[JA] Re: [netzero] Report on spyware

• From: thepccat@xxxxxxxx
• To: netzero@xxxxxxxxxxxxxxx, juno_accmail@xxxxxxxxxxxxxxxxx
• Date: Tue, 17 Jul 2001 09:37:29 -0700

Hello. I sent a message out on the 15th with details on this topic. On
the chance that it did not get to [JA] and [netzero] here is a slightly
different version [again]. 

My conclusion is that companies have always occasionally sent out
"foistware," or whatever you may call it, and that they will likely
continue to do so in the conceivable future, despite the angry protests
of a minority of users [whom we flatter ourselves to be the intelligent,
concerned, upstanding, moral, etc. ones :-) ]. 
---
This thing started from a Langa List [see
http://www.langa.com/default.htm] report quoting a letter from some
individual. I replied, on this list, to the effect that if these things
are being installed without user knowledge, *and if* Ad-Aware does not
uninstall them properly, then people should become aware of the
situation. I did not take time to check out the URL's offered, due to
lack of time...

The information originally came from the Langa List of 12 July 2001
http://www.langa.com/newsletters/2001/2001-07-12.htm#9. 
Here is what I found by going to the  URL's mentioned in that newsletter:

Webhancer 
will not "ruin your computer" if you simply use the add/remove system
existing in your Win 9x operating system to remove the application. It
shows up there including the words Webhancer. Problems people have
experienced seem to have come from simply removing one file from the
installed application. As you know, doing that for most any app on Win 9x
is looking for trouble. In addition the second web site tells you even
which dll and temp files can be removed in a complete uninstall of
Webhancer. It does not get much better than that, imho. Here are the web
sites, from the report:
http://www.cexx.org/webhancer.htm ; 
http://webhancer.com/support/index.asp?s=32&p=install
From this second URL is a caution/suggestion common to many software
installations: "Andreas M. reports that some Webhancer installations
coming along with other programs do not uninstall properly, even causing
the Internet connection problems mentioned. The solution is to install
the standalone version from WebHancer's web site (ugggh), then remove it
using Add/Remove Programs." [this does not mean that Webhancer is evil,
mostly that ***t happens -thepccat]

NewDotNet 
 http://www.cexx.org/newnet.htm ; 
http://www.new.net/help_faq.tp#p4
These URL's tell a very similar story to the Webhancer one, except the
software, of course, has a different purpose. 

So there was no hysteria in the Langa report. Whether some sites bundle
these programs in, and whether they announce this in a way the average
person notices, is, perhaps, not a big issue. 
Stuff happens, you:
- first try searching Google, or whatever, for information on the program
[Use the name of the program as it shows up in Start>Settings>Control
Panel>Add/Remove Programs, the filename mentioned when you run msconfig
and look in the Startup tab, or any new entries in
Start>Programs>Startup. It is a "good idea" to visit these places
occasionally and become aware of what's there, even writing the programs
down, in case new stuff shows up...]. 
- If that does not give good information [which may include the old
method of reinstalling the software from a known good copy, then
uninstalling that installation. Or even better, use your install watching
software [such as Symantic SmartSweep/Internet Sweep, etc.] to watch this
installation, thereby having a better way to do the uninstall], the
second choice is to use the add/remove feature of your O/S. [These
programs are just applications, and we have all seen applications which
do not remove well, leaving things behind. Some of us are more savvy in
knowing how to scour this stuff off, the rest of us either grin and bear
it, or plan to do a clean reinstall "someday soon."]
- When you use a program like AdAware, remember it is like a primitive
antivirus program, in that there is a data file with their latest
information on what is to be removed and how. It often occurs that a new
or modified threat comes to your computer before the data file has been
changed to reflect this new threat. [This method really is a simple type
of "artificial intelligence" and is only as good as the "intelligence"
programmed into it...] So, run AdAware, but, when it finds a file or
whatever it thinks is bad, consider carefully if you want AdAware to do
the removing. If it is something you wish to keep or do not trust the
software to remove, set AdAware to "ignore the component:" you can always
go back later and turn on searching for that component, then allow
AdAware to remove it. 
*For example, there is a data file I saved on some adware, and AdAware
flags that thinking the name means it is actually part of that adware. I
want to keep the file, so have requested AdAware to ignore the file. 
*Another example is one adware company which will set a "do not disturb"
cookie, which prevents further cookies from being set, thus decreasing
the spying. The version of AdAware I was using would detect that cookie
and offer to remove it. When I did that, this company then set more
cookies whenever I went surfing, which AdAware would then detect and
offer to remove <sigh>. So, what I finally did was to have AdAware remove
everything it found, ran AdAware again to verify it found my system
clean, went to the adware company site and got their "do not disturb"
cookie implanted, scanned my computer with AdAware, and, when it found
one cookie from that adware company, set the "ignore that component" for
that cookie. That work around was successful.

This is not a new issue, either. I remember having Comet Cursor [aka
comet curser ;-) ] showing up on my add/remove list [and cursing "what
the $%&# is this"], going to the site
[http://www.cometsystems.com/download/cleaner.shtml ] and finding a way
to uninstall it [which included not only an executable file to do the
deed, but manual uninstalling directions]. Emails from 4-01 from the
[netzero] egroup show interest in software called SurfSafari 
http://www.surfsafari.com/faq.html  which was supposedly offered with a
NetZero "forced" upgrade. Again, their website shows that using
add/remove gets rid of this software, if you care not to use it.

Similar situations surely will happen again in the future. I stick by my
recommendation to become aware of the situations as they come up: facts
and methods, not rumors. Once aware of the situation, as it currently
seems to be, then the best step is to take effective action.

thepccat

On Mon, 16 Jul 2001 19:33:09 -0500 Steve Sprengel <steves@xxxxxxx>
writes:
> For those of us that aren't a member of the Langa List could you 
> enlighten
> us, as well?  
> The first recent message about this I see from the 13th is from 
> JoeyR76 and
> is already a reply to something and doesn't include details.
________________________________________________________________
GET INTERNET ACCESS FROM JUNO!
Juno offers FREE or PREMIUM Internet access for less!
Join Juno today!  For your FREE software, visit:
http://dl.www.juno.com/get/tagj.


To unsubscribe, send a message to listar@xxxxxxxxxxxxxxxxx with
"unsubscribe juno_accmail" in the body or subject.
OR visit http://freelists.dhs.org
~*~

Other related posts:

• » [JA] Re: [netzero] Report on spyware

1. Home
2. juno_accmail
3. Archive
4. 07-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---