Well hello i am reporting the 3rd part of Spyware list that could damage your software. the programs i would like to introduce in this list is Torrent101, BitGrabber, BitRoll.
The report from Symantec is as follows
Updated:
July 3, 2007 2:15:40 PM
Type:Potentially Unwanted App
Name:Torrent101; BitGrabber; BitRoll
Version:3.2.0.0
Publisher:
WakeNet
Risk Impact:
Medium
Systems Affected:
Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows Server 2003, Windows 2000
When the program is executed, it creates the following folders:
%UserProfile%\Application Data\BitGrabber
%UserProfile%\Application Data\BitGrabber\Data
%UserProfile%\Application Data\BitRoll
%UserProfile%\Application Data\BitRoll\Data
%UserProfile%\Application Data\[RANDOM FOLDER NAME]
%UserProfile%\Application Data\Torrent101
%UserProfile%\Application Data\Torrent101\Data
%UserProfile%\Favorites\Online Gaming
C:\Documents and Settings\All Users\Application Data\[RANDOM FOLDER NAME]
C:\Documents and Settings\All Users\Start Menu\Programs\BitGrabber
C:\Documents and Settings\All Users\Start Menu\Programs\BitRoll
C:\Documents and Settings\All Users\Start Menu\Programs\Torrent101
%ProgramFiles%\BitGrabber
%ProgramFiles%\BitGrabber\Skins
%ProgramFiles%\BitGrabber\Support
%ProgramFiles%\BitRoll
%ProgramFiles%\BitRoll\Skins
%ProgramFiles%\BitRoll\Support
%ProgramFiles%\[RANDOM FOLDER NAME]
%ProgramFiles%\Torrent101
%ProgramFiles%\Torrent101\Skins
%ProgramFiles%\Torrent101\Support
%SystemDrive%\My Downloads
Next, the program drops the following files:
%UserProfile%\Application Data\BitGrabber\Data\downloads.dat
%UserProfile%\Application Data\BitGrabber\Data\downloads.dat.bkp
%UserProfile%\Application Data\BitGrabber\Data\metadata.dat
%UserProfile%\Application Data\BitGrabber\Data\metadata.dat.bkp
%UserProfile%\Application Data\BitRoll\Data\downloads.dat
%UserProfile%\Application Data\BitRoll\Data\downloads.dat.bkp
%UserProfile%\Application Data\BitRoll\Data\metadata.dat
%UserProfile%\Application Data\BitRoll\Data\metadata.dat.bkp
%UserProfile%\Application Data[RANDOM FOLDER NAME]\[RANDOM FILE NAME]
%UserProfile%\Application Data[RANDOM FOLDER NAME]\Dart Rect Creative.exe
%UserProfile%\Application Data[RANDOM FOLDER NAME]\[RANDOM FILE NAME ONE].exe
%UserProfile%\Application Data[RANDOM FOLDER NAME]\[RANDOM FILE NAME TWO].exe
%UserProfile%\Application Data[RANDOM FOLDER NAME]\[RANDOM FILE NAME THREE].exe
%UserProfile%\Application Data[RANDOM FOLDER NAME]\readmename.exe
%UserProfile%\Application Data\Torrent101\Data\downloads.dat
%UserProfile%\Application Data\Torrent101\Data\downloads.dat.bkp
%UserProfile%\Application Data\Torrent101\Data\metadata.dat
%UserProfile%\Application Data\Torrent101\Data\metadata.dat.bkp
C:\Documents and Settings\[CURRENT USER]\Cookies\[USER NAME]@ad.yieldmanager[ONE RANDOM NUMBER].txt
C:\Documents and Settings\[CURRENT USER]\Cookies\[USER NAME]@ayb.netbios-wait[ONE RANDOM NUMBER].txt
C:\Documents and Settings\[CURRENT USER]\Cookies\[USER NAME]@inside.bitroll[ONE RANDOM NUMBER].txt
C:\Documents and Settings\[CURRENT USER]\Cookies\[USER NAME]@inside.torrent101[ONE RANDOM NUMBER].txt
%UserProfile%\Desktop\BitGrabber.lnk
%UserProfile%\Desktop\BitRoll.lnk
%UserProfile%\Desktop\Torrent101.lnk
%UserProfile%\Local Settings\Temp\bis[ONE RANDOM CHARACTER FILE NAME ONE].exe
%UserProfile%\Local Settings\Temp\bis[ONE RANDOM CHARACTER FILE NAME TWO].exe
%UserProfile%\Local Settings\Temp\bis[ONE RANDOM CHARACTER FILE NAME THREE].exe
C:\Documents and Settings\All Users\Application Data\[RANDOM FOLDER NAME][RANDOM FILE NAME]
C:\Documents and Settings\All Users\Application Data\[RANDOM FOLDER NAME]\[RANDOM FILE NAME ONE].exe
C:\Documents and Settings\All Users\Application Data\[RANDOM FOLDER NAME]\[RANDOM FILE NAME TWO].exe
C:\Documents and Settings\All Users\Application Data\[RANDOM FOLDER NAME]\[RANDOM FILE NAME THREE].exe
C:\Documents and Settings\All Users\Start Menu\Programs\BitGrabber\BitGrabber.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\BitGrabber\Uninstall BitGrabber.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\BitRoll\BitRoll.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\BitRoll\Uninstall BitRoll.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Torrent101\Torrent101.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Torrent101\Uninstall Torrent101.lnk
%ProgramFiles%\BitGrabber\BitGrabber.exe
%ProgramFiles%\BitGrabber\BitGrabber.TRC
%ProgramFiles%\BitGrabber\minime.exe
%ProgramFiles%\BitGrabber\settings.ini
%ProgramFiles%\BitGrabber\settings.stp
%ProgramFiles%\BitGrabber\SkinCrafterDll.dll
%ProgramFiles%\BitGrabber\Skins\Quadro.skf
%ProgramFiles%\BitGrabber\Support\connecting.gif
%ProgramFiles%\BitGrabber\Support\default.htm
%ProgramFiles%\BitGrabber\Support\dots.gif
%ProgramFiles%\BitGrabber\Support\logo.jpg
%ProgramFiles%\BitGrabber\Support\porttest_error.htm
%ProgramFiles%\BitGrabber\Support\porttest_start.htm
%ProgramFiles%\BitGrabber\TorrentManager.dll
%ProgramFiles%\BitGrabber\unins000.dat
%ProgramFiles%\BitGrabber\unins000.exe
%ProgramFiles%\BitRoll\BitRoll.exe
%ProgramFiles%\BitRoll\BitRoll.TRC
%ProgramFiles%\BitRoll\minime.exe
%ProgramFiles%\BitRoll\settings.ini
%ProgramFiles%\BitRoll\settings.stp
%ProgramFiles%\BitRoll\SkinCrafterDll.dll
%ProgramFiles%\BitRoll\Skins\Flexi.skf
%ProgramFiles%\BitRoll\Support\connecting.gif
%ProgramFiles%\BitRoll\Support\default.htm
%ProgramFiles%\BitRoll\Support\dots.gif
%ProgramFiles%\BitRoll\Support\logo.jpg
%ProgramFiles%\BitRoll\Support\porttest_error.htm
%ProgramFiles%\BitRoll\Support\porttest_start.htm
%ProgramFiles%\BitRoll\TorrentManager.dll
%ProgramFiles%\BitRoll\unins000.dat
%ProgramFiles%\BitRoll\unins000.exe
%ProgramFiles%\Torrent101\minime.exe
%ProgramFiles%\Torrent101\settings.ini
%ProgramFiles%\Torrent101\settings.stp
%ProgramFiles%\Torrent101\SkinCrafterDll.dll
%ProgramFiles%\Torrent101\Skins\Zorg.skf
%ProgramFiles%\Torrent101\Support\connecting.gif
%ProgramFiles%\Torrent101\Support\default.htm
%ProgramFiles%\Torrent101\Support\dots.gif
%ProgramFiles%\Torrent101\Support\logo.jpg
%ProgramFiles%\Torrent101\Support\porttest_error.htm
%ProgramFiles%\Torrent101\Support\porttest_start.htm
%ProgramFiles%\Torrent101\Torrent101.exe
%ProgramFiles%\Torrent101\Torrent101.TRC
%ProgramFiles%\Torrent101\TorrentManager.dll
%ProgramFiles%\Torrent101\unins000.dat
%ProgramFiles%\Torrent101\unins000.exe
%Windir%\Tasks\[RANDOM FILE NAME].job
It then creates the following registry entry so that it executes whenever Windows starts:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"army logo" = "%UserProfile%\Application Data[RANDOM FOLDER NAME]\readmename.exe"
The program then creates the following registry subkeys:
HKEY_CURRENT_USER\Software\BookDriveBat
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Setup Once Inside
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\keep inside loud
HKEY_CURRENT_USER\Software\WakeNet
HKEY_CLASSES_ROOT\.torrent
HKEY_CLASSES_ROOT\BitGrabber
HKEY_CLASSES_ROOT\BitRoll
HKEY_CLASSES_ROOT\CLSID\{D5792AA9-D373-4039-8670-2CDAB6A71F15}
HKEY_CLASSES_ROOT\Interface\{3FFBBD07-EB2D-4305-982B-21DA43DED39C}
HKEY_CLASSES_ROOT\Torrent101
HKEY_CLASSES_ROOT\TorrentManager.WebManager
HKEY_CLASSES_ROOT\TorrentManager.WebManager.1
HKEY_CLASSES_ROOT\TypeLib\{970CC246-0D83-4FFA-9832-62F19B4505CB}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D5792AA9-D373-4039-8670-2CDAB6A71F15}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5792AA9-D373-4039-8670-2CDAB6A71F15}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitGrabber_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitRoll_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torrent101_is1
It also creates the following registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\"DownloadUI" = "{D5792AA9-D373-4039-8670-2CDAB6A71F15}"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\"netbios-wait.com" = ""
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\"netsearchsoft.com" = ""
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\"www.netbios-wait.com" = ""
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\"www.netsearchsoft.com" = ""
The program can then be used as a Torrent client application.
It creates two hidden Internet Explorer processes that stay resident after the application is closed.
The program downloads a copy of Adware.Lop onto the computer.
It also installs a Browser Helper Object and displays advertisements in Internet Explorer.
Another program from this family is TorrentQ it also a same type of application that do all the things mentioned above.
Monday, July 18, 2011
Friday, July 8, 2011
Spyware Part 2
Winzix : It is a typical spyware that load bunch of spyware and adware which will crash you system or make the system to malfunction. According to Symantec the report of Winzix is as follows
Symantec Security Response
http://www.symantec.com/security_response/index.jsp
WinZix
Updated:July 12, 2007 1:37:27 PM
Type:Potentially Unwanted App
Name:Winzix
Publisher:Winzix
Risk Impact:Low
Systems Affected:Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows Server 2003, Windows 2000
SUMMARY
Behavior
WinZix is a potentially unwanted application that may download other programs on to the computer.
Antivirus Protection Dates
Initial Rapid Release version July 10, 2007 revision 017
Latest Rapid Release version April 29, 2011 revision 036
Initial Daily Certified version July 10, 2007 revision 017
Latest Daily Certified version April 29, 2011 revision 037
Initial Weekly Certified release date July 11, 2007
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
TECHNICAL DETAILS
When the program is executed, it displays the following interface:
It then creates the following files:
C:\Documents and Settings\All Users\Start Menu\Programs\WinZix\Uninstall WinZix.lnk
%ProgramFiles%\WinZix\Flexi.skf
%ProgramFiles%\WinZix\SkinCrafterDll.dll
%ProgramFiles%\WinZix\unins000.dat
%ProgramFiles%\WinZix\unins000.exe
%UserProfile%\Desktop\WinZix-2.0-setup-0514.exe
C:\Documents and Settings\All Users\Start Menu\Programs\WinZix\WinZix.lnk
%ProgramFiles%\WinZix\minime.exe
%ProgramFiles%\WinZix\WinZix.exe
%ProgramFiles%\WinZix\WinZixManager.dll
%UserProfile%\Desktop\WinZix.lnk
Next, the program creates the following registry subkeys:
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZixManager
HKEY_CLASSES_ROOT\.zix
HKEY_CLASSES_ROOT\CLSID\{EE91F4CC-6BA2-424C-A1FE-64910CCB6A42}
HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\WinZixManager
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\WinZixManager
HKEY_CLASSES_ROOT\Interface\{41CA7D4D-AE77-4B13-9459-E9AB7EFECAAD}
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-zix
HKEY_CLASSES_ROOT\TypeLib\{10954590-2B3A-41EC-97BB-C95A5E646DA9}
HKEY_CLASSES_ROOT\WinZixManager.WinZixShell
HKEY_CLASSES_ROOT\winzix
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZix_is1
The program also creates the following registry entries:
HKEY_CLASSES_ROOT\WinZixManager.WinZixShell.1\"Default" = "WinZixShell Class"
HKEY_CLASSES_ROOT\WinZixManager.WinZixShell.1\CLSID\"Default" = "{EE91F4CC-6BA2-424C-A1FE-64910CCB6A42}"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\"{EE91F4CC-6BA2-424C-A1FE-64910CCB6A42}" = "WinZixShell extension"
The program may then download a copy of Adware.Lop on to the computer.
This is a information of Winzix from Symantec Corporation
Next Spyware i want to talk about it 3wPlayer:
3wPlayer is a rogue media player software application bundled with trojans that can infect computers running Microsoft Windows. It is designed to exploit users who download video files, instructing them to download and install the program in order to view the video. The 3wPlayer employs a form of social engineering to infect computers. Seemingly desirable video files, such as recent movies, are released via BitTorrent or other distribution channels. These files resemble conventional AVI files, but are engineered to display a message when played on most media player programs, instructing the user to visit the 3wPlayer website and download the software to view the video. The 3wPlayer is infected with Trojan.Win32.Obfuscated.According to Symantec, 3wPlayer "may download" a piece of adware they refer to as Adware.Lop, which "adds its
own toolbar and search button to Internet Explorer".
Also another Software that is DivoCodec and X3Codec
The DivoCodec or Divo Codec or X3Codec has also been identified as a trojan similar to 3wPlayer. Users are instructed to download the codec in order to view or play an AVI/MP4/MP3/WMA file, often downloaded via P2P programs.
Instead of actual codecs, DivoCodec installs malware on the users computer. The DivoCodec is polymorphic and can change its structure. It has also been known to write to another process' virtual memory (process hijacking).
Symantec Security Response
http://www.symantec.com/security_response/index.jsp
WinZix
Updated:July 12, 2007 1:37:27 PM
Type:Potentially Unwanted App
Name:Winzix
Publisher:Winzix
Risk Impact:Low
Systems Affected:Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows Server 2003, Windows 2000
SUMMARY
Behavior
WinZix is a potentially unwanted application that may download other programs on to the computer.
Antivirus Protection Dates
Initial Rapid Release version July 10, 2007 revision 017
Latest Rapid Release version April 29, 2011 revision 036
Initial Daily Certified version July 10, 2007 revision 017
Latest Daily Certified version April 29, 2011 revision 037
Initial Weekly Certified release date July 11, 2007
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
TECHNICAL DETAILS
When the program is executed, it displays the following interface:
It then creates the following files:
C:\Documents and Settings\All Users\Start Menu\Programs\WinZix\Uninstall WinZix.lnk
%ProgramFiles%\WinZix\Flexi.skf
%ProgramFiles%\WinZix\SkinCrafterDll.dll
%ProgramFiles%\WinZix\unins000.dat
%ProgramFiles%\WinZix\unins000.exe
%UserProfile%\Desktop\WinZix-2.0-setup-0514.exe
C:\Documents and Settings\All Users\Start Menu\Programs\WinZix\WinZix.lnk
%ProgramFiles%\WinZix\minime.exe
%ProgramFiles%\WinZix\WinZix.exe
%ProgramFiles%\WinZix\WinZixManager.dll
%UserProfile%\Desktop\WinZix.lnk
Next, the program creates the following registry subkeys:
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZixManager
HKEY_CLASSES_ROOT\.zix
HKEY_CLASSES_ROOT\CLSID\{EE91F4CC-6BA2-424C-A1FE-64910CCB6A42}
HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\WinZixManager
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\WinZixManager
HKEY_CLASSES_ROOT\Interface\{41CA7D4D-AE77-4B13-9459-E9AB7EFECAAD}
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-zix
HKEY_CLASSES_ROOT\TypeLib\{10954590-2B3A-41EC-97BB-C95A5E646DA9}
HKEY_CLASSES_ROOT\WinZixManager.WinZixShell
HKEY_CLASSES_ROOT\winzix
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZix_is1
The program also creates the following registry entries:
HKEY_CLASSES_ROOT\WinZixManager.WinZixShell.1\"Default" = "WinZixShell Class"
HKEY_CLASSES_ROOT\WinZixManager.WinZixShell.1\CLSID\"Default" = "{EE91F4CC-6BA2-424C-A1FE-64910CCB6A42}"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\"{EE91F4CC-6BA2-424C-A1FE-64910CCB6A42}" = "WinZixShell extension"
The program may then download a copy of Adware.Lop on to the computer.
This is a information of Winzix from Symantec Corporation
Next Spyware i want to talk about it 3wPlayer:
3wPlayer is a rogue media player software application bundled with trojans that can infect computers running Microsoft Windows. It is designed to exploit users who download video files, instructing them to download and install the program in order to view the video. The 3wPlayer employs a form of social engineering to infect computers. Seemingly desirable video files, such as recent movies, are released via BitTorrent or other distribution channels. These files resemble conventional AVI files, but are engineered to display a message when played on most media player programs, instructing the user to visit the 3wPlayer website and download the software to view the video. The 3wPlayer is infected with Trojan.Win32.Obfuscated.According to Symantec, 3wPlayer "may download" a piece of adware they refer to as Adware.Lop, which "adds its
own toolbar and search button to Internet Explorer".
Also another Software that is DivoCodec and X3Codec
The DivoCodec or Divo Codec or X3Codec has also been identified as a trojan similar to 3wPlayer. Users are instructed to download the codec in order to view or play an AVI/MP4/MP3/WMA file, often downloaded via P2P programs.
Instead of actual codecs, DivoCodec installs malware on the users computer. The DivoCodec is polymorphic and can change its structure. It has also been known to write to another process' virtual memory (process hijacking).
Spyware Part 1
The part 1 of the post includes some of the spyware known commonly they are
CoolWebSearch, a group of programs, takes advantage of Internet Explorer vulnerabilities. The package directs traffic to advertisements on Web sites including coolwebsearch.com. It displays pop-up ads, rewrites search engine results, and alters the infected computer's hosts file to direct DNS lookups to these sites.
Internet Optimizer, also known as DyFuCa, redirects Internet Explorer error pages to advertising. When users follow a broken link or enter an erroneous URL, they see a page of advertisements. However, because password-protected Web sites (HTTP Basic authentication) use the same mechanism as HTTP errors, Internet Optimizer makes it impossible for the user to access password-protected sites.
HuntBar, aka WinTools or Adware.Websearch, was installed by an ActiveX drive-by download at affiliate Web sites, or by advertisements displayed by other spyware programs—an example of how spyware can install more spyware. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate references, and display advertisements.
Movieland, also known as Moviepass.tv and Popcorn.net, is a movie download service that has been the subject of thousands of complaints to the Federal Trade Commission (FTC), the Washington State Attorney General's Office, the Better Business Bureau, and other agencies. Consumers complained they were held hostage by a cycle of oversized pop-up windows demanding payment of at least $29.95, claiming that they had signed up for a three-day free trial but had not cancelled before the trial period was over, and were thus obligated to pay.The FTC filed a complaint, since settled, against Movieland and eleven other defendants charging them with having "engaged in a nationwide scheme to use deception and coercion to extract payments from consumers."
WeatherStudio has a plugin that displays a window-panel near the bottom of a browser window. The official website notes that it is easy to remove (uninstall) WeatherStudio from a computer, using its own uninstall-program, such as under C:\Program Files\WeatherStudio. Once WeatherStudio is removed, a browser returns to the prior display appearance, without the need to modify the browser settings.
Zango (formerly 180 Solutions) transmits detailed information to advertisers about the Web sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a Web site, so that the advertisements make unearned profit for the 180 Solutions company. It opens pop-up ads that cover over the Web sites of competing companies (as seen in their [Zango End User License Agreement])
Zlob trojan, or just Zlob, downloads itself to a computer via an ActiveX codec and reports information back to Control Server. Some information can be the search-history, the Websites visited, and even keystrokes.More recently, Zlob has been known to hijack routers set to defaults.
Please comment if there is anything wrong
CoolWebSearch, a group of programs, takes advantage of Internet Explorer vulnerabilities. The package directs traffic to advertisements on Web sites including coolwebsearch.com. It displays pop-up ads, rewrites search engine results, and alters the infected computer's hosts file to direct DNS lookups to these sites.
Internet Optimizer, also known as DyFuCa, redirects Internet Explorer error pages to advertising. When users follow a broken link or enter an erroneous URL, they see a page of advertisements. However, because password-protected Web sites (HTTP Basic authentication) use the same mechanism as HTTP errors, Internet Optimizer makes it impossible for the user to access password-protected sites.
HuntBar, aka WinTools or Adware.Websearch, was installed by an ActiveX drive-by download at affiliate Web sites, or by advertisements displayed by other spyware programs—an example of how spyware can install more spyware. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate references, and display advertisements.
Movieland, also known as Moviepass.tv and Popcorn.net, is a movie download service that has been the subject of thousands of complaints to the Federal Trade Commission (FTC), the Washington State Attorney General's Office, the Better Business Bureau, and other agencies. Consumers complained they were held hostage by a cycle of oversized pop-up windows demanding payment of at least $29.95, claiming that they had signed up for a three-day free trial but had not cancelled before the trial period was over, and were thus obligated to pay.The FTC filed a complaint, since settled, against Movieland and eleven other defendants charging them with having "engaged in a nationwide scheme to use deception and coercion to extract payments from consumers."
WeatherStudio has a plugin that displays a window-panel near the bottom of a browser window. The official website notes that it is easy to remove (uninstall) WeatherStudio from a computer, using its own uninstall-program, such as under C:\Program Files\WeatherStudio. Once WeatherStudio is removed, a browser returns to the prior display appearance, without the need to modify the browser settings.
Zango (formerly 180 Solutions) transmits detailed information to advertisers about the Web sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a Web site, so that the advertisements make unearned profit for the 180 Solutions company. It opens pop-up ads that cover over the Web sites of competing companies (as seen in their [Zango End User License Agreement])
Zlob trojan, or just Zlob, downloads itself to a computer via an ActiveX codec and reports information back to Control Server. Some information can be the search-history, the Websites visited, and even keystrokes.More recently, Zlob has been known to hijack routers set to defaults.
Please comment if there is anything wrong
What is a Adware ?
Adware, or advertising-supported software, is any software package which automatically plays, displays, or downloads advertisements to a computer. These advertisements can be in the form of a pop-up.They may also be in the user interface of the software or on a screen presented to the user during the installation process. The object of the Adware is to generate revenue for its author. Adware, by itself, is harmless; however, some adware may come with integrated spyware such as keyloggers and other privacy-invasive software.
What is a spyware?
Spyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as keyloggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users.
While the term spyware suggests software that secretly monitors the user's computing, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet connection or functionality of other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is provided by the term privacy-invasive software.
In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element of computer security practices for computers, especially those running Microsoft Windows. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer.
While the term spyware suggests software that secretly monitors the user's computing, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet connection or functionality of other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is provided by the term privacy-invasive software.
In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element of computer security practices for computers, especially those running Microsoft Windows. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer.
Starting My Spyware Around the World Blog
This blog is to spot you all the Spware and Adware in the world so that you are aware about it and we will give full information of these softwares in the posts. This blog is maintained by Arvin Soft
Subscribe to:
Posts (Atom)