software warning - spyferret

Gloria’s computer became infested with spyware and adware after she hit a bad site. Despite having Ad Aware and Spybot on the system, I was unable to clean some of the things her computer contained.

In looking for a solution, I stumbled across a link for SpyFerret. I made the mistake and downloaded it for $39.

It is a rip-off. In working with it, I discovered that if I had refused the $39 demand, they would have dropped the price to $19. Further into usiing it, I discovered that it does not perform as advertised and, in fact, persisted in opening two vulnerabilities that I had previously closed. It detects spyware because it appears that it lets it in intentionally.

I e-mailed the seller, cited the problems, pointed out their “guaranteed satisfaction” statement on their website. I have since e-mailed them three more times. They have not responded.

In doing the research I should have done before downloading, I find many complaints about this offshore company based in Kuwait. They are cited for copyright infringement in a link posted by the Washington post. Numerous newsgroup complaints mirror my comments and findings.

Today, I called my bank and disputed the charge. The bank will credit my account. I wonder if I will hear from the seller now?

Do not use or buy SpyFerret.

Go to Microsoft.com and there is a link to anti-spyware beta. It is a product that they works well in spite of the beta branding. Another company made it and tested it and it worked well enough that Microsoft bought the company. Price is 0.

jed

You have to have a LICENSED copy of Windows XP to run it(I know nobody has an illegal copy out there). It does work as advertised though.

Also, Slenon, if you haven’t got rid of your issues, you might try Spysubtract. It can be found here
[url=http://www.intermute.com/products/spysubtract.html:b6e6a]http://www.intermute.com/products/spysubtract.html[/url:b6e6a]

It works well and has a fully functional free trial.

I think I have it under control now, fellows. The bank has credited my account and will process my claim for permanent refund next week. They were quite helpful.

Spyware Blaster, Spybot, AdAware. & McAfee all determine her computer to be clean and operable. The recurrent problems seemed to vanish when I quit running Spyferret and deleted it (which process included another buried suggestion to purchase at a reduced price). I believe the last set of problems were engineered.

The most frightening thing is that the Spyferret help desk suggeste, by automatic response, that if problems persisted, they be allowed to study the problem by remote link and suggest more personalized treatment. I can only imagine what data their little Kuwaiti operationn would have gleaned with that access. Fortunately, I declined that.

I’m wondering if they will respond by e-mail once they get the notice that my bank is investigating them for fraud and is about to rescind the payment.

I currently run three different spyware programs as recommended by MS tech support. Earlier this year I had a problem with a MS product install that caused some system problems. During my discussions with tech support they recommended that I load MS Anti-Spyware on my system, but to also load Ad-Aware SE Personal.

In the last hour I have run system scans with the following.

MS Anti-Spyware - No problems found

Spybot Search and Destroy - 24 problems found and removed - 21 were tracking cookies

Ad-Aware - 28 problems found and removed, all were tracking cookies

The bottom line; you need to run more than one spyware program to keep your system clean.

Dan S
The poster formerly known as Outrider

Do any Apple people have these problems?

fishigan:

Nope.

—David

(formerly known as “clueless”, and only the name has changed)

Spyferret is a Spybot rip-off. They first created a program and then copied the program library file from Spybot and renamed it. They also copied the threat database. Spybot makers purposely put phony threats in their database and, guess what, they showed up in the Spyferret database. The Spybot program is free with only a donation requested and it is far superior to any rip-off.

A lot of the “detections” that anti-spyware products come up with are tracking cookies. All browsers accept cookies by default and that includes Apple computers. These cookies are not always bad. FAOL places tracking cookies on your computer. For one thing, you would not be able to have the little flags to show you what posts are new since your last visit without them. FAOL also tracks how many of you look at the sponsor links.

All browsers, including Apple’s Safari, have security settings that allow you to control cookies. If you do use these to completely, block cookies your browsing experience will suffer. On some sites you will have problems viewing the pages.

I use a combination of software and settings that will block the bad the sites that place spyware and bad cookies. To do this you should have and KEEP UPDATED!:

1.) anti-virus – (only 1 !) example: AVG
2.) firewall – (only - 1 !) examples: Kerio, Zone Alarm, Black Ice
3.) anti-spy – Adaware and Spybot (use both)
4.) browser helper – Spywareblaster

The first three are probably familiar to you. The forth, the browser helper, blocks sites from installing harmful ActiveX software and also block sites that are spyware infections.

You can also use a custom host file – you may download a good one here: [url=http://mvps.org/winhelp2002/hosts.zip:79844]http://mvps.org/winhelp2002/hosts.zip[/url:79844]

A host file allows you to resolve a web site name to your own computer instead of the actual web site. This is very useful if the web site is one that would install spyware on your computer. Your browser will not go to that site even if told to by a trojan and you will not get the bad software installed. The host file, which is simply a list of these bad sites, needs to be extracted from the zip download and placed in the proper directory on your computer:

Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
Windows 2000 = C:\WINNT\SYSTEM32\DRIVERS\ETC
Windows 98 = C:\WINDOWS
Windows ME = C:\WINDOWS

Note: the hosts file name has no extension, it is simply named hosts

There are other steps and software that are good but require a little more knowledge or you can get in trouble. These are usually only necessary if you have badly neglected to use the preventative steps above.

I have no problems with spyware or tracking cookies because I keep all my preventive software up to date. I can not emphasize how important it is to keep everything UP TO DATE! That means having your software check for updates DAILY!

Joe

[This message has been edited by flyfisherjoe (edited 06 June 2005).]

Now I see why I don’t have those little light bulbs everybody talks about. My computer must remove the cookies that control them! Thanks FlyFisherJoe!

Hey there flyfisherjoe;

In ENGLISH next time!!!

Mark
PS: Is the Brophy Bros Seafood Co. restaurant still there on the second floor of the tack shop at the SB Marina?? I could sit ( and have) at their bar overlooking the marina,beach and hills for a long time. Just kiddin " english"

I’d rather be in Wyoming!

Ray, the little light bulbs may not be appearing in the browser you are using because of an issue with the bulletin board program and your browser. Internet Explorer browser will display the bulbs but other browsers may not. The condition of the bulb, on or off, is determined by the cookie. You may still have the cookie but the graphic is not displayed in your browser.

Marco: Yes, Brophy Bros is still there. let me know if you get back this way and I’ll join you for a drink!

How’s Fox Lake and the rest of the chain? The last time I was there it was very polluted. Heard they cleaned it up.

Joe

Flyfisherjoe;
The “chain” is just not my cup-o-tea for fishing or anything. It HAS been cleaned up but…
We haven’t been to Santa Barbara in about 10 years so we’re ( wife and I) are looking forward to it again. We make an annual ( March) visit to our friends in Carmel and take that opportunity to “radiate” from there. In the last few years we’ve generally stayed in the Carmel area or North to San Fran, Napa, Mendocino etc. so we’re due to do Santa Barbara again soon. You live in a beautiful area and the restaurants ain’t too shabby either. Got to meet Dan’l Boone ( Fess Parker) at his winery the last time we were there. Is Joe’s still there downtown? Great ice cold salsa. There was also a restaurant just slightly up the hill where I left a mortgage payment.It was part of a very exclusive resort/spa ???
In any case, I’ll let you know if we’ll be there. It would be nice to meet you.
ALSO: Since I have your attention and you have demonstrated an apparent understanding of computereeze, maybe you can help. I cannot get into the FAOL chatroom. Whenever I try to do so, I get a message " VolanoChat Server. The VoalnoChat applet failed to connect to the VolanChat server: You may be trying to connect through an HTTP proxy server. The VolanoChat applet cannot connect to the VolanoChat server through an HTTP proxy server since it doesn’t communicate using HTTP. Try switching the connection to a SOCKS proxy server or try using a network address translating (NAT) router for your firewall, if either of these options are available to you. VolanoChat works fine through firewalls using SOCKS or NAT. Your network administrator may be able to help change your settings to work with VolanoChat"

Who the hell is MY network administrator? I have contacted everyone on earth regarding this problem and the most popular answer seems to be " I don’t have a clue".
The puzzling thing is that when I was in Carmel with this laptop, using my my friends internet access via Comcast ( same as my home) I was able to get into the chatroom no problem.
Do you perhaps have a " clue"?

Mark

Mark

I’d rather be in Wyoming!

1. Good grief Marco!! Are you back on that again?!?

2. Your poor cat!

3. So glad I use an Apple!!

Trouts don’t live in ugly places

Hey there Betty!
Yes I’m still at it. As I said, I’ve contacted everyone on earth about this problem but maybe, just maybe, I missed someone so therefore my querry to Joe.

Tight Lines!
Mark

Fly Fisher Joe,
FWIW, I have anti-virus, firewalls, and anti-spyware software resident and updated daily on both computers.

The infestation I wrote about at the beginning of this topic happened despite all precautions. I assume that she failed to read some fine print at a website she surfed into - something we are all guilty of doing.

That ommission allowed more spyware and malware to be downloaded in one day than I have detected previously in all the years I’ve been using computers.

In the end, we are all vulnerable. I got scammed by SpyFerret’s parent offshore company. Fortunately, my bank is helping me recover my money. All I can do today is warn others and keep my guards up.

aka Cap’n Yid.

Stev Lenon, 91B20’68-'69
When the dawn came up like thunder

Marco, I can imagine what the Chain has become. I remember driving up there and fishing by the bridge oh hwy 12? and catching many largemouth and an occasional northern along the rocky shoreline along the road. I would fish under the bridge and catch white bass 'til my wrist hurt.

As far as your chat problem, I would say that since your computer works fine at other locations the problem lies in your home setup. Do you use a router/firewall? If so the setting may be interfering with the Java. Try connecting the computer directly to the cable modem and see if you can get in.

If your not using a router, call your cable company for support.

slenon, do you use SpywareBlaster to protect your browser and block bad sites? If not, I would strongly suggest it. At this time SpywareBlaster has 3596 browser protections and bad site blocks in it’s database. One of them could be the one that got your wife.

In addition to keeping all the “anti” software up to date you must also keep your browser up to date, especially Internet Explorer. Mozilla’s Firefox browser is much safer to surf with, but it too must be kept up to date.

Do you still have the problem? You can run a program called Hijackthis and see what is loading that shouldn’t.
WARNING: Using that program to delete things requires a bit of knowledge and I don’t recommend it for the average user.

Joe

[This message has been edited by flyfisherjoe (edited 12 June 2005).]

Flyfisherjoe, I had a current copy of Spywareblaster on her computer and mine when the infestation happened.

One of the things Spyferret did was to selectively disable two items that SpywareBlaster had blocked. I e-mailed SpywareBlaster about this but haven’t heard back, yet.

The problem vanished when I deleted Spyferret and removed the backup/restore points, then ran all the legitimate anti-spyware on her computer.

In researching Spyferret, after the fact, I ran across Hijack This. My opinion, right now, is that should I use it, I will ask for help in interpreting the results and following the cleanup directions. Thanks for suggesting this. However, unless the infestation recurs, I think we’re OK for the nonce.

aka Cap’n Yid.

Stev Lenon, 91B20’68-'69
When the dawn came up like thunder

Try this, [url=http://securitytango.com/:abba6]http://securitytango.com/[/url:abba6]

~~ C
Travel Adventures
[url=http://go.travela.com/faol:abba6]http://go.travela.com/faol[/url:abba6]

marco try going to control panel
internet options
connections tab
LAN settings
under proxy server make sure both boxes are checked…
I don’t know if that will help but that is how mine is set up. if not remember the way it was b4 and put it back…
hope this helps

Hey there Sacfisher;
Thanks for taking time to help . Unfortunately when I checked both boxes under the LAN settings tab, I couldn’t even get on the internet. The only option I have left is as I think JC suggested, try to connect outside of my area or house.
Thanks a bunch anyway.

Mark

I’d rather be in Wyoming!