New
Network
Monitor detects intrusions from remote connections ...
A New network Monitor and Live Update
Modules will be released this week and reach all of
you through Live Update. New Live Update upgrade will
intelligently detect "updates available";
download them and in case of internet failure, update
Spyware Detector with the downloaded components only.
This will help users on slow internet connections if
they are not able to do all the downloads at one time.
New Network Monitor continuously scans network activities
and drops all the network packets coming in or going
out of your PC to BAD IP addresses (spyware sites etc.).
In addition to that it also terminates the process
which was initiating this connection. So no data can
flow back and forth from your PC to Spyware sites. This
makes your Internet computing safer and 1. It will help
you protect your data 2. Be able to enjoy the bandwidth
provided by ISP and not let spyware use bandwidth and
slow down your PC.3. Prevent junk mails from being broadcast
from your PC to thousand other users without your knowledge
4. Prevent spy programs from sending important data
and snapshots of your activities out of your PC.
Most computers that are connected to the internet today
have a high
probability of
getting infected by some sort of
Adware, Malware, Spyware
and
Trojans etc. These Spyware
transmit important data to
their servers about
browsing habits, personal information,
passwords or share
your bandwidth for
p2p share or send
bulk/junk
emails from your PC
as server to
thousands of people
or spy everything
you do on your PC.
All these activities
slow your PC, risk
your important data
such as Bank
information or
passwords from being
stolen.
All such activities
happen over network
and Spyware Detector
can detect such
suspicious
connections and
close them. It also,
terminates the
processes initiating
such connections
just like a
Firewall. Users can
also add/remove
additional ip addresses from
Options>Internet
Fix tab. Network connections to such ip addresses packets will be blocked
and processes initiating these remote connections will
also be terminated.
We came across many Fake Anti Spyware
tools which are trying to scare users with false scan
reports . They also make detection of their file and
registry entries difficult by deploying really naive
methods. Two such Fake Anti Spyware were Fake Anti
Spyware.AntiVirusXP2008 and Fake Anti Spyware.MalwareProtector2008
. Both of these create random folder in Program
Files directory and the same random key in the registry.
Under the key, however, they put their domain name in
one of the regdata is their domain name which easily
enumerates back to the their random regkey and the folder
name since both are same. Following are their file and
registry entries:
Folder: PFDIR \ rhc97bj0erf3
AND
RegKey:
[HKEY_LOCAL_MACHINE\SOFTWARE\rhc97bj0erf3]
"RegistrationUrl"="http://www.AntivirusXP08.com/buy/b4b4245ba88fb1719030bb015cce5bfc/6154"
"RegistrationDiscUrl"="http://www.AntivirusXP08.com/purchase/b4b4245ba88fb1719030bb015cce5bfc/6154"
"ADVid"="b4b4245ba88fb1719030bb015cce5bfc/6154"
@="C:\\Program Files\\rhc97bj0erf3"
"InstallDir"="C:\\Program
Files\\rhc97bj0erf3"
"domain"="AntivirusXP08.com"
"SoftID"="AntivirXP08"
Fake Anti Spyware.MalwareProtector2008
makes similar entries:
Program Files\shcgv8j0ea8a
Application Data\shcgv8j0ea8a
SOFTWARE\shcgv8j0ea8a
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shcgv8j0ea8a
Be aware of such Rogue products. Following
are some of the snapshots of this product:
Here is the summary on the
Spyware Categories
processed for Spyware Detector Threat Definition
updates for the month of June:
| No |
Category |
Count |
| 1 |
Fake Anti Spyware |
169 |
| 2 |
Backdoor |
138 |
| 3 |
Trojan |
111 |
| 4 |
Adware |
96 |
| 5 |
Downloader |
92 |
| 6 |
KeyLogger |
59 |
| 7 |
Worm |
45 |
| 8 |
ToolBar |
41 |
| 9 |
Dropper |
27 |
| 10 |
Spyware |
24 |
| 11 |
PSW |
22 |
| 12 |
HackTool |
21 |
| 13 |
Exploit |
18 |
| 14 |
Constructor |
17 |
| 15 |
Dos |
17 |
| 16 |
StartPage |
15 |
| 17 |
Clicker |
12 |
| 18 |
Flooder |
11 |
| 19 |
Dialer |
8 |
| 20 |
Badjoke |
7 |
| 21 |
Nuker |
3 |
| 22 |
Proxy |
3 |
| 23 |
SpamTool |
3 |
We appreciate any feedback on our products
from our valuable customers. You would also notice daily
news updates on our Spyware patch releases. You will
also find more detailed information on the Spyware Encyclopedia
pages which can be reached either from Spyware
we Remove Link or by clicking on the Spyware Detector
itself after a particular Spyware is detected, by clicking
on Threat Information Link right next to the name of
the Threat detected.
Please continue to support this effort
by reading this blog for the latest information on new spyware
releases. You are welcome to send us queries on any
spyware that can not be removed from your PC. Our
technical support will be happy to help you through
chat, email or free remote support. We will not rest until Spyware writers give
up and let the users of PCs enjoy their computing as
it was intended to be without any slowdown, without
fear of losing Privacy and with no advertisements or
other unwanted nuisances.
Rachna Pradhan
CTO
Max Secure Software
|
Submit
a Threat
Request
for Software to be Removed from our Database
