Definitions of threats to your privacy, computer and information.

Adware: Adware secretly tracks and gathers personal information--including sites you visit--and ships that data to a remote server for purposes of generating targeted advertisements. Many free, downloadable programs incorporate adware as a way to generate revenue. Best defense: Anti-spyware software such as Spybot Search and Destroy or Lavasoft's Ad-Aware.

IP spoofing: Spoofing disguises packets so they appear to be coming from another source, typically a trusted host. Often used to gain unauthorized access to computers, IP spoofing can be defeated by a firewall that uses stateful packet inspection to peer into data packets to discern their true nature.Best defense: A hardware firewall.

Phishing: A fast-growing form of online fraud, phishing describes sham e-mail broadcasts and Web sites that try to fool people into disclosing confidential data, such as passwords, credit card numbers, and social security numbers. A phishing e-mail may look like it's coming from a trusted vendor--say, your phone company--but in fact is from an unknown source.Best defense: E-mail spam blocker such as IHateSpam or SpamKiller.

Port scanning: The digital equivalent of jiggling doorknobs, port scanning reveals open ports on Internet-connected PCs. Once an open port is found, a hacker can exploit the opening to try to break into the system or install malicious software.
Best defense: Hardware firewall.

Program exploits: This describes a wide variety of techniques designed to take advantage of a flaw or vulnerability in a piece of software, whether it is Windows XP, a Web browser, or an e-mail program. A popular exploit is buffer overflow, where a malicious application purposefully pours too much data into a buffer--a holding point for application data--in order to expose system resources to attack.Best defense: Patching vulnerable software through services such as Windows Update.

Spyware: These applications secretly track system activity. Often bundled with legitimately useful software--such as the Kazaa Media Desktop client software--spyware can often transmit passwords or other confidential data to a remote computer.Best defense: Anti-spyware software.

Trojan horse: This refers to a destructive program disguised to look like a useful application. For example, there has been a recent surge in Trojan horse applications posing as anti-spyware utilities. Users think they are downloading a useful utility, when in fact they are exposing their system to attack. Best defense: Antivirus software such as Trend Micro's PC-cillin Internet Security 2004, anti-spyware software.

Virus: A virus is any malicious program or piece of code that replicates itself and attaches to a hard disk boot sector or partition, or to an application, document, macro, or other software medium. Viruses run the gamut from annoying applets that display innocuous messages to lethal attacks that delete hard disk contents and upload confidential information to remote servers.Best defense: Antivirus software.
Worm: A worm is a type of virus that replicates itself but cannot attach itself to other programs. Worms may propagate by infecting a system and going through its e-mail contact list to broadcast e-mail with a worm-laden attachment to users on the list. Worms can also propagate by finding an open network port that allows entry to your system. Best defense: Antivirus software, hardware firewall, e-mail spam blocker.

TMC's tried Antivirus & Spywear solutions:

Anti-Spywear - www.giantcompany.com
We like this product, has a free 15 day downloadable trial to test. Caught spywear that others missed.

Anti-virus - www.grisoft.com
Has a free version for home use and reasonable professional version. Other options are a spam blocker and other assorted ad on's. We tested this product and so far so good. Heard that some Microsoft offices utilize this software.

Anti - Adware www.lavasoft.de

Big Threats

Favoriatman browser helper - AKA_ TrojanDownloader.Win32.Rameh, Windows Help 4 Smart Browsing, F1Organizer, ATPartners

FavoriteMan is an Internet Explorer Browser Helper Object (BHO). Every so often it connects to its controlling servers, which may direct it to download and install other programs and add entries to the IE Favorites menu or background Desktop. FavoriteMan is a browser helper object that works as an installer for other annoying software and adds favorites to the Internet Explorer Favorites menu and on the PC desktop. Comes in a large number of variants.

FavoriteMan adds advertisers' web sites to the Favorites menu.

Unsolicited commercial software installed by different variants of FavorietMan may include: Transponder/VX2, Transponder/MSView, NetPal, ClickTheButton, ClientMan, ezCyberSearch toolbar, TopText, SideStep, MySearch/MySearch, BargainBuddy/Adp, eXactSearch, NewDotNet, IGetNet/v5, IGetNet/ClearSearch, HotBar, BrowserAid/BrowserPal, CometCursor/Toolbar, ShopAtHomeSelect, ISTbar/Aupdate, DailyWinner, nCase, KeenValue/v1, Mail.com Alerts (which also comes bundled with BargainBuddy/Apuc), Weatherbug (which also comes bundled with MySearch/MySearch), Freeze.com Living Waterfalls screensaver (which may also come bundled with Weatherbug, NewDotNet, SaveNow and Forbes.com Business Alerts, A1Tech AdsGone popup-killer and various homepage hijackers .
FavoriteMan seems to try to find your e-mail address on installation to send to its controlling servers. This may not work.

In the latest Grokster and iMesh bundles there is a section in the small print referring to the FavoriteMan software as NetPal. Mindset Interactive, the producers, seem to use the name "NetPal" to refer to any of their unsolicited commercial software, including FavoriteMan, NetPal and Transponder.

The Favorite, F1 and Mpz variants have been bundled with iMesh. The FOne variant is installed by the Lwz variant. The ZZ variant is bunded with Grokster as of January 2003. The Gr02 variant is bundled with Grokster as of June 2003. The IMZ variant is installed by the lop/IMZ parasite. The Gig variant is installed by software from TwistedHumor.com. ('Gig' refers to Gigatech Software, producers of the SuperBar parasite.) The Ss32 variant is installed by SpyAssault, a supposed spyware scanner from Razor Media LLC (who control this variant). The YsUp variant is installed by ActiveX drive-by download in pop-up adverts served by yesup.net.

FavoriteMan is written and controlled by Mindset Interactive, the same people behind the Transponder and NetPal spyware threats. There is a recent site marketing FavoriteMan at F1 Organizer (with traditional broken link to uninstaller).

Advise: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer or your privacy.

Authors of this treat: Euniverse, Mindset Interactive
Author URL: http://www.euniverse.com/

180 Search assistant - 180search Assistant logs the web pages you visit, when you visit them and uploads the data to its servers.

High risk: Covertly install adware on your system and generate a stream of unsolicited advertisements that can clutter your desktop and affect your productivity. The advertisements may also contain pornographic or other material that you might find inappropriate. The extra processing required to track you or to display advertisements can tax your computer and hurt your system performance.

Of course if you call them they will try and blame the download of their program on you and your surfing behavior. There is no clear disclosure by them or their affiliates that this is going to be loaded onto your machine. If there is disclosure it is hidden in a highly tec. agreement.

Authors of this spywear: 180Solutions
Author URL: http://www.180searchassistant.com
Phone: 425-279-1200

Top of the page