Category Archives: Spyware

FoxIt Reader’s false eBay icon

OK. This is a worry. I found it on my Start Menu (for All Users) and also on my Desktop.

False ebay icon

As you can see, it’s got an eBay icon, and the name eBay, but it points to somewhere very different: adon-demand.de/red/2303/

Searching around, I see that McAfee Site Advisor has a page on it, and says “We tested this site and didn’t find any significant problems.”

A post on the FoxIt forums alleges it’s put there by the FoxIt Reader installer, and that appears to be right — an update of that is the only thing I’ve installed recently, and no other user on this PC has the privileges to install these shortcuts.

I love FoxIt Reader, it’s much faster than Adobe Reader. It asks if you want the ask.com toolbar, but this, it doesn’t ask about. [See comments]

FoxIt, is not nice behaviour.

I wonder what eBay would say about their logo being misused like this?

Wrestling with CA Internet Security Suite

CA Internet SecurityI’ve used Vet, the old Aussie favourite, for anti-virus on my primary PC for several years. After the initial investment it’s been A$39.95 per year, so it’s (I guess) reasonably cheap. It also meets my primary requirements for security software:

  • Small footprint on CPU, RAM and disk.
  • An interface that shutsthehellup and gets on with the job… especially when the kids are trying to play games. They (quite rightly) grumble when a full-screen game is shutdown just because some applet wants to tell you it’s downloading an update for itself.

Vet got bought by Computer Associates some years ago, morphing into CA Antivirus. My current subscription was about to run out, and they offered me an upgrade to the full CA Internet Security Suite, for 1-3 PCs, for A$69.95, less than double the cost of renewing the single anti-virus licence. Given I’d been having problems with Free AVG on my second computer (it won’t shut up about the updates it’s loading, and sometimes complains that it’s not working, particularly when a non-Admin user is logged on), I’d considered getting a second licence anyway, so it seemed like a good deal.

And I’d be gaining a Spyware detector and a more fully-fledged firewall than the Windows one. Question is, were they any good? I knew the CA Antivirus would do the job, but what about the others?

Installation was straightforward. Licence looked over-long, but was in fact a base licence with extra points for virtually every country in the world. There must be a better way to present this… choose the country first?

Antivirus ran as I expected. Did a full scan, then shut up and sat in the background. No problems.

The firewall? Once it started, it began popping up alerts… it might claim to be pre-configured for some programs, but appeared not to know about very obscure ones such as FIREFOX.EXE and IEXPLORE.EXE. Hmmm. It was fine once it knows about things, but evidently needs to be babied along for a day or two at first. The configuration screen seemed sluggish, and it wasn’t clear if it had picked up the existing rules from the Windows Firewall. So I’m not sure about this. It’s tempting to shut it off and just use the Windows Firewall instead, which wouldn’t catch outbound malware, but then, I’ve never had issues with that.

Anti-spam I’m frankly, not that interested in. The protection provided by my ISP and by Outlook is good enough that I don’t want to complicate things by adding a third barrier into the mix. (I also got stung the other week by over-zealous spam filters — you can read about it here.)

Spyware. I’m generally in favour of anti-spyware applications. While I’m not of the “every cookie is a threat to my privacy” school of paranoia, there are some genuinely malicious applications out there. (See Jeff Attwood’s recent post on this.) But I run a pretty tight ship with regards to downloads, so I’ve never considered it to be a big problem. So Spyware detection I consider a nice-to-have.

CA’s Spyware detector though, I didn’t like. It was probably doing an okay job, but it wouldn’t shut up. Every time a non-admin user logged in, it piped up with the fact that the user wouldn’t be able to change it’s configuration, even if the scanning had been turned off. Listen carefully, CA: I DON’T CARE. Either give me the option of turning off this warning, or don’t give it in the first place.

CA Antispyware error

I don’t want to subject non-admin users to pointless error messages so that a security measure of doubtful use can run. After all, the whole point of security software is to let you use your computer uninterrupted by problems. If the security software itself is going to insist on interrupting you, it kinda defeats the point, doesn’t it.

I’m not going to make every user an admin to avoid the warnings. If the manufacturer of an Internet Security product is telling me to have every user as admin, then they’re idiots.

Web filtering. Apparently the licence includes a free download of some parental web filtering software. I didn’t try it.

I also ran into problems with the licence keys. Evidently because my Vet licence expired, and all the new licences are linked to that one, CA’s system flagged them all as expired. The support web pages (which have an annoying tendency to keep opening new windows) suggested running a licence sync, which didn’t work. Their “24-7 web support” turned out to be an enquiry form. About 48 hours after putting in a request, the problem seemed to have cleared, but as I never got a reply from it, I don’t know if it fixed itself, it was something I did with my tinkering, or if CA’s support fixed it.

In conclusion I’m happy enough with the antivirus component, which is the essential element I really wanted. It’s quite obviously the most refined, mature product in the suite. The other stuff I either didn’t want, or can’t (or won’t) use because it doesn’t run well. If you’re looking for a fully-fledged Internet security suite… keep looking.

On the other hand, I’ve still got about 45 days to get a refund, if I want it. Anybody else care to nominate their favoured anti-virus apps for Windows XP?

Other reviews of CA Internet Security:

Update: A month later I dumped this product.

Dan’s Adware Adventure

Earlier I wrote about how a Microsoft employee admitted some malware burrowed so deep into Windows the only way to remove the spyware from the computer it was to nuke it from orbit. Now Dan of Dan’s Data fame has just recounted his adventure removing some spyware, with it playing a Robin Hood and Friar Tuck game with him where the answer, in this instance, boiled down to using Prevx.

Dead USB port

So, in building the broadband access machine I’ve found a gift computer (twice as powerful as anything else I owned) that was ‘not working’. After loading XP onto and futzing with it for a while, I figured out that doing anything with the USB port locked up the computer… after a while. I tested the theory by running up a memory/CPU intensive game and letting it run for a few hours. It was happy until I transfered some files off the USB stick. Fault identified. If I want to transfer stuff off the machine, I’ll need to get a USB card, or hook up a network. And I think I’ll do the later.

With fault identification complete, I hooked up the broadband modem (Netcomm NB5) via the ethernet connection (given the USB connection wasn’t going to be working on this machine). Entered the IP of the modem into the browser, and got the modem’s login screen. Everything was good, and I shut down all access other than web via port 80 using the modem’s built-in firewall. Connection to the ISP was established, proxies entered into Firefox (not IE – CERT says there are no secure versions), and Google was available. Connectivity proven.

The web browsing machine got Fedora Core 3 loaded on (a simple process), and the proxy setup was repeated with the same results. FC3 comes with a pre-release version of Firefox, so I loaded up the CD with the .gz for 1.0.4 and loaded that onto the desktop. Then I spent a couple of hours figuring out that I needed to be root to install the browser, and where to install it. Having done that, I still haven’t got it as the default browser – that’s still the prerelease Firefox. But I can run up 1.0.4 from the command line, so at least it’s available, and adBlocker is installed, so well and good.

I figure that I’m going to lock the modem down to a single IP address it’s going to talk to, the FC3 machine. Anything else that wants data from the net is going to have to transfer it from the FC3 machine and won’t be exposed to the big bad internet, because I’m not ready to migrate our entire PC collection over to Linux just yet.

Which means I need to buy a switch.

More On MS Anti=Spyware

I’ve downloaded the beta of Microsoft’s anti-spyware and had a play with it. My initial reaction is favourable. It’s small, light and appears to work although the 3 ‘threats’ it found were only applicable to Internet Explorer. This made me sit up and take notice though, I’m a fairly scrupulous person when it comes to checking what I’m about to install on PC yet these malware products made it on to my hard drive. Being IE problems though they would never have affected me thanks to the wonder that is Firefox.

For the moment I will keep Spy Bot Search And Destroy, and it will probably remain my initial defence against these sort of nasties. I wonder what Microsoft will end up calling this program? After all, Microsot Windows AntiSpyware isn’t the sexiest of titles.

MS Anti-spyware

I haven’t tried it yet, but you can get it here. It’s Win2K or XP only, ‘cos damn those NT4 and Win9X users, they deserve everything they get for not upgrading…

(via Patrick)