home | requirements | help | contact | scan now  
Hunter's Word

The Internet is filled with amazing amounts of information. There is so much to be explored and so much to learn. It would seem that this information is freely available to anyone. An informational garden of Eden.
This is not entirely the case. In this garden there are snakes at almost every click of the mouse, waiting to strike. There is always a new breed. One we did not recognize yesterday, disguised as something friendly, or necessary. Spyware and adware have moved from the shadows of software piracy and pornographic websites. I've infected computers installing
screensavers, games, listening to music, or even just browsing for information. It is not safe out there, unless someone is constantly keeping up with the newest infections and latest variants of known malicious software. We are doing just that to make sure our software is up to the task of removing the latest infections.
A Hunter's work is never done.


- 20060421 - Keyloggers
- 20060417 - VXGame
- 20060330 - Winsupdater
- 20060311 - Mailspam
- 20060228 - Hijackers
- 20060212 - Disabler
- 20060114 - INET
- 20060104 - Raze
- 20051219 - SpyAxe
- 20051205 - MsConfg
- 20051116 - NNNL
- 20051109 - KickOff

Hunter's Log: 20051109 143201

Spyware or virus? Sometimes this distinction is difficult to make.

More and more Spyware programs tend to have the same characteristics as viruses. In order to find out exactly what any Spyware program does, we need to infect a clean windows machine with the malicious program.

Recently I collected some files which were downloaded with a bundle of Spyware and adware programs I had on my test machine. I ran one of these files on my machine and noted the usual result of a hijacked home page, popup advertisements and lots of unsolicited connections to different servers. I recorded the information and saved the new files and restored the computer to a clean state in order to do further tests. As soon as the computer started up, popup windows began to appear. The computer was obviously not free of adware/Spyware.

We have several machines on our test network. It took a little while and some inspection of the other computer on the test network to understand what had happened. The same file that had installed several Spyware and adware programs on my test PC had spread itself to another computer on the network. This program, remained resident in the memory of the other PC and promptly re-infected my test PC when it cam back online. Exploiting network vulnerabilities is a method commonly used by viruses to spread across a local area network. This program had done this in order to install adware and Spyware programs on other computers. This makes the distinction between virus and Spyware more difficult to make.

Fortunately, it is very clear that whatever the classification, it is obvious that the malicious program is not welcome on any computer.

A few more tests with the malicious files and an update can be made to ensure that Spyware Nuker can remove this nefarious infection from any user’s PC.

End of Entry