iSearch does not qualify as Malware. iSearch is a toolbar that in no way attempts to remain hidden or evade detection, Continuing, unlike Malware, iSearch does not gather any personally identifiable information about end users, does not collect data about the user’s web usage, does not collect any information entered into web forms, does not share information with third parties, does not send or cause to be sent unsolicited e-mail, and does not install items such as dialers on the end user’s computer.
We would request that you correct your disseminated materials immediately to remove any reference to iSearch as Malware or Spyware. To the extent you fail to remedy your improper disparagement of the iDownload brand on or before February 15, 2005, we will take all necessary action against your company to protect iDownload from your continuing tortuous conduct.
Hmmm... If one takes a look at the Win32.Bube.d virus making the rounds, we note that among its various payloads it delivers is an iDownload search product. I don't see any public squawking from iDownload about how their brand equity has been damaged by the authors of this particular virus, nor are they proactively reaching out to the computer security community about assistance with removing it from those end users who got infected with no intention of installing any such adware.
And let's take a look at iDownload's end-user license "agreement":
redirect certain URLs including your browser default 404-error page to or through the Software; provide advertisements, links or information in response to search terms you use at third-party websites; provide search functionality or capabilities; automatically update the Software and install added features or functionality or additional software, including search clients and toolbars, conveniently without your input or interaction; install desktop icons and installation files; install software from iSearch affiliates; and install Third Party Software.In addition, you further understand and agree, by installing the Software, that iSearch and/or the Software may, without any further prior notice to you, remove, disable or render inoperative other adware programs resident on your computer, which, in turn, may disable or render inoperative, other software resident on your computer, including software bundled with such adware, or have other adverse impacts on your computer.”
Article comments
1 - kismet
They are using a kernal mode driver (delprot.sys) to hide their stuff, just like rootkits do.
2 - DrPat
Sounds like iSearch, by the company's own admission, is designed to fulfill one of the characteristics defined for malware: attempts to control the user's online behavior (through redirecting sites and forcing the user to go to the malware's preferred sites. Do the iDownload attorneys have any answer to the Symantec contention that iSearch also tracks user activity on a remote server at isearch.com?
3 - Trent
Advanced Uninstaller from http://www.snapfiles.com/get/advuninstaller.html can uninstall isearch and other toolbars.
isearch SUCKS! :-(