Spyware Warrior

[xblocksys]

and someone asked about testing the app earlier....I'll leave that to Suzi and Eric but this is what we found:

http://blog.spywareguide.com/2006/04/deception_dollars_false_positives_antispyware.html


Doesn't look promising

regards,
Wayne
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[SpyOnThis]

Hello All,

It seems we will have to agree to disagree on the hijack-this.net domain. The warning on the site is almost identical to warnings regarding HijackThis found on many other sites online (i.e. HijackThis is for use by experts, or with expert advice, and used improperly can damage your computer). Consequently, we don't feel that this factual text constitutes "scaremongering". Also, it seems crystal clear that the user has the choice to download either HijackThis or SpyOnThis. We have contacted the affiliate who has since ceased using the "accept no substitutes" ads.

I'd like to add that we are currently drafting an affiliate agreement, as per Eric's advice, and will list it on the site soon.

Wayne, thank you for your suggestion above (regarding "bad" CLSIDs), we are looking into it now. You will notice in an earlier post I've already made mention of the fact that we are aware of some false positives and are working to resolve them asap. I notice your scan took place on 4/24. I would like to encourage you to download and install our latest version from our site and re-scan. I'm sure you will already see different results.

Thank you for your consideration.

Melissa
SpyOnThis Support
www.spyonthis.net

[SUPERAntiSpy]

Melissa,

Were you going to respond to the other questions I posed in the thread?

[fcukdat]

SpinCentral Mellisa ?

I've downloaded your appointment again to access and backtracking to my post>>> http://www.spywarewarrior.com/viewtopic.php?p=123684#123684

All you speak is rhetoric

Your software is substandard since it detects lots of F/P's,i do not have a spywareblaster/IEspyAd type appointments installed and yet it finds 7 detections& one tracking cookie vs a clean machine last week and still this week

But inorder to establish my basis of opinion i proceeded to install 3 very well known malwares that there are no excuses for not detecting on my test PC.

1. tool2.exe (renos trojan) drops the fake security alert to download spysheriff

2.trojan17.exe is the Winfixer 2005 installer

3. KL1.exe drops the IBM Keylogger and associated files

Bare in mind these are not exotic malware but run of the mill PITA's that have been hosing systems for the last 6mths


http://img332.imageshack.us/img332/2189/20au1.jpg

image changed to a link to prevent horizontal scrolling. Nick


and heres what post infection scanning with your appointment turns up





The same F/p's that it spat out last week and not one whiff of the real malware that is running


your appointment is substandard and even if it was free would be a security liability if installed on anyones pc


JMHO
_________________
Malware hunter....Got Bot ?

MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html

[Oldfrog]

Yes, the answers to those questions would be most informative, and welcome.

You still have a couple of other problems though:

[xblocksys]

when did cookies get classified as "spyware". I'm all for cookie cleaning but i personally always found that fear mongering. Why not call them what they are- cookies.

Tell you what mail me a full version of the software and I'll see if it passes my hoax litmus test. I have found numerous companies scraping databases and doing no real research... some of them larger names. One day that story is going to come out when we are done with our "dye experiment".

-wayne
wporter@gmail.com
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[SpyOnThis]

[SpyOnThis]

The link does not appear to work in my last post, so here is source of the above definition:

http://www.webopedia.com/TERM/s/spyware.html

[SUPERAntiSpy]

SpyOnThis - I understand your reluctance to answer the questions as they could reveal some critcal facts about your company and product. Not answering does allow people to form their own opinions - and typically when companies are not forthcoming about such questions one may draw the conclusion that the company may not be on the up and up. Those questions should be able to be answered without revealing proprietary information. I was posing those questions so you could provide answers and clear up any foredrawn conclusions....

It is also interesting how you keep skipping around the following question.

[SpyOnThis]

Nick, I appreciate your input so far, but frankly we do not feel obligated to discuss the financial aspects of our company, or of our affiliates. Especially not with a potential competitor.

[SUPERAntiSpy]

SpyOnThis - the nature of my other questions were not of financial nature. Why don't we start like this....I will answer the questions I asked you to show what being forthcoming is.

QUESTION: When was the software officially released? How long was it in beta? How large was the beta group? This is important to determine the "maturity" of the engine and software.

ANSWER: SUPERAntiSpyware was released as part of SuperAdBlocker on 10/14/2004. We had a beta group of over 50 people that tested. The product has been under constant development and improvement over the past 2 years.

QUESTION: Was the software developed in house, or was it licensed from another party?

ANSWER: SUPERAntiSpyware was developed completely in-house, no components were licensed from any 3rd party.

QUESTION: Where did your detection database come from? Was it developed in-house or licensed? If developed in-house, how long has the database been in existence?

ANSWER: We developed our database by researching tens of thousands of spyware/adware/malware components and analyzing tens of thousands of user submitted diagnostic reports. The database was started over 2 years ago.

QUESTION: How many detection signatures, rules, etc. are there?

ANSWER: Our database will detect well over 100,000 components. We have detection rules in addition to direct signatures which significantly increase that number. New signatures and rules are added and released daily.

QUESTION: How often are new detection signatures released? Do you have a log of those?

ANSWER: We provide daily updates as detailed here:
http://www.superantispyware.com/definitionupdatehistory.html

I answered all the questions that I posed for you to answer with the exception of of the affiliate question as we don't make such claims. I did not reveal any proprietary information, nor financial information.

Users have a right to know who they are dealing with and the history behind the product. While there are certain types of questions regarding financials that are private to a company, I encourage all user to pose these types of questions to new product vendors - no legit vendor should have anything to "hide"...

Your turn...

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

[xblocksys]

[xblocksys]

Note: The test results are here:

http://blog.spywareguide.com/2006/04/deception_dollars_false_positives_antispyware.html



-wayne
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[fcukdat]

[xblocksys]

Melissa,

Let's start with a deeper analysis of the keys you detected in your application. I had one of my research team take a deeper look.

http://blog.spywareguide.com/2006/05/spyonthis_false_positives_1.html


It's one thing to miss threats but detecting Zone Alarm as a threat?

Enjoy hearing your response.


-wayne
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[eburger68]

Hi All:

SpyOnThis has been added to the Rogue/Suspect AntiSpyware list.

For the record, Melissa of SpyOnThis contacted me some time ago about the app's problems with false positives. I agreed to give the vendor a week to do some basic false positive testing and clean up the most egregious instances.

As it turns out, the vendor ended up receiving two weeks grace period, and my testing still indicates a problem with false positives.

Moreover, the vendor was warned about the hijack-this.net domain, and yet that domain still promotes SpyOnThis.

As is our policy, the vendor may request a re-review in three months time. If at that time these several problems have been corrected, I will consider de-listing SpyOnThis. But the problems must be resolved (and no new ones emerge).

Regards,

Eric L. Howes

[DamnSpyware34]

Thanks Eric.

Also thanks to Wayne for covering this story.
_________________
Spyware is so uncool.

[EASTER]

Many thanks to everyone who took this one through the paces and offered their findings plus suggestions and of course Eric for expert final decision on listing.

And also thanks to Melissa for bringing SpyOnThis to this forums attention for fair review.
_________________
*******************


THE FORCE IS VERY STRONG IN THIS FAMILY!

[SUPERAntiSpy]

Eric - thanks for the update and final ruling on this - we will update our definitions to reflect the rogue status.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

[wyrmrider]

spyonthis
get fixed up and get back asap
many have including zerospyware and others
get those afiliates under control
or find a new nitch in the preventive end
wyrmrider

[theCaptain]

In my opinion, few Anti-spyware companies are NOT guilty of false positive and/or what I like to call "Psuedo Positives" (calling a cookie 'Spyware'). Me and a friend of mine have been doing some weekend research on the subject and have a theory that many major Anti-spyware companies use Fear Uncertainty and Doubt (FUD) presumably as a marketing tactic to get users to buy software.

Article here: http://adwaremonitor.org/fud2.htm

The website isn't done yet, but feel free to have a read.

We did a follow up on Xblock out of curiosity. link here: http://adwaremonitor.org/fud3.htm.

[SUPERAntiSpy]

theCaptain - as you know it is impossible to avoid having any false positives 100% of the time. With the rapid spread of spyware/adware/malware and the number of threats appearing on a daily basis every application is certain to have a few false positives. I think it comes down to how they are dealt with. For example, we realize that false positives happen, so we have provided a "Report False Positive" button directly in our software on the detection review screen so a user (or tester) may immmediately report the potentailly incorrectly detected item and our team can review the item and take the appropriate action. Our turn around time is typically less than 24 hours on true false positives. I would like to see more antispyware applications provide this feature as part of the "standard" feature set.

With respect to cookies - unfortunately due to the "propaganda" regarding the "threat" of cookies, an antispyware vendor really is almost "forced" into detecting cookies in one form or another as when a user scans with application A, and the system is clean, then they scan with application B that detects cookies, the user often assumes incorrectly that application A is failing its task. I think that if cookies are detected, a clear explanation should be provided. For example, we provide the following description:
http://www.superantispyware.com/applicationdisplay.html?id=1000000242

On your site you refer to the "Watching you" and "Spying on you" scare tactics - unfortunately the reality is that we have hundreds of samples of spyware that does record your keystrokes, passwords, etc. and can potentially send it off to a central server - users need to be educated and protect themselves from these types of infections so these ads may not really be "out of line" any more than other types of advertising in other industries.

To help escape the "FUD" problem we have taken the approach of providing a 100% free application with a few restricted features, and a fully functional trial of our Professional version that will allow scanning and removal without paying - the problem is - that is what most users to - scan and remove and unistall - therefor it makes the business proposition difficult. This is why large vendors such as PCTools and Weboot no longer allow removal for free. It takes time, money and resources (read:more money) to stay up with the emerging threats so there has to be some way for legit vendors to be compensated for the time and money invested to protect the users.

What I fear, is that sites such as yours (an I realize you are just starting) are conveying the message to users that antispyware applications can't be trusted and the "threat" may be false - which is not the case. For instance, I don't believe the Wayne Porter's company/application is intentionally displaying false positives - but yet, the way it is portrayed on your site a user most likley would not trust XBlock/XCleaner. You didn't explicitly say "it's bad", but items like "Curious" and unresolved explanations and findings leave quite a bit of "room" in the users mind to draw their own conclusions and those conclusions get passed along and posted in forums and so on.

I would like to see the sites (yours and others) have a more "middleground' and "reality' of the situation based approach and truely educate the user as to the true possibility of threats, what to look for, etc.

This is all just my opinion - I wish you much success with your site.

P.S. I realize that SUPERAntiSpyware will likely be put under the microscope - but I am happy to address any issues, resolve any false positives, non-detected items or anything else you or anyone finds. Applications such as SUPERAntiSpyware are always evolving and hopefully improving.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

[theCaptain]

[Oldfrog]

[SUPERAntiSpy]

[xblocksys]

theCaptain,

Thanks for taking the time on the in-depth critique!

I will try to address:

a) We are in the process of re-egineering our SGIndex, this is because we are changing our strategic tach and not looking at just "spyware" or "adware" but what we call "greynets". I am in the process of this gargantuan task and it takes time. In the interm plans are to make the levels clearer, but long term we plan to compress them so they are easier to understand both for our researchers and for end-users. I can't say more about that but changes short-term and long-term will be forthcoming. It is an area we DO need to improve on. Point taken.

This is because Xblock used to be a consumer facing application but now our research is supplied more for the enterprise- so in the future you'll see things like IM Clients, P2P, IRC, etc. Some have business value, some do not- our goal is to always block but to allow people (IT adminstrators) to manage what they do or do not want. Obviously enterprise needs are different from the end user so it gets tricky and we are working on a plan for that. Again, one is simplyfying the Index and I have that on my plan of action.

b) We call it a "suspiscious program" because based on our research, be it testing in the lab or consumer feedback there is reason we find it suspect. (Note we do analyze phone home traffic because of HIPPA and Sarbanes Oxley that is an issue for companies). We aren't saying it is a direct threat only suspect and should be investigated. We also look at the EULA- does it grant right to update code arbitrarily- we look at distribution- is it controlled or not? Plus alot of other factors. (Like WhenU- I agree they have cleaned up their distribution act- but still there is a long legacy of problems with WhenU before Bill Day took over and some debates on their practices- reference Ben Edelman: http://www.benedelman.org/spyware/whenu-privacy/

Is it bad now that distribution is in house? Depends on who you ask.

For example, the best analogy that illustrates this is my Brady Bunch article. You have a shared PC and alot of people use it and not everyone knows what is installed or what it does. The situation can get confusing.

See:

http://www.spywareguide.com/articles/brady_bunch_and_adware_71.html

As for why it was not detected during deep scan I will have to investigate. We have two types of scans. Do feel free to open a support ticket but I am going to make your findings aware to the research team.

a) The online scan which does a check on many (and not all) adware and spyware by fast scanning known hooks. It is not all inclusive and it is a quick scan.

b) X-Cleaner has a quick scan and a deep scan option. The deep scan option scans the entire drive and has a more extensive DB.


c) Upon a match we supply a link called Read Before you Remove when an item is detected which leads to this page:

http://www.xblock.com/tt/index.php?x=&mod_id=2&id=143

A large majority of people do hit this page.

Here we try to educate users to learn about what they are removing or if they want to remove it at all. Ultimately it is up to them. They might be comfortable with a toolbar, or even a loyaltyware application. But the page is intended to get them to ask the right questions and also perform research and become informed and educated. Education is an initiative I really am trying to focus on. I paraphrase from the page:

What to do Before Removal- An Informed User is a Smart User
When suspicious component has been detected on your PC, ultimately the end user (you) must decide if they want to keep the component on their machine or remove it. We have provided a guide outlining as much as information that is known to our team about the component as well as places to get additional research on the program.

Before you remove the program you should consider the following list of questions: *we go into detail about each one*


- How did the program get on your PC?
- What can you learn about this program?
- Can you remove this program manually?
- Do you use this program to monitor your children?
- Did your boss install this to monitor you?
- Do you own this machine?
- Do you want the advertising software on your machine?
- Does the software perform a useful function for you?
- Did you accept an agreement that requires advertising supported software?
-If its your machine, it's your call.

We also provide the option to ignore, or ignore always.

d) On the toolbar issue I will have to investigate further but I have to wonder if a fresh CLSID was generated? A lot of these kits don't take that into account. We issued an open letter to toolbar makers and supplied suggestions to remediate this problem:

Developer's Mind your CLSID's
http://www.spywareguide.com/articles/open_letter_to_software_develo_53.html

as for ActiveSearch it has been found under a number of different names. Latest I think was a toolbar from www.giantexplorer.com also known as Ferret 411- all of which showed some interesting phone home traffic. ActiveSearch appears defunct but legacy copies are floating around. But we see this alot- an adware maker will just rebrand their app and discard their tarnished reputation.

So are you saying we had false positives here on the quick scan?
If that is the case let me know and we will investigate. (Contact me direct a wporter@gmail.com if you wish). I can assure you we do not plant anything on anyone's machine before a scan.

e) Cookies- we have never flagged cookies as spyware because we do not believe they are spyware (although they can be abused). Our take is quite clear here on this article:

http://www.spywareguide.com/articles/internet_cookies_spyware_or_ne_57.html

Cookies are, for the most part, a benign technology and calling them threats is FUD. Yes there is alot of propoganda around the issue but we decided from the getgo we would not cave in to that propoganda. Yes- we get questions all the time saying "You didn't find x,y,z and this program found 240 threats." We try to use that opportunity to educate. Do we lose sales because of it- yes. That's ok- we aren't going down that road. In the future we "may" offer an audit on advertising cookies but I doubt it. We offer a cookie cleaning option but cookies can also be managed in the browser.

f) EULA- I concur we do need to make this more conspicous but we do have a general site EULA and a disclaimer posted on the scan page at SPG http://www.spywareguide.com/txt_disclaimer.php and one at Xblock http://www.xblock.com/disclaimer.php

I am told a new EULA is in legal and I will look into how we can improve that process. That is very good feedback. One of the things I am trying to do is keep our EULA simple while still keeping it legal. This is an ongoing battle with the lawyers. They will probably win.

g) We also provide a free tool for removing flagged software, X-rayPC, but it designed for advanced users, researchers or for tier-2 support- like if there is something we are missing or customer still having a problem. Simply put- it is similiar to Hijack This and if you don't know what you are doing you can mess things up. It is included on Xblock.com but we have a dedicated site up for the concept at http://www.x-raypc.com (It is a work in progress). Our concept is to try to "greenlight" known system component, "red light" problematic ones and focus on the "grey ones" the unknown. Saves time.

On that note much of work of late has been on the perimeter with the RTG Enterprise Appliance but we are working on enhancements to X-Cleaner, it's engine, and some other features too. I will take all of this feedback into account and appreciate it. We were acquired 11 months ago by FaceTime so we are still integrating. It takes time when you are bought by a much larger company.

Did I miss anything? And feel free to contact me direct too.

Regards,

Wayne
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[xblocksys]

[bigos]

Xoftspy. A couple of weeks ago I tried this program and it never found any false positives, infact it was the only program that I have tried recently that flagged the fact that my windows auto update was turned off, which as most of you will know is what some spyware etc turns off in order to protect it`s self. I have turned this off because there`s no point in updating only for the update to be lost when I restart my pc thanks to MS Shared computer toolkit. I thought I would mention this just to be fair to Xoftspy.
_________________


Life is for living not just for prolonging!
B uzzz

[Jefferson]

[Rhapsha]

Jefferson,

While I don't have enough experience with your posts to make any definitive judgements. I think your assessment of Wayne's postings might be a little hasty.

Most likely this is because this thread has spawned many different micro-topics.

Now I'll admit I'm taking Wayne's side because from reading his material I find my opinions on Internet marketing to agree in many respects with his.

However, I think it is a safe assessment to say that F/P exist in all detection software. Its how the vendor handles them, as well as how fast they are addressed after discovery which makes a reputation.

I'm probably not effectively conveying what I mean. So, I'm going back to lurking, but just thought I would interject my opinion. (for what its worth on this Internet)

[SUPERAntiSpy]

[xblocksys]

[xblocksys]

Well it took me a bit of pondering to put it all together but adwarereport.org and the FUD factor.

Known Facts:

a) References to NetNanny toolbar (Looksmart bought I believe)

b) "theCaptain
With over 25 years in the high tech industry theCaptain has extensive experience in product management, development and marketing for industry leading companies including: Apple, Ask Jeeves, General Magic, Intuit (Quicken), Looksmart, and ThermoElectron Corp. theCaptain holds an undergraduate degree in Information Systems and a Masters in Business Administration. "

c) Registrant Name:Kirk Lawrence


Ask Jeeves, LookSmart, NetNanny...

Gosh I have to guess it's...

Kirk Lawrence
Director of Internet Security and Privacy
Ask Jeeves, Inc. owned by IAC/InterActiveCorp.

Distributors of:

Ask Jeeves Bar
Excite Speedbar
iWon Co-Pilot
My Global Search
My Search Bar
My Speedbar
My Web Search Toolbar
Need2Find Toolbar
and more...

I think at one point there was some objection to a distributor Bit Wise Publishing LLC, which was spotted installing My Global Search through its Bald Eagle Screensaver- even when the user cancelled the installation....I believe Sunbelt has some papers on that.

Did you formerly leave the butler Kirk or is this a side gig or am I off base here?

regards,
Wayne
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[xblocksys]

A reminder for those who might not remember:

http://sunbeltblog.blogspot.com/2005/09/askjeeves-question-hopefully-weve_12.html

-wayne
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[Ben Edelman]

Take a look at this log file from adwaremonitor.org (publicly-available on their public site):

[xblocksys]

Interesting Ben.

This might shed some light too....

anti-spyware-rants.blogspot.com


-wayne
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[xblocksys]

Well it's not a total secret- Just had to dig around on the forums.
Hi Kirk.

http://spywarewarrior.com/viewtopic.php?p=98738&highlight=#98738
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[paperghost]

What i find interesting is that all the articles on FUD etc were originally posted onto Kirk's weblog over at:

http://anti-spyware-rants.blogspot.com/

I used to read it, see. They're now all gone, however.

[xblocksys]

Let's bring this into perspective too. ASK has acknowledged publicly that their software has been installed in shady ways. They even promised an "uninstall button" on the mywebsearch toolbar- after installing it- I can't seem to find it. At least that was the promise made in the newsweek article below. Perhaps that functionality only comes with affiliate toolbars? Am I mistaken or confused here or is this a broken promise or did someone forget?

What I do find when I conduct a search is primarily sponsored search links (Sponsored meaning paid advertisements) followed by Ask links (are these natural links?) followed by more sponsored links, then ASK, then more sponsors. The vast majority being paid sponsored links. So I have a toolbar to "search the web" what I really have is a toolbar to search mostly sponsored listings.

Is this adware? Depends on who you ask. Some define adware as software that serves pop-ups, others define it by the primary purpose of the software. In this case, and people can test for themselves, the vast majority of links are simply paid advertisements. Not to mention the 404 redirect to more paid search results to "better help me find what I am looking for". Nice feature but it is really just a set of paid ads that ASK gets a cut of.

I am not against paid search at all but why not disclose this openly?
"Most of the search results you are going to get are actually paid advertisements."

(Note since we are picking on my EULA practices (which I admit can and will be improved)- I was unable to cut and paste the ASK or MYWebSearch EULA's or save them for reference before accepting- that would be a nice feature.) I also note the ASK toolbar did not do a complete uninstall- some pieces could not be removed. I'll have to reboot to see how mywebsearch removal does although when I went to remove it asked me if I only wanted to remove part of it...no- when I go to remove something that means I want to remove it.

Now back to Brad Stone of NewsWeek who was really pissed off that he got the toolbar- an interesting read and the evidence and admissions are clear.

http://www.msnbc.msn.com/id/8086560/site/newsweek/

So ASK gets Kirk on the patrol to shut down the shady distributors, the ones using security holes, exploits, drive-bys, etc, etc. OK Good. I do believe that Kirk sincerely believes he does a good job of doing it, but it is still retroactive- after the damage is done. The user has been violated and in the case above they violated the wrong journalist.

180- Solutions makes the same claims with their "rock solid" s3 technology and their "harsh" vetting processes and quality control.

Reference my interview with YAP Browser caught up serving UA Porn and bundling ZANGO. (BTW I don't believe most of what they say but here it is straight from the horse's mouth.)

http://www.revenews.com/wayneporter/archives/001792.html

(Russian Docs included for native speakers and the whole incident is illuminating.)

Now I don't think Ask has the same problems as 180 but we do
seem to have this continual problem- companies don't like being called adware or spyware but they engage in a game of distribution they cannot really control despite their best efforts.

It's like Russian Roullete. Sooner or later, and usually sooner, you get a live one in the chamber. This is because the CPA model is so attractive to fraudsters or bot masters and the like. We saw that with how easy s3 was circumvented with a send keys attack. It "LOOKS" like a valid install to the toolbar or software distributor but unless they are monitoring "agree speed" it's not.

Why not take distribution in-house completely and lose the affiliate model pay per download bundle? It is just an open invitation to get painted as a problem. If people find real value in the toolbar (that serves mostly pay per click ads) then they will seek it out and use it.


regards,
Wayne
_________________
Wayne Porter
Sr. Dr. Greynets Research
Microsoft Security MVP
http://www.spywareguide.com
http://www.facetime.com

[theCaptain]

The site and the upcoming venture are about marketing and marketing tactics. Anti-Spyware/Virus companies are fair game for the tactics they employ, but like we said before, it's mostly about adware and brand management.

While I would love to talk about the products and distribution regarding the company that I work for 9-5, it's not on my agenda here. I'd be glad to take you through the straight scoop on improvements we've made - during office hours and under non-disclosure. That's all I'm going to say on that topic.

PG - That little advertising piece was fairly light - a survey of a few players, not an in-depth all encompassing article. I really should bolster it up some more though. It's hard to find the time.

-K