Needless to say that attorneys have found their way into the spyware wars, and unfortunately some firms have chosen the dark side. In what appears to this layman's eyes to be a prelude to a SLAPP (or similar suit), or merely an exercise in brinksmanship, several web sites, include CastleCops and Spyware Warrior have been contacted by an attorney for a company called iDownload with a demand that they cease and desist referring to iDownload's ahem, product as spyware or malware.
The problem of course is one of semantics. The average end-user cannot differentiate between adware, spyware, and malware (another interesting categorization is foistware, i.e. something that is foisted upon you either through obscurity, non-disclosure, or by making something you want to run dependent on the foistware; one of the earlier battles in the war on this type of application involved replacing a spyware .DLL file that the particular software looked for with a dummy, benign version). For purposes of this discussion let's define adware as software which serves up advertising and does nothing more, spyware as software which may have some adware components but which records information such as URLs visited and passes that information along to its master, and malware as software which may have some adware components, but which makes extreme changes to system settings, actively tries to frustrate uninstallation attempts, installs additional software without informing or obtaining the consent of the user, and which attempts to control the user's online behavior (through redirecting sites and forcing the user to go to the malware's preferred sites; the "logic" being that the forced traffic to those sites will of course increase their advertising revenue).
iDownload objects to being categorized as spyware or malware, however, Symantec calls it precisely that:
Spyware.ISearch is an Internet Explorer Browser Helper Object and functions as a toolbar. It is a search hijacker and also tracks user activity on a remote server at isearch.com.Microsoft AntiSpyware also categorizes it as such.
The letter from the attorneys asserts otherwise:
....characterization of iSearch as Malware is damaging to the iDownload brand. As we all know, Malware is a phrase within the public conscience that has a specific meaning. A classification of Malware is usually reserved for those programs designed specifically to damage or disrupt a system, such as a virus or a Trojan horse, iSearch does not fit this profile.
Article comments
1 - kismet
They are using a kernal mode driver (delprot.sys) to hide their stuff, just like rootkits do.
2 - DrPat
Sounds like iSearch, by the company's own admission, is designed to fulfill one of the characteristics defined for malware: attempts to control the user's online behavior (through redirecting sites and forcing the user to go to the malware's preferred sites. Do the iDownload attorneys have any answer to the Symantec contention that iSearch also tracks user activity on a remote server at isearch.com?
3 - Trent
Advanced Uninstaller from http://www.snapfiles.com/get/advuninstaller.html can uninstall isearch and other toolbars.
isearch SUCKS! :-(