Re: HOSTS Spybot F-Secure BackWeb

From: FromTheRafters (!0000_at_nomad.fake)
Date: 09/26/03


Date: Thu, 25 Sep 2003 19:50:13 -0400


"Ron Reaugh" <ron-reaugh@worldnet.att.net> wrote in message news:5yJcb.153080$0v4.11404861@bgtnsc04-news.ops.worldnet.att.net...

> This new hijacking behavior involves overwriting the Windows HOSTS file and
> apparently it's BackWeb code. It hijacks all searches to some brand-X
> search site and apparently BackWeb contains some anti SpyBot code also.

> My Google research found that
> apparently some code by the BackWeb folks, which is immediately attacked by
> SpyBot and less so be AdWare, is the culprit.

Some bad stuff *uses* the BackWeb application
Some good stuff also does.
Each thing using the application has registry settings which
may have been messed with by you and Spybot

> Anti-Virus folks need to be lilly white and avoid all appearances of nasty
> involvements. The freeze up of that XP Pro machine was due to the
> interaction of SpyBot and ANOTHER VERSION of BACKWEB THAT F_SECURE FOLKS
> EMBED IN THEIR TRIALWARE. That interaction caused me hours of hand
> debugging and uninstalling in safe-mode to regain operability on that XP Pro
> workstation.

Not all BackWeb applications are bad things, Spybot IIRC warns
of problems the user may incur.

The hijacker is the culprit I think, not Spybot or F-Secure.

> The fact that F-Secure installed BackWeb, which attacks Spybot, on that XP
> Pro machine without user permission constitutes a complete impeachment of
> F-Secure as a reputable security company.
>
> BLACKLIST if not prosecute F-SECURE.
>
> Prosecute anyone over-writing the file HOSTS without premission.

I laughed, I cried, I grabbed another beer.

Are you saying that the BackWeb application attacks Spybot, and
the HOSTS file has BackWeb code? ~ nevermind...

Spybot must be used with caution.



Relevant Pages

  • Re: HOSTS Spybot F-Secure BackWeb
    ... It hijacks all searches to some brand-X ... > search site and apparently BackWeb contains some anti SpyBot code also. ... the HOSTS file has BackWeb code? ...
    (microsoft.public.security)
  • HOSTS Spybot F-Secure BackWeb
    ... Here's one I dealt with recently which I'll indict the BackWeb folks. ... The fact that Google and only Google had ... So I downloaded SpyBot which is more agressive and more tedious than AdWare ... Overwriting the HOSTS file destroyed user data as the HOSTS file was in use ...
    (alt.computer.security)
  • HOSTS Spybot F-Secure BackWeb
    ... Here's one I dealt with recently which I'll indict the BackWeb folks. ... The fact that Google and only Google had ... So I downloaded SpyBot which is more agressive and more tedious than AdWare ... Overwriting the HOSTS file destroyed user data as the HOSTS file was in use ...
    (alt.computer.security)
  • HOSTS Spybot F-Secure BackWeb
    ... Here's one I dealt with recently which I'll indict the BackWeb folks. ... The fact that Google and only Google had ... So I downloaded SpyBot which is more agressive and more tedious than AdWare ... Overwriting the HOSTS file destroyed user data as the HOSTS file was in use ...
    (microsoft.public.security)
  • HOSTS Spybot F-Secure BackWeb
    ... Here's one I dealt with recently which I'll indict the BackWeb folks. ... The fact that Google and only Google had ... So I downloaded SpyBot which is more agressive and more tedious than AdWare ... Overwriting the HOSTS file destroyed user data as the HOSTS file was in use ...
    (microsoft.public.security)