Spyware Warrior

[JackofShadows]

Hey all,

Since I upgraded to the new adaware version, Hotbor doesn't seem to be identified and removed.
Now, I've heard rumers that HB were threatening to persecute lavasoft if they don't take 'em off their list. Could this be true?!

When conducting a TAC search on www.lavasoft.de website I also noticed that hotbar is not identifed.

I'm currently using adaware SE, updated yesterday.

Could anyone check on thier computer to see if they really have pulled hotbar out of their threat list ?

If this is true I'm switching to other alternatievs. If not, hotbar has really messed up my computer.

In the meanwhile I'm getting all sorts of porno ads...

Thanks,
J

[mikey]

You're right, I wonder why that is. Hotbar is both adware and spyware.

SSD targets it. I just checked to see if Hotbar had been updated. SSD leaves behind the folder ?:\Program Files\Hotbar\bin\4.5.1.0 but it is easily removed. SSD did successfully kill it tho.

[JackofShadows]

I thought so.

Can anyone contact lavasoft and see why this is happeninig ? They gave no worning.

I tried mailing them but got an answer that they only treat messages from licensed products.

If the most popular detector is giving up we're all in big trouble...

J.

P.s. sorry for the double messaging, I clicked new topic by accident.

[mikey]

I saw your posts at LS.

Hotbar's backdoor(always on auto updater) still connects at regular intervals. In addition to ads and any wares it loads, transfers also include historical data to profile users. This is confirmed as of todays testing.

http://www.kephyr.com/spywarescanner/library/hotbar/index.phtml

http://www.howard.edu/technology/hotbar/

http://www.pestpatrol.com/pestinfo/h/hotbar.asp#Risks

http://www.doxdesk.com/parasite/HotBar.html

http://www.pchell.com/support/hotbar.shtml

http://sarc.com/avcenter/venc/data/adware.hotbar.html

[webhelper]

I have created a special page about hotbar on my site.

http://www.webhelper4u.com/screenshots/hotbar.htm

Hotbar is using mutliple box's that makes users aware that they are installing their adware. They clearly have their EULA and in their FAQ, even have their own uninstaller.

To have them detected they would have to pass one of the TAC's of which they do not right now. About the only way right now without them having legal recource is to show where they are installed as 3rd party bundled software without users knowing it was installed with no EULA to agree to before hand. As of right now the only way I have found is either directly installing from their site or a user would have to click on one of the popup ads which directs them to the hotbar.com site and go thru the same install as is in my screen shots.
_________________
Wächter der Geschichten:
http://www.webhelper4u.com/thewatcher.html
Member of ASAP Since 2004

[JackofShadows]

Hey,

I'm quating my reply from LS board. I think it is safe to say that Hotbar is a spyware and a very bad one.

"Here's how Hotbar fits the TAC:

1. Opens web sites not initiated by the user/unsolicited popups and/or requests to join a different site - Known problem.

2. Provides no uninstaller at all or non-functional application uninstaller - I had to remove 5 different applications - hotbar tools/email tools/ weather/ comparative shoping and one wowpapers. I wonder how many people know that hotbar is installing 5 different programs all of which spring pops.
If hotbar web tools is removed you have the feeling the application is no longer on your computer - however pops continue. VERY BAD !

3. Connects to a remote system without the user's awareness to transmit/receive information- Just use a simple firewall and see how many times this system connects to the servers without prior notification.

4.Auto-updates without user permission and/or knowledge.

5. Operates in stealth (Runs hidden from the user) - after you remove hotbar web tools.

Quite a list isn't it ?
I'm sure it answers to som of the other categories as well.

So... would you say it wualifies as a spyware ?


The thing is, that hotbar was once detectde by adaware. I'm curious why it was pulled out.

J.
"

[mikey]

Hey WH, thx for the heads up on the reasoning.

However I must agree with Jack about the fact that Hotbar's uninstall string does not remove anywhere near everything deposited.

It is spyware/adware and I for one don't think a flashed click thru EULA warrants a vote of legitimacy from the pri/sec community.

Kids and other users sometimes DL without paying attention. When I run a scan on my kid's box, I want to know that the garbage will be found.

Personally, I think the LS decision to remove Hotbar from targeting is a mistake. I want the spies in my sys dealt with whether I, a client, or my family clicked a EULA or not.

BTW As I recall, the name AdAware was chosen because the tool was supposed to make users aware that adware/spyware exists on their machine. If Hotbar isn't targeted, then the user is not made Ad....Aware.

[webhelper]

You need to read the my link with the screen shots. last night I clicked on their ad and it will roduce the same 3 screens you must click on to get an install.

JackofShadows..how did you get the hotbar installed? We need hard evidence such as fire wall log files to show that at some site and install takes place with out going thru their 3 screens "Next, Open, then accept" to get an install.

As long as they have all that along with a EULA and how to uninstall they would be labled as adware.

I don't disagree with the adware part but in order to we would need to document a case showing how it installs as a 3rd party or stealth without any signs of an EULA or how to uninstall it..

You must remember that I am also one of the mods at Lavasoft as well as one who researches and tests this type of stuff. That is like posting about security software not being any good at this board of which we take flake from their creators and so we gather all the hard evidence to prof\ve otherwise.

If you can show hard evidence that users will get the hotbar installed without any warning, no eula shown and no way to uninstall other than with 3rd party or manual methods..present them to Lavasoft along with the link to where it happened so they can go and duplicate the issue and if found to be not meeting any of the TAC, then it would probably be readded to the detection.
_________________
Wächter der Geschichten:
http://www.webhelper4u.com/thewatcher.html
Member of ASAP Since 2004

[JackofShadows]

Dear webhelper,

Let me start by expressing my honest appriciation to you and your work.

Concerning your request on installation procedure info, I must admit that it's my child who downloaded the application. He saw and email icon he liked and pressed on it. From there he probably got to hotbar's site and downloaded it through their procedure.

Still, there are 2 points to keep in mind:

A) At download.com, adaware presenst itself as "Scan your system for ad-supported software components and remove them.".
This is what keeps it the no.1 download today. From what you are saying the fact that this is an adsupported application doesn't qualify it as being detected by adaware
If this is so, the honest thing to do is make this fact public.

B) What about old hotbar users. Those who got the application before hotbar changed its policy, without their consent. Aren't they entitled for a honest search ?
Is it fair to allow a company to capture helpless users and then keep them within it's evil web by "converting"?


To sum things, what we have here is a program that springs HUGE amounts of popups, connects to the servers and upgrades without notifying the user.
Difficult as hell to remove (5 different applications hidden well within the add remove list).
Adding self promoting links to user's emails.

And Lavasoft doesn't categorize it as adware that should be detected and removed ?
I'm sure everyone here will agree that it sounds bad and concerning.

Best,
J.

P.s. If lavasoft is so concerned about law suits, the first thing to do is change the description at download.com. It's completely misleading.

[mikey]

Ref; http://www.lavasoftsupport.com/index.php?s=ee26439ac774d9a9d10d8fb9c7957e9c&showtopic=44037

[MadameX]

This situation is getting more and more disturbing each day!

Deb
_________________
CARMA

[herbalist]

[mikey]

How exactly is Hotbar legit?

Let's see; It's a spyware. It's an adware. It's an uncontroled backdoor. Nope, I don't see any legitimacy here.

As mentioned, a large majority of the current targets do in fact have EULAs that also spell out the facts if someone actually looked. Many of those are not nearly as invasive as Hotbar.

Would I understand right, that LS is buckling under pressure of legal action...even tho they are aware of public reaction for or against them? I'm sure the community would be a pretty large voice in Lavasoft's defense but I believe the folks might be a little concerned to find out LS has no fight.

[MadameX]

[herbalist]

[Crusader]

O.K., so "they" can't call it adware, why not call it pornware or something?? From my understanding it delivers porn related pop-ups.

Personally I see the whole internet going downhill very fast, to just present a EULA gives them immunity?? That is b.s. . If that is all it takes then I am pretty sure there is going to alot more crapware writers that are going to go "legal", personally I put ad-aware with all the other shareware products out there, they seem to be in it just for the $$ now, which there is nothing wrong with that, just they are heavily burdened with legalities.

The whole internet community is gettin hurt because all of this legal crap, what happened to that "26 page" spyware bill that was in congress?? I am so sick and tired of all these technical legalaties protecting these scumwriters, we should be hounding our governments and not lavasoft.

[Sergei]

What's worrying about the new Spybot version? Does it too detect less than it did before?

Are both the major anti-spyware apps being "assimilated"?

[connie cavan]

While I was on the site today reading about freeware I downloaded Spykiller for a "free trial run"/ It showed I had a couple of minor problems, but wanted $29.95 to fix them.

When I opted out I found that Spykiller has imbedded itself and I can't get rid of it. Do I have options here? This seems oh so illegal. Connie
_________________
connie75

[herbalist]

My original gripe regarding SpyBot was false detections, including a link to my own website. That and adding another running process I didn't want. Never was impressed by the lack of regular updating.

Unfortunately, the internet is a far different place than it was intended. Just going out and "surfing the web" has become about the equivalent of playing in traffic, uncontrolled traffic at that. The time is coming that this whole system will have to be overhauled and get set up completely different, complete with its equivalent of "traffic laws". I just hope Microslop doesn't get to decide how it will be done.
Rick

[Scaramouche]

I'd have to agree that Ad-Aware (and by extension, all anti-spyware vendors) are in kind of a sticky wicket here. The problem lay in that the EULA is on it's face, binding, regardless of its length or legalese. Obviously you can go too far with a EULA (witness the guy who won't let you post screenshots or criticism) but unfortunately in this case they do represent their software's workings relatively accurately. Having no uninstaller is unprofessional, but is it illegal?

That said, Ad-Aware and others could perhaps turn the tables by describing the product in question in more neutral terms. Is hotbar objecting to the fact that Ad-Aware can remove their product, or to the fact that their software is classified as undesirable?
_________________
---
My comments represent my own opinions and research.

[mikey]

I don't think it is a matter of legality.

Folks want these critters removed. Bot killers provide this service. As far as I know, there is no legal reason not to provide targeting of this. Hotbar clearly fits into PMK's criteria in several ways; http://www.safer-networking.org/en/targetpolicy/index.html Just because it has a EULA, does that preclude targeting?...not any way I can see.

The bot killers are responsible only to their users...not the spies.

There is ofcourse the legal question of slander. Truth tho is not slander.

Even tho I have heard no scuttlebutt, I wanted to be sure that there was no campaign by Hotbar to influence PMK...so I asked;
http://forums.net-integration.net/index.php?showtopic=22143

There has to be more to this than what meets the eye. I ask again, does LS intend to stop targeting ALL the nasties that have EULAs?

[connie cavan]

Th herbalist: Thanks for the tip on Godzilla, and if that was your insert on Windows 98. much gracio. very informative. Now I know why my old faithful 98 finally gave up and crashed, even with no bugs. A bow to Internet Explorer. Would still like to know how to get unwanted so-called spyware out of my system, as the regular methold won't work. I now have a Dell, but still have Windows.
_________________
connie75

[herbalist]

Thanks. The site is mine, although a long way from finished. Just haven't had the time.
I think the key here to avoiding legal complications lies in how they're classified. Terms like malware, pornware, undesirable, etc, need to be avoided. That'll just bring slander suits and the like. If put under a term like "user requested", that will get the adware companies off the hook. The scumware writers normal argument is that their software doesn't deserve the label it gets, playing with technicalities is what it boils down to. "User requested" would be much harder to argue with. The biggest problem here might be needing to rewrite the ad removal programs, again, so that "user requested" items are displayed separately from "legitimate malware".
What a pain.
Rick

[Scaramouche]

[Mind control 01]

Hello all, Im very new to all this but is there a program that puts false info in my computer so when the spy grabs info it has loads of rubbish to sort though?

[herbalist]

That would be very difficult to do. The problem is that you'd have to know what each one wants, and they're all different. It's do-able if you know exactly what pest you're going to be dealing with and exactly what they're trying to get. Keyloggers for example will store their data in a specific file, each one calling the file something different. Unfortunately more of these products add their files to your system than the other way around. If you can be certain that a given pest is always after certain files, you might make that work. If you're going to do something like that, might as well send them something good, like a mass mailing worm or a copy of Dariks Boot and Nuke, modified to self execute.
Rick

[Mind control 01]

Hello herbalist, Thanks for your comments,Im on a learning thing at the minute while i have spare time,Ok Here go's, what about your memory and file space if say i had a disc that i ran before entering the internet that filled up all disc & file space available with all sorts of info & tricks (I suppose loads of pictures & music to take up disc space),So now im full,Browser full of sites,Full of crazydownloaded files, They cant down load on me as im full,If they take info its bogus,when i finish for the night i hit restore,Sorry if this is a simplistic view but i dont want to rely on removal tools,I feel the spys are trying to play with me & when it comes to games I like to play

[herbalist]

If I'm reading your post right, you're talikg about completely filling up your computer so that there's no room left for "them" to install anything? Problem here is that you'll never get that far. Your computer has to have some free space just to work. When a system approaches completely full, it gets slower and more erratic. Even if you do actually manage to fill a system, you just made it useless. It can't open a web page. There's no room for it. It can't create a document, again, no room. If you're talking about a newer machine, say with a 60gb hard drive, you'd be amazed just what it's going to take to fill it. Not taking the operating system and installed programs into account, you could be talking about 800 to 1000 albums of music or hundreds of thousands of documents. The figure here is a bit high for a 60gb hard drive as I didn't deduct what's already installed, but it gives you the idea. Ideally, you're looking for a balance between security and functionality.
The best approach to keeping a system clean is a multi-step process:
1, Keep the OS up to date: security patches, critical updates, etc.

2, Use a good Anti-Virus. Quite a few are available, including some excellent free ones. Integrate it into everything that downloads or transfers files. Scan everything that comes in before you open it, no matter where it came from.

3, Get a firewall and take the time to learn how to configure it right. Again, there's plenty of good ones, some free. There's also some seriously over-rated junk. Good ones include Kerio, Sygate, and Zone Alarm in the free category. Unlike they portray it the movies, one firewall, properly configured, is plenty.

4, I realize you don't like this idea, but an anti-adware and malware program is basically a necessity. The 2 best are Ad-aware and SpyBot S&D, both free or offering free versions. There's a lot of garbage disguised as such too. Stick with these 2, either one or both. Too many pests don't qualify as a virus, worm or trojan. They get past your Anti-virus and plug your system up, drive you nuts closing popups or worse.

5, Configure your browser to be as secure as possible. There are plenty of things you can do to help here and quite a few tools to make it easier. There are also other browsers that are very good, Mozilla and Firefox being 2 of the best. Check out the "Firefox or Internet Explorer" discussion in the"General Software Discussion" section. If you decide to use Internet Explorer, get a popup blocker. Overwhelming you with popups is one way sites do undesirable installing on you. Mozilla has one built in. More info on Mozilla and Firefox at http://www.mozilla.org/

6,
Most Importantly, be aware of what can happen. Read sections like the "Virus News and Alerts" section. Use common sense regarding where you browse and what you click on. That's the most common way to get adware and Malware. Don't open e-mail you don't recognise. Be especially careful with e-mail attachments. The majority of viruses spread that way. Check out WebHelpers site, http://www.webhelper4u.com/index.html . Lokk thru the sites he lists and what they do. This will give you a much better idea of what's really out there. HPGuru has a list set up as a hosts file, free for the using. It's at http://webpages.charter.net/hpguru/hosts/hosts.html
Even if you don't use it, it'll give you an idea of just how many of these sites there are. If you have kids using the computer, I highly suggest you get it. If you want more examples of how bad it gets, look at the "spyware removal" and "hijack this sections". A different forum I work at gets a new "how do I get rid of ..." topic every couple minutes. Last I read, 80% of all personal computers are infected by something, be it adware. malware, spyware, virus, worms, trojans, keyloggers, etc. By far, prevention is the way to go.
Check out the "Making Windows 98 Better" link at the bottom of this post. While I'm writing that for win98 and ME users, much of it applies to any operating system. Everything listed there is free.
Rick

[Moore]

[Mind control 01]

Hello all , Thanks for all your advice ,I have win xp IE with sp2,I have panda,which i must say stops all spam i've not had one yet,When i first put on spybot it said i had about 30 spys & 1 trojan(I stupidly put in ebay toolbar wow loads of spys on that)The reason i thought you could get back at the spys i recently met a man who who writes programs for bussiness he said tell him want i want to do & he could do it ,I was going to set him a challenge just for fun,Im good at idea's once i suss whats what,Ive not long finished a book on encription boy did that make my head spin Im quite new to computers but i learn fast,Im already bored surfing etc & while i have spare time i thought i'd put my brain to use on some problems just to see if i can,Please excuse my simplistic views so far im sure that will soon change,I've learnt loads from this site thank you Spyware warrior ,I'll be back soon.

[mikey]

MC01, I'm sure you meant no disrespect but it is very rude to start a new topic in a totally unrelated thread. Please maintain the topic. When posting new topics, please start a new thread instead of interrupting a discussion in progress. It's called netiquette.

Could a mod please break off the OT into a new thread? Thx

[Mind control 01]

Hello all,I am sorry


P.s I do have a few more questions
I'll wait till this thread is moved .

[JackofShadows]

Hi,

After being "politely" asked not to post any more messages on the Hotbar subject on Lavasoft's forum I wanted to bring SW's community, Spybot's comments to Hotbar (After reading the below, I wonder which detector you would recommend your friends to download)


My original message:

Lavasoft, no longer detects Hotbar as spyware and stopped removing
it.

Will u also be falling into this trap ?

Jack

Spybot's reply:

Hello Jack,

According to the HotBar website, Hotbar is an add-on that
instantaneously converts your email and browser applications into
powerfully personalized instruments of enhanced functionality and visual
appeal. The Hotbar Browser Toolbar presents buttons on your Internet
Explorer browser that change while you surf to relate to the website you
visit. These buttons also provide you instant access to Search, Yellow
Pages and more! The Browser toolbar also spices up your Internet
Explorer with your chosen image (skin) picked from a huge variety of
skins numbering into the thousands found in hundreds of galleries at
www.hotbar.com.

The Hotbar Email Toolbar is added to your mail (Outlook , Outlook
Express, Hotmail and Yahoo mail) . This bar offers a wide assortment of
options for customizing the design of your emails with Backgrounds,
eCards, Animation and even a Business Card of your own design.
However, HotBar does track web site visits and also has an autoupdate feature that updates automatically. So there are both privacy and security concerns with this add-on program.
Best regards,
Norma
Team Spybot

[JackofShadows]

I just hope I won't get banned from this forum, simply for revealing facts.
(and such popular ones)

[3162]

[suzi]

What do you guys say if we just lock this thread and start over?

There's about 3 topics here including one completely OT about SpyKiller. I'm having a hard time figuring out which reply goes to which question without spending way too much time.

If anyone wants to point out to me which posts belong together, aside from the posts about Ad-aware and Lavasoft, please reply and then I can split them.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn.

[suzi]

[3162]

I say lock it and start anew.
It's spun its wad
_________________
Proud member of the Chest Zipper Club!

[suzi]

I'm with you! Locked it shall be.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn.