ADWARES & MALWARES

SPY-WARES

Personally I describe and define Spy wares as “programs containing promiscuous, malicious, codes meant to severe a user of his encrypted or non-encrypted data.” Sometimes they are called "Malwares." I once read a paper written by Google coders who called Spy-wares "The Ghost In the Browser." It is a wonder to see that the fight against these Internet and Computer threats is equally matched with intense "promiscuous program coders." Regular updates are needed for any anti-spy ware of your choice.
What you have to know about programs and codes is simple. You don’t have to be a computer guru to be aware of all these things. Perhaps your knowledge of them could as will save you a lot of trouble. There are certain routines, functions that keep all our computers rolling. Most of these routines and functions are stored library files. You could best describe them as the (soft) Spinal cord of any computer. These library files are either static or dynamic. The most common are the Dynamic link libraries commonly called .dlls. All forms of objects fall into this category whether Active-X –ocx files, Classes-cls, forms –.frm, or modules-.bas One of the most important of these types that co-ordinates Operating system images and files is kenel.32. You should also know that dynamic link libraries also control the System registry. Most attacks to any computer, whether a Client, Workstation or Mainframe Server is usually directed to these parts of your computer. Recently there has been a major upsurge in attacks on Personal Computers and systems of all sorts especially to these sensitive areas. They could inflict severe and permanent damages to your expensive hardware and software. You might be wondering what the difference between Viruses and Spy-wares is. Well, personally I’d say there isn’t any. They could come from your back door or your front door with the wanton objective of destruction. It may be gradual it may be spontaneous. Some computer scientists all over the world have begun massive cyber-hunt and defense against such programs that are crawling all over the Internet.

There is a statistic that says 80% of most PCs are vulnerable to spy-ware attacks. Believe me spy-ware programs are capable of doing more harm than viruses in some cases.

Their damages could go as far as infringement on financial records, hacking, denial of service, wireless decryption etc. Spy wares have been known to cause heavy damage to computers all over the world. . Typical ones are:


1. Name: Bonzi-budy
Category: Spy-ware
Description: Bonzi-budy is a Spy-ware program that can track how you use your computer or surf online without your permission and can launch annoying pop-up ads. It’s often installed with other “free” programs without your permission or clearly identifying that it exists on your computer. Spy ware can be difficult to uninstall. Type Object location Key
Hkey-local-machine\software\classess\clsid\{461De7bf-7..
Hkey-local-machine\software\classessinterface\{4610e
Hkey-local-machine\software\typelib\{4610e\{4678bf4

2. Name: Unknown Trojan
Category: Trojan
Description; Trojans are programs that have hidden, unwanted intent. Other categories (like Aol Pests and RATS) may also be considered Trojans.

Example: E:\Documents and Settings\user\local settings

3. Name: Gator/GAIN/ Claria:

Software that opens popup/pop-under ads when the main product is not running or shows windows that do not appear to be connected to the product such as pop-under ads while web browsing. These ads may or may not be targeted and are not displayed within the form of an ad-sponsored application

Example:
Type: Object application Cookie user@gator[1].txt

4. Name: Virtual Bouncer

Category: Ad-ware
Description: Software that opens popup/pop-under ads when the main product is not running or shows windows that do not appear to be connected with product. These ads may not be targeted and are not displayed within the form of an ad sponsored application.

Object Type Key
hkey_local_machine\software\classes\richtext.richtextctrl

5. Name: - 207.net

Category: Tracking Cookie
Description: - Tracking cookies are text files that are used by two or more websites to identify your repeated visits to the same domain for the purpose of serving targeted advertising. This type of cookie is extensively used by many websites. If you have decided to scan for tracking cookies, you will likely see them appear in every result after browsing the web. Tracking cookies do not pose a security threat as such
Type Object location
Cookie user@207[1].txt

Other possible threats:
7search.com,
ds.adsag,
Advertising.com,
AtlasDMT.com,
Bluestreak.com,
Casalamedia,
Centport.net,
Com.com,
Domain Sponsor.com,
Doubleclick,
Fastclick,
Hitbox.com,
Mediaplex.com,
Passport.com,
Questionmarket.com,
Revenue.net,
Servedbyadvertising,
Serving.sys,
Startcounter,
Traffic Marketplace,
Tribalfusion.com,
Z1Adserver.com,
Zedo