VX2.Transponder Browser Plug-in Definition - Browser Plug-in Spywares, Adwares, Viruses Reviews and Info

Main Menu

Categories

Adware
Adware Bundler
AOL Exploit
Backdoor
Browser Hijacker
Browser Plug-in
Commercial Key Logger
Commercial Remote Control
Cookie
Dialer
E-Mail Flooder
Hostile ActiveX Control
ICQ Exploit
Joke Program
Key Logger
Loader
Low Risk Adware
Misc
Nuker
P2P
Password Hijacker
Potential Privacy Risk
Potentially Dangerous Tools
RAT
Search Hijacker
Security Disabler
Spyware
Stealth Notifier
Surveillance
Toolbar
Trojan
Trojan Downloader
Trojan FTP
Trojan Telnet
Viruses
Worm

VX2.Transponder Browser Plug-in Information

Name:	VX2.Transponder
Category:	Browser Plug-in
Alias:	- Alias: eXactSearchBar, eXact, eXact Search bar, Exact Searchbar
Advice:	Remove
Risk:	Moderate Risk Moderate threats may profile users online habits or broadcast data back to a server with 'opt-out' permission. In most cases this type of threat is more along the lines of commercial type adware that offer a premium service in exchange for tracking your user online performance.
Description:	VX2 is an Internet Explorer Browser Helper Object that monitors web page requests and data entered into forms, sending this information to its home server, and opens pop-up advertisement windows. VX2 also collects and sends personal information. VX2 also has the capability to update itself and install other software. There are two variants of this parasite with different file and internal names, but both work identically. While the user is browsing the Web, it will pop up advertisements based on what page is being visited, what's being searched for, how quickly the user is surfing, etc. Transponder's ad-displaying algorithm appears to weight the occurrence of ads in such a way that they appear to come from the page(s) being visited. VX2 opens pop-up advertisements depending on targeted URLs being browsed, targeted terms being entered into search engines and other forms, and how much browsing is being done - the software tries to hide by not opening advertisements when little is happening. From the Vendor: "The software goes along with the user of the software as they are surfing around the web and builds reports on the activity. The software monitors the click stream activity of the consumer and communicates with servers. The software monitors some activity of the PC and communicates with servers." Information Gathered by VX2: Upon its first load, VX2.dll will look for a file in your Windows directory called oeminfo.ini. If present, this file contains information about your computer provided by the OEM--who you bought it from, serial #/etc., processor and configuration, tech support info, and maybe your name. (IIRC, this information is displayed if you go to Start > Settings > ControlPanel > System and view the first tab.) The software covertly collects all sorts of information about your Web surfing habits, including lists of Web sites you visit (and even sites you've visited before installing their software), any terms you enter into a search engine, and contents of online forms--including "secure" forms using SSL encryption(!). The company has the audacity to claim that this is done "in order to save you the time and trouble of submitting such information to us yourself". It also stores cookies to persistently identify you across sessions. The software collects and transmits your full name name and e-mail address as used by the Outlook mail client. It also transmits back a laundry list of information about your system, which is described in more detail below. Finally, the software transmits details about your interaction with the software. The software also includes an auto-update capability with the stated purpose of updating not only the VX2 spyware itself, but also installing additional third-party programs, including additional spyware. According to the VX2 website: "The software goes along with the user of the software as they are surfing around the web and builds reports on the activity. The software monitors the click stream activity of the consumer and communicates with servers. The software monitors some activity of the PC and communicates with servers." It is a Browser Helper Object that is distributed with unknown third-party software, including AudioGalaxy Satellite. While the user is browsing the Web, it will pop up advertisements based on what page is being visited, what's being searched for, how quickly the user is surfing, etc. Transponder's ad-displaying algorithm appears to weight the occurrence of ads in such a way that they appear to come from the page(s) being visited. Transponder/Blackstone is controlled by blackstonedata.net; Transponder/VX2 is controlled by vx2.cc; Transponder/TPS108 is controlled by tps108.or
Signatures:	process: biprep.exe: MD5 Hash: ... process: belt.exe: MD5 Hash: ... process: bi.exe: MD5 Hash: ... process: belt.exe: MD5 Hash: ... process: preinsbi.exe: MD5 Hash: ... process: belt.exe: MD5 Hash: ... process: bi.exe: MD5 Hash: ... process: biprep.exe: MD5 Hash: ... process: biprep.exe: MD5 Hash: ... process: preinsbi.exe: MD5 Hash: ... process: biprep.exe: MD5 Hash: ... process: xweg.exe: MD5 Hash: d2e3944fa29452049c5... process: dcywcqw.exe: MD5 Hash: cdb5c1b1a702dedf03d... process: atm14100[1].exe: MD5 Hash: ... process: atm14100[1].exe: MD5 Hash: ... process: preinsln.exe: MD5 Hash: ... process: preinsln.exe: MD5 Hash: ... process: preinsln.exe: MD5 Hash: ... process: arboot.exe: MD5 Hash: af59bbd5ea10c7b4e7b... process: eber.exe: MD5 Hash: eda8f7bf1d9a6878ee1... process: lot34006.exe: MD5 Hash: e5d9ffce203b5c76c00... process: systb.exe: MD5 Hash: 54713770034e321482a... process: preinsln.exe: MD5 Hash: 32baa015a7e03383a50... process: polall1m.exe: MD5 Hash: bed7b3d2e7be0a872e1... process: sndcfg16.exe: MD5 Hash: d746017b2725131e0e1... process: polall1b.exe: MD5 Hash: ... process: hin-75-1-x-x.exe: MD5 Hash: ... process: speer_v12.exe: MD5 Hash: 784f2cd5682e3eb2c6c... process: druninst.exe: MD5 Hash: ... process: druninst.exe: MD5 Hash: ... process: poltt.exe: MD5 Hash: d28157056a967d75eef... process: wupdt.exe: MD5 Hash: c6b46c6597bb60bedd2... process: djebmm350.exe: MD5 Hash: 145c1f0ed5dcd492f9b... process: jkill.exe: MD5 Hash: 3ebfd187e43df9b4527... process: adt14150.exe: MD5 Hash: 89a1e2a720ffd68cc81... process: load.exe: MD5 Hash: d2e3944fa29452049c5... process: o.exe: MD5 Hash: 3cb76a1d20e75a09187..
Type:	Browser Plug-in - Spyware's primary purpose is to collect demographic and usage information from your computer, usually for advertising purposes. Spyware usually that 'sneaks' onto a system or performs other activities hidden to the user. Spyware programs are usually bundled as a hidden component and downloaded from the Internet. These modules are almost always installed on the system secretively and try to run secretively as well.

Top Browser Plug-in Visited Pages:

3721.com Chinese Keywords - Alias: 3721.com Chinese Keywords browser Spyware - 75 visits
Sexxxpassport Plug-in - Alias: Sexxxpassport.com, SEXXXPASSPORT - 52 visits
FavoriteMan - Alias: TrojanDownloader.Win32.Rameh, Windows Help 4 Smart Browsing, F1Organizer, ATPartners - 43 visits
Netster SmartBrowse - Alias: Netster SmartBrowse Toolbar - 40 visits
MapQuest Toolbar - 39 visits
My Way Speedbar - Alias: MyWayToolbar, MyWay Search Bar - 39 visits
Trojan.BHO.NameShifter.T - 36 visits
Kugoo - 35 visits
EZSearch - Alias: ezSearching, ctavp - 34 visits
Esyndicate - Alias: Esyndicate.BHO - 32 visits

Random Browser Plug-in Pages:

BHO.CSApp
Unclassified.Spyware.BHO.P
MasterBar - Alias: Masterbar pugi
0cat.yellowpages
WindUpdates
Trojan.BHO.NameShifter.IE
EZSearch - Alias: ezSearching, ctavp
Trojan.BHO.NameShifter.M
CheckURL - Alias: BHO.CheckURL
eXact.SearchBar - Alias: eXactSearchBar, eXact, eXact Search bar, Exact Searchbar

� 2006-2008 spyware32.com - Privacy Policy