False Positive (BearShare)

MS antispyware flags the all the files and files in
subfolders in c:\program files\bearshare\" as "BearShare
AdBundler". This can include files downloaded by the
user. (bearshare in a p2p program that uses the gnutella
network)

BearShare has 3 varieties: lite, regular, and pro. Out of
the three, only regular has a (fairly benign) adware
bundled with it, and it does not depend on the adware in
any way to run. Only the installer installs the adware
and the main program doesn't reinstall (or interact with)
the adware in any way.

Right now the bearshare main directory is and all
subfiles are being flagged as adware even though there is
never any adware in there while the real adware bundler
(the regular installer only) is being ignored. I am
reporting this in hopes that this false detection will be
resolved before the release. (when is that anyway?)

All P2P programs are considered a spyware risk due to the programs allowing
access to your own files. Ignore detection if you are aware of the
application, understand the risks associated, and wish to use it anyway.


"user" <anonymous@discussions.microsoft.com> wrote in message
news:0cab01c4f474$58723580$a401280a@phx.gbl...
> MS antispyware flags the all the files and files in
> subfolders in c:\program files\bearshare\" as "BearShare
> AdBundler". This can include files downloaded by the
> user. (bearshare in a p2p program that uses the gnutella
> network)
>
> BearShare has 3 varieties: lite, regular, and pro. Out of
> the three, only regular has a (fairly benign) adware
> bundled with it, and it does not depend on the adware in
> any way to run. Only the installer installs the adware
> and the main program doesn't reinstall (or interact with)
> the adware in any way.
>
> Right now the bearshare main directory is and all
> subfiles are being flagged as adware even though there is
> never any adware in there while the real adware bundler
> (the regular installer only) is being ignored. I am
> reporting this in hopes that this false detection will be
> resolved before the release. (when is that anyway?)

Well then I guess you better add all ftp, webservers and
IRC programs that support file transfers to the detection
list too. But seriously, p2p programs aren't designed to
allow unauthorized access to your files. It is detected
and described as "BearShare AdBundler" which is not what
it is. Am I talking to a Microsoft representative or
another beta tester?


>-----Original Message-----
>All P2P programs are considered a spyware risk due to
the programs allowing
>access to your own files. Ignore detection if you are
aware of the
>application, understand the risks associated, and wish
to use it anyway.
>
>
>"user" <anonymous@discussions.microsoft.com> wrote in
message
>news:0cab01c4f474$58723580$a401280a@phx.gbl...
>> MS antispyware flags the all the files and files in
>> subfolders in c:\program files\bearshare\"
as "BearShare
>> AdBundler". This can include files downloaded by the
>> user. (bearshare in a p2p program that uses the
gnutella
>> network)
>>
>> BearShare has 3 varieties: lite, regular, and pro. Out
of
>> the three, only regular has a (fairly benign) adware
>> bundled with it, and it does not depend on the adware
in
>> any way to run. Only the installer installs the adware
>> and the main program doesn't reinstall (or interact
with)
>> the adware in any way.
>>
>> Right now the bearshare main directory is and all
>> subfiles are being flagged as adware even though there
is
>> never any adware in there while the real adware bundler
>> (the regular installer only) is being ignored. I am
>> reporting this in hopes that this false detection will
be
>> resolved before the release. (when is that anyway?)
>
>
>.
>

beta tester

- if you check most of the spyware detection software sites, they all
classify p2p apps as a risk but not necessarily a bad one. So many home
users are so ignorant of what is on their computers and what their kids put
on their computers - I could tell you some stories!!!


"user" <anonymous@discussions.microsoft.com> wrote in message
news:07b301c4f4f1$bfc10450$a501280a@phx.gbl...
> Well then I guess you better add all ftp, webservers and
> IRC programs that support file transfers to the detection
> list too. But seriously, p2p programs aren't designed to
> allow unauthorized access to your files. It is detected
> and described as "BearShare AdBundler" which is not what
> it is. Am I talking to a Microsoft representative or
> another beta tester?
>
>
>>-----Original Message-----
>>All P2P programs are considered a spyware risk due to
> the programs allowing
>>access to your own files. Ignore detection if you are
> aware of the
>>application, understand the risks associated, and wish
> to use it anyway.
>>
>>
>>"user" <anonymous@discussions.microsoft.com> wrote in
> message
>>news:0cab01c4f474$58723580$a401280a@phx.gbl...
>>> MS antispyware flags the all the files and files in
>>> subfolders in c:\program files\bearshare\"
> as "BearShare
>>> AdBundler". This can include files downloaded by the
>>> user. (bearshare in a p2p program that uses the
> gnutella
>>> network)
>>>
>>> BearShare has 3 varieties: lite, regular, and pro. Out
> of
>>> the three, only regular has a (fairly benign) adware
>>> bundled with it, and it does not depend on the adware
> in
>>> any way to run. Only the installer installs the adware
>>> and the main program doesn't reinstall (or interact
> with)
>>> the adware in any way.
>>>
>>> Right now the bearshare main directory is and all
>>> subfiles are being flagged as adware even though there
> is
>>> never any adware in there while the real adware bundler
>>> (the regular installer only) is being ignored. I am
>>> reporting this in hopes that this false detection will
> be
>>> resolved before the release. (when is that anyway?)
>>
>>
>>.
>>

Both Ad-Aware and spybot ignore the main bearshare
program subfiles because they are not spyware (or
adware), which spyware detection software sites are you
refering to?

>-----Original Message-----
>beta tester
>
>- if you check most of the spyware detection software
sites, they all
>classify p2p apps as a risk but not necessarily a bad
one. So many home
>users are so ignorant of what is on their computers and
what their kids put
>on their computers - I could tell you some stories!!!
>
>
>"user" <anonymous@discussions.microsoft.com> wrote in
message
>news:07b301c4f4f1$bfc10450$a501280a@phx.gbl...
>> Well then I guess you better add all ftp, webservers
and
>> IRC programs that support file transfers to the
detection
>> list too. But seriously, p2p programs aren't designed
to
>> allow unauthorized access to your files. It is detected
>> and described as "BearShare AdBundler" which is not
what
>> it is. Am I talking to a Microsoft representative or
>> another beta tester?
>>
>>
>>>-----Original Message-----
>>>All P2P programs are considered a spyware risk due to
>> the programs allowing
>>>access to your own files. Ignore detection if you are
>> aware of the
>>>application, understand the risks associated, and wish
>> to use it anyway.
>>>
>>>
>>>"user" <anonymous@discussions.microsoft.com> wrote in
>> message
>>>news:0cab01c4f474$58723580$a401280a@phx.gbl...
>>>> MS antispyware flags the all the files and files in
>>>> subfolders in c:\program files\bearshare\"
>> as "BearShare
>>>> AdBundler". This can include files downloaded by the
>>>> user. (bearshare in a p2p program that uses the
>> gnutella
>>>> network)
>>>>
>>>> BearShare has 3 varieties: lite, regular, and pro.
Out
>> of
>>>> the three, only regular has a (fairly benign) adware
>>>> bundled with it, and it does not depend on the adware
>> in
>>>> any way to run. Only the installer installs the
adware
>>>> and the main program doesn't reinstall (or interact
>> with)
>>>> the adware in any way.
>>>>
>>>> Right now the bearshare main directory is and all
>>>> subfiles are being flagged as adware even though
there
>> is
>>>> never any adware in there while the real adware
bundler
>>>> (the regular installer only) is being ignored. I am
>>>> reporting this in hopes that this false detection
will
>> be
>>>> resolved before the release. (when is that anyway?)
>>>
>>>
>>>.
>>>
>
>
>.
>

I was referring to p2p apps in general. Giant/MS is classifying threats to
your machine and you then determine if you have a true threat due to an
unintentional presence of an otherwise acceptable subsystem.


"user" <anonymous@discussions.microsoft.com> wrote in message
news:118801c4f4fd$f11d77c0$a401280a@phx.gbl...
> Both Ad-Aware and spybot ignore the main bearshare
> program subfiles because they are not spyware (or
> adware), which spyware detection software sites are you
> refering to?
>
>>-----Original Message-----
>>beta tester
>>
>>- if you check most of the spyware detection software
> sites, they all
>>classify p2p apps as a risk but not necessarily a bad
> one. So many home
>>users are so ignorant of what is on their computers and
> what their kids put
>>on their computers - I could tell you some stories!!!
>>
>>
>>"user" <anonymous@discussions.microsoft.com> wrote in
> message
>>news:07b301c4f4f1$bfc10450$a501280a@phx.gbl...
>>> Well then I guess you better add all ftp, webservers
> and
>>> IRC programs that support file transfers to the
> detection
>>> list too. But seriously, p2p programs aren't designed
> to
>>> allow unauthorized access to your files. It is detected
>>> and described as "BearShare AdBundler" which is not
> what
>>> it is. Am I talking to a Microsoft representative or
>>> another beta tester?
>>>
>>>
>>>>-----Original Message-----
>>>>All P2P programs are considered a spyware risk due to
>>> the programs allowing
>>>>access to your own files. Ignore detection if you are
>>> aware of the
>>>>application, understand the risks associated, and wish
>>> to use it anyway.
>>>>
>>>>
>>>>"user" <anonymous@discussions.microsoft.com> wrote in
>>> message
>>>>news:0cab01c4f474$58723580$a401280a@phx.gbl...
>>>>> MS antispyware flags the all the files and files in
>>>>> subfolders in c:\program files\bearshare\"
>>> as "BearShare
>>>>> AdBundler". This can include files downloaded by the
>>>>> user. (bearshare in a p2p program that uses the
>>> gnutella
>>>>> network)
>>>>>
>>>>> BearShare has 3 varieties: lite, regular, and pro.
> Out
>>> of
>>>>> the three, only regular has a (fairly benign) adware
>>>>> bundled with it, and it does not depend on the adware
>>> in
>>>>> any way to run. Only the installer installs the
> adware
>>>>> and the main program doesn't reinstall (or interact
>>> with)
>>>>> the adware in any way.
>>>>>
>>>>> Right now the bearshare main directory is and all
>>>>> subfiles are being flagged as adware even though
> there
>>> is
>>>>> never any adware in there while the real adware
> bundler
>>>>> (the regular installer only) is being ignored. I am
>>>>> reporting this in hopes that this false detection
> will
>>> be
>>>>> resolved before the release. (when is that anyway?)
>>>>
>>>>
>>>>.
>>>>
>>
>>
>>.
>>