Visit SpywareInfo

ZoneAlarm Pro


Pest Patrol


March 28, 2002

Sorry this issue is overdue. I just fdisked and formatted my hard drive to get rid of linux (I failed FYI, I only managed to make it's partition smaller and moved it to the end of the drive) and reinstalled all of my software. Got rid of lilo with fdisk /mbr, but it's still squatting on 5 gigs of my hard drive. I'm going to try Partition Magic 7 Pro and see if that does the trick.

It's also late because I was holding back in anticipation of a new release from Lavasoft. Finally I can blurt it out.

Adaware 5.7 is out now!!!

I helped beta test this product and didn't find any false positives or other innocent files being targeted. The long-standing false positive associated with DLExpert's Internet Explorer integration is gone. While there were some minor things that might need improving, all-in-all it's an excellent product and it killed every single spyware nasty I installed on this poor abused machine, 21 different applications in all.

Here's the official blurb on it.

Name: Ad-aware
Version: 5.7
ReleaseDate: 27/3/2002
Size: 856 kb
Status: Freeware Price: $0
Company: Lavasoft
Platforms: Win9x\ME\XP\2000\NT4

Ad-aware is an award winning, free multi adware removal utility, that scans your memory, registry and hard drives for known adware components and lets you remove them safely. Many options like scanning depth or automatic modes can be set in the preferences menu. Ad-aware features an easy to use wizard-style interface, guiding you through the scanning and removal process.

With features like Backup\Restore functionality, excluding of selected components, Multi language support, shell integration, highly improved user interface and many more improvements...

Adware systems detected are Adware, Alexa 1.0-5.0, Aureate v1.0,2.0 + 3.0, Comet Cursor v1.0 and v2.0, Cydoor, Doubleclick, DSSAgent, EverAd, eZula, Expedioware, Flyswat, Hotbar 1+2, OnFlow, TimeSink v1.0,v2.0 and v5.0, Web3000, Webhancer, Transponder, Wnad, ZapSpot, SurfPlus, AdvertBar, NetPal, CashBar, Lop and more... (updated regularly)

SpywareInfo will not be mirroring this file for a couple of weeks, as the bandwidth it would use would be outrageous. In the meantime, you may use any of the following official download sites:

FYI, Lavasoft should be getting a new, dedicated server in the next week or so. You may have noticed that their main site and their forums have slowed to a crawl lately. Hopefully, this will be over soon.

Speaking of Ad-aware, last week Lavasoft released the final reflist for AA 5.62, and I sent a short update to all of my readers. What was your opinion of that? Would you like to get an update about it each time Ad-aware is updated? Or would you rather do without the immediate notice and just wait for the next regular edition of the newsletter? !

Those of you who read Scot Finnie's newsletter may have noticed a story about my site. This is an informative newsletter with information about Windows and broadband for both the average joe and the professional alike.

Don't get that one? How about Lockergnome then? The Lockergnome Tech Specialist also did a story on my site just the other day.

I'll bet my web host is regretting that nice, reasonable deal they offered me. ;-)


You spoke, I listened.

I got some complaints about one of the products I've been linking to. Not many, but the few that I got were pretty heated.

I signed up for Evidence Eliminator's affiliate program weeks ago. The link that I was given with my affliate ID led to randomly generated pages. I'd never really paid attention to it beyond making sure the link worked.

After reading the complaints about it, I sat down and hammered that link, refreshing the page and clearing the browser cache. Those were some of the sleaziest ads I've ever seen. I decided on the spot that no more issues of this newsletter would have that link. I also removed it from the downloads page.

There has been another update to the hijacked page. This update announces the fact that Ad-aware now targets and a few other nasties. It also clarifies a couple of instructions.

Featured site


Actively protect your rights. Do not let the Man keep you down. Do what is good and right, not what some authority figure tells you is good and right. Challenge the belief systems of yourself and your society. Stay informed and keep others informed. Use logic and reason for positive social change. And above all, don't take crap from anybody!

That pretty much says it all. Bill Webb has an excellent resource at Counterexploitation. In fact, when I link to information about a particular spyware application, more often than not the link leads to this site. The information on this site will take you a while to go through. He likes to take spyware apart and get at it's nuts and bolts. I'm more concerned with finding it and killing it as easily as possible.

Take a look around and see for yourself. Oh, and think about checking out his donations page. His bandwidth costs him money, and he dislikes ads.


Think of BHODemon as a guardian for your Internet browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually. BHODemon is free, runs in the "tray" area, and works on Windows 95 or later operating systems.

This file is also mirrored at SpywareInfo on our local downloads page. In fact, it was my prompting that this developer wrote a brand new version. The current version will not only detect a BHO, it will also allow you to save it's information to a text file. Very handy in my line of work.

Bonus download

Those of us using mIRC for IRC chat will love this. It automates "going away" and lets you customize your away messages, allows you to deop on away and reop on return. It's pretty cool.

This script is biased towards the webnet IRC network ( since that's where it was written and tested. The author is a real nice guy that takes bug reports very seriously (Microsoft, you reading this?). You'll find him there on channels #lockergnome and #linkswap. You'll also find me there, as well as in #spyware. No IRC client? Then just use SpywareInfo's webchat page.

The Weekly Hack

Do you use Outlook Express 5 or 6? If so, does that splash screen it shows you on startup drive you nuts? I came across a way to "fix" the registry so you don't see it anymore. Here's how you get rid of that annoying thing.

Start menu > REGEDIT > press enter. Navigate the keys until you come to HKEY_CURRENT_USER\Identities\{long-string-of-letters-and-numbers}\Software\Microsoft\Outlook Express\5.0.

Right-click on the 5.0 key and create a new DWORD value called NoSplash. Double click this new value and edit it's value to 1. Do this for every identity under the Identities key. Close REGEDIT and Outlook Express. From now on, no more splash screen.

In the News,1283,51245,00.html

The bill, called the Consumer Broadband and Digital Television Promotion Act (CBDTPA), prohibits the sale or distribution of nearly any kind of electronic device -- unless that device includes copy-protection standards to be set by the federal government.

Translation: Future MP3 players, PCs and handheld computers will no longer let you make all the copies you want.

March 25 — It sounds like a James Bond subplot (OK, a geeky James Bond subplot) but this is real life. The folks who write spy software, sometimes called snoopware, are fed up with countermeasure anti-spy software like “Who’s Watching Me” that blows their cover. So the latest versions of spy software WinWhatWhere and Spectorsoft, released in the past several weeks, intentionally disable their anti-spy counterparts. And now the programmers at Who’s Watching Me are throwing down the virtual developer’s glove, calling for a duel. (OK, a geeky duel.)

"The difficulty isn't in collecting information, it is in analyzing it," he said. Giving the government more authority to collect information is likely to dramatically erode the privacy rights of Americans, Dempsey said during a security forum March 15 in Washington, D.C.

Goliath was silent until April 4, 2001, the day Harold received, via e-mail, "a daily summary of Wall Street activity." Exactly the kind of spam Harold did not want to receive. "I e-mailed back, saying 'Take me off your subscription list. I don't want this.' " And then Harold put a little bite in his request. "I wrote, 'I will charge you $25 per message as a reading fee,' " for every subsequent e-mail.

Harold says the fee was not just a threat; it was a reasonable charge for time and equipment. "I have to download the message, to find out it's junk and delete it. If you're using my download time, you are in effect using my services. During that time I can't use my computer, which is essential in my business."

The provision of goods and services via the Internet is becoming more common as e-commerce expands globally. As well as being able to keep in touch with family and friends from all over the world by using email services such as yahoo! and, you can purchase books, shoes and clothing, computers and software products, flowers and even groceries. You can book a holiday, trade on the stock market, do your banking and pay your bills. You can also participate in on-line discussion groups and chat forums, and have access to a host of on-line news and information services. More often than not when doing so you are presented with an on-line agreement and have to select I ACCEPT in order to proceed.

Spyware company sued for lying about stealing personal information

Mr. Lynn added, "This data obtained from Mindset Interactive and Inurv was derived using unscrupulous methods, including 'dictionary spam' - a tactic in which common names are coupled with domain names to generate false email addresses. In addition to 'dictionary spam,' another practice which may have been used is 'email harvesting,' a method which utilizes a 'robot' to collect email addresses directly from public web pages. We have changed our business practice to become even more stringent when purchasing third-party data to prevent these types of problems from occurring again in the future. It's unfortunate that many companies are capitalizing on the sale of fraudulent data. These names were removed from our database immediately after the first indications of fraud were noticed."

Kansas City, Mo.-based direct marketing firm Virtumundo is seeking damages from Mindset Interactive Inc. and Inurv Inc., alleging the two companies "misrepresented" the nature of consumer data which Virtumundo purchased.

Virtumundo also said it intends to be more careful about the data it purchases from third-party list providers in the future.

It is intended to make it easier for law enforcement agencies to catch criminals and terrorists who use new technology. However, Mr Snape believes the cost of implementing the law will put up ISPs costs by around 15%, driving smaller firms out of business. "In order to comply, ISPs will need to employ personnel who can trawl through data. This person will have to be a technical expert and a legal expert and simply doesn't exist. "Even if they did they will be very expensive," he said.

The software -- dubbed adware, stealthware and spyware -- can track your surfing habits, use your Net connection to report back to a home base and deliver targeted ads to you. It also can collect your personal information and store it in databases.