Kerberos for Windows is Spyware according to CounterSpy

Jeffrey Altman jaltman2 at
Wed Aug 23 13:04:17 EDT 2006

The spyware is broken.  Obviously the HKCU\SOFTWARE\MIT\ key is per-user
configuration information being created in an application space defined
by MIT.

Jeffrey Altman

petesea at wrote:
> I had a report from a user that his Anti-Spyware software says Kerberos 
> for Windows contains SpyWare.
> The Anti-SpyWare software is CounterSpy:
> And the scan reports:
>    Crystalys Media Browser Plug-in  more information...
>    Details: Crystalys Media is a browser plug-in that shows advertisements
>             in the browser window.
>    Status: Ignored
>      Infected registry entries detected
>      ...
> and then lists (I think) every registry entry under HKCU\Software\MIT.
> Any ideas?  Is this a problem with the SpyWare software itself?
> UPDATE:  I had the user do multiple scans at various times during the 
> installation of KfW.  First he removed KfW and checked to make sure the 
> HKCU\Software\MIT and HKLM\SOFTWARE\MIT trees were gone.  Did a scan - it 
> was clean.  Then installed KfW, but did not start the NIM, scan - clean. 
> As soon as the NIM is started it apparently detected his Windows domain 
> and imported those tickets... I believe this triggers the creation of the 
> HKCU\Software\MIT registry entries and after that his scan shows spyware.
> ________________________________________________
> Kerberos mailing list           Kerberos at

More information about the Kerberos mailing list