My daughter called me from college to tell me her PC no longer would connect to the internet, and what should she do? Retracing the events just before the failure yielded the information that the virus checker had tagged some files as viruses, and she had deleted these, and that's when the problems started.
More research, and several efforts to get things working by telephone, revealed that the problem was caused by removal of a spyware program related to the "Webhancer" system (also known as Webcancer). This spyware is (nearly always) installed without the user's knowledge or permission, and then...
Well, lets just quote from their web site, shall we?
"Knowing the key business questions you need answered is the key. Questions like:
What other sites are my customers visiting? Before? After? Where are they buying?
What impact does page performance have on my conversion rate? What site affinities do my customers have - are there partnership opportunities I'm missing?
Do my customers convert more at a competitor's site than my site?
If you can answer these and other questions, you are well on your way to actionable customer intelligence."
"What other sites are my customers visiting?" None of your god-damned business, motherfucker! This is an ethically-challenged corporation that is going into my firewall's blackhole list.
But wait, there's more:
"webHancer Approach
Measuring the webHancer way
webHancer's data collection method is simple. The millions of desktops that comprise our global desktop panel have a small piece of client software running in the background recording browser behavior and performance data as users surf the web. " (My emphasis)
Millions of unaware, unwilling desktops whose PCs have been hijacked by these assholes, that is. My first impression from my daughter's description of her problems was that the ethernet NIC on the motherboard of her Toshiba had failed, and I had her buy another adapter as a remedy. Time, and money, wasted because this jerk-ass ratfuck company doesn't have the balls to ask permission before they install their crapware.
"Each click is recorded and deposited in one central repository. Our combination of user behavior and performance data from end users provides unique value unequaled in the industry -- value not available from log files or from audience measurement systems.
Customer Companion software is distributed through arrangements with carefully selected companies offering free software programs. webHancer pays these companies to distribute the software, which in turn allows them to provide their programs free of charge. webHancer strategically selects distribution partners to ensure the Customer Companion user base has a very strong presence both in home and office environments.
Customer Companion is never installed on a user's computer without explicit permission. When a user downloads a software package that includes the Customer Companion, the installation program displays a dialog box explaining what the Customer Companion is and asks if the user wishes to continue with the installation. In some cases, the user may have to accept installation of the Customer Companion to install the free software. If the user elects to continue with the installation, a license agreement is displayed; the user must accept the terms of the agreement before the Customer Companion is installed.
Once installed, the Customer Companion runs in the background without interacting with the user. To ensure the most effective collection of statistics, installed Customer Companions anonymously query webHancer for configuration and software updates on a periodic basis. "
My experience suggests that this is either not true, or the permission to install is buried under a clickthrough license that obscures the actual effect of what is being installed.
Here is what cexx.org has to say about webhancer:
' The majority of users running WebHancer are not aware they are running it, unless they have noticed system side-effects or unusual data transfers from their machine. WebHancer, like "Comet Curse", falls into the category of "everything-installs-it-can't-get-rid-of-it" foistware, with completely unrelated software secretly installing the WebHancer product on the user's system. (Given this, I think the program should be more aptly called "WebCancer" :) In one of the most user-hostile moves I've seen in a while, the clandestine WebHancer install will alter critical Registry keys relating to Windows Sockets, causing the system's Internet connection capabilities to break if the user dares to try uninstalling the spy. WebHancer's makers claim not to modify system files (which is, technically, true) although they have confirmed that attempting to remove it will break your system. '
cexx also has a description of the processes to look for to detect an infection by this malignant software. Ad-Aware can remove it, get the most current version.
Posted on February 13, 2004 02:52 PM