Thursday, April 26, 2007

Enigma Software, A Mystery?

The definition of "enigma" according to the Webster Merriman Dictionary:
"One entry found for enigma.

Main Entry: enig·ma
Pronunciation: i-'nig-m&, e-
Function: noun
Etymology: Latin aenigma, from Greek ainigmat-, ainigma, from ainissesthai to speak in riddles, from ainos fable
1 : an obscure speech or writing
2 : something hard to understand or explain
3 : an inscrutable or mysterious person
synonym see MYSTERY"
Considering the history of Enigma Software as well as current events, it appears that the company selected a appropriate name.

In 2004, the following was written when de-listing Enigma from renown list of Rogue/Suspect Anti-Spyware Products & Web Sites:
Note on Enigma SpyHunter: Enigma's SpyHunter anti-spyware application was listed on this page primarily because of the company's history of employing aggressive, deceptive advertising (1, 2, 3, 4, 5). The company was also known for exploiting the name "spybot" in its domain names and online advertising. These objectionable business practices were employed primarily from late-2002 to mid-2004.

Sometime during summer of 2004 the company halted the most obnoxious and objectionable aspects of its online advertising. It also unloaded all the "spybot" domains (which were promptly picked up by Paretologic for its XoftSpy anti-spyware application).

While there are still unresolved allegations that SpyHunter transmits the Windows Product ID from users' PCs (1), we can no longer classify this application as "rogue/suspect." Nonetheless, SpyHunter -- at least in its current state -- cannot be recommended because of its mediocre performance as an anti-spyware scanner. Testing indicates that it does not recognize some well-known spyware installations and has difficulty removing critical spyware/adware files even from those it does recognize (1). Given the many excellent competing anti-spyware applications that are available (some for free), users would do better looking elsewhere for trustworthy anti-spyware protection. [Ed. Note: Bold added]


[A: 6-26-04 / U: 8-22-04]

What has happened since then? It appears from what I am reading, this "Enigma" is still seen in the industry as "something hard to understand or explain". Why do I say that? Following is a quote from one of the many (dare I suggest spam) press releases by Enigma Software today as a result of Symantec adding Enigma's software, SpyHunter, to detection as a "Security Risk".

(They're taking on the big boys now. Just because Lavasoft caved, do they think Symantec will?):

"In addition to Symantec, other competitors of Enigma, including,,, and, have been coordinating a campaign to have SpyHunter listed as rogue software. Each of these entities is a competitor of Enigma Software Group that either has competing products or is an affiliate of competing products. Enigma is evaluating closely its legal options with respect to this anticompetitive campaign."

"Enigma wishes to engage the Internet security community at large in a neutral open discussion at a neutral forum. Executives and employees of Enigma agree to discuss technical details of Enigma's software product SpyHunter. Enigma invites security experts such as Susan Turner, Ben Edelman, Eric Howes, and other security experts to discuss SpyHunter. Enigma requests that there be no anonymous posts permitted in this discussion thread, to help ensure it will not be subverted by those who would post comments for anticompetitive purposes. Accordingly, Enigma requests that participants in this forum thread should provide their name, address, and phone number."
Two amazing bits in what might be considered an "obscure speech or writing" or perhaps "something hard to understand or explain":
The first is the identification of,,, and, security blogs and help sites as "competitors" of a software company.

The second is that a company, reputed over the years as hiding behind false identities, expects participants in a public forum to provide their name, address and phone number. Remember, readers, this is a statement from a company reportedly dealing with privacy and security.
The Webster-Merriman Dictionary has indeed provided an excellent definition of the word "Enigma", a true mystery.

A few References:


Roger said...

I find that Enigma software and Spyhunter are quite good. I also use Symantec/Norton tools and they are just as invasive and "salesy". All these companies are trying to make money and sell their software. Norton 360 had one of the most annoying "subscription's over! renew now!" popups ever - I couldn't minimize it and had to open windows over it to make it go away.

John Rossi said...

I have been using Spyhunter 4 for over a month now. I have Malwarebytes, Superantispyware, Hitman Pro, and Avast on my system and none of them were able to completely remove all traces of a Conduit infection I got from the CNET downloader. My browsers were continually redirected and I was continually frustrated. I saw an on-line add for Spyhunter and purchased. It cleared up the Conduit situation as well as detecting and removing several rootkits, and a lot of adware that even Hitman Pro missed. Every time I see a complaint about Spyhunter I cringe because I know that it is false. Deceptive advertizing 10 years ago is not the same thing as being malware. Most people trust CNET, for example, but their downloader is infecting people's computers as I type this.

Corrine said...

Hi, John.

The problem is that once trust is lost, particularly with a security program, regaining trust is very difficult.

You could have removed Conduit with AdwCleaner, a free program developed by Xplode and regularly updated with submission s from the security community. AdwCleaner Download

Personally, I avoid download sites such as CNET and search out the developer/vendor site.

Anonymous said...

Realizing this is an old post and in light of Spyhunter's recent lawsuit against BleepingComputers, do you think that just maybe what SH found were simply false positives? If you think those "several rootkits" was removed completely you need to reevaluate you're knowledge of rootkits. Most experts in this field would immediately recommend a reformat to be 100% sure the rootkits are removed.