April 2007 - Posts

• MVPS HOSTS File update [04-30-07]

  Blocking Unwanted Parasites with a Hosts File http://www.mvps.org/winhelp2002/hosts.htm http://www.mvps.org/winhelp2002/hosts.zip (135 kb) http://www.mvps.org/winhelp2002/hosts.txt (563 kb) Note: the "text" version makes a good reference for determining possible culprits How To: Download and Extract the HOSTS file http://www.mvps.org/winhelp2002/hosts2.htm HOSTS File - Frequently Asked Questions http://www.mvps.org/winhelp2002/hostsfaq.htm Sign up for HOSTS file update notices http://www.mvps.org/winhelp2002/hosts.htm#contribute Visit the Hosts News blog http://msmvps.com/blogs/hostsnews/default.aspx Posted Apr 30 2007, 10:41 PM by siljaline with no comments

• Ad-aware Definition File Update [SE1R167] 23.04.07

  Please use the web update feature to obtain this latest definition file. Quote: New definitions: ==================== UltimateFixer Win32.TrojanPWS.Maran +13 Updated definitions: ==================== Adware.Agent +12 Adware.BaiduBar Adware.BHO(generic) +11 Adware.WebBuying +2 Adware.Yazzle Adware.ZenoSearch +3 Adware.Z-Quest +4 AntiVermins +2 Ardamax Keylogger BDSearch Plugin BlazingTools Perfect Keylogger BookedSpace +5 Dialer +9 FakeAlert +7 PurityScan +7 Redirected hostfile entry +37 Softomate Toolbar +5 SpyDawn SpyLocked +2 Win32.Backdoor.Agent +9 Win32.Backdoor.Agobot Win32.Backdoor.BlackHole +1 Win32.Backdoor.Hupigon +6 Win32.Backdoor.IRCBot +2 Win32.Backdoor.IRCZapchast +3 Win32.Backdoor.Poebot +3 Win32.Backdoor.RBot +7 Win32.Backdoor.SDBot +8 Win32.Backdoor.VanBot Win32.Backdoor.VB Win32.Bagle.B Win32.Dialer.Trojan Win32.Generic.PWS +10 Win32.Generic.Worm Win32.Malware.Jeefo Win32.Trojan.Agent +7 Win32.Trojan.Downloader +6 Win32.Trojan.Keylogger +2 Win32.Trojan.Kolweb +7 Win32.Trojan.Pakes +2 Win32.Trojan.Runner Win32.Trojan.Spambot Win32.Trojan.Spy +15 Win32.TrojanClicker +11 Win32.TrojanDownloader.Adload Win32.TrojanDownloader.Agent +17 Win32.TrojanDownloader.Banload +2 Win32.TrojanDownloader.ConHook Win32.TrojanDownloader.Cryptic +5 Win32.TrojanDownloader.Delf Win32.TrojanDownloader.ISTBar +2 Win32.TrojanDownloader.Obfuscated +8 Win32.TrojanDownloader.Small +4 Win32.Trojandownloader.Zlob +9 Win32.TrojanDropper +28 Win32.TrojanProxy.Agent.dl +4 Win32.TrojanProxy.Slaper +5 Win32.TrojanProxy.Small Win32.Trojan-PSW.Lineage +2 Win32.TrojanPWS.LdPinch Win32.TrojanPWS.Lmir +10 Win32.TrojanPWS.Magania Win32.TrojanPWS.OnlineGames +46 Win32.TrojanPWS.QQPass +17 Win32.TrojanPWS.WOW +2 Win32.TrojanSpy.Banker +8 Win32.TrojanSpy.BZub +9 Win32.Worm.Warezov +2 Win32.Worm.Zhelatin +112 WinAntiVirusPro Virtumonde +33 Zango The MD5 checksum is:1308d3cf994cf3b55025521ae4cdf7a9 Advanced users *may* wish to manually update using the below file: http://download.lavasoft.com/public/defs.zip Posted Apr 23 2007, 02:43 PM by siljaline with no comments

• Ad-aware Definition File Update [SE1R166] 16.04.07

  Please use the web update feature to obtain this latest definition file. Quote: New definitions: ==================== PerfectCleaner +2 Updated definitions: ==================== AdArmor +5 Adware.Adhelper +2 Adware.Agent +2 Adware.BHO(generic) +9 Adware.DigitalNames +2 Adware.NaviPromo +2 Adware.NewWeb Adware.Searchcolours Adware.VB +3 Adware.WSearch Adware.Yazzle +3 Adware.ZenoSearch BlazingTools Perfect Keylogger +4 BookedSpace ClearSearch +2 ClickSpring DealHelper +2 Dialer +2 ErrorSafe EzuLa +2 FakeAlert +2 FixerAntispy +5 Lop midADdle +2 NeospaceInternetSecurity +2 PurityScan +2 SpyAnalyst +5 SpyAway +2 SpyLocked +2 SpywareSheriff SysProtect Virtumonde +11 WhenU Win32.Backdoor.Agent +3 Win32.Backdoor.Agobot Win32.Backdoor.Hupigon +8 Win32.Backdoor.Padodor Win32.Backdoor.RBot +2 Win32.Backdoor.SDBot Win32.Generic.PWS +3 Win32.Trojan.Downloader Win32.Trojan.Klone +3 Win32.Trojan.Spambot +5 Win32.Trojan.Spy +2 Win32.TrojanClicker +3 Win32.TrojanDownloader.Agent Win32.TrojanDownloader.Banload +6 Win32.TrojanDownloader.ConHook Win32.Trojan-PSW.Lineage +4 Win32.TrojanPWS.LdPinch +4 Win32.TrojanPWS.Lmir Win32.TrojanPWS.Magania Win32.TrojanPWS.OnlineGames +10 Win32.TrojanPWS.QQPass +5 Win32.TrojanSpy.Banker +11 Win32.TrojanSpy.BZub +3 Win32.Worm.Warezov +13 WinAD The MD5 checksum is:e91f248ec9d1ef78caddca7524029197 Advanced users *may* wish to manually update using the below file: http://download.lavasoft.com/public/defs.zip Posted Apr 16 2007, 11:46 PM by siljaline with no comments

• Spyware Blaster Update 12.04.07

  7450 Total Items in the database based on a fully patched XP Pro SP2 box. Please use the web update feature within: http://www.javacoolsoftware.com/spywareblaster.html to obtain this latest update. Enable all new protections via the hyperlink as shown in the screenshot. Posted Apr 12 2007, 04:01 PM by siljaline with no comments

• SpyBot Definition File Update 11.04.07

  Please use the web update feature to obtain these latest definition files. NOTE: THE ~ BETA DEFINITIONS ARE FOR ADVANCED USERS ONLY! Highlights of the currently available download: Highlights of the new/added detections: Quote: Adware ++ Zango.AntiSpamBar ++ Zango.Seekmo Keylogger + Perfect Keylogger (2) ++ WideStep Malware ++ Free-Key-Logger + InetLoader + Smitfraud-C. (2) + SpyDawn + SpyHunter ++ Win32.Agent.ahd ++ Win32.Optix.b Trojan + 1und1Bill.Fake + Hupigon + NumbSoft + Win32.Lager.aq ++ Zlob.MovieBox + Zlob.PrivateVideo + WarezP2P Total: 373599 fingerprints in 64879 rules for 2804 products. NOTE: Choose the download mirror site closest to you! If you receive error messages such as "bad checksum" it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment. Don't forget to re-immunize SpyBot once the new definitions are applied! Continue Immunizing until you see this screen: A brief explanation of the differences in Immunzation between Windows XP and Windows 9x. http://forums.spybot.info/showthread.php?t=1988 SpyBot Updates History - http://spybot.info/en/updatehistory/index.html http://forums.spybot.info/forumdisplay.php?f=2 Posted Apr 12 2007, 01:19 AM by siljaline with no comments

• Ad-aware Definition File Update [SE1R165] 10.04.07

  Please use the web update feature to obtain this latest definition file. Quote: New definitions: ==================== Superutilbar +2 Win32.Trojan.MancSyn Updated definitions: ==================== Adware.Agent +7 Adware.NaviPromo Adware.NewWeb BDSearch Plugin +2 Dialer +6 FakeAlert +7 Lop +5 MalwareWipe +2 PestTrap PurityScan Softomate Toolbar +2 SpyLocked +2 SpywareSheriff Win32.Backdoor.Agent +4 Win32.Backdoor.Bifrose +2 Win32.Backdoor.Hupigon +4 Win32.Backdoor.IRCBot Win32.Backdoor.PcClient +3 Win32.Backdoor.Poebot +3 Win32.Backdoor.RBot +6 Win32.Backdoor.SDBot +5 Win32.Backdoor.VanBot +6 Win32.Generic.PWS +4 Win32.Trojan.Agent +6 Win32.Trojan.Delf +2 Win32.Trojan.Downloader Win32.Trojan.Keylogger +6 Win32.Trojan.Klone Win32.Trojan.Qhost +6 Win32.Trojan.Spambot +2 Win32.Trojan.Spy +3 Win32.Trojan.Starter +2 Win32.Trojan.StartPage +3 Win32.TrojanClicker +4 Win32.TrojanDownloader.Adload +3 Win32.TrojanDownloader.Agent +6 Win32.TrojanDownloader.Banload +38 Win32.TrojanDownloader.ConHook +4 Win32.TrojanDownloader.Cryptic +2 Win32.TrojanDownloader.Delf Win32.TrojanDownloader.Nurech Win32.TrojanDownloader.Obfuscated Win32.TrojanDownloader.Qoologic +3 Win32.TrojanDropper +1 Win32.TrojanProxy.Agent.dl +4 Win32.Trojan-PSW.Lineage +6 Win32.TrojanPWS.LdPinch Win32.TrojanPWS.Lmir +4 Win32.TrojanPWS.OnlineGames +19 Win32.TrojanPWS.QQPass +9 Win32.TrojanPWS.WOW +2 Win32.TrojanSpy.Banker +10 Win32.TrojanSpy.BZub +3 Win32.TrojanSpy.Goldun +3 Win32.Worm.Viking Win32.Worm.Zhelatin +3 Virtumonde +4 The MD5 checksum is: 1db885f95f3b2522f6d62ba81ce8db40 Advanced users *may* wish to manually update using the below file. http://download.lavasoft.com/public/defs.zip Posted Apr 10 2007, 12:46 PM by siljaline with no comments

• MVPS HOSTS file update [04-08-07]

  Blocking Unwanted Parasites with a Hosts File http://www.mvps.org/winhelp2002/hosts.htm http://www.mvps.org/winhelp2002/hosts.zip (133 kb) http://www.mvps.org/winhelp2002/hosts.txt (555 kb) Note: the "text" version makes a good reference for determining possible culprits How To: Download and Extract the HOSTS file http://www.mvps.org/winhelp2002/hosts2.htm HOSTS File - Frequently Asked Questions http://www.mvps.org/winhelp2002/hostsfaq.htm Sign up for HOSTS file update notices http://www.mvps.org/winhelp2002/hosts.htm#contribute Visit the Hosts News blog http://msmvps.com/blogs/hostsnews/default.aspx Posted Apr 08 2007, 06:32 AM by siljaline with no comments

• SpyBot Definition File Update 04.04.07

  Please use the web update feature to obtain the latest definition files. NOTE: THE ~BETA DEFINITIONS ARE FOR ADVANCED USERS ONLY! Highlights of the currently available download: Highlights of the new/added detections: Quote: Keylogger ++ A-Spy 2.11 ++ Palsol ++ CyberSpy ++ AYOSpy Malware ++ AllInOneKeylogger + SpyDawn ++ SpyLocked + Winsoftware.WinAntiVirusPro2006 + PestCapture + VirtuMonde Trojan + Zlob.VideoAccessActiveXObject ++ Zlob.MovieCommander + Zlob.SiteTicket + Zlob.HQCodec + Zlob.PornPassManager + Zlob.VideoKeyCodec + Zlob.VideoBox + AnotherBot + Daugeru + Win32.Bancos.zm ++ Banker.AHY ++ Win32.Small.cnd Total: 372150 fingerprints in 64388 rules for 2787 products. NOTE: Choose the download mirror site closest to you! If you receive error messages such as "bad checksum" it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment. Don't forget to re-immunize SpyBot once the new definitions are applied! Continue Immunizing until you see this screen: A brief explanation of the differences in Immunzation between Windows XP and Windows 9x. http://forums.spybot.info/showthread.php?t=1988 SpyBot Updates History - http://spybot.info/en/updatehistory/index.html http://forums.spybot.info/forumdisplay.php?f=2 Posted Apr 04 2007, 05:19 PM by siljaline with no comments

• Ad-aware Definition File Update [SE1R164] 02.04.07

  Please use the web update feature to obtain this latest definition file. Quote: New definitions: ==================== Win32.Backdoor.BlackHole Win32.Backdoor.Lecna +3 Win32.TrojanProxy.Cimuz +6 Win32.TrojanProxy.Slaper +7 Updated definitions: ==================== Adware.2Search +4 Adware.Agent +7 Adware.BHO(generic) +2 Adware.IEHlpr +2 Adware.NewWeb +3 Adware.Stud +2 Dialer +2 EasySearch +3 EGroup Dialer +2 FakeAlert Lop +8 OnFlow SCKeyLog Trojan +4 Softomate Toolbar +3 Tracking Cookie +3 Win32.Backdoor.Agent +8 Win32.Backdoor.Bifrose Win32.Backdoor.Hupigon +6 Win32.Backdoor.IRCBot Win32.Backdoor.Poebot +4 Win32.Backdoor.RBot +2 Win32.Backdoor.SDBot +6 Win32.Backdoor.VanBot +2 Win32.Backdoor.VB Win32.Bagle.B +5 Win32.Generic.PWS +2 Win32.Generic.Worm +1 Win32.Trojan.Agent +10 Win32.Trojan.Spy +18 Win32.Trojan.StartPage +8 Win32.TrojanClicker Win32.TrojanDownloader.Agent +5 Win32.TrojanDownloader.Banload +9 Win32.TrojanDownloader.ConHook Win32.TrojanDownloader.Cryptic +3 Win32.TrojanDownloader.Small +5 Win32.TrojanProxy.Agent.dl +2 Win32.TrojanPWS.Lmir +5 Win32.TrojanPWS.OnlineGames +17 Win32.TrojanPWS.QQPass +14 Win32.TrojanPWS.WOW Win32.TrojanSpy.Banker +8 Win32.TrojanSpy.BZub Win32.TrojanSpy.Goldun +2 Win32.Worm.Warezov +6 Win32.Worm.Viking +6 WinAD Virtumonde +5 The MD5 checksum is:acb4db479a8e1c99822ec909f9623380 Advanced users *may* wish to manually update using the below file: http://download.lavasoft.com/public/defs.zip Posted Apr 02 2007, 11:37 AM by siljaline with no comments