MVPS HOSTS file update [10-30-06]

Blocking Unwanted Parasites with a Hosts File

http://www.mvps.org/winhelp2002/hosts.htm
http://www.mvps.org/winhelp2002/hosts.zip (119 kb)
http://www.mvps.org/winhelp2002/hosts.txt (487 kb)
Note: the "text" version makes a good reference for determining possible
culprits

How To: Download and Extract the HOSTS file
http://www.mvps.org/winhelp2002/hosts2.htm

HOSTS File – Frequently Asked Questions
http://www.mvps.org/winhelp2002/hostsfaq.htm

Sign up for HOSTS file update notices
http://www.mvps.org/winhelp2002/hosts.htm#contribute

Visit the Hosts News blog
http://msmvps.com/blogs/hostsnews/default.aspx

SpyBot Definition File Update 27.10.06

SpyBot Definition File Update 27.10.06
Please see below screenshot for update highlights:
NOTE: ~Beta Detections are for ADVANCED USERS ONLY!

Highlights of the new/added detections:
Adware
+ Win32.TrafficSol.c
Hijacker
+ ISearchTech.SideFind + Mirar
Keylogger
+ Perfect Keylogger
Malware
+ DyFuCA.InternetOptimizer + MediaMotor.IEMonitor + PestTrap
+ SurfSideKick + Smitfraud-C. + Smitfraud-C.Toolbar888
+ Win32.Agent.aaf
PUPS
+ iPhox + NewDotNet + YazzleSudoku
Spyware
+ Targetsaver
Trojan
+ AstaKiller + Bifrose.LA + Downloader.Adload.aa + Kelvir + Nurech.D
+ Purityscan + PurityScan.Q + TagASaurus (2) + WarezP2P
+ Win32.Small-2854 + Win32.Small.ddx + Win32.Agent.ag
+ Win32.Ezula.cc (2) + Zlob.Downloader + Zlob.iMediaCodec
+ Zlob.HQVideo (2) + Zlob.XpassGenerator
+ Zlob.XPasswordManager (2)
Total: 328741 fingerprints in 51240 rules for 2354 products.


NOTE: Choose the download mirror site closest to you!
If you receive error messages such as "bad checksum" it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment.

Don't forget to re-immunize SpyBot once the new definitions are applied!


Continue Immunizing until you see this screen: 


A brief explanation of the differences in Immunzation between Windows XP and Windows 9x.
http://forums.spybot.info/showthread.php?t=1988

SpyBot Updates History –
http://spybot.info/en/updatehistory/index.html
http://forums.spybot.info/forumdisplay.php?f=2

Ad-aware Definition File Update [SE1R129] 26.10.06

"Errorsafe" false-positive fixed, when updating you will see a prompt to update the same definition file, as shown below.

Ad-aware Definition File Update [SE1R129] 26.10.06
Please use the web update feature with Ad-aware to obtain these latest definition files.
 
Due to the fact that FunWeb has made requested changes in the behavior of their program, their TAC (Threat Analysis Chart) has been reduced.
FunWeb is currently under a two week probation period

New Definitions:
========================
Adware.AskBar_HOLD +6
AntispywareSoldier +4
PestCapture + 6
SpyDefence + 5
SpyNoMore + 3
Win32.Trojan.Klone + 3
Win32.Trojan.MatrixHasYou +36
Win32.Worm.Warezov +8

Updated Definitions:
========================
Adware.Adhelper +3
Adware.BHO(generic) +7
Adware.DesktopMedia +2
Adware.DollarRevenue
Adware.VB
Adware.WeirWeb
Adware.ZenoSearch +2
ErrorSafe +16
Lop +15
Malware.Hacktool
SahAgent +6
SurfSideKick +3
Tracking Cookie +3
Win32.Backdoor.Agent +8
Win32.Dialer.Trojan +3
Win32.Generic.PWS +19
Win32.Nukers
Win32.Trojan.Agent +16
Win32.Trojan.Delf +4
Win32.Trojan.Downloader + 24
Win32.Trojan.Hexdoor
Win32.Trojan.Qhost +3
Win32.Trojan.Spy +2
Win32.Trojan.StartPage
Win32.TrojanClicker +4
Win32.TrojanDownloader.Agent +8
Win32.TrojanDownloader.ConHook
Win32.TrojanDownloader.Delf +10
Win32.TrojanDownloader.Small +4
Win32.TrojanDownloader.Swizzor.br +9
Win32.Trojandownloader.Zlob +15
Win32.TrojanDropper +4
Win32.TrojanProxy.Agent
Win32.Trojan-PSW.Lineage +13
Win32.TrojanSpy.Banker +5
Win32.TrojanSpy.Goldun +4
Win32.Worm.MSNMaker +3
Win32.Worm.Viking +5
Winfixer
Virtumonde +50
Zango + 9
The MD5 checksum for the defs.ref file is:
2a9042d3cf6e21ff55bc9a23293a1e5b


Advanced users *may* manually update using the below file;
Unzip – ensure that it is dated today!
http://download.lavasoft.de.edgesuite.net/public/defs.zip

 

 

SpyBot Definition File Update 20.10.06

See below screenshot for new update highlights.
NOTE: ~Beta Detections are for ADVANCED USERS ONLY!



Highlights of the new/added detections:
Adware
++ NSIS Media Extension
Hijacker
++ Isponer ++ LocatorBar ++ Search-Daily
Malware
+ SystemDoctor2006 + Smitfraud-C. (3) + Backdoor.Win32.SDBot.gen ++ HB.RichMedia + Smitfraud-C.Toolbar888
Spyware
++ VX2.a
Trojan
++ Rukap.DN ++ Zlob.HQvideo + Zlob.ZCodec ++ Win32.Small.dqt
++ Win32.Small.aqy ++ Win32.Delf.aml ++ Zlob.strCodec (2)
+ Zlob.MPVideoCodec + Win32.Small.ddx ++ Win32.Busky.AZ
+ Purityscan ++ Adelphia.DL ++ Trojan.Proxy.Agent + Teslaplus.com
+ Sox.Autoupdater + Zlob.Downloader + WMF Exploit ++ STR.WMF
++ ICS.WMF
Total: 326264 fingerprints in 50445 rules for 2324 products.


NOTE: Choose the download mirror site closest to you!
If you receive error messages such as "bad checksum" it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment.

Don't forget to re-immunize SpyBot once the new definitions are applied!

Continue Immunizing until you see this screen:


A brief explanation of the differences in Immunzation between Windows XP and Windows 9x.
http://forums.spybot.info/showthread.php?t=1988

SpyBot Updates History –
http://spybot.info/en/updatehistory/index.html
http://forums.spybot.info/forumdisplay.php?f=2

Ad-aware Definition File Update [SE1R128] 18.10.06

Please use the web update feature withing Ad-aware to obtain these latest definition files.

 

New Definitions:
========================

-


Updated Definitions:
========================

Adware.Agent
Adware.Allsum
Adware.Dropper
Adware.Mediapipe +3
MediaMotor
Spyagent
Win32.Backdoor.Agent
Win32.Backdoor.SDBot
Win32.Mydoom.A
Win32.Trojan.Agent +2
Win32.Trojan.Downloader +27
Win32.Trojan.Mirc +5
Win32.TrojanClicker +2
Win32.TrojanDownloader.Agent +2
Win32.TrojanDownloader.Delf
Win32.TrojanDownloader.Swizzor +3
Win32.TrojanDropper +4
Win32.TrojanSpy.Banker +24
WinFixer
VirusBurst

The MD5 checksum for the defs.ref file is:
e925430b3e80976af5cb39ce879cc88a

SpyBot Definition File Update 13.10.06

Please use the web update feature to obtain the latest definition files.
Newly released Beta detections are for ADVANCED USERS ONLY !

Please refer to below screenshot for new updates.

 Highlights of the new/added detections:

Adware
+ Boran.g
Keylogger
+ Ardamax
Malware
+ Smitfraud-C. (2) + E.C.S. International.Downloader + Warsow
+ Web-Nexus
Security
+ Microsoft.WindowsSecurityCenter.FirewallBypass
Trojan
+ YopsBot + FakeScreener.CBrowserHelper + Jupilites + Haxdoor.J
+ Zlob.Downloader + LD.WMF + Win32.Small.czl + PWS.Qqgame
+ Zlob.Downloader + Win32.HacDef
Total: 324899 fingerprints in 50046 rules for 2292 products.

NOTE: Choose the download mirror site closest to you!
If you receive error messages such as "bad checksum" it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment.

Don't forget to re-immunize SpyBot once the new definitions are applied!

Continue immunizing until you see this screen:

A brief explanation of the differences in Immunzation between Windows XP and Windows 9x.
http://forums.spybot.info/showthread.php?t=1988

SpyBot Updates History –
http://www.spybotupdates.com/index.php?page=updatehistory
http://forums.spybot.info/forumdisplay.php?f=2

Ad-aware Definition File Update [SE1R126] 12.10.06

Ad-aware Definition File Update [SE1R126] 12.10.06
Please use the web update feature within the program to obtain the latest definition files.



Quote:

New definitions:
====================
Anonymouse +2
Win32.Worm.MSNMaker

Updated definitions:
====================
Adware.Agent
Adware.DesktopMedia +9
Adware.DollarRevenue +8
Adware.Funweb +3
Adware.LinkOptimizer
Adware.ToolbarDeepDive
Adware.WSearch +3
Dialer
Lop +6
Purityscan +3
ShowBehind
Win32.Dialer.Trojan +3
Win32.Downloader +2
Win32.Trojan.Agent +8
Win32.Trojan.Delf
Win32.Trojan.Downloader +23
Win32.Trojan.Keylogger +4
Win32.Trojan.Pakes
Win32.Trojan.Small.ref
Win32.Trojan.Spambot
Win32.Trojan.Spy
Win32.Trojan.StartPage
Win32.TrojanDownloader.Agent +4
Win32.TrojanDownloader.Delf +3
Win32.TrojanDownloader.Small +5
Win32.Trojandownloader.Zlob +5
Win32.TrojanDropper +2
Virtumonde +10
The MD5 checksum is:6e603c0144bf2b4e17ad496215208ba4
ADDENDUM: The false-positives have apparently been fixed, please run the web update feature with Ad-aware, again to retrieve this definition file:


Additional false-positive reports should be reported to Lavasoft, below;
http://www.lavasoftsupport.com/index.php?showforum=61