Acme Evil

When browse through China websites usually would being to pop out several advertise pages, or having to install some components and continue to browse. Or perhaps downloaded software from the China websites that be bedded other softwares. It must be forced to install and can use original software. Even the RM or RMVB format files that because of oneself the file format had auto function of opening the web page be used to infix advertisement. These example are too numerous to enumerate.

Understood not very much before, but know finally recently those malice software is what! Because I also am ever and deeply harmed by it!

The malice software lies in the virus with regular software or business software. It's classification contain a lot of kinds.( The follows are sorting and classifing by myself. ) for examples:

Kidnap home page: This kind of malice software will distort the settings of the browser and force an user to browse certain one page with the Plugin, the browser assistance tool(BHO) or the Winsock LSP(the Layered Service Provider), and usually can't change or move. These softwares have : 3721 networks, Tao-Bao net, BT launch machine, DuDu accelerator, CNNic Chinese to the Internet, 3721 Internet Assistant, 888y, 9i5, 37021, instafinder, cnww, okww etc..

The Malicious shareware: This kind of softwares use common used software to bind the malice software and lure by money offers or the trap or other methods to let the user to register, or force to install to the computer directly. Be often used to be the tools that carry with the malice software : Media Player Classic, QQ2005, KUGOO, Trojan expert 2006, WINRAR, Skype crack version etc., These softwares have no wrong. Wrong is the person who joins the malice software.

Spyware and Track ware: This type usually install secretly in the computer to be a rootkit(back door). It records the user's usage habit, information, account number, password etc. Familiar of in addition to the Trojan programs, the others are 3721 networks, GetRight, Keyloggers, Dialers etc..

Paralyze the anti-virus software or other softwares: Some malice softwares avoid the anti-virus softwares or anti-hack softwares to detect for the sake of the protection itself and after install them make duplicate by their own in the meantime and carry out a lot of processes first. Maybe they open a lot of processes to paralyze an anti-virus software and letting the anti-virus software can't thoroughly clearance; Perhaps they paralyze the bandwidth flooding. This kind of software contain: DMCase desktop tools, BankAsh-A(the bank cash) etc..
Advertise software(Adware): Reach the advertisement benefit or earning advertising reward, the softwares will open many advertisement Windows compulsorily. More than the behavior, user can't remove softwares completely. For example： IE_WinServerName, vste, 37ss mutation, NetSystem, DiRVIn etc..

The vedio advertises: This type most occur in the RM or the RMVB files. Because of oneself design to be haven the function of the automatic performance affairs(events) and just be made to use to be advertise tool. This behavior of the video let user to abominate extremely.

The top tool of the clearance malice softwares probably is "360 Safe Bodyguard ". This software author can be treated as the first ancestor of the malice software. But now he repent and develop this software to let people avoid the banes of the malice software. Another software is "KillSoft ", being called Switzerland knife of the system maintenance.

If want to clean the advertisement of the RM or RMVB files. We can clean the RM advertisement by the freeware Real Fileter or shareware "Real Producer Plus" and the "SuperRrabbit".

"360 Safe Bodyguard" is more effectively to the malice software of the China. To remove malice softwares of the western word have to depend on the "Ad-Aware SE "! However "Ad-Aware SE" only the personal version doesn't need to be paid and other of all want to pay. And The tool of the Microsoft oneself Microsoft Windows Malicious Software Removal Tool can be try.

In fine, if meet a web page of having the oddness behavior or the free softwares that free and have full functions, have to notice more by ordinary time. Be carelessly very easy to become a victim by malice softwares.

P.S: If use the China softwares, the simplified Chinese interface of softwares usually will be a disorderly code. By this way, We can use the Microsoft AppLocale .

---

有時候上大陸網站，常常會莫名跳出視窗，或者必須要安裝某些元件才能繼續瀏覽等等，又或者從大陸下載的軟體當中被綑綁了其他的軟體，強迫安裝才能使用原來 的軟體，甚至連RM或RMVB因本身檔案格式有自動開啟網頁的功能，而被利用來作為夾帶廣告的影音檔。這些例子多的不勝枚舉。以前還不是很了解，最近終於 知道那些惡意軟體是什麼東西了！因為我也曾經深受其害！

惡意軟體介於病毒與正規或商業軟體之間，其分類有很多種，以下是我自己整理分類的，譬如說有：

綁架首頁：這種惡意軟體會篡改瀏覽器的設定，以瀏覽器的Plugin、瀏覽器輔助工具(BHO) 或是Winsock LSP(Layered Service Provider)的形式來強迫使用者瀏覽某一畫面，而通常無法更改或移除。這些軟體一般有：3721網路實名、淘寶網、 BT發動機、 DuDu加速器、CNNic中文上網、上網助手、888y、9i5、37021、instafinder、cnww、okww等等。

惡意共用軟體(Malicious shareware):這種會利用各種常用軟體來綑綁惡意軟體，用利誘或陷阱或其他手段來讓使用者註冊，或直接強迫安裝到使用者的電腦裡。一般常見被利用 來綑綁的軟體有：暴風影音(Media Player Classic)、QQ2005、KUGOO、木馬專家2006、WINRAR、Skype破解版等，這些軟體本身並沒有錯，錯的是加入惡意軟體的人。

間諜軟體或(Spyware)是行為紀錄軟體(Track ware)：這一類的通常偷偷安裝在電腦上當作後門(rootkit)，紀錄使用者的使用習慣、資訊、帳號、密碼等資料。常見的除了木馬程式之外，另有3721網路實名、GetRight 、Keyloggers、 Dialers等等。

癱瘓防毒軟體或其他軟體：有的惡意軟體為了保護自己避免被防毒軟體或防駭軟體偵測到，在安裝好的同時先自我複製且執行一堆程序，譬如開啟一堆視窗來癱瘓防毒軟體，就算防毒軟體抓得到卻也砍不完；又或者是癱瘓頻寬(Bandwidth Flooding)等惡意作為。這一類的大概有：DMCase桌面媒體、BankAsh-A (銀行現金)等。

廣告軟體(Adware) ：為個達到廣告效益或賺取廣告費，這類軟體會強制開啟許多廣告視窗，更甚者可能無法完全移除。例如IE_WinServerName、vste、37ss變種、NetSystem、DiRVIn等等。

影片廣告：這一類多半發生在RM或RMVB檔，因本身設計就具有自動執行事件(events)的功能，只是被利用來當作廣告工具。這會讓觀賞影片者不勝其擾。

其他：.....

目前所指比較利害的清除流氓軟體的工具大概是＂360安全衛士 ＂，此軟體作者可說是惡意軟體的始祖，後來＂改邪歸正＂來發展此軟體以讓人們避免惡意軟體的危害。另外一套是＂完美卸載＂，俗稱系統維護的瑞士刀。

如果是要去除RM或RMVB上的廣告可用免費軟體RealFilter(Download from my site)或者使用需付費的超級兔子去除RM廣告軟體或是Real Producer Plus來移除。

360安全衛士對大陸的惡意軟體黑幫比較有效，那西洋的流氓軟體就得靠Ad-Aware SE 囉！不過Ad-Aware SE只有Personal版的才不需付費，其他的都要付費。另外還有微軟自家的Microsoft Windows Malicious Software Removal Tool ，也可以試試看！

另外，如果使用大陸的軟體，簡體字畫面在其他語系通常會是亂碼，這時候Microsoft AppLocale 是可以使用的工具之ㄧ。

總之，如果遇到有著奇怪行為的網頁或者看起來免費又大碗的免費軟體，這時候得更加注意，一不小心很容易就成為被流氓欺負的受害者了。