely.
After running the removal tool (created by iSearch.com, *cough*), I get this after a scan in Microsoft Antispyware:
http://img66.exs.cx/img66/7350/98lx.th.png
Note that the two are the same.
Now for my thoughts.
Quote on iSearch.com Tool Bar Uninstall:
Quote:
|
Originally Posted by iSearch
Please be aware that many so called "ad ware removers" and "spy ware removers" can cause damage to your computer and may alter your computer in such a way that our automated removal application will not function. At the present time, there is no third party software which is capable of removing iSearch applications. If you have purchased an application which claims to remove iSearch, we encourage you to contact your credit card company and request an immediate reversal with the reason of "Product Not As Described" and/or contact the Better Business Bureau.
|
"
So called ad ware removers and spy ware removers"?
"there is no third party software which is capable of removing iSearch applications"
"we encourage you to contact your credit card company and request an immediate reversal with the reason of "Product Not As Described" and/or contact the Better Business Bureau."
Product Not As Described? Better Business Bureau?
I'm not sure what iSearch was about to send, but I don't want to know.
"
iSearch does not gather any personally identifiable information about end users"
I believe the IP address is personal, and identifies the end user. I've been taught that the IP of a user is their identity on the Internet. Why? It identifies their computer, their ISP, etc. People skilled enough could hack into their computer
THROUGH THE IP and download personal files.
I'm not saying iSearch is spyware. I'm not sure if it is.
Let's just say these are the "Findings of a Curious Internet User", and leave it at that.
BTW, if iSearch/iDownload is threatening CastleCops (of which I have great respect for, and am aggravated on a personal level by this piece of news), then why don't they start a lawsuit against Microsoft? Microsoft detected it as spyware (in a few of the above images). Are they too scared of Microsoft's money, power and lawyers?