Recent Posts

Tags

News

  • Please do not request support via email, they will not be replied - however, comments are appreciated. Thank you for your cooperation. ________________________

Community

Email Notifications

I Like Links

Archives

Siljaline's Blog

Siljaline's IE & Security Blog

April 2007 - Posts

MVPS HOSTS File update [04-30-07]

Blocking Unwanted Parasites with a Hosts File

http://www.mvps.org/winhelp2002/hosts.htm
http://www.mvps.org/winhelp2002/hosts.zip (135 kb)
http://www.mvps.org/winhelp2002/hosts.txt (563 kb)
Note: the "text" version makes a good reference for determining possible
culprits

How To: Download and Extract the HOSTS file
http://www.mvps.org/winhelp2002/hosts2.htm

HOSTS File - Frequently Asked Questions
http://www.mvps.org/winhelp2002/hostsfaq.htm

Sign up for HOSTS file update notices
http://www.mvps.org/winhelp2002/hosts.htm#contribute

Visit the Hosts News blog
http://msmvps.com/blogs/hostsnews/default.aspx

Posted: Apr 30 2007, 10:41 PM by Randy Knobloch | with no comments
Filed under: , , ,
Ad-aware Definition File Update [SE1R167] 23.04.07
Please use the web update feature to obtain this latest definition file.

Quote:

New definitions:
====================
UltimateFixer
Win32.TrojanPWS.Maran +13

Updated definitions:
====================
Adware.Agent +12
Adware.BaiduBar
Adware.BHO(generic) +11
Adware.WebBuying +2
Adware.Yazzle
Adware.ZenoSearch +3
Adware.Z-Quest +4
AntiVermins +2
Ardamax Keylogger
BDSearch Plugin
BlazingTools Perfect Keylogger
BookedSpace +5
Dialer +9
FakeAlert +7
PurityScan +7
Redirected hostfile entry +37
Softomate Toolbar +5
SpyDawn
SpyLocked +2
Win32.Backdoor.Agent +9
Win32.Backdoor.Agobot
Win32.Backdoor.BlackHole +1
Win32.Backdoor.Hupigon +6
Win32.Backdoor.IRCBot +2
Win32.Backdoor.IRCZapchast +3
Win32.Backdoor.Poebot +3
Win32.Backdoor.RBot +7
Win32.Backdoor.SDBot +8
Win32.Backdoor.VanBot
Win32.Backdoor.VB
Win32.Bagle.B
Win32.Dialer.Trojan
Win32.Generic.PWS +10
Win32.Generic.Worm
Win32.Malware.Jeefo
Win32.Trojan.Agent +7
Win32.Trojan.Downloader +6
Win32.Trojan.Keylogger +2
Win32.Trojan.Kolweb +7
Win32.Trojan.Pakes +2
Win32.Trojan.Runner
Win32.Trojan.Spambot
Win32.Trojan.Spy +15
Win32.TrojanClicker +11
Win32.TrojanDownloader.Adload
Win32.TrojanDownloader.Agent +17
Win32.TrojanDownloader.Banload +2
Win32.TrojanDownloader.ConHook
Win32.TrojanDownloader.Cryptic +5
Win32.TrojanDownloader.Delf
Win32.TrojanDownloader.ISTBar +2
Win32.TrojanDownloader.Obfuscated +8
Win32.TrojanDownloader.Small +4
Win32.Trojandownloader.Zlob +9
Win32.TrojanDropper +28
Win32.TrojanProxy.Agent.dl +4
Win32.TrojanProxy.Slaper +5
Win32.TrojanProxy.Small
Win32.Trojan-PSW.Lineage +2
Win32.TrojanPWS.LdPinch
Win32.TrojanPWS.Lmir +10
Win32.TrojanPWS.Magania
Win32.TrojanPWS.OnlineGames +46
Win32.TrojanPWS.QQPass +17
Win32.TrojanPWS.WOW +2
Win32.TrojanSpy.Banker +8
Win32.TrojanSpy.BZub +9
Win32.Worm.Warezov +2
Win32.Worm.Zhelatin +112
WinAntiVirusPro
Virtumonde +33
Zango
The MD5 checksum is:1308d3cf994cf3b55025521ae4cdf7a9

Advanced users *may* wish to manually update using the below file:
http://download.lavasoft.com/public/defs.zip
Posted: Apr 23 2007, 02:43 PM by Randy Knobloch | with no comments
Filed under: , ,
Ad-aware Definition File Update [SE1R166] 16.04.07
Please use the web update feature to obtain this latest definition file.

Quote:

New definitions:
====================
PerfectCleaner +2

Updated definitions:
====================
AdArmor +5
Adware.Adhelper +2
Adware.Agent +2
Adware.BHO(generic) +9
Adware.DigitalNames +2
Adware.NaviPromo +2
Adware.NewWeb
Adware.Searchcolours
Adware.VB +3
Adware.WSearch
Adware.Yazzle +3
Adware.ZenoSearch
BlazingTools Perfect Keylogger +4
BookedSpace
ClearSearch +2
ClickSpring
DealHelper +2
Dialer +2
ErrorSafe
EzuLa +2
FakeAlert +2
FixerAntispy +5
Lop
midADdle +2
NeospaceInternetSecurity +2
PurityScan +2
SpyAnalyst +5
SpyAway +2
SpyLocked +2
SpywareSheriff
SysProtect
Virtumonde +11
WhenU
Win32.Backdoor.Agent +3
Win32.Backdoor.Agobot
Win32.Backdoor.Hupigon +8
Win32.Backdoor.Padodor
Win32.Backdoor.RBot +2
Win32.Backdoor.SDBot
Win32.Generic.PWS +3
Win32.Trojan.Downloader
Win32.Trojan.Klone +3
Win32.Trojan.Spambot +5
Win32.Trojan.Spy +2
Win32.TrojanClicker +3
Win32.TrojanDownloader.Agent
Win32.TrojanDownloader.Banload +6
Win32.TrojanDownloader.ConHook
Win32.Trojan-PSW.Lineage +4
Win32.TrojanPWS.LdPinch +4
Win32.TrojanPWS.Lmir
Win32.TrojanPWS.Magania
Win32.TrojanPWS.OnlineGames +10
Win32.TrojanPWS.QQPass +5
Win32.TrojanSpy.Banker +11
Win32.TrojanSpy.BZub +3
Win32.Worm.Warezov +13
WinAD
The MD5 checksum is:e91f248ec9d1ef78caddca7524029197

Advanced users *may* wish to manually update using the below file:
http://download.lavasoft.com/public/defs.zip
Posted: Apr 16 2007, 11:46 PM by Randy Knobloch | with no comments
Filed under: , ,
Spyware Blaster Update 12.04.07
7450 Total Items in the database based on a fully patched XP Pro SP2 box.
Please use the web update feature within: http://www.javacoolsoftware.com/spywareblaster.html to obtain this latest update.



Enable all new protections via the hyperlink as shown in the screenshot.

Posted: Apr 12 2007, 04:01 PM by Randy Knobloch | with no comments
Filed under: , ,
SpyBot Definition File Update 11.04.07
Please use the web update feature to obtain these latest definition files.
NOTE: THE ~ BETA DEFINITIONS ARE FOR ADVANCED USERS ONLY!
Highlights of the currently available download:

Highlights of the new/added detections:
Quote:

Adware
++ Zango.AntiSpamBar ++ Zango.Seekmo
Keylogger
+ Perfect Keylogger (2) ++ WideStep
Malware
++ Free-Key-Logger + InetLoader + Smitfraud-C. (2) + SpyDawn
+ SpyHunter ++ Win32.Agent.ahd ++ Win32.Optix.b
Trojan
+ 1und1Bill.Fake + Hupigon + NumbSoft + Win32.Lager.aq
++ Zlob.MovieBox + Zlob.PrivateVideo + WarezP2P
Total: 373599 fingerprints in 64879 rules for 2804 products.


NOTE: Choose the download mirror site closest to you!
If you receive error messages such as "bad checksum" it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment.

Don't forget to re-immunize SpyBot once the new definitions are applied!

Continue Immunizing until you see this screen:


A brief explanation of the differences in Immunzation between Windows XP and Windows 9x.
http://forums.spybot.info/showthread.php?t=1988

SpyBot Updates History -
http://spybot.info/en/updatehistory/index.html
http://forums.spybot.info/forumdisplay.php?f=2
Posted: Apr 12 2007, 01:19 AM by Randy Knobloch | with no comments
Filed under: , ,
Ad-aware Definition File Update [SE1R165] 10.04.07
Please use the web update feature to obtain this latest definition file.

Quote:

New definitions:
====================
Superutilbar +2
Win32.Trojan.MancSyn

Updated definitions:
====================
Adware.Agent +7
Adware.NaviPromo
Adware.NewWeb
BDSearch Plugin +2
Dialer +6
FakeAlert +7
Lop +5
MalwareWipe +2
PestTrap
PurityScan
Softomate Toolbar +2
SpyLocked +2
SpywareSheriff
Win32.Backdoor.Agent +4
Win32.Backdoor.Bifrose +2
Win32.Backdoor.Hupigon +4
Win32.Backdoor.IRCBot
Win32.Backdoor.PcClient +3
Win32.Backdoor.Poebot +3
Win32.Backdoor.RBot +6
Win32.Backdoor.SDBot +5
Win32.Backdoor.VanBot +6
Win32.Generic.PWS +4
Win32.Trojan.Agent +6
Win32.Trojan.Delf +2
Win32.Trojan.Downloader
Win32.Trojan.Keylogger +6
Win32.Trojan.Klone
Win32.Trojan.Qhost +6
Win32.Trojan.Spambot +2
Win32.Trojan.Spy +3
Win32.Trojan.Starter +2
Win32.Trojan.StartPage +3
Win32.TrojanClicker +4
Win32.TrojanDownloader.Adload +3
Win32.TrojanDownloader.Agent +6
Win32.TrojanDownloader.Banload +38
Win32.TrojanDownloader.ConHook +4
Win32.TrojanDownloader.Cryptic +2
Win32.TrojanDownloader.Delf
Win32.TrojanDownloader.Nurech
Win32.TrojanDownloader.Obfuscated
Win32.TrojanDownloader.Qoologic +3
Win32.TrojanDropper +1
Win32.TrojanProxy.Agent.dl +4
Win32.Trojan-PSW.Lineage +6
Win32.TrojanPWS.LdPinch
Win32.TrojanPWS.Lmir +4
Win32.TrojanPWS.OnlineGames +19
Win32.TrojanPWS.QQPass +9
Win32.TrojanPWS.WOW +2
Win32.TrojanSpy.Banker +10
Win32.TrojanSpy.BZub +3
Win32.TrojanSpy.Goldun +3
Win32.Worm.Viking
Win32.Worm.Zhelatin +3
Virtumonde +4
The MD5 checksum is: 1db885f95f3b2522f6d62ba81ce8db40

Advanced users *may* wish to manually update using the below file.
http://download.lavasoft.com/public/defs.zip

Posted: Apr 10 2007, 12:46 PM by Randy Knobloch | with no comments
Filed under: , ,
MVPS HOSTS file update [04-08-07]
Blocking Unwanted Parasites with a Hosts File

http://www.mvps.org/winhelp2002/hosts.htm
http://www.mvps.org/winhelp2002/hosts.zip (133 kb)
http://www.mvps.org/winhelp2002/hosts.txt (555 kb)
Note: the "text" version makes a good reference for determining possible
culprits

How To: Download and Extract the HOSTS file
http://www.mvps.org/winhelp2002/hosts2.htm

HOSTS File - Frequently Asked Questions
http://www.mvps.org/winhelp2002/hostsfaq.htm

Sign up for HOSTS file update notices
http://www.mvps.org/winhelp2002/hosts.htm#contribute

Visit the Hosts News blog
http://msmvps.com/blogs/hostsnews/default.aspx
Posted: Apr 08 2007, 06:32 AM by Randy Knobloch | with no comments
Filed under: , ,
SpyBot Definition File Update 04.04.07
Please use the web update feature to obtain the latest definition files.
NOTE: THE ~BETA DEFINITIONS ARE FOR ADVANCED USERS ONLY!
Highlights of the currently available download:

Highlights of the new/added detections:
Quote:

Keylogger
++ A-Spy 2.11 ++ Palsol ++ CyberSpy ++ AYOSpy
Malware
++ AllInOneKeylogger + SpyDawn ++ SpyLocked
+ Winsoftware.WinAntiVirusPro2006 + PestCapture + VirtuMonde
Trojan
+ Zlob.VideoAccessActiveXObject ++ Zlob.MovieCommander
+ Zlob.SiteTicket + Zlob.HQCodec + Zlob.PornPassManager
+ Zlob.VideoKeyCodec + Zlob.VideoBox + AnotherBot + Daugeru
+ Win32.Bancos.zm ++ Banker.AHY ++ Win32.Small.cnd
Total: 372150 fingerprints in 64388 rules for 2787 products.


NOTE: Choose the download mirror site closest to you!
If you receive error messages such as "bad checksum" it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment.

Don't forget to re-immunize SpyBot once the new definitions are applied!

Continue Immunizing until you see this screen:


A brief explanation of the differences in Immunzation between Windows XP and Windows 9x.
http://forums.spybot.info/showthread.php?t=1988

SpyBot Updates History -
http://spybot.info/en/updatehistory/index.html
http://forums.spybot.info/forumdisplay.php?f=2
Posted: Apr 04 2007, 05:19 PM by Randy Knobloch | with no comments
Filed under: , ,
Ad-aware Definition File Update [SE1R164] 02.04.07
Please use the web update feature to obtain this latest definition file.

Quote:

New definitions:
====================
Win32.Backdoor.BlackHole
Win32.Backdoor.Lecna +3
Win32.TrojanProxy.Cimuz +6
Win32.TrojanProxy.Slaper +7

Updated definitions:
====================
Adware.2Search +4
Adware.Agent +7
Adware.BHO(generic) +2
Adware.IEHlpr +2
Adware.NewWeb +3
Adware.Stud +2
Dialer +2
EasySearch +3
EGroup Dialer +2
FakeAlert
Lop +8
OnFlow
SCKeyLog Trojan +4
Softomate Toolbar +3
Tracking Cookie +3
Win32.Backdoor.Agent +8
Win32.Backdoor.Bifrose
Win32.Backdoor.Hupigon +6
Win32.Backdoor.IRCBot
Win32.Backdoor.Poebot +4
Win32.Backdoor.RBot +2
Win32.Backdoor.SDBot +6
Win32.Backdoor.VanBot +2
Win32.Backdoor.VB
Win32.Bagle.B +5
Win32.Generic.PWS +2
Win32.Generic.Worm +1
Win32.Trojan.Agent +10
Win32.Trojan.Spy +18
Win32.Trojan.StartPage +8
Win32.TrojanClicker
Win32.TrojanDownloader.Agent +5
Win32.TrojanDownloader.Banload +9
Win32.TrojanDownloader.ConHook
Win32.TrojanDownloader.Cryptic +3
Win32.TrojanDownloader.Small +5
Win32.TrojanProxy.Agent.dl +2
Win32.TrojanPWS.Lmir +5
Win32.TrojanPWS.OnlineGames +17
Win32.TrojanPWS.QQPass +14
Win32.TrojanPWS.WOW
Win32.TrojanSpy.Banker +8
Win32.TrojanSpy.BZub
Win32.TrojanSpy.Goldun +2
Win32.Worm.Warezov +6
Win32.Worm.Viking +6
WinAD
Virtumonde +5
The MD5 checksum is:acb4db479a8e1c99822ec909f9623380

Advanced users *may* wish to manually update using the below file:
http://download.lavasoft.com/public/defs.zip
Posted: Apr 02 2007, 11:37 AM by Randy Knobloch | with no comments
Filed under: , ,