# PestPatrol and Lavasoft Sell Out!



## MicroBell

Mike Healan
Feb 14, 2005 

It appears that two popular antispyware companies, *PestPatrol* (owned by Computer Associates) and *Lavasoft*, have stopped detecting software from WhenU. In tests performed recently by Eric Howes, using the latest updated target database files, neither PestPatrol nor Ad-aware detected any software from WhenU. 

WhenU makes ad serving software which is bundled with unrelated programs available for download for free from the internet. WhenU's software includes Save!, SaveNow and ClockSync. According to a PCPitstop user survey, 87% of persons with WhenU software on their computer had no idea how it became installed. 

What led to the decision to delist WhenU's software after years of listing it as a target? One possible explanation is a recent change in the way WhenU's software is bundled into certain other programs. For instance, in the newest version of Bearshare, it is made very obvious that WhenU will be installed. 

The Bearshare bundle has a very clear disclosure of WhenU and is a dramatic improvement over past versions. At present, it seems that only the Bearshare installer contains the new and improved WhenU disclosure. Other programs which bundle it still use the older, less acceptable methods. 

Unfortunately, there is no way to know for sure the reasons behind *Lavasoft's* and *PestPatrol's* apparent decision to cease targeting WhenU. There was no announcement from Lavasoft about removing WhenU's software from their target database. Questions from users about the absence of WhenU from Lavasoft's Ad-aware so far have gone unanswered. 

This is highly unusual, as Lavasoft typically lists the addition or removal of targets, when they announce that a new target database file is available for download. PestPatrol reportedly did announce their decision to remove WhenU's software as a target of their software but that announcement has disappeared from their web site. 

The absence of WhenU in the newest targeting databases does not appear to be an error by either company. Both Lavasoft and PestPatrol have deleted nearly all mention of WhenU from their online spyware databases. On the PestPatrol web site's list of Most Prevalent Pests, WhenU software is listed in four different places. However, if you click on the link to read more information about the software, you are presented with a Computer Associates search engine that shows zero results for the WhenU software name. When searching for WhenU in Lavasoft's Threat Assessment Chart, there is no information at all about WhenU. 

This is all very curious. Why would the makers of two of the most popular antispyware programs remove detection for WhenU without announcing it and then erase all mention of WhenU from their web sites? At the very least, they owe it to their users to announce that their software no longer will detect WhenU. People depend on these programs to find and remove any software that they may not want. An explanation of why WhenU no longer is detected would also be nice. 

In an even stranger development, it turns out that Aluria's Spyware Eliminator is detecting WhenU's software. Aluria announced last year that they had certified WhenU's software to be spyware free and removed WhenU software as a target. Aluria even partnered with WhenU to produce software. It was a surprising and unpopular decision that cost Aluria the goodwill and trust of much of the antispyware community. 

There is no explanation for WhenU's sudden reappearance as a target on Aluria's targeting database. None of WhenU's products appear in Aluria's online spyware database. 

It is possible that Aluria is detecting WhenU's software in error. AOL provides a branded version of Aluria's Spyware Eliminator to AOL members. After the controversial decision to certify WhenU as spyware free, AOL made it clear that they would require Aluria to continue to provide detection for WhenU in the version of Aluria's software which is distributed by AOL to its members. Quite possibly, Aluria has included the AOL version of their target database file in the general public version of their Spyware Eliminator program. 

Aluria's current detection of WhenU might be a simple error. The actions of Lavasoft and PestPatrol do not appear to be errors. They appear to have removed detection for a very prevalent adware, one whose presence is often a surprise to the people who find it on their computers, and they both appear to have carried out a systematic erasure of WhenU from their online databases. Lavasoft and PestPatrol users deserve an explanation for these actions, not a cover up.


----------



## Guest

Hi Microbell,

Thanks for the report on this issue. Your work putting this information out is much appreciated by those of us on the forum.


----------



## MicroBell

====================================================

Update. It appears....lavasoft has chosen a path of self destruction..

This was posted at the lavasoft forum..



> Hi all,
> 
> First and foremost, Lavasoft does not have collaborations with any company that has or will have content detected by Ad-Aware. WhenU was indeed removed from our database by research in the last definition file. This was due to WhenU not scoring more than 2 TAC points at the time. In case it turns out that the removal was incorrect, WhenU will naturally be reintroduced to the database.
> 
> Thanks Chris Fry
> www.lavasoft.de


In Chris Fry's statement..he says....*"In case it turns out that the removal was incorrect, WhenU will naturally be reintroduced to the database."*

You can bet your $$$ it wasn't a mistake removing this detection from their latest database. It's ashame Lavasoft chose the same route that pestpatrol and Aluria software used to OK the adware makers into the COAST group which has since gone belly up...and have just adware makers left in the group. 

This will call into question...their reputation, customer base, and ultimately, business future for the adawareSE and Pro products. Who's next to get unlisted? Who can you trust? Some food for thought there... :sayno:


----------



## greyknight17

That is bad news. Leaves us more work :deveous: 

I usually ask users not to buy any products anyway. The free ones will do a good job. If they fail, HijackThis should reveal it if they are running.


----------



## elf

I actually just ran across a nearly identical article. Part of the reason is WhenU has been trying to change their "image".


> WhenU makes adware that's bundled with other applications, the most popular being BearShare, a peer-to-peer filesharing application.


However, now they have added a window at the beginning of the BearShare install saying


> Testing WhenU
> Security Pipeline ran the BearShare installation program; one of the first setup screens says:
> 
> 
> BearShare comes with ads - Please read this carefully
> Here's the deal: To use BearShare for free, you must keep Save! software on your PC. Save! shows you ads and coupons while you browse the web. Save! ads are targeted based on the websites you visit and web content you view.
> The screen doesn't say that the ads are popups, but it does say:
> 
> 
> Save! ad, which slide up in front of or behind your browser, are always branded Save! and tell you they are coming from software - not websites.


I don't think this spells doom for adaware, but maybe a step back. Not to mention Spybot still picks up WhenU as a threat as long as adaware doesn't start letting others slip


----------



## MicroBell

> I don't think this spells doom for adaware, but maybe a step back. Not to mention Spybot still picks up WhenU as a threat as long as adaware doesn't start letting others slip


I kinda agree Elf. The issue I have is Lavasoft goes by the practice on the way it's installed (TACS) It doesn't matter to the end user WHY it got delisted..but that it did get delisted. Doesn't matter how it gets installed...it's still adware/spyware and should be removed.

WhenU changed the way it's installed...but that was only to get delisted as adware. No matter how it's in installed..it's adware...period....and should be removed using a legit cleaning utility. That as the same thinking COAST had by allowing spyware/adware makers to change their ways..and they would then get delisted on spyware/adware cleaners databases. Now look at COAST...."POOF"...gone.

It may not be the "Doom" of adawareSE...but it calls into question....Who get's delisted next? Can Lavasoft be trusted? Nowdays...you need multi programs to remove adware/spyware but many use just one. If they choose to use JUST adawareSE...spyware/adware will be left on the system as it will fail to remove adware on the PC.


----------



## STINEHART

Thats upsetting to read. Makes you wonder how this chapter in tech history will be looked upon.


----------



## MicroBell

UPDATE::

3/2/05

Because of public outcry from the spyware fighters out there Lavasoft may be reversing there direction on WhenU. There hasn't been an "Absolute" confirmation that they have...but according to the lavasoft forums they may be in the process of adding it back to their database. I've come accross many threads since I first posted this were many of the spyware fighters out there were removing AdawareSE from systems.

It's not know what damage this has done to their reputation but I have no doubt it has. I will update this thread as more information surfaces about lavasofts true intentions. I'm curious as to if they are adding it back...when did they release a stand alone removal tool for WhenU. I'll attach it to this post for users that have this adware on their PC.


----------



## MicroBell

Update....

Sorry I missed this last week. Lavasoft made it offical and caved into public outcry and WhenU  is now *BACK* in the database for Adaware as of 3/10/05 on update version *SE1R32 10.03.2005 * or newer.

http://www.lavasoftsupport.com/index.php?showtopic=60454


----------

