Jessica Simpson Screensaver

We find that Jessica Simpson Screensaver is badware because it is bundled with Trojan horses, as well as undisclosed adware, spyware, and a stealth dialer. These bundled applications display pop-up ads, redirect web searches and access to web merchants, attempt to close anti-spyware software, and install modifications to Internet Explorer. Also, uninstallation is difficult and ultimately unsuccessful. We currently recommend that users do not install the version of the Jessica Simpson Screensaver that we tested, unless the user is comfortable with the level of risk we identify or until the application is updated consistent with the recommendations in this report.

OVERALL RATING

Badware Behavior   Installs Trojan horses (Deceptive Installation)   Fails to identify itself as source of pop-up ads (Does Not Clearly Identify Itself)   Bundled applications cannot be closed (Interferes with Computer Use)   Uninstallation is multi-step and ultimately unsuccessful (Unacceptable Uninstallation)   Installs stealth dialer (Use of Computer to Incur Charges)   Installs adware (Deceptive Installation)   Installs spyware (Deceptive Installation)   Attempts to close anti-spyware and anti-virus software (Interferes with Computer Use)   Redirects access to web merchants (Modifies Other Software)   Redirects web searches (Modifies Other Software)   Modifies Internet Explorer (Modifies Other Software)   Interferes with use of Internet Explorer (Interferes with Computer Use)   Displays pop-up ads (Interferes with Computer Use)   Bad or Undisclosed Behavior Installs Trojan horses Jessica Simpson Screensaver is bundled with a number of Trojan horses, or applications that can secretly install additional programs without disclosing to the user that any installation is occurring. These new, undisclosed programs may include spyware and adware programs, components, and toolbars. These Trojan horses include MediaMotor, WinAD, Prutect, and DollarRevenue. Fails to identify itself as source of pop-up ads Although some of the pop-up ads identify themselves as products of the bundled Zango software, many of the pop-up ads that appear on the user's computer do not identify themselves. Bundled applications cannot be closed None of the bundled applications included with the Jessica Simpson Screensaver can be closed by a typical user. They must be closed by killing the individual processes from within the Windows Task Manager. Uninstallation is multi-step and ultimately unsuccessful While Jessica Simpson Screensaver comes with an uninstaller, this only uninstalls the screensaver itself, not the bundled applications. None of the bundled applications includes an uninstaller, making uninstallation very difficult for a typical user. At least one of the bundled applications, GetMirar, actually requires the user to download a separate uninstaller from their website. Also, attempts to uninstall all of the bundled applications were unsuccessful for us, as pop-up advertisements continued to appear after all the applications appeared to be uninstalled. Installs stealth dialer Jessica Simpson Screensaver is bundled with a stealth dialer called AvenueMedia (also known as "Money Tree"). Stealth dialers attempt to dial up numbers (such as 'adult' sites) with the user's modem, thereby incurring charges for the user. Installs adware Jessica Simpson Screensaver is bundled with a number of programs that display advertisements on the user's computer. These include: e2give, WindUpdates MediaGateway, MediaAc, begin2search, BetterInternet, SafeSurfing, Popuppers, DollarRevenue, GetMirar, and WinAD. Installs spyware Jessica Simpson Screensaver is bundled with a number of programs that track the user's web habits (e2give, GetMirar, EzuLa) or log the user's search terms (Safesurfing). Attempts to close anti-spyware and anti-virus software Prutect, one of the applications bundled with Jessica Simpson Screensaver, attempts to close or disable various anti-spyware and anti-virus applications (such as Adaware, Norton Internet Security, and Spybot Search & Destroy) if it finds them on the user's computer. Redirects access to web merchants e2give, one of the applications bundled with Jessica Simpson Screensaver, redirects users when they access various web merchants in order to claim affiliate fees from the merchant sites. Redirects web searches Safesurfing and GetMirar, two of the applications bundled with Jessica Simpson Screensaver, redirect users' web searches form legitimate urls to rogue websites) Modifies Internet Explorer EzuLa, one of the bundled applications, installs an Internet Explorer plugin that tracks the user's web habits. Another bundled application, GetMirar, installs a toolbar into Internet Explorer that redirects user searches. Interferes with use of Internet Explorer The GetMirar toolbar interferes with a user's use of Internet Explorer by displaying roll-over advertisements that obscure the browser window beneath them. Displays pop-up ads The adware that is bundled with the Jessica Simpson Screensaver causes numerous pop-up ads to appear on the user's desktop. Sometimes these ads are triggered by a user's search; sometimes they appear without any action being performed by the user (e.g., just leaving the computer alone). Recommendations We recommend that Team Taylor Made, the producer of the Jessica Simpson Screensaver, do the following: Stop bundling potential Trojan horses such as MediaMotor, WinAD, Prutect, and DollarRevenue, or disclose that these applications will enable the installation of additional applications without the user's knowledge or consent. Stop bundling stealth dialers such as AvenueMedia, or disclose to the user which numbers it will be dialing and how much the user will be charged for those calls. The installation program must clearly explain the functionality of each application bundled with the software. Any potentially unexpected changes to the user's computer must solicit his or her explicit consent. In addition to the simple and clear disclosure of critical functionality, the installation program must provide EULAs for each piece of bundled software. Any ads generated by the screensaver or any bundled software must be clearly labeled with the name of the software generating the ad. All bundled software needs to be easily closable. Complete uninstallation of all applications must be possible using the Windows "Add/Remove Programs" utility. We currently recommend that users do not install the version of the Jessica Simpson Screensaver that we tested, unless the user is comfortable with the level of risk we identify or until the application is updated consistent with the recommendations in this report. For more information, visit www.stopbadware.org.

REPORT INFORMATION REPORT VERSION Version 1.0 DATE May 16, 2006 APPLICATION INFORMATION SELF-IDENTIFICATION The full name of this application is the "Jessica Simpson Screensaver." It advertises itself as a "photo slide show of over 40 extremely high quality photos of the now famous Jessica Simpson" with "103 transition effects, adjustable speed and mutable music." PRODUCER The Jessica Simpson Screensaver is produced by Team Taylor Made, www.teamtaylormade.com. This is one of many celebrity slide shows and other free software produced by Team Taylor Made. OBTAINED We obtained Jessica Simpson Screensaver from WinSite at http:// www.winsite.com/ bin/ Info?26000000036960. This application can also be found by searching WinSite for "jessica," or by searching the web more generally for "jessica simpson screensaver." TeamTaylorMade.com also hosts a very similar (though not identical) version here: http:// www.teamtaylormade.com/ Screensavers/ HollywoodCelebrities.shtml , as well as other applications with similar levels of bundled badware. BUNDLING The version of Jessica Simpson Screensaver that we downloaded from winsite.com came bundled with Better Internet/Best Offers Network, begin2search, DollarRevenue, DyFuCA (also known as "Money Tree"), e2give, EzuLa, GetMirar, HotSearchbar, MediaMotor/Popuppers, Prutect, Safesurfing, WebHancer, WinAD, WindUpdates, and Zango/180Solutions.