Backweb.exe file

[FromTheRafters]

FromTheRafters wrote:



I can concur with s. heehan's example of F-Secure's backweb updater being
picked up as spyware despite being a clear install option and a legit one
too.

Do you know if F-Secure (or others) will alert the user that the updater has
been thwarted?

 

[FromTheRafters]

I had a .dll flagged by Ad-Aware that is a legitimate part of a software
development suite that I use, but it thought it was a 'TimeSink' spyware
file. This detection was simply on the file name alone, 'tsad.dll'. The
file size and signature are most certainly different between the two.
Another example was a file 'dw.exe' which is piece of freeware I have to
cycle my wallpaper (Desktop Wizard), but Ad-Aware thought it was a dataminer
program.

You must look carefully at what Ad-Aware is suggesting you delete. However,
I heartily recommend Ad-Aware and SpyBot S&D. Anyone that surfs the web
should use them.

.....and with extreme caution. ;o)

 

[FromTheRafters]

Me too.

Backweb can be used as a stand-alone pull client. McAfee used to come
with a branded version of Backweb to pull definition updates; iirc it
was labeled 'SecureCast.' It was completely separate from the McAfee
installation, and it was a full Backweb client, i.e. it could be used
to pull from other 'channels' than just McAfee's. The whole thing was
pretty transparent and configurable, and it did not seem to be spyware
at all.

But Backweb technology can certainly be used as spyware, and the
Backweb people don't seem to care how their products are used as long
as they get paid. I would think it difficult for Ad-Aware or Spybot to
determine whether or not any given Backweb component is spyware or not.
In any case, those apps should provide a clear warning of possible
consequences if they offer automagic Backweb removal. Backweb's
partners include some heavy hitters (NAI, IBM, SAP, F-Secure).

Thanks, I thought there were some fairly critical applications that
relied on Backweb's functionality to provide their critical service.

Many AV programs go out of their way to *not* alert to programs that
are legitimate but often used illegitimately. Consequently it is now thought
possible to contrive a trojan function from a suite of completely legitimate
programs (the installer would be a horse of course).

...reminds me of an old TV show.

 

[Sugien]

Thanks, I thought there were some fairly critical applications that
relied on Backweb's functionality to provide their critical service.

Many AV programs go out of their way to *not* alert to programs that
are legitimate but often used illegitimately. Consequently it is now thought
possible to contrive a trojan function from a suite of completely legitimate
programs (the installer would be a horse of course).

..reminds me of an old TV show.

Not to mention the completely legitimate programs that if installed on a
users pc without his knowledge or permission (Trojan) would be a back door
Trojan like, PCAnywhere and others.

 

[null]

Backweb's
partners include some heavy hitters (NAI, IBM, SAP, F-Secure).

Here's another one but regarding more of a "little hitter" who posts
here and on acv. Following is a short excerpt taken from here:

http://www.suttondesigns.com/EnigmaBrowser/infospyware.html

***************************************************************************
Cydoor (www.cydoor.com)

This technology extends the reach of the web, and can be activated
both in online and offline modes. The technology's architecture can be
integrated into any software program.

Cydoor can update or rotate banner ads not only when users are online,
but also when they are offline.

Users who download Cydoor enabled software

-Cydoor's Server tracks users with a unique code that is given to each
user
-This way Cydoor can send customized ads to targeted users.

Software that includes Cydoor:

Utilities:

In Vircible Anti virus
*******************************************************************************
Can you imagine paying good money for a av product only to find out
it's spyware? What disgusting sleeze!

Art
http://www.epix.net/~artnpeg

 

[Robert Moir]

Do you know if F-Secure (or others) will alert the user that the
updater has been thwarted?

No idea. Never tested it. I'm inclined to think F-Secure might not because I
suspect the updates are all pushed to f-secure from backweb rather than
pulled from backweb by f-secure (if you see what i mean).

F-Secure does of course nag you if your defs are out of date. I think the
default nag value for that is 7 days.

 

[S.Heenan]

***************************************************************************
Cydoor (www.cydoor.com)

This technology extends the reach of the web, and can be activated
both in online and offline modes. The technology's architecture can be
integrated into any software program.

Cydoor can update or rotate banner ads not only when users are online,
but also when they are offline.

Users who download Cydoor enabled software

-Cydoor's Server tracks users with a unique code that is given to each
user
-This way Cydoor can send customized ads to targeted users.

Software that includes Cydoor:

Utilities:

In Vircible Anti virus
****************************************************************************
***
Can you imagine paying good money for a av product only to find out
it's spyware? What disgusting sleeze!

Art
http://www.epix.net/~artnpeg

Hmmm That ain't good at all.

 

[James Egan]

Here's another one but regarding more of a "little hitter" who posts
here and on acv. Following is a short excerpt taken from here:

http://www.suttondesigns.com/EnigmaBrowser/infospyware.html

You might note that this page was last updated over two years ago.

Can you imagine paying good money for a av product only to find out
it's spyware? What disgusting sleeze!

Art
http://www.epix.net/~artnpeg

This was discussed at length in acv 2+ years ago. This was Zvi's reply
at the time.

http://tinyurl.com/hh45


Jim.

 

[James Egan]

Can you imagine paying good money for a av product

You'll soon be losing your scrooge tag if you keep advocating this.


Jim.