Say it ain't so...

[klytus.livejournal.com]

(Cross-posted to my private LJ)

Like many computer geeks, I use Firefox as my primary web browser. So when I got a notice about the update to version 2.0.0.2, I went "Of course!" and let it update and install. Much to my surprise, as Firefox restarted, I got an alert from Spy Sweeper that an item attempting to install itself had been quarantined.

Yep. It seems that as part of its upgrade, Firefox includes a program known as 180search Assistant/Zango. And no, it isn’t a coincidence. I ran a full spyware sweep on my computer earlier this afternoon, and this piece of spyware appeared the second I re-started Firefox after the upgrade. This happened on my work computer as well.

Granted, this is a fairly benign piece of spyware. Then again, compared to a sucking chest wound, a deep laceration is a fairly benign injury. Spyware is bad stuff.

Period.

Shame on you, Firefox.

Comments

[travisd.livejournal.com]

Probably a false alarm: http://forums.mozillazine.org/viewtopic.php?t=522180

(googled for "firefox 180search")

[docjeff.livejournal.com]

Mozilla doesn't foist this junk upon people. You either have a false positive as travisd said or you didn't get your Firefox update from an official Mozilla source.

False positives with spyware checkers are about as common as people who still say virii when they mean viruses. *shrug*

[ravenshrinkery.livejournal.com]

Spysweeper false positives all the time. They are also ass-tacular about doing anything about their false positives if you are a small or open-source developer (they are shit-tacular if you are both).

I had the joy of having to offer it to customers. It was great for the paranoid crowd. But it's a rare thing that is going to get past the watchful eyes of a HijackThis search and a proper firewall.

[klytus.livejournal.com]

I ran the download from Firefox itself (Help - Check for updates). I didn't go to a third-part website. I also updated my spyware definitions earlier today. Had this not happened on two entirely different computers at two different times, I would have dismissed it. SpySweeper has been very good at keeping spyware of my system (I do run other utilities as a double-check), and I've not had an encounter with a false positive before today. Heck, I'm still unconvinced it *was* a false positive.

[docjeff.livejournal.com]

Spyware sweeper is well known for giving false positives. Try something a little more well-regarded like Spybot Search & Destroy or get Spywareblaster which stops that junk from even starting up. Seriously, there is no spyware or adware in Firefox.

[jecook]

Just scanned my system:

Firefox 2.0.0.2, Scanner used was Ad-aware SE with the latest definitions

the only thing it found was a tracking IE cookie for MSN...

You've likely got a false positive there.

[klytus.livejournal.com]

Oddly, I've had very good luck with SPySweeper until now. It *has* kept my system spyware free for the most part, even when I run SpyBot and AdAware SE. Yeah, it misses some things, but not even the BEST nets get everything.

Still, considering the feedback I'm getting here, and on other boards, it looks like I screwed the pooch on this one.

[jynx.livejournal.com]

2.0.0.2 also has another smaller issue - it's security is 100% hackable and easy. It was reported on the 23rd.

[brownizs.livejournal.com]

Nope, sorry, but Firefox does not include Sludgewear. Most likely a False Positive.

[docjeff.livejournal.com]

This is why I moved to Linux y'know. :)

[110billion.livejournal.com]

Agreed, a billion times better.

[sarah-briarmoss.livejournal.com]

Zone Alarm Pro's Anti Spyware thing found it the other day, but I just assumed I'd picked it up somewhere since my last scan and wasn't too worried.

[travisd.livejournal.com]

I've actually had very good luck with Windows Defender. MS actually bought one of the better players on the market, and hasn't managed to fsck it up yet.

[ghostdandp.livejournal.com]

Counterspy rocks my socks

[captpackrat.livejournal.com]

NOD32, Spybot and Ad-Aware, all with the latest defs, all came back clean.

[kizayaen.livejournal.com]

Another vote for an up-to-date Spybot finding nothing.

[dukesnorre.livejournal.com]

So they'd be colon-tacular for smallish developers, small intestine-tacular for medium small developers, and so forth up until you read Microsoft, for which they are food-tacular? :-)

[twitchfetish.livejournal.com]

Have to agree with that. Much as I hate to laud any M$ product, it seems they've actually got something good here.

It's even picked up stuff that Spybot and Adaware missed...

and that HURTS to admit.

IV

[heidl.livejournal.com]

i also updated today - and no virus alert on my machine.