The Spyware Weekly Newsletter is distributed every week to 20,000 subscribers and read online by hundreds of thousands of visitors. Click here to subscribe. Please read our Terms of Use for quoting guidelines.This edition of the Spyware Weekly Newsletter is archived permanently at http://www.spywareinfo.net/june2,2004.

Wherever the term "adware" is used, it is referring to a category of software, not to any particular company or product.

Permalink | Top

If you browse the internet with Internet Explorer and have no pop-up blocker, you probably have seen a few ads for a program called Spyhunter. Depending on your level of experience with the internet, you probably were either disgusted or frightened by it (nevermind that it was a pop-up ad, which is disgusting enough on its own).

The ads try to mislead the surfer into believing spyware has been discovered on their PC. They pop up in what appears to be a DOS or CMD window and look like something Windows itself might produce. The ad states that "Spy Software may be installed in your computer" and shows a list of locations where some common malware are found. At the bottom, it shows an image of a button next to "Click OK to remove items".

If the surfer clicks the ad, they are presented with a page that looks very similar to an Internet Explorer error page which declares "Severe Virus Alert!" and a pitch to download the "free" Spyhunter program. In fact, Spyhunter is NOT a free program. It will scan for free but it has to be purchased before it will remove anything.

You may have found the Spyhunter site through another means. If you have done a Google search for Spybot or Ad-aware, you might have found advertisements that lead to Spyhunter instead of the real Spybot or Ad-aware. Most of the Spyhunter pages that show up in Google results are loaded with keywords related to these legitimate antispyware programs. Thankfully, Google appears finally to have stopped accepting Google advertisements that trigger on the word "Spybot".

Understandably, many people consider Spyhunter to be nothing but a scam. Those of us in the antispyware community consider it to be garbage, little different from Spywiper or SpywareNuker. Check any antispyware message board and search for Spyhunter and you'll see what I mean.

The company behind Spyhunter, EnigmaSoftware Group, has sent a cease and desist letter to at least one site because of negative comments about their software. Netrn.net, home of the Spyware Warrior blog, was the recipient of the letter. The operator of the site fired back, on the advice of an attorney, with a demand for examples of every single statement to which EnigmaSoftware objected, its internet address and proof that the statement was incorrect. To my knowledge there has been no response.

The Spyware Warrior blog also has an extensive list of so-called antispyware programs that are as bad as anything a legitimate antispyware program would remove. These are programs that either install spyware themselves or are just plain garbage. Looking over the list, I see nothing there that shouldn't be there in my opinion. And yes, Spyhunter is on that list.

On a final note, it's worth pointing out that Spyhunter now is detected and removed by Lavasoft Ad-aware.

Permlink | Top

Program: Spycop
Author: Spycop
Discount: 20% discount for SpywareInfo readers. (Valid for purchases until June 8, 2004)
Purchase Spycop: Purchase Spycop | More info

There is the sort of spyware that comes from installing programs like Kazaa and Imesh. This kind of spyware will track your web usage to produce more relevant pop-up ads. This is an annoying and unfair invasion of privacy. However, other than the aggravation of dealing with pop-up ads and spam, this kind of spyware usually is not dangerous. These can be cleaned up relatively easily with Ad-aware and Spybot.

More dangerous are the surveillance and monitoring programs. These programs are used to steal passwords to bank and credit card accounts. A business rival can bribe an employee to install spyware on the company network. Further, the company itself might install spyware to watch you while you work. These commercial spyware programs cost money to buy for testing and not all antispyware companies can afford to keep up with each new version.

SpyCop is the leading solution for finding computer monitoring spy programs, keyloggers and commercially available software designed specifically to record your screen, email and passwords. SpyCop will detect the spy, tell you when it was installed and disable it. SpyCop claims to have the largest database of surveillance spyware, over 400 targets in all.

Spycop is discounted 20% for SpywareInfo readers for this week.

More information about Spycop http://www.spywareinfo.com/downloads/spycop/

Permalink | Top

Utah has become the first state to pass legislation aimed at controlling spyware. That legislation, the Utah Spyware Control Act, has been attacked by critics from nearly every side of the issue. The Center for Democracy and Technology doesn't like it. Spyware companies hate it and WhenU.com is even suing the state. American Online, Amazon.com, Cnet, eBay, Google, Microsoft Corp., and Yahoo! sent a letter to the Utah legislature opposing the law. Some say it goes too far. Some say it doesn't go far enough.

Anita Ramasastry has written an article about the Spyware Control Act where she debunks most of the arguments against it. If you've seen the FUD and misinformation circulating about this law or know someone who believes any of it, send them a link to Anita's article so they can read the truth.

Permalink | Top

The Federal Trade Commission has posted the transcripts from their April 19th workshop on spyware. The transcripts can be read or downloaded in PDF format from http://www.ftc.gov/bcp/workshops/spyware/transcript.pdf

I would like to bring up an issue that royally ticked me off during the conference. I submitted a question which was read to the first panel, "Wouldn't it be a better idea to regulate undesirable behavior, such as transmitting consumer's personal information and aggressively resisting the consumer's efforts to remove it?".

Mark Bohannon and even the CDT were against the idea of consumers having the right to uninstall anything they want from their own computer. The justification was that someone might remove something necessary to the computer's operation, if consumers had that right. My gut reaction to that was that this computer is my private property and I'll remove any damned thing from it I please.

Since I've started using Linux, opposition to consumers having the right to uninstall software seems even more ridiculous. Linux users log into their machine as a normal user most of the time. However, for making changes to the system, they also can log in as "root". "root" is assumed by the operating system to be the "owner" of that machine and can do anything and everything with absolutely no restrictions whatsoever. If "root" decides a piece of software is going to go, that software is history and there is nothing Linux can do to stop it. That is how a computer should function.

The argument that consumers should not have an absolute right to uninstall software because they might render it unusable is rubbish. If they remove something so vital that it breaks the computer, then so be it.

I'll say it again, A COMPUTER IS PRIVATE PROPERTY. If the owner of a computer decides to smash it with a baseball bat, then that is his/her right to do that to his/her own property. If the owner decides he/she doesn't want a piece of software, then it is his/her RIGHT to remove it.

Permalink | Top

Ben Edelman has published the details of a security vulnerability in WhenU.com's software. To put it in simple terms, the software was vulnerable to an attacker exploiting its autoupdater to run code on someone's computer. WhenU.com has fixed the problem, ironically by using their updater to push out a patched version of the software.

This is one of the reasons why I categorically condemn all software that does not provide the means to disable any autoupdate features. They might as well be trojan horse viruses as far as I am concerned and I make absolutely no exception to this. No software on my computer is permitted access to the internet without my explicit permission. Any software that checks for updates that does not include an option to turn it off is removed the first time I catch it trying to do so.

Permalink | Top

Last week I gave a tip for deleting the index.dat files from Windows. One thing I forgot to mention is that you have to log completely out of your account before doing it. Switching users with XP's Fast User Switching will not work because you still are logged on and Windows has a lock on the file.

A few people mentioned that they open the file in notepad and delete the contents. I've heard of that myself but I decided not to mention it. I have never had that work for me. Give it a try yourself. If it works, great. If it doesn't, you still can use the method I described last week.

Permalink | Top

Over the last week, we have received numerous emails from people unable to buy software from Webroot. It turns out they have had some server troubles with their secure site. The problem should be corrected soon if it hasn't already. If you tried to purchase something at Webroot recently and couldn't load the site, please try it again.