Home Malware Programs Potentially Unwanted Programs (PUPs) InetStat


Posted: May 1, 2015

InetStat is a Potentially Unwanted Program that provides download monitoring services but also supplements them with in-browser advertisements. Adware programs like InetStat may be at the root of various security concerns and may be inadvertent enablers of browser-based attacks against your computer, making removing InetStat the safest default position. Some discrepancies in the known installation methods for InetStat also may necessitate using PC security tools to uninstall InetStat or to identify its presence.

The Stats behind a Download Statistics Monitor

Russian software most usually receives inspections from malware researchers in response to a rise in new, rogue anti-virus products or ransomware. However, occasionally, less threatening software than a Trojan also comes to their attention. InetStat is a Russian PUP, or Potentially Unwanted Program that offers some legitimate features in exchange for delivering new advertisements through the user's Web browser. Astori LLC, the company responsible for InetStat's development, also has a lengthy history of designing similar adware programs for various purposes. This history has extended to the point where some PC security suites include threat entries specifically for this company's brand of software (RiskWare.Astori, PUP.Astori, etc.).

Although InetStat's marketed features for monitoring your file download statistics do appear to be functional, InetStat also injects browser advertisements automatically, and without providing any controls for disabling them. Depending on the version of InetStat you have installed, InetStat advertisements may use formats such as sponsored search results, side banners or product recommendations.

Malware experts also were unable to find a full archive of all versions of InetStat, raising the possibility of its using fraudulent version numbers in its distribution channels. Previous versions of InetStat, such as InetStat 1.2, occasionally are distributed through websites known for peddling fraudulent security programs and engaging in unsafe download practices. This close relationship between Astori LLC products and scamware is one explanation for why a minority of PC security products misidentify InetStat (and other Astori programs) as threatening.

Surfing the Net with Less InetStat Advertisements in the Way

Most samples of InetStat installers use appropriate and descriptive file names. However, malware researchers do occasionally see InetStat executables with randomized names and other acts of subterfuge that could let InetStat's installation occur automatically. Many, but far from a majority of anti-malware products have developed detection entries for InetStat, which could allow file scans to detect InetStat before or after its installation. Regardless, staying away from all of the usual adware distribution channels, such as freedownloadscenter.com, can offer you the easiest way to keep your browser advertisement-free.

InetStat's development team may be Russia-based, but most confirmed Astori LLC installations have occurred in the United States and Germany. Residents of these first world targets should give all due thought to safe Web browsing practices that can protect them from an unwanted InetStat installer. Alternately, they can remove InetStat with the proper security tools, as is needed.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

C:\Users\<username>\appdata\roaming\inetstat\inetstat.exe File name: C:\Users\<username>\appdata\roaming\inetstat\inetstat.exe
MD5: 56a3d252e99c324eb48b15702d348390
File type: Executable File
Mime Type: unknown/exe

Related Posts