New Targets in Detection [October 2006]
||Installs its own client along with third-party software (that has been known to include NaviSearch and BargainBuddy). Causes frequent pop-ups to appear.
||Installs a system hook that maps keyboard strokes. May cause pop-ups to spawn, and may also send personal information to remote sites.
||Uses a vb script to download additional files from a remote source, then it installs these files and makes them operate in stealth. May cause pop-ups to appear.
||Displays advertisements to the user when surfing the web. It alters the browsing results so that all traffic is being fetched through a CGI script on the page. None of the above is disclosed to the user.
||User can download this rogue anti-spyware program at http://www.antispywaresoldier.com. But it often comes bundled together with malicous downloaders on other homepages. Antispyware Soldier's spyware detection is false, and may show false positives just to swindle the user into thinking it's a trustworthy program. The uninstaller is non-functioning.
||A rogue anti-spyware application. The program states it will remove spyware but it simply installs malware. The user is made to believe it's a good program that removes viruses. Alert warning "pop ups" try to entice the user to buy PestCapture software. If the user restarts the computer, PestCapture automatically scans the user's harddrive and the uninstaller will not function.
||An anti-spyware application. The program states it will remove spyware and does not show any license agreement before installation. The user has to go through a paid registration before any spyware can be removed. Alert warnings try to entice the user to buy Pest Trap's software. If the user restarts the computer, Pest Trap automatically scans the user's harddrive.
||A rogue anti-spyware application. The program states it will remove spyware but it simply installs malware. The user is made to believe it's a good program that removes viruses. Alert warning "pop ups" try to entice the user to buy SpyDefence software. If the user restarts the computer, SpyDefence executes and the uninstaller will not function.
||A rogue anti-spyware application. The program states it will remove spyware but it simply installs malware. The user is made to believe it's a good program that removes viruses. SpyNoMore is installed on all accounts and when the user restarts the computer it will automatically run itself during startup.
||Installs new files and suspicious processes run in stealth for the user. License agreement and a functional uninstaller do not exist.
||A set of downloaders, mail spam bots, rootkits, fake alerts and desktop hijackers. It also downloads other malware such as Pesttrap. After clearing with Ad-Aware SE we strongly recommend you seek further help at the Lavasoft Support forum: http://www.lavasoftsupport.com/
||A worm that spreads through MSN by sending links to all MSN contacts on the compromised computer. The links point to malicious files used to compromise more computers.
||A worm that spreads through e-mail. When infecting a new computer it will scan it for e-mail addresses and then mail itself to those addresses. It may also alternate your host file to block you from accessing certain web sites.
TAI - Threat Assessment Index
The Lavasoft Threat Analysis Index (TAI) system is based on a 10-point scale, with 1 representing the lowest threat and 10 representing the highest. The behavior of the program has more influence when assigning TAI points than the actual technical aspects of the malware. In other words, if the malware secretly attaches without the computer user's full understanding and approval, then it will automatically be given higher TAI points. A minimum TAI value of 3 is required before the malware is put into detection. Read more on the Lavasoft Security Center here.
81% of home computers lack core protection (updated anti-virus software, a firewall and spyware protection).
38% of home computers lack any spyware protection software.
Source: National Cyber Security Alliance
Term of the Month
A Trojan, or Trojan horse, as it's usually known, is a malicious program disguised as, or embedded within, legitimate software. It is derived from the classical myth of the Trojan horse. Compared to other types of malware, like viruses or worms, Trojan horse programs cannot operate autonomously. Just as the Greeks needed the Trojans to bring the horse inside for their plan to work, Trojan horse programs depend on actions by the intended victims.
Like millions of others, you are likely being bombarded with e-mail spam. Before you report the abuse to someone's ISP or domain administration, know that the sender could actually be a victim. Worms can spoof the sender's name; sometimes even the headers can be forged. Read Mary Landesman's tips on how to look up an IP address here at about.com.
Re-Launch of Project Eco
Whether you consider the Greek or Roman origins, the word 'Eco' means the same thing...home. It is a term that denotes where we live and the environment that surrounds us. Lavasoft is proud to present Project Eco as a testament to our strong and unwavering commitment to protecting your environment. Read more here.