pc mag software has gone spyware ?

[*ProteanThread*]

my employer just upgraded to the recent version of Norton Anti-Virus
Corporate edition and it supposedly looks for spyware now. But my problem
is its been flagging nearly every pc mag util (before it went $$$ ware) as
spyware....Can anyone else confirm this?



--

Woodzy
http://www.rtdos.com
http://rtdos.com/forum (rtdos message boards)
http://rtdos.com/rtdos (rtdos active developer chat)

http://rtdos.com/chat
Chats scheduled every Thursday @ 7PM MDT and
every Sunday @ 1PM MDT

 

[Susan Bugher]

my employer just upgraded to the recent version of Norton Anti-Virus
Corporate edition and it supposedly looks for spyware now. But my problem
is its been flagging nearly every pc mag util (before it went $$$ ware) as
spyware....Can anyone else confirm this?

Confirm what - that Norton screwed up? ISTM that if old freeware PCmag
utilities are spyware that would have been discovered long ago. . .

Susan

 

[*ProteanThread*]

Confirm what - that Norton screwed up? ISTM that if old freeware PCmag
utilities are spyware that would have been discovered long ago. . .

Susan

More specifically it was the keyboard tick program....

 

[BillR]

More specifically it was the keyboard tick program....

If you are really concerned about this specific aplication, get the
source, review it, and compile it yourself. PC Mag utilities usually
(almost always?) come with commented source.

Speculation
Given the name, this utility probably uses the same coding technique
as spyware. Depending upon the antivirus/antispyware program you use
and the the applications you have installed, you will get a number of
warnings which you will have to evaluate. For example Protected
Storage PassView (PSPV) , WireKeys with the keylogger and
macro-recording plug-ins, and a dedicated keylogger are flagged by two
or three "anti-ware" programs on my system because of the techniques
used.

The former application lets you see some passwords to websites stored
in Windows, but doesn't do anything except display them. (I'll leave
to others to argue whether PSPV breaches security, exposes a false
sense of security, or is just another useful admin tool.) The latter
application, WireKeys, can be used to log keystrokes -- very useful
for recording a macro and setting up a test scenario but a significant
security breach if unmanaged. (Actually I can't say that the
keylogger plug-in caused the warning. WireKeys also remaps keys and
lets you associate macros. That may be sufficient to raise the
warning even without the keylogger plug-in.) I briefly had a
commercial keylogger installed for testing which some "anti-ware"
programs flagged and others didn't (but should have IMHO).

I expect security software will slowly improve its ability to
differentiate, but in some cases the same application can be
legitimate (employee or child monitoring) or illegitimate (nefarious
spyware) depending on who installed it, who owns the hardware, prior
notification, etc. I'd much rather have a few false positives to
investigate than an unreported serious breach.

BillR

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

(e-mail address removed) (BillR) wrote in

If you are really concerned about this specific aplication, get the
source, review it, and compile it yourself. PC Mag utilities usually
(almost always?) come with commented source.

Speculation
Given the name, this utility probably uses the same coding technique
as spyware.

I'd guess so too, that NAV flags it because it looks like a keylogger.

I'd e-mail the exe to them (along with source if you have it). AFAIK,
the submission address for new viruses and false positives is still
<mailto:[email protected]>, but I haven't double-checked their
website.

 

[Bill Rucker]

ware)

More specifically it was the keyboard tick program....

As previously discussed this is because the program _looks_like_ spyware
because it uses a technique oft used by spyware.