Logo
English Russian German French Spanish Italian
contact usprivacy
   Support Forums
chart
• Welcome
• Products
Internet Tools
SMTP component
POP3 component
ICMP component
Winsock component
FormoEd
• Links
• Contact Us
• About OstroSoft
• Privacy
OISV - Organization of Independent Software Vendors - Contributing Member
Webroot Story

02/08/2006 Update on an issue with Webroot SpySweeper, claiming OstroSoft SMTP Component (OSSMTP.dll) is a spyware.

Good news - it's not an issue anymore.
As reported by our customers (Webroot never got back to us), latest SpySweeper release no longer flags OSSMTP.dll as a spyware.
Special thanks to Michel from EXP Systems for his help in resolving this problem.
We still recommend current SpySweeper users to switch to freeware alternatives(Spybot Search and Destroy is our choice), since SpySweeper does not offer any significant advantages worth paying for. If getting rid of SpySweeper is not an option - don't forget to upgrade to the latest build, fixing the problem with false positives.

01/03/2006 It's déjà vu all over again: now Webroot SpySweeper claims OstroSoft SMTP Component (OSSMTP.dll) is a spyware.

Still fresh off the fight with Symantec we (and the users of our software) are now have to deal with another security superhero wannabe. Starting October 2005 our customers report that SpySweeper flags OSSMTP as Wintective Keylogger - spyware, having the highest security risk (on SpySweeper scale). Clicking the link for more information brings you to a page on SpySweeper website: keylogger description, promising horrible things if you don't remove this evil creation. Not many technical details, though (if any).

Searching the Web locates the most complete description at Symantec's website. Turns out Wintective Keylogger (wintective.exe) does exist. And it uses some external libraries, namely: OSSMTP.dll, MSVBVM60.DLL and mswinsck.ocx

Only one of them (OSSMTP.dll) gets flagged by SpySweeper. Why? See, the other 2 libraries were developed by Microsoft and no one in the right mind wants to deal with their lawyers. Now, getting big at expense of OstroSoft and users of our software seemed like a great opportunity to Webroot.

Do Webroot "security experts" know that OSSMTP itself is not Wintective Keylogger? Of course they do. Why would they do such a thing? Simple: you've got to stay competitive in a crowded anti-spyware market. Which is lately a problem for Webroot, whose competitors are offering similar packages for free. What's the solution: set as many red flags as possible, even if they are meaningless (cookies, anyone?) or false positive (OSSMTP). Then Webroot can claim their detection engine is the most complete out there.

There are at least 2 solutions to Webroot case:
- keep submitting complaints on their website until the problem is fixed
- switch to a freeware anti-spyware product: for example, Spybot Search and Destroy

We recommend the second solution.
Copyright © 1996-2010 OstroSoft. All rights reserved. info@ostrosoft.com