Friday, August 27, 2004

Adware Download Tips

The key to adware removal is using a high-quality adware download program with updated definition files.

Adware removal is difficult if you're using a free adware download that doesn't include all the latest threats.

At present, there are more than 67,000 adware removal definitions in the top programs. Most of the free adware download programs have search files with roughly 30,000 definitions.

If you're serious about removing ad-ware and spyware, then you want the best adware removal program, not a freeware adware download.

The best adware download is No Adware.

Important features in adware download tools include:

  • Automatic update of pest control definition files
  • Scheduled scans for adware removal
  • Scan on the fly - search files or downloads for hidden pests
  • Free adware download - Try it out for free

  • No Adware has these features and more, plus you can try it for free.

    Click here for Adware Download.

    Use the free trial option to see how effective No Adware is at removing every type of adware pest.

    No Adware really is the best adware download for ad-ware or spyware removal. Try it for free and see for yourself right now.

    Click here for Free Adware Download.

    Here's a quick recap of the No Adware download features:

    -Largest definition file - Keeps you safe
    -Automatic updates - Keeps you current
    -Auto scan option - Set and forget - No worries
    -Custom scan option - Search entire drive or just a folder
    -Automatic backups - Allows full system restore if needed
    -Extensive customer support - Help is always available

    You know you need a good adware download solution.

    You can try No Adware for free. Go ahead and try it.

    Decide for yourself if it's what you need.

    Click here for the best Adware Download.

    Shruggle Virus, Sasser Virus, Gaobot Worm and Other Viruses

    - Weekly report on viruses and intruders -

    Virus Alerts, by Panda Software (

    Madrid, August 27, 2004 - This week's report will focus on five malicious code: a virus called Shruggle.1318; two worms -Sasser.G and Gaobot.AIR-; and two Trojans -MhtRedir.S and StartPage.JL-.

    Shruggle.1318 cannot spread automatically through its own means, but spreads its infection to other files. It infects other computers when previously infected files are distributed. These files can reach computers through the means normally used by viruses (floppy disks, email messages with attached files, Internet downloads, files transfers via FTP, IRC channels and P2P (peer-to-peer) file sharing networks, etc.).

    Shruggle.1318 infects PE and DLL (Dynamic Link Library) executable files inWindows 64-bit operating systems for AMD processors.

    The first worm in today's report is Sasser.G, which spreads via theInternet, attacking remote computers and exploiting the LSASS vulnerability. To do this, it sends ICMP queries to random IP addresses through TCP port445. Sasser.G only spreads automatically through computers running WindowsXP/2000, and works in the rest of the Windows operating systems if the file carrying the worm is run by a malicious user.

    Finally, it is worth highlighting that Sasser.G exploits the LSASS vulnerability, causing a buffer overflow in the LSASS.EXE program, which restarts the computer.

    Gaobot.AIR is a worm that creates a backdoor and uses a range of means of propagation, such as those mentioned below.

    - It exploits the LSASS, RPC DCOM and WebDAV vulnerabilities to spread via the Internet.

    - It makes copies of itself in the shared network resources it manages toaccess.

    - It can get into computers with SQL Server with the System Administrator(SA) password left blank.

    - It can get into computers with the DameWare Mini Remote Control program installed and into computers affected by the following backdoor Trojans: Optix, NetDevil, Kuang and SubSeven.

    Gaobot.AIR allows remote control of the computers it affects, enabling an attacker to carry out actions like the following: run commands, download and run file, and capture the keystrokes entered.

    We are going to finish today's report with MhtRedir.S, a Trojan that exploits the vulnerability reported in the Microsoft bulletin MS04-013 to run on the affected computer when the user visits a web page with malicious content.

    When it is run, MhtRedir.S connects to a certain web page and downloads a file called HELP.CHM. This file contains a Trojan called StartPage.JL, which changes the home page of Internet Explorer and the default search options.

    For further information about these and other computer threats, visit Panda Software's Encyclopedia at: