Keylogger infection from PC Advisor disk

  The Belarussian Mafia 12:30 17 Apr 2007
Locked

This is the first time I've had anything negative to say about PC Advisor mag, but I think it is important.

I installed Mindsoft Utilities XP 9.5 from the PC Repair Kit disc that came with the May 07 edition, and ran the utility that tweaks the PC to improve performance. It told me it wanted to improve the performance of my processor cache, turn on UDMA, etc, etc. and I ticked all but one of the boxes to allow it to perform the suggested tasks. Almost immediately afterwards I happened to run CounterSpy. This picked up 54 files that had been affected by a "Professional Key Logging Programme from MindSoft Utilities" which it categorised as a "hightened alert". (This is the 1st time I have ever seen anything but a "medium alert"-type category from any anti-spyware software.) Needless to say I find this shocking. This is the worst compromise of my PC I've ever encountered.

Installing this programme was an exception. I long ago realised that free software nearly always requires registration and then misuses your email for spam no matter what you say when registering, so this was the first time in a very long time I had used a free disk. Come to think of it I did try the free full installment of Quark Express in January, but that was a total farce, as when you tried to register in order to use it, the registration page was permanently down...

Anyway, back to the main issue. I had only run CounterSpy in fast search mode, so I decided to do a full search of all my files, to be safe. The wierdest thing then happened. The moment I clicked on the CounterSpy icon, I got a Windows message saying "Installing MindSoft Utilities features". I have no idea what on earth was going on, except to say I fear it might have been reinstalling the keylogger. (Maybe it was a coincidence that it happened when I clicked the other icon.)

I immediately uninstalled this appalling programme, but goodness knows what it might have hidden away on my PC.

My purpose is first and foremost to alert others to this issue, but it is also a shot over the bows of the magazine to get its act together.

  The Belarussian Mafia 12:41 17 Apr 2007

I have just realised the Quark Express offer was from the disc of another mag. But the PC Advisor DVD for May had exactly the same offer, which I clearly would find difficult to believe, as the problem lay with the Quark website, independent of either magazine. (In any case this was just an aside.)

  RickyC :-) 13:19 17 Apr 2007

Let me assure you that the cover discs are tested extensively prior to being replicated and distributed, to ensure that we never include any malicious applications on the disc.

Mindsoft is an established software developer, you will find that other technology websites and publications are happy to recommend their utilities as useful programs for maintaining and optimising your PC's performance.
click here,
click here or
click here for other reputable technology sites offering Mindsoft Utilities.

The registration issue which affected PC Pro readers when they attempted to install Quark earlier this year was due to a server problem at Quark. As far as I'm aware this did not affect PC Advisor readers when they installed Quark 5 from our May 2007 DVD.

regards

Richard
Cover Disc Editor

  taffyal 16:21 17 Apr 2007

So why did The Belarussian Mafia experience heightened alert about keylogging?? Just wondering!

  Totally-braindead 16:41 17 Apr 2007

CD Editor does that mean that Counterspy has found a false positive or what exactly do you mean.

  The Belarussian Mafia 17:02 17 Apr 2007

Richard, CD Editor: I hope you can see I have no axe to grind. I am a great fan of the mag and this site.

It is good to hear that checks are made, however in this instance something has clearly gone wrong and a small apology might be in order. I have to say it is not terribly reassuring that you are quoting other sites. I would have expected an authority like PC Advisor to stake its reputation on its own pronouncements and recommendations after completing its own robust checking procedures.

I assume it is Mindsoft who is the actual culprit. I'm sure you'll agree that keylogging is no joke, with the potential for stealing money and even identity. If you agree this must be the case, could you possibly face the company with this issue and be good enough to publish their response here?

Many thanks.

  GANDALF <|:-)> 17:26 17 Apr 2007

1) false positive.
2) lot of paranoia around due to myths perpetuated on the Internet.
3) that's all folks.


G

  MAJ 17:44 17 Apr 2007

I'm inclined to agree with GANDALF <|:-)>, it's probably a false positive. Even considering all the good reports about CounterSpy, I'm very wary of it and wouldn't have it installed......... just a gut feeling......

  The Belarussian Mafia 17:46 17 Apr 2007

Gandalf:

1) How can you know that unless you've inspected the relevant files? (I assume you would have said you had done this if you had.) If you're assuming a false positive are you saying CounterSpy is no good?

2) Are you claiming keylogging is not designed to obtain personal and confidential information?

3) It's not like you to pour cold water on a serious issue.

  p;3 17:50 17 Apr 2007

(bookmarking)

  The Belarussian Mafia 17:57 17 Apr 2007

MAJ: Thanks for your thoughts. I do think online security needs to be based on more than gut feeling, though.

Incidentally, CounterSpy won the Best Buy award in Computer Shopper's Oct. 06 labs test & was re-recommended in the Nov. 06 issue in answer to a letter (p.204). I quote:

"Sunbelt CounterSpy is an excellent programme and we are not surprised that it managed to find Trojans and other nasties that you other software did not." This is followed by a warning about other software known to produce false positives.

Still waiting for a solidly reassuring reply...

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Galaxy Note 8 vs iPhone X

This is what design agencies will look like in 2032

How to update iOS on iPhone or iPad

WhatsApp : comment lire vos messages sans que l’expéditeur le sache