BHODemon 2.0 calls home.

[John Corliss]

Yes, it may be true that the uploads are only "anonymous, plain-text
data about your BHOs", but that's not the point. The point is, you
have no say in the matter. Sure, the program tells you that it's about
to do so, but your only option in the matter is to press "OK". Of
course, you *can* block such sends with your firewall and the program
(ver. 2.0) will proceed without the upload.

Regardless, I sent an email to the author and explained that I didn't
like not having a choice in the matter (assuming my firewall is
configured to allow such uploads, as well as explaining that anybody
with any brains these days trusts nobody else in such matters.
The author's reply started out by saying that in the early days, a
program calling home in order to help the user wasn't grounds for
assuming the worst and that now everybody "pulls out their tin-foil hat."
He went on to say that he was going to make the next version of
BHODemon *fail to install* if you don't agree that it should be able
to call home *without you being able to stop it* and report
"anonymous, plain-text data about your BHOs". He also said that
"during the upload process, you will be given a choice: let the
program upload, or exit the program". He went on to say basically that
if you don't want to allow the uploads, then "...no one is forcing you
to use BHODemon."
In the reply he mentioned that you have to trust your antivirus
and firewall companies. Well, I don't know about you, but I have my
copy of AVG configured not to download new signature files
automatically. I also have my copy of Kerio AND AVG configured not to
check for updates automatically. I.e., they don't call home.

Okay, fine. True. As a mere user, I have no say in how the program
is written; listening to end users is optional for programmers.
However, if a programmer is going to ignore the feelings of the end
user entirely in such matters, then he's right *I don't have to use
the program and won't.*

I'm not going to install a packet sniffer on my system and start
monitoring every communication either. However, *I'll start warning
about BHODemon calling home and that the author plans to be even more
domineering in the next version.*

Now I understand that others are going to start jumping on me for
saying all this, that the program has a good reputation etc. etc. etc.
and that I shouldn't look a gift horse in the mouth, but if I raise
horses for a living and somebody is trying to give me a possibly
diseased horse that can infect the rest of my stock, then I'd be a
fool NOT to look that horse in the mouth, wouldn't I?

This is my opinion. You of course are free to have your own and I'm
not going to argue about any of this. You make your choices, I'll make
mine. I choose not to use BHODemon at all. YMMV.

Now having said all this, here are what look to be two alternatives to
BHODemon:

Master Your Windows: http://piussoft.tripod.com/
Browser Hijack Blaster: http://www.wilderssecurity.net/bhblaster.html

If anybody else has any replacement recommendations, please feel free
to let me know.


--
Regards from John Corliss
No adware, cdware, commercial software, crippleware, demoware,
nagware, shareware, spyware, time-limited software, trialware, viruses
or warez please.

Because Andy Mabbett is stalking me in this group, I have him killfiled.

 

[Aaron]

e

Yes, it may be true that the uploads are only "anonymous, plain-text
data about your BHOs", but that's not the point. The point is, you have
no say in the matter. Sure, the program tells you that it's about to do
so, but your only option in the matter is to press "OK".

Your other option is not to use it.


Of course, you

*can* block such sends with your firewall and the program (ver. 2.0)
will proceed without the upload.

Thanks to your efforts this is no longer possible, John...
Personal dislike apart, I dont think even you would call this spyware,
or adware correct?

Regardless, I sent an email to the author and explained that I didn't
like not having a choice in the matter (assuming my firewall is
configured to allow such uploads, as well as explaining that anybody
with any brains these days trusts nobody else in such matters.
The author's reply started out by saying that in the early days, a
program calling home in order to help the user wasn't grounds for
assuming the worst and that now everybody "pulls out their tin-foil hat."
He went on to say that he was going to make the next version of
BHODemon *fail to install* if you don't agree that it should be able to
call home *without you being able to stop it* and report "anonymous,
plain-text data about your BHOs". He also said that "during the upload
process, you will be given a choice: let the program upload, or exit the
program". He went on to say basically that if you don't want to allow
the uploads, then "...no one is forcing you to use BHODemon."

He right you know. Though his action to your email seems to be excessive.

One question, how many emails did you exchange with him? Perhaps you
word your email very strongly ,and pissed him off? Either that or he's
having a really bad day

Let's see if he is willing going to be serious about this action.

Okay, fine. True. As a mere user, I have no say in how the program is
written; listening to end users is optional for programmers. However, if
a programmer is going to ignore the feelings of the end user entirely in
such matters, then he's right

You are just one of his endusers so he can afford to ignore you
(entirely or not). I personally can think of several good reason whys
he wants BHO to be able to update so that he can quickly ID unknown
BHOSspyware with the help of various experts.

*I don't have to use the program and won't.*

I'm sure he is *shaking* in *his* *boots* right now.

I'm not going to install a packet sniffer on my system and start
monitoring every communication either. However, *I'll start warning
about BHODemon calling home and that the author plans to be even more
domineering in the next version.*

I think it's far more domineering to demand that a freeware author do
this or ELSE! Is that your tone?

Now I understand that others are going to start jumping on me for saying
all this,

Then why in dear God do you do this John??

that the program has a good reputation etc. etc. etc. and that

I shouldn't look a gift horse in the mouth, but if I raise horses for a
living and somebody is trying to give me a possibly diseased horse that
can infect the rest of my stock, then I'd be a fool NOT to look that
horse in the mouth, wouldn't I?

Basically something that was perfectly workable and harmless until you
decided to go piss off the author. Now even the option of blocking it
with the firewall is gone. Thanks John.

This is my opinion. You of course are free to have your own and I'm not
going to argue about any of this. You make your choices, I'll make mine.
I choose not to use BHODemon at all. YMMV.

Of course, saying YMMV makes it all better now.

If anybody else has any replacement recommendations, please feel free to
let me know.

Users of XP SP 2 can handle BHOS well enough without external party apps.

Toolbarcop http://www.snapfiles.com/get/toolbarcop.html works for Win
98 too. And John this time please don't piss off the author of that too?

Thanks



BTW Thanks again John for speaking up on the behalf of the all the
endusers of BHODemon,

 

[Build It Yourself]

Yes, it may be true that the uploads are only "anonymous, plain-text
data about your BHOs", but that's not the point. The point is, you
have no say in the matter. Sure, the program tells you that it's about
to do so, but your only option in the matter is to press "OK". Of
course, you *can* block such sends with your firewall and the program
(ver. 2.0) will proceed without the upload.

Regardless, I sent an email to the author and explained that I didn't
like not having a choice in the matter (assuming my firewall is
configured to allow such uploads, as well as explaining that anybody
with any brains these days trusts nobody else in such matters.
The author's reply started out by saying that in the early days, a
program calling home in order to help the user wasn't grounds for
assuming the worst and that now everybody "pulls out their tin-foil hat."
He went on to say that he was going to make the next version of
BHODemon *fail to install* if you don't agree that it should be able
to call home *without you being able to stop it* and report
"anonymous, plain-text data about your BHOs". He also said that
"during the upload process, you will be given a choice: let the
program upload, or exit the program". He went on to say basically that
if you don't want to allow the uploads, then "...no one is forcing you
to use BHODemon."
In the reply he mentioned that you have to trust your antivirus
and firewall companies. Well, I don't know about you, but I have my
copy of AVG configured not to download new signature files
automatically. I also have my copy of Kerio AND AVG configured not to
check for updates automatically. I.e., they don't call home.

Okay, fine. True. As a mere user, I have no say in how the program
is written; listening to end users is optional for programmers.
However, if a programmer is going to ignore the feelings of the end
user entirely in such matters, then he's right *I don't have to use
the program and won't.*

I'm not going to install a packet sniffer on my system and start
monitoring every communication either. However, *I'll start warning
about BHODemon calling home and that the author plans to be even more
domineering in the next version.*

Now I understand that others are going to start jumping on me for
saying all this, that the program has a good reputation etc. etc. etc.
and that I shouldn't look a gift horse in the mouth, but if I raise
horses for a living and somebody is trying to give me a possibly
diseased horse that can infect the rest of my stock, then I'd be a
fool NOT to look that horse in the mouth, wouldn't I?

This is my opinion. You of course are free to have your own and I'm
not going to argue about any of this. You make your choices, I'll make
mine. I choose not to use BHODemon at all. YMMV.

Now having said all this, here are what look to be two alternatives to
BHODemon:

Master Your Windows: http://piussoft.tripod.com/
Browser Hijack Blaster: http://www.wilderssecurity.net/bhblaster.html

If anybody else has any replacement recommendations, please feel free
to let me know.

ToolbarCop is a browser extensions manager which can disable or
eliminate the following browser add-ons selectively from Internet
Explorer:
* Unwanted Browser Helper Objects (BHO)
* Toolbars (Tool Band)
* Standard Toolbar buttons
* Context menu Extensions
* Third-party download managers &
* Third-party Protocol Handlers and their residual entries remaining in
the registry.

http://windowsxp.mvps.org/toolbarcop.htm

System Security Suite (3S) is the program to remove internet tracks and
junk files from your computer. It allows you to delete Cookies, clear
Internet Explorer Cache, delete index.dat Files, clear Typed URLs,
Windows Temp Folder and much more. You can also specify custom folder
locations with file masks, which will be cleaned in addition to the
selected items. In addition, the program allows you to view and
optionally remove programs that launch automatically at Windows startup
as well as Browser Helper Objects.

http://www.igorshpak.net/

WebWasherClassic
Functions:
* Unwanted advertising banners, pop-up windows, animated images, Java
scripts, Java Applets are filtered from Web pages.
* Additional objects/contents can be added to the filter list at any
time.
* Privacy Protection: filters cookies, referers and Web bugs.
* Cuts down loading times for Web pages.
* Can operate as a client or as a proxy server in the local network.
* More details about WebWasher are found under functions and FAQ.

http://www.webwasher.com/client/home/index.html?lang=de_EN

SpywareGuard provides a real-time protection solution against spyware
that is a great addition to SpywareBlaster's protection method.

An anti-virus program scans files before you open them and prevents
execution if a virus is detected - SpywareGuard does the same thing, but
for spyware! And you can easily have an anti-virus program running
alongside SpywareGuard.

SpywareGuard now also features Download Protection and Browser Hijacking
Protection!

Features Listing:
* Fast Real-Time Scanning engine - catch and block spyware before it is
executed (EXE and CAB files supported) with signature-based scanning
for known spyware and heuristic/generic detection capabilities to
catch new/mutated spyware
* Download Protection - prevent spyware from being download in Internet
Explorer
* Browser Hijacking Protection - stop browser hijacking activity in
real-time
* SG LiveUpdate - provides an easy updating solution
* Small size - with a small size and small definition sizes, download
and updates are quick
* Report Capabilities - keep a detailed log of all spyware detected
* Spyware files are blocked before being opened or run - they are not
simply shut down after they are loaded in memory (and after they have
performed their tasks)
* It's a free download

http://www.javacoolsoftware.com/spywareguard.html

 

[John Corliss]

Your other option is not to use it.

As I said, over and over in the OP, this is the case. Or didn't you
notice this?

Thanks to your efforts this is no longer possible, John...
Personal dislike apart, I dont think even you would call this spyware,
or adware correct?

I don't really care about that. It establishes a very unpleasant
precedant. And as I said in the OP, the message was my opinion and
that YMMV. Or didn't you notice this?

He right you know.

Well of course he is, and I said as much in my OP. Or didn't you
notice this?

Though his action to your email seems to be excessive.

One question, how many emails did you exchange with him? Perhaps you
word your email very strongly ,and pissed him off? Either that or he's
having a really bad day

I know when my efforts will be wasted and am not about to get in a
pissing match with a programmer.

Let's see if he is willing going to be serious about this action.


You are just one of his endusers so he can afford to ignore you
(entirely or not).

I believe I said as much in my OP. Or didn't you notice this?

I personally can think of several good reason whys
he wants BHO to be able to update so that he can quickly ID unknown
BHOSspyware with the help of various experts.

I can see those reasons too. However, it's obvious that he's heard
several complaints from others. He in fact inplied as much in his
email. If he thinks that roughshodding end users will make his
software popular, he's got another thought coming to him.

I'm sure he is *shaking* in *his* *boots* right now.

I couldn't care any less whether he is or not. What is important is
that others know about this peculiarity of the software and look for
alternatives if it bothers them like it does me. And as I've already
said, it establishes an unpleasant precedant.

I think it's far more domineering to demand that a freeware author do
this or ELSE! Is that your tone?

I made no demands whatsoever. I simply expressed my opinions. Or can I
no longer do that just because I'm "only" an end user? And as far as
me doing anything, well... looks like I've already done it now, haven't I?

Then why in dear God do you do this John??

Because I too can get pissed off. And besides, as I've already pointed
out the program establishes an unpleasant precedant.

Basically something that was perfectly workable and harmless until you
decided to go piss off the author. Now even the option of blocking it
with the firewall is gone. Thanks John.

Whatever are you talking about? Where did you hear that you can't
block the program with a firewall?

Of course, saying YMMV makes it all better now.

And why wouldn't it? Other people may NOT mind having a program on
their system that calls home without their permission. As for myself
though, I find that totally unacceptable.

Users of XP SP 2 can handle BHOS well enough without external party apps.

Toolbarcop http://www.snapfiles.com/get/toolbarcop.html works for Win
98 too. And John this time please don't piss off the author of that too?

Don't be a smartass.

BTW Thanks again John for speaking up on the behalf of the all the
endusers of BHODemon,

I never did anything of the kind. The email I sent the author was
simply an expression of my opinions and I'm sure he realized that.

--
Regards from John Corliss
No adware, cdware, commercial software, crippleware, demoware,
nagware, shareware, spyware, time-limited software, trialware, viruses
or warez please.

Because Andy Mabbett is stalking me in this group, I have him killfiled.

 

[John Corliss]

ToolbarCop is a browser extensions manager which can disable or
eliminate the following browser add-ons selectively from Internet
Explorer:
* Unwanted Browser Helper Objects (BHO)
* Toolbars (Tool Band)
* Standard Toolbar buttons
* Context menu Extensions
* Third-party download managers &
* Third-party Protocol Handlers and their residual entries remaining in
the registry.

http://windowsxp.mvps.org/toolbarcop.htm

This one looks real good. And according to Snapfiles, it works with
98/ME/2000/XP. At any rate, it works perfectly on my ME system. Not
only that, but the download is only 60 kb and requires no install and
it's from an MVP site. VERY cool! Many thanks! This one's a real keeper.

System Security Suite (3S) is the program to remove internet tracks and
junk files from your computer. It allows you to delete Cookies, clear
Internet Explorer Cache, delete index.dat Files, clear Typed URLs,
Windows Temp Folder and much more. You can also specify custom folder
locations with file masks, which will be cleaned in addition to the
selected items. In addition, the program allows you to view and
optionally remove programs that launch automatically at Windows startup
as well as Browser Helper Objects.

http://www.igorshpak.net/

Six rubber duckies from Nonags (highest score possible) and added in
the the BHO manager is a program the likes of Empty Temp Folders. This
is another good looking one.

WebWasherClassic
Functions:
* Unwanted advertising banners, pop-up windows, animated images, Java
scripts, Java Applets are filtered from Web pages.
* Additional objects/contents can be added to the filter list at any
time.
* Privacy Protection: filters cookies, referers and Web bugs.
* Cuts down loading times for Web pages.
* Can operate as a client or as a proxy server in the local network.
* More details about WebWasher are found under functions and FAQ.

http://www.webwasher.com/client/home/index.html?lang=de_EN

I use this one, but I don't think it deals with BHOs.

SpywareGuard provides a real-time protection solution against spyware
that is a great addition to SpywareBlaster's protection method.
An anti-virus program scans files before you open them and prevents
execution if a virus is detected - SpywareGuard does the same thing, but
for spyware! And you can easily have an anti-virus program running
alongside SpywareGuard.
SpywareGuard now also features Download Protection and Browser Hijacking
Protection!

Features Listing:
* Fast Real-Time Scanning engine - catch and block spyware before it is
executed (EXE and CAB files supported) with signature-based scanning
for known spyware and heuristic/generic detection capabilities to
catch new/mutated spyware
* Download Protection - prevent spyware from being download in Internet
Explorer
* Browser Hijacking Protection - stop browser hijacking activity in
real-time
* SG LiveUpdate - provides an easy updating solution
* Small size - with a small size and small definition sizes, download
and updates are quick
* Report Capabilities - keep a detailed log of all spyware detected
* Spyware files are blocked before being opened or run - they are not
simply shut down after they are loaded in memory (and after they have
performed their tasks)
* It's a free download

http://www.javacoolsoftware.com/spywareguard.html

Yep I saw this one too. However, the following concerned me a little:

"SpywareGuard is a work-in-progress.
We cannot guarantee that it will not conflict with other security
software on your machine.
However we do strive to fix any compatibility problems that may arise.

If you are worried about potential compatibility issues with
SpywareGuard, we recommend you download SpywareBlaster instead."

Thanks for replying and all your work! Expecially thanks for the first
link. 80)>

--
Regards from John Corliss
No adware, cdware, commercial software, crippleware, demoware,
nagware, shareware, spyware, time-limited software, trialware, viruses
or warez please.

Because Andy Mabbett is stalking me in this group, I have him killfiled.

 

[John Fitzsimons]

On Wed, 27 Oct 2004 07:37:07 -0700, John Corliss

Now having said all this, here are what look to be two alternatives to
BHODemon:

Master Your Windows: http://piussoft.tripod.com/

< snip >

A help file for that would be handy. I assume one gets rid of BHOs by
un ticking them in the system check screen ?

It would be handy if the author enabled the "maximise" button. I have
also found that to make Firefox windows "full screen" tends to work
sometimes and sometimes not. :-(

Regards, John.

--
****************************************************
,-._|\ (A.C.F FAQ) http://clients.net2000.com.au/~johnf/faq.html
/ Oz \ John Fitzsimons - Melbourne, Australia.
\_,--.x/ http://www.vicnet.net.au/~johnf/welcome.htm
v http://clients.net2000.com.au/~johnf/

 

[Build It Yourself]

This one looks real good. And according to Snapfiles, it works with
98/ME/2000/XP. At any rate, it works perfectly on my ME system. Not
only that, but the download is only 60 kb and requires no install and
it's from an MVP site. VERY cool! Many thanks! This one's a real keeper.


Six rubber duckies from Nonags (highest score possible) and added in
the the BHO manager is a program the likes of Empty Temp Folders. This
is another good looking one.


I use this one, but I don't think it deals with BHOs.

I was under the impression that pop-up windows were BHOs.

Yep I saw this one too. However, the following concerned me a little:

"SpywareGuard is a work-in-progress.
We cannot guarantee that it will not conflict with other security
software on your machine.
However we do strive to fix any compatibility problems that may arise.

If you are worried about potential compatibility issues with
SpywareGuard, we recommend you download SpywareBlaster instead."

I already use SpywareBlaster, so I was thinking that SpywareGuard would
supplement that protection. The heuristic/generic detection capabilities
of SpywareGuard seemed like a good thing to have.

Thanks for replying and all your work! Expecially thanks for the first
link. 80)>

Thanks for your input; looking forward to additional
recommendations/suggestions.

 

[John Corliss]

Unlike BHODemon, it doesn't give very much information about the BHOs
and that's undoubtedly because the program doesn't send report back
home. However, you *can* still disable the BHOs.

I was under the impression that pop-up windows were BHOs.

http://www.free-definition.com/Browser-helper-object.html

They can, however, cause popups.

I already use SpywareBlaster, so I was thinking that SpywareGuard would
supplement that protection. The heuristic/generic detection capabilities
of SpywareGuard seemed like a good thing to have.

Probably won't hurt anything to give it a try. However, I think bases
are already covered on my machine, so it's not worth the trouble for
the most part.

Thanks for your input; looking forward to additional
recommendations/suggestions.

Me too! Probably the main reason people come to me and ask if I'll
"take a look" at their computer (meaning, bust my ass for hours trying
to undo damage) is malicious BHOs acquired due to poor IE
configuration and visiting porno websites.

Currently I'm batting a thousand for cleaning up everything thrown at
me though.

--
Regards from John Corliss
No adware, cdware, commercial software, crippleware, demoware,
nagware, shareware, spyware, time-limited software, trialware, viruses
or warez please.

Because Andy Mabbett is stalking me in this group, I have him killfiled.

 

[Frank Bohan]

Yes, it may be true that the uploads are only "anonymous, plain-text
data about your BHOs", but that's not the point. The point is, you
have no say in the matter. Sure, the program tells you that it's about
to do so, but your only option in the matter is to press "OK". Of
course, you *can* block such sends with your firewall and the program
(ver. 2.0) will proceed without the upload.

Regardless, I sent an email to the author and explained that I didn't
like not having a choice in the matter (assuming my firewall is
configured to allow such uploads, as well as explaining that anybody
with any brains these days trusts nobody else in such matters.
The author's reply started out by saying that in the early days, a
program calling home in order to help the user wasn't grounds for
assuming the worst and that now everybody "pulls out their tin-foil hat."
He went on to say that he was going to make the next version of
BHODemon *fail to install* if you don't agree that it should be able
to call home *without you being able to stop it* and report
"anonymous, plain-text data about your BHOs". He also said that
"during the upload process, you will be given a choice: let the
program upload, or exit the program". He went on to say basically that
if you don't want to allow the uploads, then "...no one is forcing you
to use BHODemon."
In the reply he mentioned that you have to trust your antivirus
and firewall companies. Well, I don't know about you, but I have my
copy of AVG configured not to download new signature files
automatically. I also have my copy of Kerio AND AVG configured not to
check for updates automatically. I.e., they don't call home.

Okay, fine. True. As a mere user, I have no say in how the program
is written; listening to end users is optional for programmers.
However, if a programmer is going to ignore the feelings of the end
user entirely in such matters, then he's right *I don't have to use
the program and won't.*

I'm not going to install a packet sniffer on my system and start
monitoring every communication either. However, *I'll start warning
about BHODemon calling home and that the author plans to be even more
domineering in the next version.*

Now I understand that others are going to start jumping on me for
saying all this, that the program has a good reputation etc. etc. etc.
and that I shouldn't look a gift horse in the mouth, but if I raise
horses for a living and somebody is trying to give me a possibly
diseased horse that can infect the rest of my stock, then I'd be a
fool NOT to look that horse in the mouth, wouldn't I?

This is my opinion. You of course are free to have your own and I'm
not going to argue about any of this. You make your choices, I'll make
mine. I choose not to use BHODemon at all. YMMV.

Now having said all this, here are what look to be two alternatives to
BHODemon:

Master Your Windows: http://piussoft.tripod.com/
Browser Hijack Blaster: http://www.wilderssecurity.net/bhblaster.html

If anybody else has any replacement recommendations, please feel free
to let me know.

John: From the Browser Hijack Blaster (URL above):

Browser Hijack Blaster

It is recommended that potential users of Browser Hijack Blaster look at
SpywareGuard instead. SpywareGuard's Browser Hijack Protection is very
similar to that of Browser Hijack Blaster, but is much more advanced and
will provide more protection. (SpywareGuard is also freeware.)

The URL for SpywareGuard is http://www.wilderssecurity.net/spywareguard.html

I've used is for some time and recommend it. I have recently started to use
Master Your Windows and like it, although to some extent it duplicates
WinPatrol.

I also have HijackThis:
http://www.spychecker.com/program/hijackthis.html

===

Frank Bohan
¶ In two days tomorrow will be yesterday.

 

[Matty]

A help file for that would be handy. I assume one gets rid of BHOs by
un ticking them in the system check screen ?

Unchecking the checkbox deactivates the BHO-entry, that means the
entry will be deleted from registry, but the entry will be remembered
by MasterYourWindows, this way the BHO-entry can be restored. By
setting the checkbox the BHO-entry will be reactivated.
To delete the BHO-Entry (for ever), simply click right mousebutton and
select "delete entry" or doubleclick the BHO-entry and click "Delete
Entry"

It would be handy if the author enabled the "maximise" button. I have
also found that to make Firefox windows "full screen" tends to work
sometimes and sometimes not. :-(

MasterYourWindows Auto-maximize-function works very reliable for me,
never failed with Firefox or other chosen applications, but you are
right, MasterYourWindows should be more polished, but it is a very
useful tool, because of its diffent functions.

Regards, John.

greetings Matty

 

[John Fitzsimons]

Unchecking the checkbox deactivates the BHO-entry, that means the
entry will be deleted from registry, but the entry will be remembered
by MasterYourWindows, this way the BHO-entry can be restored. By
setting the checkbox the BHO-entry will be reactivated.

< snip >

Thanks for the explanation Matty.

Regards, John.

 

[John Corliss]

John: From the Browser Hijack Blaster (URL above):

Browser Hijack Blaster

It is recommended that potential users of Browser Hijack Blaster look at
SpywareGuard instead. SpywareGuard's Browser Hijack Protection is very
similar to that of Browser Hijack Blaster, but is much more advanced and
will provide more protection. (SpywareGuard is also freeware.)

The URL for SpywareGuard is http://www.wilderssecurity.net/spywareguard.html

I've used is for some time and recommend it. I have recently started to use
Master Your Windows and like it, although to some extent it duplicates
WinPatrol.

I also have HijackThis:
http://www.spychecker.com/program/hijackthis.html

Thanks for your input, Frank.


--
Regards from John Corliss
No adware, cdware, commercial software, crippleware, demoware,
nagware, shareware, spyware, time-limited software, trialware, viruses
or warez please.

Because Andy Mabbett is stalking me in this group, I have him killfiled.

 

[Larry Leonard]

As the author of BHODemon, let me respond to this thread.

First let me apologize to the OP for my private email to him. As
someone here said, I was having a really bad day. I took his
statement "... and God knows what else it sends without my permission"
personally, and I should not have.

One of my goals with BHODemon is to see if it's possible to create a
kind of "community" of users. Using BHODemon, users share the info
they have on BHOs, especially malware BHOS. My belief is that there's
simply no way the anti-spyware people, no matter how industrious, are
going to be able to keep up with the spyware authors: there will
always be more spyware released every day, and at an accelerating
rate.

So I designed BHODemon to create a kind of global database of BHOs:
each user contributes their one or two files, and in return, they get
the benefit of tens of thousands (so far) of other users reports.
That way, users themselves can band together, share information, and
fight the spyware in real-time.

(The whole process of creating the database from the users' uploaded
reports is mostly automated, so it doesn't have to wait for me to do
anything. This means the database can be updated as quickly as 24
hours.)

So, to create this database, BHODemon requires you to upload a
plaintext file describing some of your BHOs. There is no information
in the file that can uniquely identify you. Also, BHODemon always
tells you before it attempts to do the upload.

However, the way BHODemon currently does this is flawed, I see now.
When the OP said it gives you "no say in the matter", that was true:
the first five times, BHODemon simply tells you it's going to upload
(at that point, you could always End Task the program, or block it
with your firewall, but most users of BHODemon aren't aware of how to
do that.) After the fifth time, you do get a choice of whether you
want to upload the file or not. As I tried to explain to the OP, this
was my attempt at a compromise, which I now realize was a bad design.

So, the next version of BHODemon - which will be the 21st since May,
by the way - will handle this differently, and I'm hoping to do it in
a way that makes everyone happy. If the OP, and anyone else, would
give me some feedback on my plans, I'd appreciate it:

1). The installation kit will now warn you that to use BHODemon, you
have to be willing to upload plaintext, anonymous reports. I think
that's only fair to the other users: if you want to share if the
rewards, you have to be willing to contribute. If you decline, the
installation of course gracefully exits.

2). Once the program is installed, it will try to upload the reports
as usual. However, it will ask you if you want to do so (reminding
you of the "sharing" aspect of BHODemon), and if you say no, will
simply exit the program. Again, I think this is fair to the other
users: if you're not willing to contribute, why should you benefit
from the others who are?

Again, if the OP, or anyone else, has any other ideas, please post
them here, or email me (e-mail address removed) . I would be
especially interested in hearing if this does, or does not, address
the OP's security concerns.

As far as listening to users go, I have answered every email ever sent
to me - which currently stand at around 1300 or so - on nights and
weekends over the past six months. Many of the best features - and
practically all of the bug fixes - come from users.

Thanks for listening.

 

[Build It Yourself]

As the author of BHODemon, let me respond to this thread.

First let me apologize to the OP for my private email to him. As
someone here said, I was having a really bad day. I took his
statement "... and God knows what else it sends without my permission"
personally, and I should not have.

One of my goals with BHODemon is to see if it's possible to create a
kind of "community" of users. Using BHODemon, users share the info
they have on BHOs, especially malware BHOS. My belief is that there's
simply no way the anti-spyware people, no matter how industrious, are
going to be able to keep up with the spyware authors: there will
always be more spyware released every day, and at an accelerating
rate.

So I designed BHODemon to create a kind of global database of BHOs:
each user contributes their one or two files, and in return, they get
the benefit of tens of thousands (so far) of other users reports.
That way, users themselves can band together, share information, and
fight the spyware in real-time.

(The whole process of creating the database from the users' uploaded
reports is mostly automated, so it doesn't have to wait for me to do
anything. This means the database can be updated as quickly as 24
hours.)

So, to create this database, BHODemon requires you to upload a
plaintext file describing some of your BHOs. There is no information
in the file that can uniquely identify you. Also, BHODemon always
tells you before it attempts to do the upload.

However, the way BHODemon currently does this is flawed, I see now.
When the OP said it gives you "no say in the matter", that was true:
the first five times, BHODemon simply tells you it's going to upload
(at that point, you could always End Task the program, or block it
with your firewall, but most users of BHODemon aren't aware of how to
do that.) After the fifth time, you do get a choice of whether you
want to upload the file or not. As I tried to explain to the OP, this
was my attempt at a compromise, which I now realize was a bad design.

So, the next version of BHODemon - which will be the 21st since May,
by the way - will handle this differently, and I'm hoping to do it in
a way that makes everyone happy. If the OP, and anyone else, would
give me some feedback on my plans, I'd appreciate it:

1). The installation kit will now warn you that to use BHODemon, you
have to be willing to upload plaintext, anonymous reports. I think
that's only fair to the other users: if you want to share if the
rewards, you have to be willing to contribute. If you decline, the
installation of course gracefully exits.

2). Once the program is installed, it will try to upload the reports
as usual. However, it will ask you if you want to do so (reminding
you of the "sharing" aspect of BHODemon), and if you say no, will
simply exit the program. Again, I think this is fair to the other
users: if you're not willing to contribute, why should you benefit
from the others who are?

Again, if the OP, or anyone else, has any other ideas, please post
them here, or email me (e-mail address removed) . I would be
especially interested in hearing if this does, or does not, address
the OP's security concerns.

As far as listening to users go, I have answered every email ever sent
to me - which currently stand at around 1300 or so - on nights and
weekends over the past six months. Many of the best features - and
practically all of the bug fixes - come from users.

Thanks for listening.

Their is a database of 1500 BHOs & Toolbars which is maintained by Tony
Klein. What is your source for BHODemon?

Personally I see no need for each user to upload data to you, if
anything the transfer of data should be going the other way.

Without seeing the logic of your program I find it hard to believe that
your program will detect new BHOs and report back to you so that you can
update the global database with the new information.

 

[Peter Seiler]

John Corliss - 29.10.2004 02:27 :

Thanks for your input, Frank.

honest, John, please it's not necessary quoting about 100 quoting lines
(snipped) only to say thanks. THX!

 

[John Corliss]

honest, John, please it's not necessary quoting about 100 quoting lines
(snipped) only to say thanks. THX!

I don't need to be told how to quote. I do a much better job of it
than 90% of the people who post to this group. If you don't believe
me, do a Google on some of my messages.

As for why I quoted so much of what I just replied to, I did so
because this thread is important to me, the OP.

--
Regards from John Corliss
No adware, cdware, commercial software, crippleware, demoware,
nagware, shareware, spyware, time-limited software, trialware, viruses
or warez please.

Because Andy Mabbett is stalking me in this group, I have him killfiled.

 

[John Corliss]

Larry, my reply is interspersed below.

As the author of BHODemon, let me respond to this thread.

First let me apologize to the OP for my private email to him. As
someone here said, I was having a really bad day. I took his
statement "... and God knows what else it sends without my permission"
personally, and I should not have.

No apology necessary. I used loaded terminology in my email to you
because the subject upsets me. However, I'm sure you realize that the
air of "blind paranoia" in the computing community that you described
is thoroughly justified. There are a lot of bad things going on out
there and I'm constantly repairing the damage on other, less
computer-savvy people's computers from that activity.

One of my goals with BHODemon is to see if it's possible to create a
kind of "community" of users. Using BHODemon, users share the info
they have on BHOs, especially malware BHOS.

Albeit involuntarily if they want to use your program.

My belief is that there's
simply no way the anti-spyware people, no matter how industrious, are
going to be able to keep up with the spyware authors: there will
always be more spyware released every day, and at an accelerating
rate.

Nobody would disagree with that at all. Spyware authors if they aren't
in fact the same, are very similar to advertisers. Advertisers will
stop at nothing to obtain profit. The end justifies the means in their
eyes.

So I designed BHODemon to create a kind of global database of BHOs:
each user contributes their one or two files, and in return, they get
the benefit of tens of thousands (so far) of other users reports.
That way, users themselves can band together, share information, and
fight the spyware in real-time.

This reminds me of the way that George Bush said that the United
States must not give in to terrorism, then went on to do exactly that
by raping our bill of rights. I.e., the cure is worse than the disease.

(The whole process of creating the database from the users' uploaded
reports is mostly automated, so it doesn't have to wait for me to do
anything. This means the database can be updated as quickly as 24
hours.)

This is good, but doesn't justify forcing people to send you data if
they want to use your program.

By the way, the BHO that my system has and which BHODemon was unable
to identify? It was an .dll used by an old PC Magazine utility named
Iconlock. Last night I allowed BHODemon to send the report just so
that you won't continue think of me as a "freeloader". However, the
program is coming off when I find the time.

So, to create this database, BHODemon requires you to upload a
plaintext file describing some of your BHOs. There is no information
in the file that can uniquely identify you.

I'm sure that's true, but we really have to take your word at it. Not
everybody is going to be willing to make that assumption, me being one
of those who won't. Sorry it has to be that way, but I don't know you
now, do I?

Also, BHODemon always tells you before it attempts to do the upload.

I'm afraid that makes no difference, since I have little say in the
matter other than blocking your program with my firewall. And like
most other people, I'm not running a packet sniffer so I have no idea
what is being sent out. Are you going to continue to at least allow
people to do that? And where is this text file that gets sent? I
looked in the BHODemon folder but could find nothing.

However, the way BHODemon currently does this is flawed, I see now.
When the OP said it gives you "no say in the matter", that was true:
the first five times, BHODemon simply tells you it's going to upload
(at that point, you could always End Task the program, or block it
with your firewall, but most users of BHODemon aren't aware of how to
do that.) After the fifth time, you do get a choice of whether you
want to upload the file or not. As I tried to explain to the OP, this
was my attempt at a compromise, which I now realize was a bad design.

So, the next version of BHODemon - which will be the 21st since May,
by the way - will handle this differently, and I'm hoping to do it in
a way that makes everyone happy. If the OP, and anyone else, would
give me some feedback on my plans, I'd appreciate it:

Gladly. Continue on.

1). The installation kit will now warn you that to use BHODemon, you
have to be willing to upload plaintext, anonymous reports. I think
that's only fair to the other users: if you want to share if the
rewards, you have to be willing to contribute. If you decline, the
installation of course gracefully exits.

So your solution to the issue is to make it so that a person in
effect, has even less sayso in the matter.

2). Once the program is installed, it will try to upload the reports
as usual. However, it will ask you if you want to do so (reminding
you of the "sharing" aspect of BHODemon), and if you say no, will
simply exit the program. Again, I think this is fair to the other
users: if you're not willing to contribute, why should you benefit
from the others who are?

You have too little faith in the people that are out there. There are
many out there who most likely wouldn't mind sending you the report if
given an option.

You said in your email that people have to trust their antivirus and
firewall, and that's true. However, both of those programs on *my*
system, give me a choice in whether or not I want my computer to call
their server for anything. IMO that goes a long way towards
establishing trust. You, however, don't allow a say in the matter.

As for me, I just don't like being told what to do. I've put a lot of
effort into configuring this computer and it is mine to do with as I
please. Microsoft continually tries to tell me that they really own my
computer and they can bugger off. It's *my* computer and *I* control
it. If it ever becomes apparent that this is not the case, then I will
yank the plug on the cable modem and disassociate my computer from the
rest of the world. That is not negotiable, not for you or anybody else.

I recently installed a commercial calendar making program and was
appalled at the number of attempts it made to call home. What in HELL
would a calendar making program need to call home for???? Kinda like
my MS mouse software, my MS keyboard software, etc. etc. etc. (both of
which I block via my firewall.) At any rate, the crap came off of my
system and the disc wound up in the trashcan. Now I tell everybody I
see running their program exactly what it is doing.

Again, if the OP, or anyone else, has any other ideas, please post
them here, or email me (e-mail address removed) . I would be
especially interested in hearing if this does, or does not, address
the OP's security concerns.

Sounds to me like that would likely be a waste of time, since you seem
to have already decided what you are going to do with the next
version. That's your right. However, my right is to refuse to use your
program and that is what I intend.

As far as listening to users go, I have answered every email ever sent
to me - which currently stand at around 1300 or so - on nights and
weekends over the past six months. Many of the best features - and
practically all of the bug fixes - come from users.

This is indeed commendable. But my intention wasn't to say that you
didn't in general listen to users, only that in this matter you were
adamant.

Thanks for listening.

There are no other programs on my system that are allowed to call home
without my permission and yours is not going to be the first. Sorry,
but that's just the way it's has to and is going to be.

--
Regards from John Corliss
No adware, cdware, commercial software, crippleware, demoware,
nagware, shareware, spyware, time-limited software, trialware, viruses
or warez please.

Because Andy Mabbett is stalking me in this group, I have him killfiled.

 

[REM]

(e-mail address removed) (Larry Leonard) wrote:

Again, if the OP, or anyone else, has any other ideas, please post
them here, or email me (e-mail address removed) . I would be
especially interested in hearing if this does, or does not, address
the OP's security concerns.

Show the user the exact file that is sent.

"Ask" the user to contribute, in order to get new updates from the
database. Otherwise, let them sail with the update they have.

Better, allow the user to elect to update, just as anti-virus scanners
do. Apply the above. You'll get more contributions most likely.

I see your principle here. You want the most information that you can
gather available to contributors. A software program should never
paint the user into an unfriendly corner, however.

 

[John Corliss]

Show the user the exact file that is sent.

"Ask" the user to contribute, in order to get new updates from the
database. Otherwise, let them sail with the update they have.

Better, allow the user to elect to update, just as anti-virus scanners
do. Apply the above. You'll get more contributions most likely.

I see your principle here. You want the most information that you can
gather available to contributors. A software program should never
paint the user into an unfriendly corner, however.

Very well put, REM. You must have had your morning cup of coffee by now.

--
Regards from John Corliss
No adware, cdware, commercial software, crippleware, demoware,
nagware, shareware, spyware, time-limited software, trialware, viruses
or warez please.

Because Andy Mabbett is stalking me in this group, I have him killfiled.

 

[omega]

(e-mail address removed) (Larry Leonard):

[excerpts:]

One of my goals with BHODemon is to see if it's possible to create a
kind of "community" of users.

So, to create this database, BHODemon requires you to upload

However, the way BHODemon currently does this is flawed, I see now.

1). The installation kit will now warn you that to use BHODemon, you
have to be willing to upload plaintext, anonymous reports.

the "sharing" aspect of BHODemon), and if you say no, will
simply exit the program. Again, I think this is fair to the other
users: if you're not willing to contribute, why should you benefit
from the others who are?

Again, if the OP, or anyone else, has any other ideas, please post

Yes. Please update the description on your website. This is not a
standalone freeware product. It is more a webware. While we install
some local files -- its functionality is absolutely dependent on your
server having read access to our data.

Reading your main product page, to determine whether it's a software
I am interested in, I not only see that not clarified, but also not
even a hint provided.

At the moment, we have merely irony. For instance, concerning the
interests of the targeted audience for your product:

http://www.definitivesolutions.com/bhodemon.htm
"many people are extremely concerned about [BHOs] because of the
privacy issue..."

Not that I am suspicious of your intentions. But we do have here that
your software insists absolutely on sending our (hidden) data to a remote
server.

You should be fair and forthright on the webpage, about the nature of
this ware. That it won't run unless we submit to the requirement of it
sending our info across the internet.

We need be informed in advance, in order to let us then decide whether
to proceed with downloading, installing, and so on. Not have to learn
these things, via chance reading, from a user's report in a newsgroup.