Uniblue Spyeraser - Trustworthy?

[David H. Lipman]

From: "Walt Bilofsky" <bilofsky@toolworks.com>

| Uniblue SpyEraser found a number of "threats" on my PC that were not
| detected by any other program I tried. Is this a cause for concern?

| I downloaded and ran the free (scan only) SpyEraser from
| http://www.liutilities.com/products/spyeraser/ . It found a lot of
| problems, and suggested that the product be purchased in order to
| clean them up.

| Among the threats it found were Screenspy, Mainpean Dialer, and
| AdultLinks QABar. I scanned my system with Norton Anti-Virus 2006,
| Spybot 1.3, and Ad-Aware SE Personal, and none of them found any of
| these (or anything else worth worrying about). The Symantec web site
| lists files and registry keys for these threats, none of which were
| present on my PC.

| SpyEraser also listed threats called NX Client, Viewpoint Media
| Toolbar, TinTel dialer, and VX2. Symantec doesn't list any of these
| as threats.

| So - what's going on here?

P.S.:: It wasn't so easy to uninstall SpyEraser, either. And when I
| got the uninstall to run without errors, it left the program files on
| the hard drive anyway.

Symantec is not a good non-viral anti malware detector. Ad-aware SE and SpyBot S&D are.
However, you need to remove SpyBot S&D v1.4 and replace it with v1.4, then update it.

I haven't heard of SpyEraser and it isn't on the Rogue list on Spyware Warrior. The
installer also scans clean at Virus Total. However, it may be a new Rogue. One that
repoerts malware that isn't there and one that won't allow easy removal.

I suggest adding the following to Ad-aware and SpyBot
SuperAntiSpyware -- http://www.superantispyware.com/supe...freevspro.html

then perform the following...

Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *




--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

[Walt Bilofsky]

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:

>From: "Walt Bilofsky" <bilofsky@toolworks.com>
>
>| Uniblue SpyEraser found a number of "threats" on my PC that were not
>| detected by any other program I tried. Is this a cause for concern?
>
>| I downloaded and ran the free (scan only) SpyEraser from
>| http://www.liutilities.com/products/spyeraser/ . It found a lot of
>| problems, and suggested that the product be purchased in order to
>| clean them up.
>
>| Among the threats it found were Screenspy, Mainpean Dialer, and
>| AdultLinks QABar. I scanned my system with Norton Anti-Virus 2006,
>| Spybot 1.3, and Ad-Aware SE Personal, and none of them found any of
>| these (or anything else worth worrying about). The Symantec web site
>| lists files and registry keys for these threats, none of which were
>| present on my PC.
>
>| SpyEraser also listed threats called NX Client, Viewpoint Media
>| Toolbar, TinTel dialer, and VX2. Symantec doesn't list any of these
>| as threats.
>
>| So - what's going on here?
>
>P.S.:: It wasn't so easy to uninstall SpyEraser, either. And when I
>| got the uninstall to run without errors, it left the program files on
>| the hard drive anyway.
>
>Symantec is not a good non-viral anti malware detector. Ad-aware SE and SpyBot S&D are.
>However, you need to remove SpyBot S&D v1.4 and replace it with v1.4, then update it.
>
>I haven't heard of SpyEraser and it isn't on the Rogue list on Spyware Warrior. The
>installer also scans clean at Virus Total. However, it may be a new Rogue. One that
>repoerts malware that isn't there and one that won't allow easy removal.
>
>I suggest adding the following to Ad-aware and SpyBot
>SuperAntiSpyware -- http://www.superantispyware.com/supe...freevspro.html
>
>then perform the following...
>
>Download MULTI_AV.EXE from the URL --
>http://www.ik-cs.com/programs/virtools/Multi_AV.exe
>
>To use this utility, perform the following...
>Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
>Choose; Unzip
>Choose; Close
>
>Execute; C:\AV-CLS\StartMenu.BAT
>{ or Double-click on 'Start Menu' in C:\AV-CLS }
>
>NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
>FireWall to allow it to download the needed AV vendor related files.
>
>C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
>This will bring up the initial menu of choices and should be executed in Normal Mode.
>This way all the components can be downloaded from each AV vendor's web site.
>The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.
>
>You can choose to go to each menu item and just download the needed files or you can
>download the files and perform a scan in Normal Mode. Once you have downloaded the files
>needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
>during boot] and re-run the menu again and choose which scanner you want to run in Safe
>Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
>
>When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
>file. http://www.ik-cs.com/multi-av.htm
>
>Additional Instructions:
>http://pcdid.com/Multi_AV.htm
>
>
>* * * Please report back your results * * *

Thanks for your reply.

SuperAntiSpyware reported no problems. (Every program found tracking
cookies; I'm not considering them as problems for the purpose of these
reports.)

I downloaded all the scanners in Multi_AV. Sophos (in Normal Mode)
found a "virus fragment" in one of the folders in my mail program, and
without asking removed it, I know not where. Fortunately that
particular folder hadn't been changed since my weekly automatic
backup; if it had deleted my entire in-box I would have been peeved.
(Norton Anti-Virus is happy with that file so perhaps a fragment isn't
a virus. But I'll take advice on that.)

At that point I decided that the pursuit of further knowledge wasn't
worth running three more programs intended for use when a system is so
damaged that deleting the odd file without prompting is perfectly
acceptable. So I terminated the Sophos scan before it could find and
devour my backup file.

If any of the other three scanners prompts before deleting, I'll be
happy to give them a whirl.

Do you think I've seen enough to conclude that Uniblue Spyeraser is
reporting bogus infections? I do.

- Walt Bilofsky

[pcbutts1]

David's Multi_Avi does not prompt for deletion or even quarantines what it
finds it just deletes it. This is for all modules. Not only that but it is
very slow. This is very bad. They is no recourse for false positives or
legit files you may have on your system that you know about. I do not
recommend his program. I noticed the same thing you did last year sometime
when I was evaluating it. When I mentioned it to him he attacked me and
tried to have my website shutdown and my ISP shut me down. This same issue
was brought to his attention in another newsgroup just last week and he was
asked if he could fix it and his answer was a flat out No! It's a good thing
you have a backup.

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker,David H. Lipman, Max M Wachtell III aka
What's in a Name?,Fitz,Rhonda Lea Kirk,Meat Plow, F Kwatu F, George Orwell



"Walt Bilofsky" <bilofsky@toolworks.com> wrote in message
news:usn3p2phes7h41k0d0oh22tcgepppdjn8e@4ax.com...
> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:
>
>>From: "Walt Bilofsky" <bilofsky@toolworks.com>
>>
>>| Uniblue SpyEraser found a number of "threats" on my PC that were not
>>| detected by any other program I tried. Is this a cause for concern?
>>
>>| I downloaded and ran the free (scan only) SpyEraser from
>>| http://www.liutilities.com/products/spyeraser/ . It found a lot of
>>| problems, and suggested that the product be purchased in order to
>>| clean them up.
>>
>>| Among the threats it found were Screenspy, Mainpean Dialer, and
>>| AdultLinks QABar. I scanned my system with Norton Anti-Virus 2006,
>>| Spybot 1.3, and Ad-Aware SE Personal, and none of them found any of
>>| these (or anything else worth worrying about). The Symantec web site
>>| lists files and registry keys for these threats, none of which were
>>| present on my PC.
>>
>>| SpyEraser also listed threats called NX Client, Viewpoint Media
>>| Toolbar, TinTel dialer, and VX2. Symantec doesn't list any of these
>>| as threats.
>>
>>| So - what's going on here?
>>
>>P.S.:: It wasn't so easy to uninstall SpyEraser, either. And when I
>>| got the uninstall to run without errors, it left the program files on
>>| the hard drive anyway.
>>
>>Symantec is not a good non-viral anti malware detector. Ad-aware SE and
>>SpyBot S&D are.
>>However, you need to remove SpyBot S&D v1.4 and replace it with v1.4, then
>>update it.
>>
>>I haven't heard of SpyEraser and it isn't on the Rogue list on Spyware
>>Warrior. The
>>installer also scans clean at Virus Total. However, it may be a new
>>Rogue. One that
>>repoerts malware that isn't there and one that won't allow easy removal.
>>
>>I suggest adding the following to Ad-aware and SpyBot
>>SuperAntiSpyware --
>>http://www.superantispyware.com/supe...freevspro.html
>>
>>then perform the following...
>>
>>Download MULTI_AV.EXE from the URL --
>>http://www.ik-cs.com/programs/virtools/Multi_AV.exe
>>
>>To use this utility, perform the following...
>>Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
>>Choose; Unzip
>>Choose; Close
>>
>>Execute; C:\AV-CLS\StartMenu.BAT
>>{ or Double-click on 'Start Menu' in C:\AV-CLS }
>>
>>NOTE: You may have to disable your software FireWall or allow WGET.EXE to
>>go through your
>>FireWall to allow it to download the needed AV vendor related files.
>>
>>C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
>>This will bring up the initial menu of choices and should be executed in
>>Normal Mode.
>>This way all the components can be downloaded from each AV vendor's web
>>site.
>>The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and
>>Reboot the PC.
>>
>>You can choose to go to each menu item and just download the needed files
>>or you can
>>download the files and perform a scan in Normal Mode. Once you have
>>downloaded the files
>>needed for each scanner you want to use, you should reboot the PC into
>>Safe Mode [F8 key
>>during boot] and re-run the menu again and choose which scanner you want
>>to run in Safe
>>Mode. It is suggested to run the scanners in both Safe Mode and Normal
>>Mode.
>>
>>When the menu is displayed hitting 'H' or 'h' will bring up a more
>>comprehensive PDF help
>>file. http://www.ik-cs.com/multi-av.htm
>>
>>Additional Instructions:
>>http://pcdid.com/Multi_AV.htm
>>
>>
>>* * * Please report back your results * * *
>
> Thanks for your reply.
>
> SuperAntiSpyware reported no problems. (Every program found tracking
> cookies; I'm not considering them as problems for the purpose of these
> reports.)
>
> I downloaded all the scanners in Multi_AV. Sophos (in Normal Mode)
> found a "virus fragment" in one of the folders in my mail program, and
> without asking removed it, I know not where. Fortunately that
> particular folder hadn't been changed since my weekly automatic
> backup; if it had deleted my entire in-box I would have been peeved.
> (Norton Anti-Virus is happy with that file so perhaps a fragment isn't
> a virus. But I'll take advice on that.)
>
> At that point I decided that the pursuit of further knowledge wasn't
> worth running three more programs intended for use when a system is so
> damaged that deleting the odd file without prompting is perfectly
> acceptable. So I terminated the Sophos scan before it could find and
> devour my backup file.
>
> If any of the other three scanners prompts before deleting, I'll be
> happy to give them a whirl.
>
> Do you think I've seen enough to conclude that Uniblue Spyeraser is
> reporting bogus infections? I do.
>
> - Walt Bilofsky

[David H. Lipman]

From: "Walt Bilofsky" <bilofsky@toolworks.com>



| Thanks for your reply.

| SuperAntiSpyware reported no problems. (Every program found tracking
| cookies; I'm not considering them as problems for the purpose of these
| reports.)

| I downloaded all the scanners in Multi_AV. Sophos (in Normal Mode)
| found a "virus fragment" in one of the folders in my mail program, and
| without asking removed it, I know not where. Fortunately that
| particular folder hadn't been changed since my weekly automatic
| backup; if it had deleted my entire in-box I would have been peeved.
| (Norton Anti-Virus is happy with that file so perhaps a fragment isn't
| a virus. But I'll take advice on that.)

| At that point I decided that the pursuit of further knowledge wasn't
| worth running three more programs intended for use when a system is so
| damaged that deleting the odd file without prompting is perfectly
| acceptable. So I terminated the Sophos scan before it could find and
| devour my backup file.

| If any of the other three scanners prompts before deleting, I'll be
| happy to give them a whirl.

| Do you think I've seen enough to conclude that Uniblue Spyeraser is
| reporting bogus infections? I do.

| - Walt Bilofsky

Walt:

If Sophos found and deleted "...found a "virus fragment" in one of the folders in my mail
program" Then it is highly likely that you did indeed hve a Trojan or virus in an email
message found by scanning "mime".

The Sophos log can be more definitive; C:\AV-CLS\Sophos\ScanReport.txt

BTW: A toggle switch in the menu that can go between 'malware rename' and 'malware delete'
modes is still in development. That version is not ready for release.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm