How To Remove Microsoft .NET Spyware Extension

Back around the end of January there was a Microsoft Windows Update (KB951847) that installed the SpyWare (done without user consent/knowledge and can not be removed easily) Microsoft .NET Framework Assistant 1.0 extension into Firefox. Note: If you have not install Windows Update KB951847 OR not using Windows Update this extension will not be installed.


Notice how the ‘Uninstall’ button is greyed out? I learned about this from a post )Microsoft Infiltrates Firefox) at GoFirefox! However, because I am using Shiretoko 3.1b3pre and the add-on was not compatible with this build it never fully installed. I was able to remove the add-on following these directions:

  1. Close Firefox
  2. In Windows Explorer go to this location:
    C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
  3. This folder should contain 2 sub-folder and 2 files. Just in case for some odd reason you might need these files, create a zip or rar file containing these items and place it somewhere else.
  4. Delete everything in this folder, but leave the folder
  5. Restart Firefox and go to your add-ons list. The add-on should no longer be listed.
  6. In the address bar type about:config
  7. In the Filter field type general.useragent
  8. Look for an entry called general.useragent.extra.microsoftdotnet
  9. Right -click on the entry and select ‘reset’

Now, for the most part these steps worked for me. However, as I had mentioned earlier it never fully installed since it was not compatible with Shiretoko 3.1b3pre. In this case I completed Steps 1-5 but noticed the add-on was still there and still disabled. Next, I had to close Firefox again, go to my profile folder and remove the files: extensions.cache, extensions.ini and extensions.rdf. This forces Firefox to rebuild the extensions list, however when I did this step, the Night Tester Tools add-on broke. Not good, now about half my extensions that I had “forced” to work, weren’t working now. So I had to uninstall the Night Tester Tools extension, restart Firefox, re-install the extension, restart Firefox, over-ride compatibility on the currently disabled add-ons and restart Firefox once again. Since the ad-on never fully installed, I did not have an about:config entry for general.useragent.extra.microsoftdotnet

Updated 02/10/09: Added links for information about the KB951847 update and the Microsoft .NET Framework Assistant 1.0

Source: Dediomedo

72 Comments on How To Remove Microsoft .NET Spyware Extension

  1. Gene Thomas | February 9, 2009 at 6:59 AM |

    We shouldn’t be to surprised. MS has become known for this sort of undercover operation. But now that its done I’m not going to do a knee-jerk uninstall. It just might prove useful.

  2. Thanks for the tip. I have found there is no need to delete the cache. After step 9, use Nightly Tester Tools to override compatibility and then restart. When Firefox cant find the files it automatically deletes the extension from the list.

  3. Transcontinental | February 10, 2009 at 12:08 AM |

    Just removed successfully this Microsoft .NET Spyware Extension. Thank you very much.

  4. Transcontinental | February 11, 2009 at 11:23 AM |

    In Firefox Extension Manager’s Plugins’ Tab, appears the following related plug-in :

    Windows Presentation Foundation (WPF) plug-in for Mozilla browsers

    I’ve disabled it, assuming that it is correlative of removing Microsoft .Net Framework Assistant Firefox extension. Is that correct ?

  5. @Transcontinental — not sure what Windows Presentation Foundation (WPF) plug-in for Mozilla browsers is exactly. Sounds like it is part of the .NET Framework but also read it could be for viewing Microsoft Silverlight content in Fx.

  6. Transcontinental | February 11, 2009 at 1:23 PM |

    El Guru, OK, thanks. Makes me google the plug-in :

    ===
    Windows Presentation Foundation – Wikipedia, the free encyclopedia
    http://en.wikipedia.org/wiki/Windows_Presentation_Foundation
    Wed Feb 11 2009 21:18:53 GMT+0100

    The Windows Presentation Foundation (or WPF), formerly code-named Avalon, is a graphical subsystem in .NET Framework 3.0 (formerly called WinFX)[1], which uses a markup language, known as XAML, for rich user interface development. […]
    ===

    Looks like it’s related to .NET
    I still don’t understand the whole idea of having a Microsoft product tied up with Firefox … Am I missing something or is the whole idea indeed related to a nasty spying technique ?

  7. Not sure if anyone really wants to know the answer but here is my take on it.

    Microsoft is aware that Windows users might prefer other browsers than IE7/8 and wants to provide Firefox the ability to run .NET “ClickOnce” apps and other XBAP based WPF apps in the Firefox browser environment.

    It is not spyware, it is just their idea of being fair since these technologies work automatically in IE and why shouldn’t users with Firefox as their main browser get the same chance.

    ClickOnce runs a downloaded WPF app in a sandbox on the desktop similar to a Java app.

    WPF allows the browser to recognize the XBAP file type and is usually embedded in the browser is more like a Flash plug-in for which Microsoft alos has Silverlight, but WPF has more app-like capabilities…

    Here is an example of an XBAP:

    http://www.bl.uk/ttp2/ttp1.html

    which gives you the following XBAP:

    http://ttpdownload.bl.uk/app_files/xbap/BrowserApp.xbap

    Some of those books are insanely amazing but that’s another subject…

    There are scenarios where this technology is cool but Microsoft has not really pushed the idea for some reason so it is still obscure and hence the mystery “Spyware”

    I’m not associated with Microsoft in any way but I hope this info helps…

  8. Don, I’m pretty sure it’s much less about ‘being fair’, and much more about adding value (ubiquity) to their ClickOnce / WPF platform so more devs will target it.

    http://blogs.msdn.com/saurabh/archive/2006/03/02/541988.aspx
    “Not having major browser support render ClickOnce useless”.
    “This is a major show stopper for using ClickOnce for us. Without XBrowser support ClickOnce is useless.”

  9. There are several potential users of the technolgy. That old post from 2006 was from a particular’s devleoper point of view and of course if you are making a ClickOnce application for a company intranet or general use, then cross browser will be important.

    But in terms of observing Microsoft, there is no indication that they mobilized in any serious manner to promote WPF which has enough useful features that it would have been worthy of some attention.

    One gets the impression that in some internal struggle, the more web specific technologies won out such as Silverlight which they are definitely making an effort to promote.

    So it seems like the Firefox plug-in was just another minor checkbox item on their todo list to keep corporate developers happy.

  10. Transcontinental | February 12, 2009 at 5:01 PM |

    OK, guys. That resumes to a range from being fair to adding value (to ClickOnce) to spying, the latter appearing to be nonsense.

    I wonder if I was right to remove that darn extension …

  11. I gave an example of a WPF application from the British Library that is quite impressive.

    But there are not very many of those and with the technology given a rather lukewarm assistance from Microsoft, there probably won’t be a lot of sites that will use it.

    So it’s harmless to remove it if you don’t feel a need to see sites that use it and it’s also harmless to keep it just in case you hit a site with the technology since it’s usually quite impressive when somebody makes the effort to use it for applications such as that display of digitization of priceless books for which the technology is suited.

  12. Transcontinental | February 12, 2009 at 5:51 PM |

    OK, Don, I read you loud and clear.I think, I hope, I finally got a slightly better understanding of the situation, of the intentions and of the implications.

    As always, fear often comes from lack of knowledge. But one has to admit that communication is definitely not the first of Microsoft’s qualities, especially concerning .Net Framework.

    Just for the story : the Microsoft .Net Framework Assistant Firefox extension removal procedure is perfectly symmetrical : restoring the 2 files and 2 sub-folders (providing they had been saved as advised) restores automatically the Firefox extension.

  13. No Valenciano | February 18, 2009 at 7:45 AM |

    Fucking microsoft and their fucking ie .net and rest of the shit.

  14. I think it’s widely accepted that in order to be classified as spyware, software has “to intercept or take partial control over the user’s interaction with the computer” [1], and this add-on that is installed does not do that. It’s a great for a sensationalist headline though!

    [1] http://en.wikipedia.org/wiki/Spyware

  15. McCoy Pauley | February 24, 2009 at 1:15 PM |

    You mean Microsoft makes something that ISN’T spyware????

  16. Transcontinental | February 24, 2009 at 1:34 PM |

    Strange era, where freedom of speech is being spread to such an extend that the masses forget the meaning of the word once they have the opportunity to yell. Big words with strong, powerful semantics become garbage like a spit. Spyware, fascism, plots, love and bla bla bla bla, words are deconsidered, people think like sheep too often, the era of fashion of thoughts led ny trends of inconsistency…

    Yes, there is a search for private information, no, this search is not a 24/7/365 occupation. Is this idea acceptable ?

    Oh! boy …

  17. Transcontinental: There is another mental lazyness that amazes me. That is the common lazy/silly habit to assign to complex structures the personal characteristics of a human being. People will say Country X or Company X “thinks” some thought or “is” some human characteristic. Yet these entities are simply human organizational structures with thousands and millions of individuals. Microsoft has 100,000 human beings working there that have all sorts of thoughts and characteristics and it is a bit simplistic to actually say that “Microsoft” thinks anything unless organizations have artificial intelligence.

    It is only in the visulaization of your own imagination that you can pretend that 100,000 people have a single thought or objective or worse yet, a personality!

  18. Transcontinental | February 24, 2009 at 2:13 PM |

    I agree Don, and I think generalizing is as well a mental weakness, perhaps an effort to feel sronger because we have made out of ignorance a certitude, and that we have announced it to the world, either as a chief either as a follower but always as a poor mind which suffers not to choose between doubt and mental effort to put some light on that doubt.

    Now, concerning big companies, who knows what is the balance between a pilgrim’s state of mind and the will for power? All companies started with a dream, some manage to keep it alive but whatever, dreams require money. It’s all in the balance, and I know no more but that I think I’m right to believe so : it’s in the balance.

    We may not agree with somme politcs of big groups like Microsoft, Apple, Yahoo!, Google and so on, but, first, what do we really know about it and, second, no one could achieve what these companies achieve if led only by power: impossible. There is definitely an ideal, whatever it may have to struggle with reality.

  19. Thanks for the instructions — I just removed the assistant as it caused a bug in FF 3.0.6 not displaying long web pages (thanks MS). I did not delete the cache files but just removed the microsoft entries – that worked for me.

  20. This is why I hate Microsoft so much. Installing silently withouth any user confirmation all kind of rubish in THIRD PARTY APPS that can’t even be removed!

  21. Here’s what Annoyances.org has to say (http://www.annoyances.org/exec/show/article08-600):

    “This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may’ve originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.”

  22. Transcontinental | March 21, 2009 at 5:46 AM |

    Thanks, Ander. The removal protocol proposed by annoyances.org is the same as the one presented here, except that it adds the removal of the {20a82645-c095-46ed-80e3-08825760534b} extension key in Firefox registry entry. It also assumes the commitment of annoyances.org against this .Net extension and confirms the website’s interest for healthy web attitudes.

  23. “the ability for websites to easily and quietly install software on your PC”

    annoyances.org is promoting a book. Perhaps that is why they made a very misleading statement.

    Clickonce apps run in a samdbox just like Java applets and can only access your PC if you give them permission which you might decide to do if they come from a trusted source and do something that needs access to your PC like organize your music files etc etc. If you don’t give permission, they are stuck in the sandbox with their own local protected storage.

    There is absolutely nothing odd about this technology. It meets a real demand for non-installation dependent deployment of applications that is also being worked on by Sun with Jsva and Adobe with AIR.

    Here is a blog post showing the pressure developers were making on Microsoft to provide a Firefox solution:

    http://blogs.msdn.com/saurabh/archive/2006/03/02/541988.aspx

    Sandbox info:

    http://msdn.microsoft.com/en-us/library/76e4d2xw(VS.80).aspx

    Overall description:

    http://msdn.microsoft.com/en-us/library/ms996413.aspx
    http://msdn.microsoft.com/en-ca/magazine/cc163973.aspx

    It’s hard to know if annoyances.org was just being lazy or they just wanted to sell more books.

    For me, I paid good money to have a computer that does interesting and useful things and I certainly don’t want to turn off usefull features! My browser preference is to use Firefox and I want it to do everything so I don’t need to run IE.

    It is a valid choice to turn off features you don’t want but do it for the right reason. Personnally I think Flash is a much higher security risk than Clickonce which is why I use the Flashblock extension to enable Flash only when I want it. There is nothing mysterious about Clickonce if you are able to read.

    Lots and lots of people begged Microsoft to provide this feature in Firefox. So it took them years too long to do it and now other people think it’s an evil plot! Surely we can smile a bit on that one…

    • Don, you make an excellent point except for one thing:

      I didn’t ask to have this feature installed on my system, especially if it is not required for the secure and stable operation of my system.

      “Usefulness” is a subjective term, and the way in which this feature was installed assumes that what is useful to you, is useful to me. In this case, Microsoft was wrong, and by extension so are you. I was fine without it a few days ago, I’m still fine without it now, but thank you for your recommendation. (Doesn’t recommendations imply choice?)

      Features should be advertised in concise descriptive language and chosen by users. Take Firefox’s catalog of extensions. They are installed by choice after careful consideration on features and user feedback.

      About the only thing my experience with this extension did is reinforce the idea that allowing automatic updates in Windows is not a good policy. In the end I’m fine with that, because it was partially my fault for allowing it to slip through my customized installation procedure.

      Maybe if features were advertised clearly, and appropriate choice given, I’d have nothing to contend against. But really… did we have a choice? The only choice I think I have is enabling auto updates or not. Is that what Microsoft intended with this? Whatever the case may be, I’m still uninstalling this extension, as well as the dubious DRM plugins that installed with my lack of diligence monitoring auto updates.

      But again, thank you for your sales pitch.

  24. That *valid* direct access to the OS requires a click by a user does not make this intrusion harmless. Part of the security aspect of using firefox is that what isn’t there, cannot be exploited. Plus we here are talking about the same technology which is deeply connected to the OS. It is a highway to OS access, with just one single police control en route. Having something like that in firefox therefore removes the earlier mentioned advantage in security.

    So, what do we have here?

    something which:

    – automatically installs not just without user consent, but without ANY user interaction (automatic mal… err, upgrades)

    – something which significantly reduces the security of the targeted system (firefox, and indirectly the OS)

    – something which easily can be used for tricking the user

    – something which blocks deinstallation

    – something which alerts every visited website of its availability on the infected system

    Can you say “malware behaviour”? The title of this article (“spyware”) may actually be an understatement. This behaves like malware, the relevant means to install it were labeled as a “bugfix package”, and it was installed via Windows Automatic Update – how much more evidence do you need, to classify it as plain simple malware?

  25. lol to Lyx

    The “malware behaviour” you describe is the same for Adobe Flash. Have you actually read any of the links? Have you actually tried running a ClickOnce application? Have youe actually tried running an Adobe AIR application?

    These technologies of course have security risks in that running anything on your computer is a risk but the whole point of having the computer in the first place is to run things on it!

    You describe social engineering for exploits which will always be available as long as you can download and run an application on your computer. The social engineering process is the same for downloading and running an EXE file with of course no security protection at all compared to these “sandbox” technologies.

    You can of course remove the ability to download anything from Firefox and lock down any computer into some sort of internet cafe “kiosk” mode but I sure as heck didn’t spend a lot of money on a computer to not actually be able to use it!

    Your approach only makes sense if you see the computer only has the vehicle to run an internet browser which ignores the other million things a computer can do. I really find it funny and amazing when people have interruptions in their internet connection and don’t have a clue what to do with their computers!

  26. Another sophistic whore who signed in to the “absolute security is impossible, so why care anyways? Plus, the security apps of the corporations take care of decisions, so why bother? I’m a decisionless consumer who will swallow anything”-mantra.

    For your consideration, there is a difference between an automatic install, and a manual install.

    There also is a difference between asking a user about an installation, and doing it without the users consent.

    There also is a difference between telling the user honestly what is installed, and lying to him by leaving out important details.

    There also is a difference between letting a user remove something if he does not like it, and enforcing the install by blocking normal means of removal.

    There also is a difference between a vendor modifying his own software, and a vendor modifying software which doesn’t belong to him.

    There also is a difference between notifying a network-contact about the availability of a servince, and advertising the service to EVERY network-contact, like a giant beacon.

    There also is a difference between having one service installed which can easily be abused for hostile purposes, and having dozens of such services running.

    And lastly, there is a difference between raising the security overal of a system, and lowering it.

    Now, which of the mentioned properties may be typical for malware and trojan-like behaviour, hmm? Is the only counterargument which you have available “oh, but some other vendors do it too!”? Oh, well…. if quantity and popularity turns wrong into right, then any kind of sense is lost on you.

    Microsoft plain and simply used malware behaviour in a windows update.

  27. There is a big difference between using your own computer to your own personal advantage and managing a corporate network.

    Mentioning other examples of how people choose to empower themselves in a similar manner simply helps to put the issue into some sort of practical everyday perspective.

    There is nothing wrong if you make a personal choice to worry about increasing your security by concentrating on unlikely risk scenarios.

    But the fact of the matter is that if you were a virus writer, using a sandbox technology would not yield very good results compared to the kind of drive-by silent worms we are seeing these days that depend on basic 0day holes in the browsers themselves and not the various sandbox based application delivery vehicles.

    So do I deprive myself of the advantage of using my computer even though the design of things like ClickOnce, Adobe AIR and Java have given security design just as much consideration as any other technology? Like anything else, if it’s a trusted source then I want the chance to try it out. That’s not malware, that’s choice.

    If we look at the corporate IT point of view, then it’s a different situation but even there the profile is more one of corporate choice since Windows Update is something the corporation can cinfigure to make their own balance of security versus getting value from the computer.

    Either way, I can assure you that clicking on this link to the British Public Library is not the security risk that the original article would seem to imply!

    http://ttpdownload.bl.uk/app_files/xbap/BrowserApp.xbap

  28. Has anybody read anything from Mozilla officials about this problem?

    No, because they don’t see it as a problem.

    Read bug 46139 at bugzilla.mozilla.org and you will be stunned:

    People at Mozilla think it’s okay for third party applications to force their stuff into Firefox without allowing the user to uninstall it.

    People at Mozilla wake up. We want our browser back under control.

  29. Sorry, typo: correction

    It’s bug # 446139 at bugzilla.mozilla.org

    Just click on my name and you will be redirected.

  30. I read through bug #446139

    Firefox has the ability to disable a plugin which seems to cover the security aspect from the Firefox point of view.

    The requested ability to cleanly remove any plugin that a 3rd party app has installed seems more like a feature idea than a bug.

    I like that as a feature but the 446139 description imples that would be a support nightmare so it would probably need some real thought and design behind it that elevates it well past a simple bug.

  31. startrekdvd | April 6, 2009 at 11:39 PM |

    This article was written was the wand of a lot of my help. Thank you very much, I’ll study a lot.

  32. As I see it, if Microsoft had included the “More Information” text from the Knowledge Base article at http://support.microsoft.com/kb/963707 or linked to it in the description of .NET Framework 3.5 SP1, and made adding ClickOnce capability optional (by installing the .NET Framework Assistant – or not), this business would’ve created considerably less furor.

    It’s crucial to preserve overt transparency, and to look at the thing from the perspective of citizen Mo Zilla, instead of techs-ecutive Mike Rosoft. ;P

    All MS had to do was to explain it! People resent feeling that MS did another end-run around them, and once again assumed the unimportance of explicitly asking for the owner’s consent before installing anything like a potentially insecure extension to their Firefox browser!

    If MS had taken that tack, I may have installed the .NFA anyway, and gotten interested in what ClickOnce can do, instead of getting irked, un-installing the damned extension with a flourish and a “Ha-ha-a-a-ah!”, and then simmering down after plowing through 4 or 5 pages of text, wondering if I could’ve left it alone to no particular harm.

    Thanks, Microsofties – for “making an ass out of u & me”. : (At least now I do know that re-installing .NF 3.5 SP1 will re-enable .NFA – if I want to do so someday…)

  33. Spyware Blockers | May 14, 2009 at 8:21 PM |

    good site and good information

  34. arunavdotnet | May 15, 2009 at 8:56 PM |

    Ha ha,

    For all the fury against Microsoft, it reminds me of the Browsers Vs. Microsoft case where Microsoft was challenged for establishing monopoly in browser wars by bundling its IE with the Windows OS.
    Building add-ons or rather supporting any non MS product is so not microsofty.
    Nevertheless, for the first time Microsoft tried doing something good 😉 by building ClickOnce support for Firefox rather than keeping it MS IE dependant. But for obvious reasons it was not well taken.
    For the MS loyalist who would like to have an uninstallable add-on for firefox the update (for the fix) is available at http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=cecc62dc-96a7-4657-af91-6383ba034eab

    http://www.arunav.net

  35. Boy, you’ve got a lot of sneering going on at people who have way too friggin much on their plate to sit in front of a computer screen trying to figure stuff out for hours and hours and hours…the fact is, it’s been one thing after another with Microsoft, and another thing is,
    THEY MADE IT HARD TO UNINSTALL.

    I’m sure there are lots of really nice people working at Microsoft. After owning a PC for the last 13 years I am finally sick of not being able to keep track and spend the hours and hours it seems to take to make sure my computer isn’t downloading all kinds of things I don’t want. After a point, you start to feel raped.

    My next computer’s a Mac.

  36. Blather on all you wish about whether or not MS had incentive to install a firefox plugin. The update did not inform users, did not give them the option to NOT install it, and left them the option of editing the registry to remove it after the fact.

    Pitiful. This would be comical if it wasn’t done to a competing product. I don’t care what their reasons are, you don’t silently install software into someone else’s software. PERIOD. This demonstrates the complete disregard MS has for their users, not to mention other organizations that create/support software.

    Just another in a long list of completely idiotic, bordering on malicious decisions MS has made.

  37. Well I won’t comment on who is “idiotic” even if that might be a popular method to describe a technical problem. Anyone who owns a Windows computer and sets it to automatic download and install gets lots and lots of regular silent installs every month. Windows update is designed to work that way and you can easily turn it off.

    Anyways it’s all rather academic since there is a new download from Microsoft that fixes the update and allows easy uninstall. No registry or other secret work-arounds. No conspiracy of the illuminati or whatever. Just the usual technical complexity of computers…

  38. Very useful, thanks.

    Most people don’t even know about this and several advice sites have said that disabling it is enough. Supposedly that’s same as removing it.

    But just the fact that its there and without my consent bothers me. Microsoft are of course past masters at this.

    I’ll give this a go.

  39. Exposer_Church_of_Illumination | June 9, 2009 at 10:04 AM |

    Don don’t you think its sad that people have to hold your one true love’s feet to the fire to get them to do the right thing, like providing uninstall options? I don’t know if you are getting paid to be a shill for MS or simply do it out of some misguided notion, and I do not care. But the things you have done and said on this blog over these past few weeks are nothing more that exercises in sophistry and whatever other BS you can come up with. When someone surreptiously installs something on your computer, without your knowledge, and doesnt give you the option to uninstall it, you will have to forgive me and everyone else for calling it like it is.

    To people familiar with MS pratices they would be inclined to say its e^3 – embrace, extend extinguish. What I see happening is a company sees that it can no longer leverage its existing monopoly in web browsing to push their shitty services on people, so they engage in malware like practices to get around this. This is dishonest. Instead of acting like some punk who writes a virus, they would do well to engage in some diplomacy and TALK to the firefox people. Did they even talk to then? My guess is that arrogant old MS thought they could do w/e they please like its the 1990s.

    Computers are not the sole domain of Microsoft. They should not be able to modify 3rd party software like that without warning, not to mention the security vulnerabilities injected. At minimum there should have been some information provided to the user, but they couldnt even own up like good, honest people.

    Don you need to stop failing as a shill, anyone can see from the timestamps that you only post during work hours. Either that or you just need to get back to doing your actual job.

  40. Welcome Mr. Illuminati from the China Grove. Considering people begged Microsoft for this extension it only seems typically sad or pathetic that identical sarcastic comments about how Microsoft was keeping this ability only for Internet Explorer to protect their browser monopoly have now been replaced by equally opposite sarcastic comments about how Microsoft is protecting their monopoly by giving people what they asked for!

    Although people for some reason don’t question the far less secure Adobe Flash monopoly, this browser addon is getting some bad vibes from some people simply because it couldn’t be uninstalled even though they never bothered to actually test the feature it provides. And before you are quick to say it’s a Microsoft feature, it only runs on a Windows computer and if you hate Microsoft that much to not even try it, you must really hate looking at your computer every day. Just run Linux and don’t look back dude!

    Again Microsoft paid attention to feedback and has provided a fix for this problem as they should have. Obviously there must be quite a few people inside Microsoft that like Firefox and that seems cool to me.

    LOL what a conspiracy that was!

  41. Keith L. Fretz | July 10, 2009 at 8:03 AM |

    Maybe if someone uses the .net addon to add software that checks Microsoft for updates like, say, every minute maybe they’ll change their mind about it.

  42. So, after following Microsoft’s “documented” instructions to remove the extension, it kept coming back after Windows Critical Updates (without my consent I might add). So then I decided to block it from installing the ‘DotNetAssistantExtension’ folder by creating a extensionless file of the same name in the same folder and making it a system file and read-only. Then Firefox started crashing all the time and DW20 kept wanting to send error reports. I then decided to NOT run Windows Update and followed the instructions again and proceded to take it a step further by deleting the Microsoft entries in my ‘prefs.js’ and my ‘extensions.cache’,’extensions.ini’ and ‘extensions.rdf’ files only to see them IMMEDIATELY reappear in my ‘prefs.js’. WTF?

    So, I decided to uninstall the KB963707 “patch” altogether – funny thing is though, it installed it ONE LAST TIME before removing the entry in “Add/Remove Programs”! This is despicable! I had to follow the instructions all over again and remove the entries in my ‘prefs.js’ one last time.

    Anyway, my question is this – how can I block the automatic installation of KB963707??

    Thanks…

  43. Huh. That’s interesting.

    When I installed the “Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x86 (KB963707)”, it made the uninstall option available in the Add-ons Menu. When I uninstalled it, it didn’t come back.

  44. OK ya these things are pretty retarded that some applications put add-ons in the browser without permission but as I have seen when you go to the windows presentation folder in the .net framework folder & select them auto update shows a 0kb update which re-installs the missing folders but if you go into the extension folder in Firefox there is a folder that starts with {200……) something like that you can make sure that you are in the right folder open the install file with wordpad or notepad & it will show .net in the install file just delete the whole folder and start Firefox again it should be removed & not show up again it worked for me but also go to about:config and check all the extensions to make sure there aren’t any left over entries from old extensions & .net framework if there are just reset the add-ons that aren’t there anymore & restart Firefox plus do what this page says so you can get all entries reset & there should be no trace in Firefox now the .xpi file will still be in the .net framework folder which is good just in case you need the .net framework add-on again you can install it from there after doing all these things my browser runs faster & better less lagging and so forth hope this helps I have tried this with an installed version of Firefox & Firefox portable from portableapps.com I try to have everything I can be portable less clogging of my computer system. Well hope this helps good luck.

  45. Hi!!! I’ve installed the firefox 3.5.3 and it has detected that fucking software and disabled for me.. so I tell you, just upgrade your firefox…. that complement will no longer be compatible… jejeje bye…

    Although wasn’t firefox the upgrade for internet explorer???? jajaja Lol…

  46. I can’t claim to be well versed in how “ClickOnce” applications operate -exactly-, nor can give statistics on what transmission vectors are most popular for hackers to use -exactly-.

    I will say the following however with certainty, there are dishonest people in the world who use what skills they DO have, in an unethical and malicious way.

    For example, I receive e-mail regularly telling me that if I hand over my bank information to an entity in Nigeria, I will receive money; and if I were to try, I’m certain that I could write VBA or VBScript that would look relatively legitimate, yet do something undesirable once they were run by the user.

    Those are two very well known and unsophisticated ways of exploiting the one “system vulnerability” that can never be solved for completely… the user.

    I am quite willing to concede the possibility that as a user, I could make the mistake of falling prey to individuals who would attempt to deceive me.

    I won’t waste my time with a pointless debate over Microsoft’s motivation, it’s practice, or it’s policies. To me all of that is irrelevant.

    What I know as a consumer is that, more than once I have had extra tool bars, or other garbage installed on my computer with what I considered less than my full consent via the relative ease that IE offered just by clicking, and I found it so undesirable that I actually chose to use Firefox instead for that reason and that reason alone… because in my perception, this event occurred less frequently with this product over IE.

    As a consumer I chose a feature (or if you’d rather a lack thereof) in a product because I felt I was better protecting myself against unwittingly installing things without it, and it appears that Microsoft has attempted to MAKE that feature available to me regardless.

    I would compare it to, not wanting mayonnaise on my hamburger, and when told that one establishment would not serve me a hamburger without mayonnaise… I chose to take my business elsewhere. I make no claim that mayonnaise has any ethical or moral weight to it, and I don’t blame others for enjoying it. For me though, it was not my preference.

    So, I take my business elsewhere, and I discover that an employee from the restaurant at the first establishment has now come and surreptitiously added mayonnaise to my hamburger while I am at the other establishment, fundamentally changing the product I did chose.

    Perhaps if I were to compare both hamburgers with mayonnaise, I would discover that the first hamburger was superior. In fact, if I were to compare all hamburgers with mayonnaise to that first hamburger, I may conclude that it is the BEST hamburger of all of the hamburgers in the world that have mayonnaise.

    Here is my point though, I do not accept that I live in a world where all the hamburgers have mayonnaise, and I object to those who would choose to instead of modifying their product, engage in a campaign to change the context in which I view a hamburger.

    P.S. I find this analogy very fitting, mostly because when I, and to a greater degree, my even less computer savy parents were using IE… the number of “helpful”, ubiquitous little wares that accumulated on the browser made the machines perform as though they were in fact filled with mayonnaise.

  47. Well maybe this will help clear up any doubts as to having software installed without the user’s consent. Especially software that is not critical to security. It seems that these MS plugins/Addons have been blocked because of remote code execution vulnerabilities. Current Blocklist http://en-us.www.mozilla.com/en-US/blocklist/ and bugs https://bugzilla.mozilla.org/show_bug.cgi?id=522777

  48. Are you brain dead? You don’t even know what spyware is.

  49. Very useful piece of information. I took the liberty and translated the removal instructions into German:
    http://wagii.blogspot.com/2009/10/firefox-windows-presentation-foundation.html

  50. I removed the folder content, http://ffextensionguru.wordpress.com/2009/02/08/how-to-remove-microsoft-net-spyware-extension/ But no change in Firefox 3.

    Yesterday Mozilla banned the plugin, so there’s no need anymore to manually remove, though it would be nice to have working instructions to remove it.

  51. Thank you! Firefox stopped working when I installed c# express on a computer and couldn’t figure out why. It wouldn’t even pop up a window! Suspected this control. Thanks, for the info on getting rid of it. Firefox is back up and running.

    Barefoot Brian

  52. thanks for this post. It helped me a lot. Btw How you get ideas for such posts. sorry if it’s out of topic.

  53. Pets Adoption >> Adopt a pet to ... | November 27, 2009 at 4:07 PM |

    ..]another relavant source of information on this subjectis ,ffextensionguru.wordpress.com,..]

  54. Hi there.
    Thank you for a great post. It was very helpfull.
    Anyone reading this post should bookmark this guys contents.

    I have a new PC and needed some installation help so i went over to http://www.InstallSoftware.com but they did not provide me with the in depth
    info this guy did. he kicks all the bigger sites’ butts.

    Thanks Again

  55. Hi there.
    Great installation help…thanks, fixed my problem.
    Anyone reading this guys stuff should bookmark it.

  56. http://vkatalogah.ru/ – регистрация в закрытых каталогах

  57. As a side note. I’m not a fan of Microsoft’s techniques for installing plugins. I have two computers running Firefox 3.6. On the older of the two computers, I stopped installing Microsoft updates approx. 2 1/2 years ago. I’ve suffered no ill effects on that computer and see no evidence of any operating difference between the two computers. The only reason I continue to update the other computer is I have Office 2007 loaded on it.

  58. Hate Microsoft Spyware but Love to piss off people who just don’t “get it”?
    I personally ban anyone using Microsoft Windows (Any retail Version)
    from my networks and LOVE the reaction I’m getting.
    These idiots think they have a right to use Microsoft Spyware on my network and then pretend to feel Violated when we block their spyware from accessing our data!

    Get a clue Morons!
    You do NOT have the right to violate our security and repeat offenders will be treated as terrorists.

  59. This is a great post you have written. Having this information will prove to be very useful going forward. Thanks.

  60. Thanks for the how to and the heads up.

    The only clue that it was installed was the fact that Firefox reported the plugin I had just installed is not compatible… I installed?

    I believe that the ‘spyware’ term was used in sending information about the user’s computer “to the web server” as it doesn’t specify what server.

    I would have liked to have been given the choice on whether or not to install it. Or at least a description of what it is supposed to do. Just because it says it is from Microsoft doesn’t mean it’s a good thing. I guess the opposite could be said as well.

    Noah

  61. nelson said: ” bordering on malicious decisions” bordering on ??

    WHAT!!!! are you kidding! they got DECLARED a monopoly by the DOJ
    so they are basicly a felony convicted company that never got punnished
    so they know that they can get away with it again

    are you all still implying this SHIT was not intentional!????????
    of course it was maliciouse ,, ,, no uninstall, hijacking our search engine settings

    stop avoiding the lawyers! say it with me “microsoft sabotaged firefox” ,,
    now tell everyone so the will never trust the bastards!

  62. Thanks!

  63. Thank you for taking time to share this information with everyone.

  64. Interesting article I for sure tell about it my uncle as he is interested in it. Best Regards Bukmacherzy Promocje.

  65. Interesting info I for sure inform about it my uncle as he is interested in it. Best Regards Bukmacherzy Promocje.

  66. ogham writing,

  67. hi!,I love your writing so so much! percentage we keep up a correspondence extra about your article on AOL? I need a specialist on this house to resolve my problem. May be that’s you! Looking ahead to peer you.

8 Trackbacks & Pingbacks

  1. Microsoft se met à développer des extensions pour Firefox | Philippe.Scoffoni.Net
  2. Remove Microsoft .Net Framework Assistant From Firefox
  3. Remove Microsoft .Net Framework Assistant From Firefox | Gadget & Future Technology review
  4. How to remove Microsoft .NET Framework Assistant (Vulnerability) from Firefox « Xenophilia (True Strange Stuff)
  5. Internet: Mi privacidad, la tuya, la nube y Google | El Rincón del Geek
  6. Spyware shmyware and why Microsoft shouldn’t whine - Dreaming Dreams
  7. Alexander "dreamer" C.: Spyware shmyware and why Microsoft shouldn’t whine | TuxWire : The Linux Blog
  8. Mozilla Blocks Microsoft Plugin & Add-on « The Firefox Extension Guru’s Blog

Comments are closed.