Blessed are the Geeks, for they shall internet the earth

Adware / Spyware Extortion
by Douglas Chick

There are innumerable reports of Adware and Spyware removal programs suddenly appearing on someone’s computer and asking for a fee to remove the viruses it has suddenly discovered. Click HERE to download Video. Many of these programs, if not all of them are the “infection” themselves. The program installs itself on your computer during either a visit to a website, or from a worm that travels the internet looking for an unpatched computer. Some of these computers install other Spyware programs, and will remove them for a fee as well..

SpyFalcon, and SpyAxe are but two programs that are named by Symantec as "Spyware extortion offenders".

http://www.symantec.com/avcenter/venc/data/spyfalcon.html

Extortion viruses are programs that install themselves on your computer, or you install them under false pretenses. The program may take over your computer, warn you of a dangerous virus, and not allow you to use your computer until you pay what seems a typical $29.99 fee to remove it. In addition to taking your money, they take your credit card number and person information and sell them to criminals, perhaps even a terrorist.

Browser Hijackers:

Browser Hijackers are malicious programs that plugs itself into your web browser, and redirects you to another home page upon opening it. This is a guerrilla style of advertising that ensures that the victim can only go to their website upon opening of a browser. Many advertise the purchase of a program that removes the Hijacker.

Method of Infection:

The typical method of infection for a browser hijacker is through the installation of freeware, (free software) A person may think they are downloading a free virus removal program, most are fake, and instead that are downloading the very program itself.

Popups are another method of infection. You may receive a popup that asked you a question with a yes or no answer button. (Do you want to install this on your computer.) Both buttons may read Yes or No, but both buttons are programmed YES.

Examples:

2nd thought
7000n
ActualNames
Adtest
Affilred
AutoSearch
Chorus
ClearX
CnsMin
CoolWebSearch
CoolWebSearch.alfasearch
CoolWebSearch.control
CoolWebSearch.cpan
CoolWebSearch.ctrlpan
CoolWebSearch.DNSErr
CoolWebSearch.ehttp
CoolWebSearch.excel10
CoolWebSearch.explorer32
CoolWebSearch.iefeats
CoolWebSearch.image
CoolWebSearch.keymgrldr
CoolWebSearch.ld
CoolWebSearch.madfinder
CoolWebSearch.mssearch
CoolWebSearch.mstaskm

CoolWebSearch.msupdate
CoolWebSearch.msupdater
CoolWebSearch.mtwirl32
CoolWebSearch.notepad32
CoolWebSearch.olehelp
CoolWebSearch.qttasks
CoolWebSearch.quicken
CoolWebSearch.soundmx
CoolWebSearch.sys
CoolWebSearch.time
CoolWebSearch.winproc32
CoolWebSearch.xplugin
CoolWebSearch.xpsystem
CrackedEarth
CSearch
EasySearch
Expext
Eziin
Fastwebfinder
FindemNow
Findwhatever
Funsta
Httper
ibis toolbar
IEMonit

IETray
ILookup
IncrediFind
Ineb Helper
Inetex
Internet Optimizer
LoadFonts
lookfor.cc
Lop
MaxSearch
MediaUpdate
MetaSearch
MyPageFinder
Perez
PRW
PSN
Realphx
SafeSearch
Seach Assistant
Searchdot
Searchex
SearchMaid
SearchNew
SearchWWW
SearchXl

ShopNav
SmartSearch
Stop Popup Ads Now
Surfairy
Ting
ToolbarCC
Transponder
Trinity
UniversalTB
Weaddon.dll
Wengs
Whazit
Winshow
YinStart
Zyncos

Adware: Adware is an infectious parasite that hides itself in your computer, and displays advertisement in popups. Adware also can gather information about user’s habits and interests and send it out through a background Internet connection. Such behavior allows adware vendors to deliver targeted advertisements to the end user and collect general statistics. These types of programs are difficult to find and remove.

 Adware behavior:

- Continuously serves commercial advertisements and displays pop-ups.
- Installs advertising toolbars, additional adware programs or undesirable third-party software.
- Creates numerous links to advertising resources, places desktop shortcuts to marketing sites, adds bookmarks to the web browser’s Favorites list.
- Tracks user’s web browsing habits, gathers information about user’s interests, records addresses of visited web sites, logs taken actions and sends some or all collected data to a remote server.
- Degrades overall system performance. Some adware parasites are badly programmed; they waste too much computer resources and cause software instability.
- Updates itself via the Internet and often does not provide the complete uninstall feature.

 

HOW TO REMOVE ADWARE?

As it was said above adware parasites are quite similar to spyware threats and therefore cannot be removed with the help of popular antivirus products. To remove them special anti-spyware tools (spyware removers) should be used. These programs scan the system in similar way as antivirus software. However, they have special parasite signature databases, which allow them to detect and eliminate most spyware and adware threats. Powerful spyware removers include real-time monitors that prevent the installation of known risks and unauthorized system modification. The most effective and popular anti-spyware programs are Spyware Doctor, Microsoft AntiSpyware Beta, Spybot - Search & Destroy, Ad-Aware SE, SpyHunter, eTrust PestPatrol.

 

Examples of adware:

123Search
12Trojan.Win32.Krepper.ab
180SearchAssistant
180Solutions
2Search
A Better Internet
ABXToolbar
Acceleration Soft
Ace Club Casino
AceNotes Free
ActiveSearch
Ad-Popper
AdBlaster
AdBreak
AdDestroyer
AdGoblin
AdGoblin.foontext
AdGoblin.plathping
Adhelper
Adlogix
Admess
ADMILLI
AdPartner
AdRoad.Cpr
AdRoar

AdRotator
AdServerNow
AdShooter
AdsInContext
AdsStore
Adstation
Adtomi
AdTools
Adult Material
Advertbar
AdvSearch
Advware.Adstart.b
Adware.Binet
Adware.IEPageHelper
Alset
Altcontrol
AOLamer 3
Aolps-hp.Trojan
Aornum
Appoli
Apropos.bho
AproposMedia
ArmBender
AtHoc
AtHoc toolbar

Attune
Atztecmarketing.syscpy
AUNPS
AUpdate
Aureate.Radiate
Aureate.Radiate.A
Aureate.Radiate.B
Aurora
BackWeb Client
BargainBuddy
BBsee
BDE
BDHelper
Best Phrases
BestSearch
BESys
BigTrafficNet
BlazeFind
Block Checker
Bonzi
BonziBuddy
BookedSpace
BookmarkExpress
Borlan
BroadcastPC

BrowserAid
BrowserToolbar
BTGab
Bulla
BullsEye
CashBackBuddy
CashBar
CashToolbar
CasinoClient
CasinoOnNet
CasinoRewards
CDT
ChannelUp
Checkin
Checkin.A
Checkin.B
ClearSearch
Click Till U Win
Clickbank
ClickSpring
ClickTheButton
ClickToSearch
ClockSync
combrepl.dll
CometCursor

 

Plus many more…

 

  Hacking The IT Cube: The Information Technology Survival Guide -- Douglas Chick



E-mail your comments to dougchick@thenetworkadministrator.com
            
All rights reserved  TheNetworkAdministrator.com

Disclaimer: The Opinions shared on TheNetworkAdministrator.com are contributed by its readers and does not necessarily express the opinion of the creators of this publication.