Slashdot Mirror
CA's 'Pest Scan' Results Mislead Users
FriedDuck writes "After reading E-Weeks' article about CA's ranking of spyware threats I went to their site to check it out and try their free spyware scan. I was stunned. CA reported that my machine is being terrorized by eleven 'pests' including some that are pretty serious (not just tracking cookies.) Unfortunately all of the serious threats were false positives. CA reported that I had a key logger, cracking tool, and various other nasties that all turned out to be common software (e.g. Flash, SourceSafe) that one wouldn't easily mistake for malware. In fact, without exception my system contained none of the registry keys, folders, or binaries that CA itself say should be there. A blatant attempt at scaring people into buying shoddy software." Read on for the details of what was found, and what was actually on the system.
"If it matters, here's what it reported, and what was there on my system:
- System Spy - Key Logger. Mistook MSFT's SourceSafe executable for the keylogger. None of the other registry keys, folders or binaries were present
- Fake CD .99 - Cracking Tool. Mistook the generically-named unins000.exe that InstallShield uses as the Cracking tool. None of the other binaries were present
- Ezula TopText - Adware. Mistook the installation of Flash as the adware. Stupid.
- BonziBuddy - Spyware. Mistook a common library intalled by Borland's CaliberRM (EZSMTP object) as the spyware.
None of the other binaries, folders or keys (of which there are many) were present."
I was recently writing this article for tech-recipes where I was trying to describe how to remove spyware files that are "protected."
http://www.tech-recipes.com/windows_tips778.html
Isn't there a program out there that will tell you which services or programs are protecting a file?
Davak
I'm glad to see that one other devloper on the planet is using source control, but you really need to upgrade. Seriously, not even MS uses VSS anymore---it is the most unstable, feature-scarce, POS source control there is.
May I suggest Subversion/Tortoise?
The best part about SVN over VSS is that you don't need to worry about exclusive locks. If one programmer (or yourself) checks out something and makes changes, you can still check out a pristine copy, make changes, and then everyone can check back in (last one in has to do a merge) without worry.
On a dev team of more than one, invariably someone will leave something checked out and then take a vacation. With VSS you're pretty much screwed, but with more advanced source control this is no longer an issue.
Yeah, right.
This was the first time that I ran across free software that I thought I paid too much money for. It was horible. Since then - I was working for a company that was aquired by CA. Everyone in the Lab I worked for was dying to get out - even went so far as to place bets on who would end up at the bottom of the R&R chart to guarantee a buyout package, rather than leaving CA with nothing.
I have mod points and I am not afraid to use them
Even commercial software sensationalizes every so often. Take BlackICE for example. Back when I was a netadm at a Unv I used to frequently get calls, emails and even some visits from students and campus faculty/staff about an "attack" on their computers. Inevitably they'd show me a BlackICE log file warning them about some hacking attempt that involved a ping. Yeah, a ping. Good old ICMP Echo. That's real dangerous. It wasn't even a ping flood; just a single damned ping. Then there were the warnings from SMB packets on the network that were sent out from one of our servers or someone else's desktop. Stupid crap like that. I assume the BlackICE marketing folks want the users to really think they need the BlackICE products in order to survive on the 'Net. That's the onyl reason I can think of to annoy the users like that (and thus me).