(The quickest way to register)

Forum

  1. User picture
    • MysteryFCM on Wed 14 Oct 2009
    • 11:57:58 PM UTC

    Goodbye ClamWin, it was nice while it lasted.

    Goodbye ClamWin, it was nice while it lasted

    "I'm sorry to say, I've just received the following e-mail from ClamWin, which means I'll now no longer recommend ANYONE use their software, and will be removing it from all computers I own and/or look after for others."

    http://hphosts.blogspot.com/2009/10/goodbye-clamwi...

    Regards Steven Burn I.T. Mate / hpHosts it-mate.co.uk / hosts-file.net

Comments:

  2. User picture
    • jpvip on Thu 15 Oct 2009
    • 12:34:35 AM UTC

    I did not see it coming

    I saw that on your blog earlier. I could not believe it. I gave up on ZoneAlarm, and several others. Who's next? ClamWin. So much for keeping it GOOD freeware.

    ~DragonMaster Jay, malware researcher,
    Admin, helpmyos.com
  3. User picture
    • g7w on Tue 20 Oct 2009
    • 12:40:49 AM UTC

    rated

    I've rated this site before, but I just commented it as Ethical issues

    EDIT:
    duh!
    -------
    WOT Services Ltd. - gives us safety through Web of Trust.
    WOT Community - gives us security through unity.
    Thank you all
    - G7W
    • User picture
      • jpvip on Mon 19 Oct 2009
      • 10:23:57 PM UTC

      uhh

      You rated ClamAV over there, not ClamWin. They are two different products, after all.

      ~DragonMaster Jay, malware researcher,
      Admin, helpmyos.com
      • User picture
        • g7w on Tue 20 Oct 2009
        • 12:42:05 AM UTC

        yup :/

        Thanks, in a rush to leave for dinner... I scanned the other thread too quickly without reading fully.
        It's a {GOM} thing, heh. :)
        -------
        WOT Services Ltd. - gives us safety through Web of Trust.
        WOT Community - gives us security through unity.
        Thank you all
        - G7W
  4. User picture
    • jpvip on Thu 15 Oct 2009
    • 01:42:38 AM UTC

    Sorry ClamWin...

    But, malware is not tolerated. Low risk or no risk...it is still malware.

    ~DragonMaster Jay, malware researcher,
    Admin, helpmyos.com
  5. User picture
    • Alch on Thu 15 Oct 2009
    • 02:21:52 AM UTC

    Not Malware

    I am the Clamwin project admin and I feel I need to defend the malware claims.

    It is true that Ask.com did have some shady partners in the past and their previous toolbar was flagged as Potentially Unwanted Application (PUA) before. However their policies have changed about a year ago and the new toolbar is clean. In fact because Ask needs to "clean up" their reputation they are more strict in their terms and conditions and proactive in following them than other vendors.

    We did test the included toolbar (totally different from the old PUA version) and did not find ANYTHING wrong with it. No spyware, no behaviour tracking - just a plain toolbar. We would NOT have included it if it was otherwise.

    Please test it for yourself and publish the confirmed details of what the toolbar does wrong to deserve MALWARE status before making potentially damaging claims.

    Regards,
    Alch
  6. User picture
    • g7w on Thu 15 Oct 2009
    • 02:40:15 AM UTC

    Ethical issues

    @ Alch
    You're correct there is no malware and maybe Ask.com has "cleaned up their act" However, a product claiming to be open source security closed that claim with the addition of a commercially supported toolbar.

    Here's my problem, you force the toolbar upon installation by pre-checking the option, requiring the user to Opt-out. It should be the other way around and leave the option un-checked and require the user to Opt-in. ClamWin, like so many others toolbar additives, expect the user to do a quick install: click "Next" to continue, and bang we're done. Very few now-a-days read the ToS, Privacy Policies, quickly agree to any EULA's provided and with this, they now have FAT (For yet Another Toolbar).
    I rated this domain low (red) and placed an Ethical Issues comment
    -------
    WOT Services Ltd. - gives us safety through Web of Trust.
    WOT Community - gives us security through unity.
    Thank you all
    - G7W
  7. User picture
    • Warxas on Thu 15 Oct 2009
    • 03:44:03 AM UTC

    I realize

    This thread is old. http://www.calendarofupdates.com/updates/index.php...
    But I think it sums up the ask toolbar pretty well.

    I will NOT be rating ClamWin RED becasue I think the Ask toolbar is not enough to warrant a red.
    (A YELLOW in certain circumstances .) But I will not recommend ClamWin.
    But in reality I never did. hehe
  8. User picture
    • jpvip on Thu 15 Oct 2009
    • 04:14:09 AM UTC

    So much for open-source...

    Companies that are open-source do not make money automatically. Because, there is no charge inhibited. The problem is, with Ask Toolbar compensating those who distribute it as PPD (pay-per-download, similar to pay-per-click), the company is earning direct income. Therefore, it is no longer open source. It is reprehensible, and should not be allowed to pass. Stop complaining if you are going to do something so controversial.

    ~DragonMaster Jay, malware researcher,
    Admin, helpmyos.com
    • User picture
      • Alch on Thu 15 Oct 2009
      • 07:21:49 AM UTC

      Open source and income

      Jpvip - a company developing an open source product is not necessarily a charity. There are lots of companies earning direct income from Open Source products and I think there would be very little useful open source programs if it was otherwise.The company behind ClamAV is a public listed company yet it does only open source software.
      Also I thought we were clear enough that the main reason why we are partnering with Ask is to fund the development of new features.
      • User picture
        • jpvip on Thu 15 Oct 2009
        • 07:39:54 AM UTC

        Many other ways...

        There are much more ways to fund a project than a toolbar. For example, I placed a donation widget from Paypal on my site. The option to select a goal was in play. If someone wants to donate to my project, they can. The users are able to see what the project is for, and then donate.

        Why not advertise? Search marketing is the cheapest, and ad networks are costly.

        Donating and advertising are the most acceptable. There are others, too. Explore opportunities instead of being so short-sighted and having users install Ask Toolbar. The problem is, the toolbar is pre-checked in the installation. During the install, I noticed the installer was calling back to Ask to note an installation...therefore making ClamWin spyware. Ask Toolbar has always been spyware/adware - and any other claims are skewed.

        ~DragonMaster Jay, malware researcher,
        Admin, helpmyos.com
  9. User picture
    • jpvip on Thu 15 Oct 2009
    • 05:59:15 AM UTC

    Also...

    Also, as soon as ClamAV finishes up the newest version of Win32, then I can tell people not to use ClamWin, but to use ClamAV for Win32. http://www.clamav.net/download/packages/packages-w...

    I have posted a formal investigation on it: http://www.helpmyos.com/bad-companies-investigatio...

    ~DragonMaster Jay, malware researcher,
    Admin, helpmyos.com
  10. User picture
    • LiVeRpUdLiAn932 on Thu 15 Oct 2009
    • 12:18:26 PM UTC

    Hais

    Always trusted Clamwin :\
    Somehow this reminds me of Comodo.
    edit: I don't know if this should be posted in this thread, but I'm curious. Is siteadvisor considered spyware/adware since its 'Safe search' toolbar does not actually search for safe material but actually is a Yahoo search toolbar?
    You'll Never Walk Alone
  11. User picture
    • jpvip on Thu 15 Oct 2009
    • 03:26:51 PM UTC

    umm...

    I don't remember Yahoo toolbar being spyware. I think it is just Ask Toolbar. The only bad part about Ask Toolbar is that it sends data through a private stream about you or your computer - to three data loggers, also logging the data for its own.

    ~DragonMaster Jay, malware researcher,
    Admin, helpmyos.com
    • User picture
      • LiVeRpUdLiAn932 on Fri 16 Oct 2009
      • 07:16:34 AM UTC

      Problem is

      McAfee Siteadvisor claims that it is a Safesearch toolbar. It doesn't even say anything about it being from Yahoo.
      You'll Never Walk Alone
  12. User picture
    • evilfantasy on Thu 15 Oct 2009
    • 03:43:42 PM UTC

    Open Source

    A bit off topic here and I'm not siding with anyone. Just making a point.

    Don't let the word open source fool you! Unless you are a very, very small project there is big money backing both open and closed source coded software. Your silly if you think that Mozilla and Linux got where they are working for free.

    Free and Open Source are two totally different things.
  13. User picture
    • demonluo on Thu 15 Oct 2009
    • 06:08:05 PM UTC

    first foxit reader, applian,

    first foxit reader, applian, utorrent, comondo & now, clamwin?

    ask toolbar sure got alot of $ to bribe/sponsor the software developer...

    ps: i hate to untick the ask everytime i see it on the installation screen (so troublesome),
  14. User picture
    • amishrabbit on Thu 15 Oct 2009
    • 11:49:13 PM UTC

    I'm with Alch and Clamwin on this

    The companies which now bundle a browser toolbar with an anti-malware product now include:

    Symantec
    Trend Micro
    CA
    Sunbelt
    Webroot
    Clam

    Probably others, I haven't checked.

    These companies typically bundle either Google or Ask. Both Google and Ask are generic search engines, as far as I'm concerned. You can have privacy concerns about their (the search engines') business practices, but when a reputable security firm bundles this software with their own product, I think it's fair to say that the anti-malware company has much more to lose and (probably) has done whatever technical due-diligence is required to ensure that the software will not harm its users' PCs.

    Other software companies are doing the same thing:

    Adobe, bundles Google
    Apple, bundles Quicktime and a bunch of its other software

    The bottom line is, search engines are making a lot of money, but software companies aren't making profits like they used to. They ink these deals to help their own bottom line. And you can bet that the pre-selected checkbox is a requirement in that contract.

    That said, you can UNSELECT THE CHECKBOX. It's not hard, you just do it and nothing unexpected happens. You just uncheck it. Done, no problem.

    It would be wonderful if we could all do this work for free, but someone, somewhere needs to pay the bills so we can all live. These toolbars keep these companies in business by providing revenue.

    Conflating this with Comodo, who sell certificates to anyone no questions asked, is really doing a disservice to the anti-malware companies. It's not as though Clam has decided to partner up with Antivirus 2010 or the Russian malware gangs. Such twisty knickers!
  15. User picture
    • jpvip on Fri 16 Oct 2009
    • 12:34:38 AM UTC

    Include a few others...I will list them...

    These are companies that include some kind of toolbar, not necessarily Ask.

    Comodo
    AVG
    iolo
    PC Tools
    Spyware Terminator (distributes malware, dummies)
    Checkpoint/ZoneAlarm
    ===========================================

    So who are the only ones who have NOT decided to distribute a toolbar?
    ESET, ALWIL, AhnLab, Aladdin, Antiy, BitDefender, Avira, Authentium, BullGuard, Cisco, Dr Web, F-Secure, Emsi, Fortinet, Frisk, G-Data, Kaspersky, Microsoft, Malwarebytes, Kingsoft, McAfee, Panda, PrevX, Rising, Sophos, SuperAntispyware, and VirusBlockAda.

    ~DragonMaster Jay, malware researcher,
    Admin, helpmyos.com
    • User picture
      • demonluo on Fri 16 Oct 2009
      • 09:17:20 AM UTC

      nice info...

      nice info...
    • User picture
      • amishrabbit on Fri 16 Oct 2009
      • 10:58:46 PM UTC

      What's your point?

      That somehow, Comodo, AVG, Iolo, PC Tools (which is owned by Symantec, btw), and Checkpoint (which licenses the engine from CA or Trend, I can't remember) are somehow untrustworthy now, or fall in the same bucket as a known rogue antivirus?

      Because they distribute the Ask toolbar or Google toolbar.

      I call bullshit.

      You also left out a few vendors who include toolbars.
      • User picture
        • Warxas on Fri 16 Oct 2009
        • 11:12:40 PM UTC

        Re: What's your point?

        They aren't trustworthy.
        If they want to distribute a toolbar, then chose a non-malicious one.
        Like Google's or even Yahoo's!

        Ask IS malware, simple as that. http://www.virustotal.com/analisis/4228da28ef528a7...
        • User picture
          • amishrabbit on Mon 19 Oct 2009
          • 08:15:18 PM UTC

          I'm going to make it clear

          I'm going to make it clear that I do NOT work for Ask.com or benefit directly from their company.

          What is your classification criteria?

          Those VT results are bogus. VBA is calling it "Myway" which is a completely different company. So that's an FP. McAfee calls it a PUP, which means you might not want it, but that doesn't make it malicious. DrWeb's "Backdoor.Trojan" is both vague to the point of being a false positive, and completely wrong, as the Ask toolbar doesn't have any backdoor functionality.

          I'm willing to grant that any browser toolbar -- Yahoo and Google's included -- are "potentially unwanted" but in no way does that mean they're actively malicious. And certainly the fact that a company otherwise does superb work as a free antimalware solution should count for SOMETHING.

          I see this as a case of Clam needs to pay the bills, or it will vanish forever, so it's making a compromise. It is not a black and white issue. They are not getting in bed with some sort of "enemy" -- Ask.com is the #4 search engine, after Bing, according to Comscore. They could not possibly get to that adoption rate if the company's actions were considered user-hostile.

          Would you characterize Google Toolbar as a backdoor? It updates itself automatically on a schedule, with no notice to the user; It tracks your web searches and associates your online behavior with a static, unique identifier; Data gleaned from searches and browsing can be used to correlate specific facts about the unique, identifiable user who's running the toolbar. And that's just if you haven't signed up for a Google account, in which case your entire browsing and search history are stored indefinitely.

          My point is, you're making a bogus distinction of Ask.com vs. Yahoo and Google, based on ancient history and misinformation. Once again, I call bullshit. Own up to your criteria and explain yourself; don't just repeat the same, tired, playground-grade logic (which sums up to "it's bad because it's bad because someone said it's bad, just because. Nyah!") as your justification.

          If you can, convince me otherwise. Offer substantial, quantifiable, and independently-confirmable proof. "They aren't trustworthy" is not a valid argument in the absence of any evidence.
          • User picture
            • Warxas on Mon 19 Oct 2009
            • 10:48:28 PM UTC

            Re: I'm going to make it clear

            If you don't work for ask then why do you care so much?

            Just type in ask to and the third result is "Ask Toolbar Removal" the sixth result is "Ask Toolbar Spyware" and the eight result is "Ask Toolbar Uninstall" That should tell you something right there.

            You want proof? Fine, here is some;
            http://forums.cnet.com/5208-6132_102-0.html?thread...
            http://forums.cnet.com/5208-6132_102-0.html?thread...
            http://www.prevx.com/filenames/X25035497991507839-...
            And look at Deborah S's comment on Ask.com.
            Do you want to "call bullshit" on her too?

            If you read my earlier post, you'd see that I did NOT rate or comment on ClamWin.
            Like I said, I would not recommend Clamwin, but I wouldn't tell someone not to get it either.

            BTW I am not mad, just don't understand why you want to push Ask so much?
            • User picture
              • jpvip on Mon 19 Oct 2009
              • 11:01:15 PM UTC

              Recent results from malware test...

              14/42 scanners report spyware. Sorry fellas...lol

              ~DragonMaster Jay, malware researcher,
              Admin, helpmyos.com
              • User picture
                • Warxas on Mon 19 Oct 2009
                • 11:06:37 PM UTC

                Ooh post those results

                Ooh post those results please! :D
                • User picture
                  • jpvip on Tue 20 Oct 2009
                  • 01:00:21 AM UTC

                  Results

                  Just read this PDF by Sunbelt, it should help all of you understand why IAC/Ask.com is far from clean: http://www.sunbelt-software.com/ihs/alex/aj.pdf

                  Ask.com's new AskEraser was blamed to be a tracking tool and is quite the opposite of what it specified to be.

                  RESULTS (cannot guarantee detection of new installer, this is for the normal install):
                  McAfee: PUP ASKtoolbarSPY
                  VBA32: Signed-AdWare.Win32.MyWay.ad
                  DrWeb: BACKDOOR.trojan (yeah right)
                  A-Squared and Ikarus: Signed-AdWare.Win32.MyWay.ad!IK
                  Comodo: Unclassified Malware and not-a-virus:AdWare.Win32.MyWay.ac
                  Panda: Suspicious File
                  PC Tools: Adware.MyWay!ct
                  Ikarus: not-a-virus:AdWare.Ask
                  Avira: ADSPY/Ask
                  Fortinet: Misc/Mywebsearch
                  Webwasher-Gateway: Ad-Spyware.ask
                  Sunbelt Vipre: PUP AskToolbar
                  Malwarebytes: Adware.MyWebSearch
                  Unspecified-Beta-Product: AdTrackSpy:Ask.com/IAC - sec.provider

                  ~DragonMaster Jay, malware researcher,
                  Admin, helpmyos.com
                  • User picture
                    • g7w on Tue 20 Oct 2009
                    • 01:10:39 AM UTC

                    Sunbelt PDF link

                    IS that outdated?
                    It was created 12 SEP 2005 = 4 years ago.

                    Do they offer anything more current?
                    -------
                    WOT Services Ltd. - gives us safety through Web of Trust.
                    WOT Community - gives us security through unity.
                    Thank you all
                    - G7W
                  • User picture
                    • amishrabbit on Tue 20 Oct 2009
                    • 10:02:36 PM UTC

                    2005

                    Four years have passed, during which time Ask was sold, and has entirely new management and a different business model

                    I'm not denying that several years ago, the company made some dodgy shiat, but they don't anymore, and you're still throwing that old bogeyman in everyone's face.

                    I'll quote Alex:
                    Is Ask so terrible? Well, they have a history, which to their credit, has really been cleaned up. Perhaps it’s unfair that some of us in the business have long memories. But now that Symantec has effectively lowered the bar, expect a lot more of this type of bundling by companies anxious to add more dollars to a tight P&L.