Spyware Doctor injecting code into all Windows Systems and Security Apps

Hi everybody,

I put Antihook 2.5 on one of my system's (laptop) for the first time and let it run for almost a week in finger print mode and then switched it to normal mode. When I switched to normal mode I discovered (through the prompts) Spyware Doctor v3.5.1 wanted to inject code into a lot of Windows System Files, it wanted permission to modify Windows NT Kernal, it also wanted to inject code into Look'n'Stop FW and Nod32 so I blocked it. Is this normal behavior for this program?

At the same time on my desktop I have Kav Suite and Anti Hacker popped up 4 or 5 times saying the .exe (for Spyware Doc) was modified. I did legitamately update it once. But the rest are unexplainable.

Last week when I attempted to install Spyware Doctor on laptop, Nod32 flagged a file in spyware doctor saying there was an infection and stopped the installation immediately. I also noticed SD has been running 50,000-65,000 mem usage. I have never encountered this before.

If anyone that has these same programs can shed some light on these issues I would appreciate it.

Thanks

 

I have noticed that some anti malware apps will always try to modify certain processes, they probably do this in order to get complete control over your system, if I´m correct AntiHook is doing it also. So if it´s a legitimate app I guess it´s not a problem.

 

Indeed, some security software does behave in this fashion - SpySweeper being one example and System Safety Monitor used to do this also. One of the downsides of running multiple security applications is that you do need to configure them to allow each others' actions.

 

@Rasheed and Paranoid,

I learned of this through Antihook, it's Spyware Doc wanting to do all the injecting code/modifying to everything.

You are saying I should allow this through Antihook for Spyware Doctor to do this stuff?

I knew there would be prompts to allow/block when I put Antihook in normal mode, but I never expected to see an app injecting code into other processes. It freaked me out.

Do either of you use Antihook?

Thanks for your replies!

 

Hello,
First questions you should ask yourself - Do you doubt the copy of Spyware Doctor you have? Did you download the program from its home site? Because anomalies you experience might be related to a cracked version, clone etc.
Now, concerning injection - Spyware Doctor is supposed to protect memory processes in real time. So to do that, it needs to 'communicate' with memory processes, including nod and others, so in case they are infected (dll, hooked etc), it can intercept and stop the malevolent behavior.
Anti-hook simply recognizes this sort of behavior. In case of Spyware Doctor, this (should) be benign, but imagine something else was trying to inject its code into a process.
BTW, don't freak out. I know of dozens of applications that do this.
Mrk

 

I'm always a bit skeptical I guess. It's funny all of a sudden sometimes when you install a new program you discover things you never knew about the programs thats on your computer (whats going on behind the scenes).

I did get it from PC Tools. I thought maybe malware got into SD itself.

Okay so this is common for apps to do this. Thanks for helping me to understand.

 

Sometimes all these apps can make people paranoid I think...just by the way of course.

ANTonio.

 

I can relate to that. I uninstalled some programs, such as Watcher, because did not understand what the programs were it flagged. When I did work it through it was always an alright program, but it was enough of a pain with my limited knowledge that I ditched it.

I think some of us near average users can be overloaded with information that we do not know what to do with.

Jerry

 

Hi,

No I do not use AntiHook myself but I do know that AH will also try to modify processes itself (I use PG) so basically it´s a question of trust. For example, I have installed Super ADBlocker and it wants to do a whole lot: Install a service/driver, inject code into all process and add several autostart entries. In other words, it´s acting like freaking malware! I mean all this for an adblocker? No thank you.

http://www.superadblocker.com/

 

@Italtony

I agree

JerryM

I agree

Rasheed187

You are correct. Paranoia takes over before the common sense I guess, for me.

Wow, I don't blame you! I will stay clear of that program.