Spyware Detector Now includes
TCP Viewer, Anti-Virus Scanner soon to be released...
Intelligently designed new Live Update
module has already reached all of you. Customers with slow
internet connections complained and we listened. We
brought to you newly designed Live Update module which
is providing incremental updates as before but faster
and with resume facility so you only download what was
not downloaded before. Read more about this in the
previous Blog dated July 7, 2008. Spyware Detector team
is also working on the enhanced Scanner Engine which
will bring to you even faster scanner to match the
spirit of Olympics marathon runners. This release should
come to you even before I write the next blog.
Today's Spyware Detector update
includes new TCP viewer . It can be found under the
Options tab>Process/TCP Viewer. Here you can see all the
processes on your PC connecting to any network with the
local and remote IP addresses and their current state
information.
This option can be used by advanced users who can view
if any unknown application is making connection to
outside
server to download malicious files or sending personal
information out. If you wish
to terminate this connection, add this IP address by
clicking on the Internet Fix tab under Options in the
TCP/IP list. TCP/IP list contains all unwanted / spyware
server IP
addresses as found in the Spyware Detector Research Lab
by automated and Manual Spyware Detection tools.
Another new module added in today's
update is Memory scanner. It is an enhancement of the Scanning engine which identifies the spyware
files and also lists other processes (exes, dlls or ocx)
along which this spyware component is loaded in the
memory. For example, some spyware would load with
explorer.exe or iexplore.exe so every time explorer or
Internet Explorer is launched, this spyware process is also launched.
Spyware Detector is providing this information to the
users to show the severity of infection. Spyware Detector
Quarantine all such Spyware files without terminating
the processes. If PC reboot is required it will be
requested by Spyware Detector. These findings are
also written in Spyware Detector log as well. It will be
notified in the user interface of Spyware Detector as
Threat Type : Memory as below:
Spyware Detector is also adding
detection and repair of virus infected files in the
Scanner Engine. In the next update you will find virus
scanner added with a new check Box option under the Full
Scan, along with the Malicious
File and Rookit Scan. This option will
quarantine the files and registry entries added by
viruses and repair the infected / modified files
including system files and others.
Last month, we came across many Fake Anti Spyware
tools which are trying to scare users with false scan
reports. Fake Anti Spyware.AntiVirusXP2008 continues
to trick the users and evade detection by database scanning of
several anti-spyware and anti-virus products by making
few changes here and there in the registry entries,
domain name, software ID etc. such as:
old registry entry:
"RegistrationUrl"="http://www.AntivirusXP08.com/buy/b4b4245ba88fb1719030bb015cce5bfc/6154"
new registry entry:
RegistrationUrl "http://www.avxp-08.com/buy/
"
Adware.FakeAlert was mostly
responsible for downloading different Fake
Anti-spyware products on the users PC giving false warnings and
enticing them to buy
http://www.spywaredetector.net/SDFraudToolFix.exe
. Fraudtool patch is written for specific spyware. Some spyware will not let spyware detector and many
other well known anti-virus or anti-spyware products
install on the infected users pc. It also downloads and
installs many fake anti spyware tools such as
winreanimator, antivirusxp2008, antivirusxp2009 etc.
SDFraudtool patch removes such infections
and once PC is clean, users can install Spyware etector
and similar other anti-spyware products which were being
killed before by this spyware. This FakeAlert
infection completely
overwrites the beep.sys file with its own code. Beep.sys file is
responsible for the beep that you hear when you
restart
your pc. Spyware Detector quarantines this file.
Here is the summary on the
Spyware Categories
processed for Spyware Detector Threat Definition
updates for the month of July:
|
No. |
Spyware Category |
Count |
|
|
1 |
Fake Anti Spyware |
80 |
|
|
2 |
Trojan |
78 |
|
|
3 |
Adware |
41 |
|
|
4 |
Backdoor |
37 |
|
|
5 |
Downloader |
28 |
|
|
6 |
Worm |
21 |
|
|
7 |
KeyLogger |
20 |
|
|
8 |
HackTool |
9 |
|
|
9 |
Keygen |
9 |
|
|
10 |
ToolBar |
9 |
|
|
11 |
Spyware |
8 |
|
|
12 |
Dropper |
7 |
|
|
13 |
PSW |
5 |
|
|
14 |
Dialer |
3 |
|
|
15 |
Hijacker |
3 |
|
|
16 |
Proxy |
3 |
|
|
17 |
PUP |
3 |
|
|
18 |
Constructor |
2 |
|
We appreciate any feedback on our products
from our valuable customers. You would also notice daily
news updates on our Spyware patch releases. You will
also find more detailed information on the Spyware Encyclopedia
pages which can be reached either from Spyware
we Remove Link or by clicking on the Spyware Detector
itself after a particular Spyware is detected, by clicking
on Threat Information Link right next to the name of
the Threat detected.
Please continue to support this effort
by reading this blog for the latest information on new spyware
releases. You are welcome to send us queries on any
spyware that can not be removed from your PC. Our
technical support will be happy to help you through
chat, email or free remote support. We will not rest until Spyware writers give
up and let the users of PCs enjoy their computing as
it was intended to be without any slowdown, without
fear of losing Privacy and with no advertisements or
other unwanted nuisances.
Rachna Pradhan
CTO
Max Secure Software
|
Submit
a Threat
Request
for Software to be Removed from our Database
