Submit a Threat
Submit a threat to be reviewed by our research team

Submit a Threat
Spyware & Adware Categories we scan
   
List of Spyware &
Adware we remove
Testimonials
Request for Software to be Removed from our Database

Let us know if your software is detected by Spyware Detector and would like our research team to review it.

Submit a False Positive
 
August 13, 2008

Spyware Detector Now includes TCP Viewer, Anti-Virus Scanner soon to be released...

Intelligently designed new Live Update module has already reached all of you. Customers with slow internet connections complained and we listened. We brought to you newly designed Live Update module which is providing incremental updates as before but faster and with resume facility so you only download what was not downloaded before. Read more about this in the previous Blog dated July 7, 2008. Spyware Detector team is also working on the enhanced Scanner Engine which will bring to you even faster scanner to match the spirit of Olympics marathon runners. This release should come to you even before I write the next blog.

Today's Spyware Detector update includes new TCP viewer . It can be found under the Options tab>Process/TCP Viewer. Here you can see all the processes on your PC connecting to any network with the local and remote IP addresses and their current state information. This option can be used by advanced users who can view if any unknown application is making connection to outside server to download malicious files or sending personal information out. If you wish to terminate this connection,  add this IP address by clicking on the Internet Fix tab under Options in the TCP/IP list. TCP/IP list contains all unwanted / spyware server IP addresses as found in the Spyware Detector Research Lab by automated and Manual Spyware Detection tools.

Another new module added in today's update is Memory scanner. It is an enhancement of the Scanning engine which identifies the spyware files and also lists other processes (exes, dlls or ocx)  along which this spyware component is loaded in the memory. For example, some spyware would load with explorer.exe or iexplore.exe so every time explorer or Internet Explorer is launched, this spyware process is also launched. Spyware Detector is providing this information to the users to show the severity of infection. Spyware Detector Quarantine all such Spyware files without terminating the processes. If PC reboot is required it will be requested by Spyware Detector. These findings are also written in Spyware Detector log as well. It will be notified in the user interface of Spyware Detector as Threat Type : Memory as below:

Spyware Detector is also adding detection and repair of virus infected files in the Scanner Engine. In the next update you will find virus scanner added with a  new check Box option under the Full Scan, along with the Malicious File and Rookit Scan. This option will quarantine the files and registry entries added by viruses and repair the infected / modified files including system files and others.

Last month, we came across many Fake Anti Spyware tools which are trying to scare users with false scan reports. Fake Anti Spyware.AntiVirusXP2008 continues to trick the users and evade detection by database scanning of several anti-spyware and anti-virus products by making few changes here and there in the registry entries, domain name, software ID etc. such as:

old registry entry:

"RegistrationUrl"="http://www.AntivirusXP08.com/buy/b4b4245ba88fb1719030bb015cce5bfc/6154"

new registry entry:

RegistrationUrl    "http://www.avxp-08.com/buy/ "

Adware.FakeAlert was mostly responsible for downloading different Fake Anti-spyware products on the users PC giving false warnings and enticing them to buy

http://www.spywaredetector.net/SDFraudToolFix.exe . Fraudtool patch is written for specific spyware. Some spyware will not let spyware detector and many other well known anti-virus or anti-spyware products install on the infected users pc. It also downloads and installs many fake anti spyware tools such as winreanimator, antivirusxp2008, antivirusxp2009 etc. SDFraudtool patch removes such infections and once PC is clean, users can install Spyware etector and similar other anti-spyware products which were being killed before by this spyware. This FakeAlert infection completely overwrites the beep.sys file with its own code. Beep.sys file is responsible for the beep that you hear when you restart your pc. Spyware Detector quarantines this file.

Here is the summary on the Spyware Categories processed for Spyware Detector Threat Definition updates for the month of July:
No. Spyware Category Count  
1 Fake Anti Spyware 80  
2 Trojan 78  
3 Adware 41  
4 Backdoor 37  
5 Downloader 28  
6 Worm 21  
7 KeyLogger 20  
8 HackTool 9  
9 Keygen 9  
10 ToolBar 9  
11 Spyware 8  
12 Dropper 7  
13 PSW 5  
14 Dialer 3  
15 Hijacker 3  
16 Proxy 3  
17 PUP 3  
18 Constructor 2  

We appreciate any feedback on our products from our valuable customers. You would also notice daily news updates on our Spyware patch releases. You will also find more detailed information on the Spyware Encyclopedia pages which can be reached either from Spyware we Remove Link or by clicking on the Spyware Detector itself after a particular Spyware is detected, by clicking on Threat Information Link right next to the name of the Threat detected.

Please continue to support this effort by reading this blog for the latest information on new spyware releases. You are welcome to send us queries on any spyware that can not be removed from your PC. Our technical support will be happy to help you through chat, email or free remote support. We will not rest until Spyware writers give up and let the users of PCs enjoy their computing as it was intended to be without any slowdown, without fear of losing Privacy and with no advertisements or other unwanted nuisances. 

Rachna Pradhan 
CTO
Max Secure Software




Post a Comment

Your Name*
Company Name*
E-mail Address*

 
Your Comments
Message*