allentech.net

Home > Browser Parasites > Parasite Database > DailyWinner

About Us

Online Stores

TQ Support

Web Services

Database Help

Tech Links

Projects

Online Manual

Browser Parasites

Privacy Policy

Contact us

Send Page

Limited Time!
Totally FREE Web Design!
Click here!

Blue Host

Parasite: DailyWinner

This record last updated Tue Sep 20 2005 00:34:15

PLEASE NOTE: Due to the overwhelming extent of this problem and the unbelievable volume of email we have received, we regret that we cannot respond to questions about browser parasites at this time. If you have attempted to contact us about this parasite please accept our apology for not responding. "Thank you's" are always appreciated ;-)

Description

DailyWinner is popup-spawning adware implemented as an Internet Explorer Browser Helper Object (BHO).

DailyWinner is operated by Razor Media, who are also behind the ClickTheButton and WhileYouSurf parasites as well as some variants of FavoriteMan.

Variants

DailyWinner/ger early version distributed from prizeentry.com. Filename ger32.dll. Not common.

DailyWinner/veg, targeting more sites, filename veg32.dll.

DailyWinner/vern, DailyWinner/vernn, DailyWinner/kvern: more recent updates with filenames vern32.dll, vernn16.dll and kvern16.dll respectively.

Also known as

InvisiblePop, after the software’s internal object name. The ger variant is similarly called HomePager.

Distribution

Known to be installed by the FavoriteMan parasite.

What it does

Advertising

Yes. When one of site in a predetermined list is visited, it contacts its controlling servers at dailywinner.net, which may open an advert.

Privacy violation

Currently no practical problem; the URL of the site visited is passed to the controlling server dw.dailywinner.net, but no ID is used so web usage cannot be tracked.

Security issues

No.

Stability problems

No.

Removal

Open a DOS command prompt window (from Start->Programs->Accessories) and enter the following commands, for DailyWinner/ger:

cd "%WinDir%\System"
regsvr32 /u ger32.dll

Or, for DailyWinner/veg:

cd "%WinDir%\System"
regsvr32 /u veg32.dll

Or, for DailyWinner/vern:

cd "%WinDir%\System"
regsvr32 /u vern32.dll

Or, for DailyWinner/vernn:

cd "%WinDir%\System"
regsvr32 /u vernn16.dll

Or, for DailyWinner/kvern:

cd "%WinDir%\System"
regsvr32 /u kvern16.dll

Restart Windows and you should be able to delete the program file ger32.dll (ger variant), veg32.dll (veg variant), vern32.dll (vern variant) vernn16.dll (vernn variant) or kvern16.dll (kvern variant) from the System folder (which can be found in the Windows folder; it is called ‘System32’ on Windows NT/2000/XP).

You can also delete the ‘print32.dll’ data file saved in the same folder by variants other than ger.

* Parasite information and detection script by Andrew Clover - www.doxdesk.com, used with permission.

For more information about Scumware, Spyware and Parasites, their sources and their cure, visit our About Parasites page and related Tech Links.

Visit our new services portal at Allen One for a completely new parasite database format, comming November 2005!

webmaster@allentech.net
Tech Bench
Web Analytics by My-OLAP!

Top