Windows Secrets

Subscribers: Sign in

Enter your e-mail address to get a free subscription.
We guarantee your privacy
Skip to content
  • Home
  • Newsletter Archives
    • Current
    • LangaList Plus
    • Patch Watch
    • Wacky Web Week
    • Security Baseline
  • WinDeals
  • E-Books
  • Lounge
  • Polls
  • About us
    • Refunds
    • Privacy Policy
    • Advertise
  • Contact
  • Your Account
    • Upgrade
    • Preferences
    • Bonus Download
    • Unsubscribe
Home>Google, Live, Yahoo run dubious scanner ads

Windows Secrets Newsletter • Issue 119 • 2007-08-09 • Circulation: over 400,000

Table of contents 
  • Top Story: Google, Live, Yahoo run dubious scanner ads
  • Known Issues: Change user access one app at a time
  • Wacky Web Week: Quite possibly the first duct-tape server
  • Woody's Windows: How to stamp out Windows weirdification
  • Perimeter Scan: Your application software sorely needs updating
  • Patch Watch: Vista patching is a wee bit different
 
Top Story

Google, Live, Yahoo run dubious scanner ads

Scott Dunn 1 Google, Live, Yahoo run dubious scanner ads By Scott Dunn

You’ve heard of “adware” and “spyware” and the antispyware products that are designed to eliminate them.

A third category of software — “rogue antispyware” — promotes itself deceptively and yet is allowed to advertise on such major search engines as Google, Yahoo, and Microsoft’s Live.com.

Spyware Warrior publishes ‘rogue’ software list

For years, a Web site known as Spyware Warrior has been at the forefront of exposing fraudulent and misleading antispyware products. Its page of so-called Rogue/Suspect Anti-Spyware Products names scores of products that exhibit suspicious behaviors.

Many of these curious downloads, according to Spyware Warrior, install the very problems they claim to cure, generate false positives to trick users into buying a “remedy,” and use aggressive or misleading advertising.

Sadly, you can find ads for many of these suspect antispyware products on popular search engines. Typically, these ads appear as “sponsored links,” “sponsored sites,” or “sponsor results” on Google, Yahoo, and Windows Live (the search engine behind Microsoft’s MSN.com). The ads are paid for by the software companies and appear whenever a keyword in a search matches one that the advertiser has bid on.

Search ads promote false-positive scans

Table 1, below, shows some of the products on Spyware Warrior’s “rogue” list that advertise on Google, Live.com, and Yahoo as of this writing.

According to Spyware Warrior, each of the products in Table 1 scans consumers’ PCs for spyware but then presents “false positives,” reporting problems even when there are none. The purpose is to convince you to buy the advertiser’s product to “solve” the situation the scan found.

Spyware Warrior also accuses two of the products in the table — PAL Spyware Remover and SpySpotter — of aggressive or deceptive advertising.

Table 1. Questionable ads found on Google, Windows Live, and Yahoo

Product
 Google
 Live
 Yahoo
AdwareDeluxe
 Yes
 —
 Yes
AdwarePatrol
 Yes
 —
 Yes
ETD Scanner
 Yes
 —
 Yes
PAL Spyware Remover
 Yes
 —
 Yes
SpySpotter
 Yes
 —
 Yes
AlertSpy
 Yes
 Yes
 Yes
Allume Internet Cleanup
 Yes
 Yes
 Yes
SpyBouncer
 Yes
 Yes
 Yes
SpyOnThis

 Yes

 Yes

 Yes
In some cases, ironically, search engines display ads for these products side-by-side with ads offering to remove the same product from victims’ PC.

Try a search for spyonthis in Google. You’ll not only find an ad for the product from its “official site,” you’ll also find several ads that say, “Remove SpyOnThis” and “SpyOnThis Removal.”

To confuse matters further, some search-engine ads come from sites that pose as neutral software reviewers but actually are merely resellers for the questionable products.

For example, AdwarePatrol and PAL Spyware Remover are featured in Yahoo ads that read “AdwarePatrol Good or Bad?” and “PAL Spyware Remover Good or Bad?” The ads link to a site named SpyDiagnostic.com, which appears to provide an objective review of the products. Clicking the link, however, takes you to a page that’s identical to the main page of the product itself.

Using a safe-site tool such as McAfee’s Site Advisor provides you with some protection against ads for suspicious antispyware products. Site Advisor, for example, flags AdwarePatrol.com and Palsol.com (the site behind PAL Spyware Remover) as undesirable or negative. The tool, however, gives a green light to the SpyDiagnostic.com version of the same sites.

Search engine ad policies not enforced

Google, Yahoo, and Live.com all have policies that prohibit ads for deceptive products. Yet these search engines accept advertising for products found by Spyware Warrior to be “rogue” software.

Yahoo’s editorial guidelines for sponsored searches instruct advertisers to “choose a display URL that accurately reflects the site found at your submitted landing page.” If you search for allume internet cleanup you see an ad with the URL www.stuffit.com displayed. But click on the ad and you’re taken instead to the Internet Cleanup page on the Allume Web site.

Both products, StuffIt and Internet Cleanup, are owned by the same company. Site Advisor gives a red flag (undesirable) to the Allume and Internet Cleanup pages. But it gives a green light to the StuffIt product page.

Asked about these apparent policy violations, a Yahoo representative said, “When these sorts of claims are brought to our attention, we evaluate them in light of our existing guidelines and take appropriate action.”

Diana Adair, a spokeswoman for Google, said: “If we become aware of a product being advertised using AdWords that uses false positives to mislead users into purchase, we will disallow the ads as soon as possible. Google is committed to ensuring the safety and security of our users and our advertisers. We actively work to detect and remove such rogue security sites in both our ad network and in our search results. We have manual and automated processes in place to detect and enforce these policies.”

A Microsoft spokesman, Brad van Niekerk, wrote: “Any software — not just Spyware — that is downloaded or takes an action not expressly chosen by the user is against the terms of conditions and not allowed. We are constantly looking into Spyware and if we find advertisers or publishers who violate the terms of our policies we will take their ads down.” He added, “We have no plans to change any background mechanism on Live Search advertisers at this time.”

I sent e-mails last week seeking comments from the makers of the products listed in Table 1. By press time, I hadn’t received responses from any of the companies.

Consumers rely on search engines not only to find basic information but also to locate safe, helpful products that live up to their claims. The search engines have clearly taken the time to craft nice-sounding policies to support that goal.

But for many questionable antispyware products, enforcement of these policies is sadly lacking. It’s time for Google, Live, and Yahoo to look at their advertisers and take immediate action against deceptive products instead of accepting tainted ad dollars.

I’d like to thank reader Donald Friend, who sent us information about scanning software that makes false reports. We’re sending him a gift certificate for a book, CD, or DVD of his choice for submitting a tip that we printed. Send us your tips using the Windows Secrets contact page.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He is also a contributing editor of PC World Magazine, where he has written a monthly column since 1992, and co-author of 101 Windows Tips & Tricks (Peachpit) with Jesse Berst and Charles Bermant.
 
Known Issues

Change user access one app at a time

By Scott Dunn

In the “last issue, I explained how to use XP without administrator rights to simulate the safety offered by Vista’s User Account Control.

Readers responded with their own tools and tricks to stop programs from gaining full (and therefore risky) access to your system.

Free software lets you limit user access

Some people find it onerous to run Windows as anything but an administrator. For those people, reader Scott Beatty has a suggestion:
  • “My favorite way to avoid running selected programs, such as browsers and e-mail clients, with admin rights is to use the Sysinternals program PsExec. I add the following string to the front of the Target for the icon that launches the program that I want to limit.”

    “c:windowssystem32psexec.exe” -l -d
PsExec is part of the free PsTools collection, which you can download from Microsoft’s TechNet site. (The original developer, Sysinternals, was recently acquired by Microsoft.)

Although it was intended for launching programs on remote computers, you can use the command-line switches Beatty recommends to run any app as a limited user. The -L switch limits the application’s privileges. The -D switch makes the command window disappear as soon as the program is launched.

For example, to implement Beatty’s tip for Internet Explorer, follow these steps:

Step 1. Right-click the icon you use to launch IE (for example, in your Taskbar’s Quick Launch area) and choose Properties.

Step 2. In the default Shortcut tab, click at the beginning of the Target box and insert the command line Beatty shows above, followed by a space. (Your path may differ, depending on where you install PsExec.) When you’re done, the text in the Target box should read something like:

“c:windowssystem32psexec.exe” -l -d “c:Program FilesInternet Exploreriexplore.exe”

Again, your path may differ if you installed Windows somewhere other than c:windows.

Step 3. To make sure you still see the Internet Explorer icon for this shortcut, click the Change Icon button in the dialog box, enter:

“c:Program FilesInternet Exploreriexplore.exe”

in the box at the top, select the icon from the list that’s shown, and click OK.

Step 4. When you’re all done, click OK again to close the program’s Properties dialog.

The next time you launch IE from this shortcut, it will run as if you logged in as a limited user.

Another way to make IE 7 safer

The Aug. 2 story on simulating User Account Control in XP noted that Vista runs Internet Explorer 7 in the safer “protected mode,” which XP does not. Reader Robert Primak, however, points out that there are steps IE 7 users can take to make surfing a little safer:
  • “Scott Dunn could also reference Brian Livingston’s 2006 article, IE 7 Needs Tweaking for Safety. That story provided additional information on security settings.”
Thanks for the reminder, Robert! Brian’s Oct. 26, 2006, piece reports one expert’s recommended settings that make IE 7 a lot less vulnerable — at the expense of some functionality — if you can’t use Firefox, which we consider a safer browser. If you use IE 7 in any version of Windows, this is a must-read.

Lowering your risks in XP Home and W2K

The Aug. 2 story also mentioned using lurmgr.msc to create a new user account. But a reader who signs his mail Winston reminds us:
  • “Lusrmgr.msc activates the Local Users and Groups and is only applicable in XP Pro. In XP Home, a new account is created via the User Accounts tool in the Control Panel. The Power User option is also only available in XP Pro.”
Thanks for the corrections! Reader David Shields points out that the tip also works for users of Windows 2000. Although not every step is identical to the procedure in XP Pro, you should be able to perform all of the same tasks, including using Run As to run programs as an administrator.

Readers Beatty, Primak, and Winston will receive gift certificates for a book, CD, or DVD of their choice for sending tips we printed. Send us your tips via the Windows Secrets contact page.

 
Wacky Web Week

Quite possibly the first duct-tape server

W070809 Duct Tape Server Quite possibly the first duct tape server  You always hear how endlessly useful duct tape is: it’s water resistant, tears easily, and comes in a variety of colors. Just go online and you’ll find numerous examples of duct-tape creativity, including entire articles of clothing made from this miracle product.

But that wasn’t good enough for Team Boom Tape, a group that formed a year ago at the MillionManLan gaming convention hosted by LanWar. Using conventional computer parts (a standard Pentium chip, motherboard, RAM, hard disk, and so on) held together with duct tape, they constructed a working server that they say performed flawlessly over the four-day competition. Check out their craftsmanship at the Duct Tape Server Web site.
 
Woody's Windows

How to stamp out Windows weirdification

Woody Leonhard 1 How to stamp out Windows weirdification By Woody Leonhard

I’ve bumped into a bunch of strange Windows settings lately while trying to clean up some of my clients’ PCs.

If your computer is behaving strangely, check my list to see if there’s a straightforward solution to your maddening problem.

Avoiding the dreaded disk wipe

Microsoft claims that Vista has been selling faster than any version of Windows in history. That may be true, but I’m getting more and more questions from people who are trying to extend the useful life of the computers they already have.

Most of them bemoan the fact that Windows doesn’t work the way it used to. This isn’t because of some nefarious Microsoft plot to force them to upgrade to Vista. Instead, over the years they’ve installed programs (and, it must be said, they’ve uninstalled programs) and made change after change, finally driving them nuts.

They’ve scoured the scumware, sprung the antispyware, blocked the badware, defragged and tweaked and twiggled till they’re blue in the face. They long for the good old days, the way Windows used to be, before they installed every program under the sun. And they don’t want to re-install Windows to make it work right again. That’s too much hassle, too big a chance of having everything blow up.

Losing file name associations

Top on their list: hijacked file associations. The story goes something like this.

You start out with Windows Media Player. Then you get an iPod, so you install iTunes to synch with your Pod. You get QuickTime along with the bargain. (Installing iTunes automatically installs QuickTime.) But then you find out that WinAmp can feed your Pod, so you install WinAmp over the top of iTunes.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Perimeter Scan

Your application software sorely needs updating

Ryan Russell 1 Your application software sorely needs updating By Ryan Russell

In my July 26 column, I invited readers to use Windows Secrets’ link to test their PCs with Secunia.com’s free Software Inspector.

I’m happy this week to present the results and answer the many questions this generated from our readers.

Results show Web plug-ins are vulnerable

Software Inspector scans your PC (with your permission) and reports on programs, including Windows itself, that have old, nonsecure versions installed on your PC. Through an affiliate relationship with Windows Secrets, we were allowed to see the 10 programs that were the least updated — and therefore the most likely to be nonsecure — among the PCs that were tested by our paid readers.

The link to Software Inspector that I provided in my previous column was clicked more than 12,000 times by readers in the first week alone. We don’t know how many of those visitors went on to run an actual scan of their PCs. (Secunia doesn’t collect or report any personal information, nor would we want the company to.) But a huge number of readers surely took advantage of the free service.

I looked at Secunia’s list of the 10 software products that Windows Secrets readers are running nonupdated versions of. (Software Inspector only tells you about vulnerable software that has a more-secure version available.)

Here’s the list, in descending order, starting with the applications that have the greatest number of flawed, nonupdated instances on readers’ machines (before they ran the scan and, I hope, updated the apps that needed it):

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Patch Watch

Vista patching is a wee bit different

Susan Bradley 1 Vista patching is a wee bit different By Susan Bradley

As we start our back-to-school time of the year, many of you are purchasing Vista machines.

Vista handles patching just a little bit differently than the older versions of Windows, and I’ll tell you how.

Do Vista patches reboot with no control?

I’m investigating a complaint that was posted in an Aug. 2 blog entry by ZDNet’s David Berlind. He found his Vista machine applying patches and then rebooting — without him able to stop it. He aimed a camera at the screen and captured a video of the reboot dialog box.

I’m burning the midnight oils, watching a VMware version of an activated but unpatched copy of Vista to see if I can recreate his experience. I’ve personally been able to delay the rebooting of Vista up to fourhours simply by choosing a drop-down box and saying “patch later.”

But, to be fair, I was at that time logged in using Vista’s new “Administrator User,” not the “Standard User.” The latter is the account Berlind says in a follow-up comment he was using.

I did just the same, setting up Vista with a Standard User account. I’m not seeing Vista force me to install patches and reboot. Instead, it’s letting me install them when I shut down, just like XP’s Standard User account does. Figure 1 shows the button in Vista that, with a single click, installs updates for you and then shuts down Windows.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com, 1218 Third Ave., Suite 1515, Seattle, WA 98101 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editor in chief: Tracey Capen. Senior editors: Fred Langa, Woody Leonhard. Copyeditor: Roberta Scholz. Program director: Tony Johnston. Contributing editors: Yardena Arar, Susan Bradley, Scott Dunn, Michael Lasky, Scott Mace, Ryan Russell, Lincoln Spector, Robert Vamosi, Becky Waring. Product manager: Andy Boyd. Advertising director: Eric Gilley.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

 HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period.  Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,
  • Visit our Unsubscribe page.
Copyright © 2012 by WindowsSecrets.com. All rights reserved.

Table of contents

Top-scoring articles in the past 12 months
  • Leaving long cookie trails throughout the Web 5.00
  • Windows-like security for Android devices 5.00
  • Win7′s no-reformat, nondestructive reinstall 4.56
  • LizaMoon infection: a blow-by-blow account 4.46
  • RPV: Win7′s least-known data-protection system 4.35
  • Recovery: the last step in total data security 4.31
  • The sorry tale of the (un)Secure Sockets Layer 4.30
  • Time for a .NET update we can’t ignore 4.30
  • Getting the most from Windows Search — Part 1 4.25
  • Revising printing habits saves money and trees 4.25
  • Upgrades end in erratic, partial hangs 4.25
  • Get wired performance from your Wi-Fi network 4.24
  • Caution: Bumps in the road to IPv6 4.23
  • Patch Watch adds problem-patch update chart 4.23
  • ZeuS Trojan reinvents itself as bots rock on 4.22
  • Pros and cons of a ‘keyfile’ password 4.21
  • April brings showers of browser patches 4.20
  • Readers comment on the LizaMoon infection story 4.20
  • Office 2007 gets its final service pack 4.19
  • Putting Registry-/system-cleanup apps to the test 4.19
  • The advanced system-recover toolkit 4.18
  • One year and 99 security bulletins later 4.18
  • Don’t pay for software you don’t need — Part 3 4.17
  • What to do when Windows refuses to boot 4.17
  • Make the most of Windows 7′s Libraries 4.16
  • Keeping you up to date: say no to .NET — again 4.16
  • Internet Explorer gets another round of patches 4.15
  • Vacation’s over; it’s a big round of patches 4.15
  • Big-time Wi-Fi security for the small office 4.14
  • Office File Validation patch leads to problems 4.14
Connect with us Follow us on Twitter Connect with us on Facebook View our RSS Feeds
  • Home|
  • Newsletter|
  • About Windows Secrets|
  • Advertise with us|
  • Unsubscribe|
  • Sitemap|
  • Affiliates|
Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.
iNET Interactive Copyright © 2011 iNET Interactive.
All rights reserved.
Terms of Use  |  Privacy Policy
Internet Services
  • Web Hosting Talk
  • HostingCon
  • Hosting Catalog
  • Host Voice
Web Development
  • Hot Scripts
  • DB Forums
Digital Marketing
  • ABestWeb
  • Search Marketing Standard
  • PayPerClickUniverse
  • SEMCompare
Consumer Tech
  • Windows Secrets
  • Overclockers
  • Mac Forums

Learn more about
advertising opportunities across the iNET Interactive Network.

LiquidWeb