TrendMicro now in on spyware program

Discussion in 'other anti-malware software' started by Tassie_Devils, Aug 23, 2005.

Thread Status:
Not open for further replies.
  1. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Hi Guys...

    Just got email from TrendMicro [used PC-Cillin about 2 years ago, lol, still on mailing list]

    Anyhow, they have a new AntiSpyware program.

    email:
    Code:
    Active Defense Against Spyware, Adware and Other Privacy Threats
    
    Spyware continues to grow as a significant threat to our online
    lives. Trend Micro has released Trend Micro Anti-Spyware to help
    protect you from such threats. It is reported that over 80% of
    PCs are infected with Spyware so even the most careful users can
    pick up spyware through normal internet activities - by
    innocently clicking on a popup advertisement, downloading free
    software or through a computer virus. For piece of mind and to
    ensure you are adequately protected from Spyware and Greyware,
    try Trend Micro Anti Spyware
    
    
    Single User   $44.95
    2 User   $64.95
    3 User   $79.95
    5 User   $125.00
    10 User   $239.00
    
    Click here to buy  [URL=http://www.digitalriver.com/promo=85363]http://www.digitalriver.com/promo=85363[/URL] 
    
    For NZ$ click here [URL=http://www.digitalriver.com/promo=85362]http://www.digitalriver.com/promo=85362[/URL] 
    
    Pretty steep pricing there IMO [Australian $$$ I gather since link come from Australian site]

    Here is main Australian TrendMicro site: http://www.trendmicro.com/en/products/desktop/as/evaluate/overview.htm
    to download evaluation copy.

    Full features here: http://www.trendmicro.com/en/products/desktop/as/evaluate/features.htm

    States it's currently only for Sale in North America, but email come Australian site, with DigitalRiver being the reseller.

    I won't bother to try at this stage, anyone?

    Cheers, TAS
     
  2. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    cheapskate that i am, i'm sticking with the freebies for now until i think there is anything out there worth paying for :D
     
  3. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    lol, at that pricing I think the vast majority will. :eek: :eek:

    Especially with the type of freebies on offer being in the top echelon of malware fighters. ;)

    TAS
     
  4. ice60

    ice60 Guest

    here's the free version
    http://www.trendmicro.com/spyware-scan/
     
  5. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    thanks for link Ice ;)

    I have given it a go, and shall post series of pics below. Pretty easy to use, scan took total of around 15 mins from time of starting to download their scanner, load databases, scan and get results.

    First, Trend in action.
     

    Attached Files:

  6. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Finished, showing results.

    Found ONE.... whao_O?? lol... nothing with AdAware, Spybot, KAV, with Online Armor running.
     

    Attached Files:

  7. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    hmmm pretty interesting... ... huho_O waz this... :eek: :eek: :eek:
     

    Attached Files:

  8. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    clicking on 'threat details' gives this information....

    :'(
     

    Attached Files:

  9. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    anyhow's I 'fixed it' who cares, lol... ;)

    everything still working...

    Now, I checked with BHO in spybot and online armor before fixing, nothing showed up in either.

    Only one I was unsure of I clicked more info in OA, and it was Spybot's. :)


    End of test, have fun anyone trying.

    Cheers, TAS
     

    Attached Files:

  10. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,361
    Location:
    The Netherlands
    A copy and paste of the entire registry path would have helped...

    It was possibly HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains, implying that Effective-i Inc.com had been added to your Trusted Zone

    In that case it would be a correct detection: http://securityresponse.symantec.com/avcenter/venc/data/adware.ucmore.html
     
  11. maddawgz

    maddawgz Registered Member

    Joined:
    Aug 13, 2004
    Posts:
    1,316
    Location:
    Earth
    Found some on mine 2 wow i had hotbar coolwebsearch!! And i thought others woulda picked them up!! Edonkey to and sharman?? Damn it cleand though
     
  12. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,361
    Location:
    The Netherlands
    As I implied before, very hard to say whether it's a correct detection without being given any details...
     
  13. ice60

    ice60 Guest

    Tassie may have had the same as me o_O i took them to all be F/Ps and didn't fix any.

    Started Scanning
    Internet Cookies
    Programs in Memory
    Windows Registry
    Found '' in 'SOFTWARE\LimeWire'
    Found '' in 'SOFTWARE\Magnet'
    Found '' in 'SOFTWARE\Classes\magnet'
    Found '' in 'SOFTWARE\Classes\magnet\shell\open\command'
    Found 'URL Protocol' in 'SOFTWARE\Classes\magnet'
    Found '' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
    Internet URL Shortcuts
    Files and Directories
    Found 'dmoz.org.ico' in 'C:\Documents and Settings\iceni\Application Data\Opera\Opera\profile\images'
    Found 'LimeWire20.dll' in 'C:\Program Files\LimeWire'
    Finished Scanning
     
  14. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,361
    Location:
    The Netherlands
  15. maddawgz

    maddawgz Registered Member

    Joined:
    Aug 13, 2004
    Posts:
    1,316
    Location:
    Earth
    i asummed it fixed it..cuz the pc seems faster 2..also i had some stuff on msn?? or something strangeo_Oo_O?? But definatly fixed it up?? MD
     
  16. ice60

    ice60 Guest

    thanks, TK. the log isn't very good. there were 5 things found on my PC. they aren't all F/Ps, but i'm not worried. i had what appears to be the same result as Tassie (posts 7 & :cool: this is the registry entery:

    Found '' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
     
  17. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,361
    Location:
    The Netherlands
    Allright, that does about the same thing as what I was talking about previous regarding the Domains subkey. Certainly no FP then!
     
  18. ice60

    ice60 Guest

    OK, now i'm mildly worried. should i fix it?
     
  19. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,361
    Location:
    The Netherlands
    Yes you should. You don't want software with a shady reputation adding their URLS to your Trusted Internet Zone....
     
  20. ice60

    ice60 Guest

    but i just checked here and under Technical Details i don't have any of that in the registry not one key. or this key above Technical Details
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44BE0690-5429-47F0-85BB-3FFD8020233E}
     
  21. ice60

    ice60 Guest

    also i don't have %ProgramFiles%\TheSearchAccelerator
    or UCMTSAIE.dll

    would that make it a definate F/P?
     
  22. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,514
    Location:
    Annie's Pub
    Take a look here too, very interesting.

    On Ucmore.com there is a company statement about the UCmore Toolbar and Effective-i:


    "Effective-i is committed to the privacy and security of its users. Our software is completely safe to install and use: It is unobtrusive, easy to deactivate and remove, and does not transmit any information in a manner that can identify a user. Most importantly, UCmore does only what it's supposed to do - help users search and surf more effectively. Moreover UCmore...

    http://www.ucmore.com/images/checksign.gifDOES NOT spy on your browsing habits. URLs of pages you visit are sometimes sent to the UCmore server, but only to allow generation of relevant categories. The information is then promptly erased. To ensure your anonymity, there is no unique ID that can distinguish one user from another.
    http://www.ucmore.com/images/checksign.gifDOES NOT launch pop-up or pop-under advertisements. Like Google, we make money by selling highly relevant sponsored links (advertisers pay per click, not per appearance). UCmore never displays any other advertisements.
    http://www.ucmore.com/images/checksign.gifDOES NOT "hijack" your searches. When you use a search engine you will see that search engine's results, not ours or our advertisers'. UCmore merely augments the search by showing related links, if you choose to click a category.
    http://www.ucmore.com/images/checksign.gifDOES NOT modify pages you visit. Whenever you visit a web page you will see that page, not some other page filled with advertisements. UCmore merely guides you as you surf, by showing related links within the toolbar.
    http://www.ucmore.com/images/checksign.gifDOES NOT block uninstall. UCmore can be removed in seconds through the Uninstall command in the main menu or through the Windows Add/Remove Programs dialog. The uninstall leaves nothing behind.
    http://www.ucmore.com/images/checksign.gifDOES NOT cause software malfunctions. UCmore has been meticulously checked for bugs, and is constantly improved with user feedback.
    http://www.ucmore.com/images/checksign.gifDOES NOT slow down your connection. UCmore exchanges only a few bits with the server each time you visit a website - not nearly enough to effect your connection speed.
    http://www.ucmore.com/images/checksign.gifDOES NOT download anything on its own. You can manually update the software, but UCmore will not download anything without your consent.
    http://www.ucmore.com/images/checksign.gifDOES NOT create security holes: will not make it easier for other people or programs to access your computer."

    IMO this company is not trustable at all and means bad business.
     
  23. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    or IE's Restricted Zone if Taz is a user of IE-Spyad since until recently UCMore's effective-i.com was listed in it's database. As you said tho...."A copy and paste of the entire registry path would have helped..."


     
  24. maddawgz

    maddawgz Registered Member

    Joined:
    Aug 13, 2004
    Posts:
    1,316
    Location:
    Earth
    grrrrrrrrrrrrrrrrrrrrrrrrr It took away all my custom emoticons in msn?? be carefull what u remove luckily it backed up a file and i restored it can someone tell me what to remove plzzzzzzzzzzzz thanks here is log?? MD


    sorry for pic it says coolwebsearch internet explorrer bars !!
    then hot bar but it has under that 6 \
    application date msn messenger etc..o_Oo_O? but it removes my emtocions??

    so what can i remove thanks
     

    Attached Files:

    Last edited: Aug 27, 2005
  25. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Since TrendMicro only provides the Range1 Sub-key and not the string and data vaue....one can only assume. However....in the case of users of IE-Spyad....it is a False positive by TrendMicro of a valid IE-Spyad entry.

     

    Attached Files:

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.