MVPS HOSTS file update [11-28-06]

Blocking Unwanted Parasites with a Hosts File

http://www.mvps.org/winhelp2002/hosts.htm
http://www.mvps.org/winhelp2002/hosts.zip (121 kb)
http://www.mvps.org/winhelp2002/hosts.txt (495 kb)
Note: the “text” version makes a good reference for determining possible
culprits

How To: Download and Extract the HOSTS file
http://www.mvps.org/winhelp2002/hosts2.htm

HOSTS File – Frequently Asked Questions
http://www.mvps.org/winhelp2002/hostsfaq.htm

Sign up for HOSTS file update notices
http://www.mvps.org/winhelp2002/hosts.htm#contribute

Visit the Hosts News blog
http://msmvps.com/blogs/hostsnews/default.aspx

SpyBot Definition File Update 24.11.06

Please use the web update feature to obtain these latest definition files.
NOTE: The ~Beta Definitions are for ADVANCED USERS ONLY!
Highlights of the currently available download.


Highlights of the new/added detections:
Adware
+ NSIS Media Extension + Zippy
Dialer
+ Carima Enterprises
Hijacker
+ CoolWWWSearch.008k + CoolWWWSearch.Aff.Winshow
+ CoolWWWSearch.Dreplace + CoolWWWSearch.Leftovers
+ CoolWWWSearch ++ GJeans30 + HotsearchBar + QuickNavigate
Malware
+ ClickConsulting + DeepDive + Dropper.ragger + ErrorSafe
+ ISearchTech.IstDownloader + RegiFast + Smitfraud-C. + SpySheriff
+ Vcodec.Intcodec + Winsoftware.WinAntiSpyware2006
PUPS
+ DriveCleaner 2006 + Zango
Spyware
+ Adware.IEPageHelper + ClientMan
Trojan
+ Adir.Wget + CoolWWWSearch.GonnaSearch (2) + Dadobra
+ Fraud.ProtectionBar + MovieLand ++ PSLister + Smitfraud-C. (5)
+ Win32.Delf.aml + XPreload + Zlob.FreeVideo.DVDCodec
+ Zlob.EliteCodec + Zlob.PornPassManager + Zlob.QualityCodec
+ Zlob.TrueCodec + Zlob.VidCodec (2) + Zlob.VideoKeyCodec
Total: 334918 fingerprints in 53285 rules for 2474 products.



NOTE: Choose the download mirror site closest to you!
If you receive error messages such as “bad checksum” it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment.

Don’t forget to re-immunize SpyBot once the new definitions are applied!




Continue Immunizing until you see this screen:


A brief explanation of the differences in Immunzation between Windows XP and Windows 9x.
http://forums.spybot.info/showthread.php?t=1988

SpyBot Updates History –
http://spybot.info/en/updatehistory/index.html
http://forums.spybot.info/forumdisplay.php?f=2


 

Ad-aware Definition File Update [SE1R134] 20.11.06

Ad-aware Definition File Update [SE1R134] 20.11.06
Use the web update feature within Ad-aware to obtain these latest definition files.

 


New Definitions:
========================
—-

Updated Definitions:
========================
Adware +4
Adware.Adhelper +4
Adware.BHO(generic)
Adware.CasClient +6
Adware.DesktopMedia
Adware.DollarRevenue +7
Adware.Henbang
Adware.IEHlpr +6
Adware.NewWeb +7
Adware.VB +6
Adware.ZenoSearch +4
BookedSpace +3
CnsMin +3
Dialer +2
Lop +3
PurityScan +4
Softomate Toolbar
SpywareSheriff +2
Virtumonde
VirusBurst +5
Win32.Backdoor.Agent +6
Win32.Backdoor.RBot +3
Win32.Backdoor.SDBot
Win32.Dialer.Trojan
Win32.Generic.PWS +2
Win32.Trojan.Agent +7
Win32.Trojan.Downloader +32
Win32.Trojan.Kolweb +4
Win32.Trojan.MatrixHasYou +14
Win32.Trojan.Mirc +4
Win32.Trojan.Spambot +6
Win32.Trojan.Spy
Win32.TrojanDownloader.Agent +7
Win32.TrojanDownloader.Delf +5
Win32.TrojanDownloader.Tibs
Win32.TrojanDropper
Win32.TrojanProxy.Agent.dl +5
Win32.Trojan-PSW.Lineage +2
Win32.Worm.Warezov +3
The MD5 checksum for the defs.ref file is:
3ecee36bbddbecddd2fc0775e1f462c9



For those who may wish to manually update, please use the below file.
http://download.lavasoft.com/public/defs.zip
Unzip, ensure that the file is dated today.

SpyBot Definition File Update 17.11.06

Please use the web update feature within SpyBot to obtain these latest definition files.
NOTE: ~Beta Detections are for Advanced Users Only!
Highlights of currently available download:


Highlights of the new/added detections:
Adware
+ NSIS Media Extension + RooGoo
Dialer
+ Creazione + NetTechnology.Inc
Keylogger
+ AdvancedKeylogger
Malware
+ AdCom + Batty + Command Service (3) + DyFuCA.InternetOptimizer + Elitum.Elitebar.Pokapoka + Look2Me + Mailbot + MediaMotor (2)
+ Mirar + PSCastor + RazeSpyware + SaferSurfing + Smitfraud-C. (7)
+ Smitfraud-C.Deskbar + Smitfraud-C.Toolbar888 + Vcodec + WebQuick + ZenoSearch ++ Zlob.VidCodec (2)
PUPS
+ AntiverminsPro + Deskbar + MalwareWipe + YazzleSudoku + Zango
Spyware
+ eZula HotText
Trojan
+ BraveSentry + BugsPrey + Busky.Gen + Clicker.Small.Jf
+ CoolWWWSearch.GonnaSearch + Downloader.Small.Dgk + Kelvir
+ PassiveTerror + TagASaurus (2) + Tibs.vq + Win32.AdvertMen
+ Win32.Agent.hl + Win32.Lager.aq + Win32.Limar + Win32.Small.doh
+ Win32.VB.aua + XPreload ++ Zlob.FreeVideo.DVDCodec
++ Zlob.IVideoCodec (2) + Zlob.MMediaCodec + Zlob.PornPassManager ++ Zlob.PowerCodec
Total: 333535 fingerprints in 52845 rules for 2445 products.


 NOTE: Choose the download mirror site closest to you!
If you receive error messages such as “bad checksum” it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment.

Don’t forget to re-immunize SpyBot once the new definitions are applied!

Continue Immunizing until you see this screen:


A brief explanation of the differences in Immunzation between Windows XP and Windows 9x.
http://forums.spybot.info/showthread.php?t=1988

SpyBot Updates History –
http://spybot.info/en/updatehistory/index.html
http://forums.spybot.info/forumdisplay.php?f=2 

RootkitRevealer v1.71

Introduction
RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don’t attempt to hide their files or registry keys). If you use it to identify the presence of a rootkit please let us know!

The reason that there is no longer a command-line version is that malware authors have started targetting RootkitRevealer’s scan by using its executable name. We’ve therefore updated RootkitRevealer to execute its scan from a randomly named copy of itself that runs as a Windows service. This type of execution is not conducive to a command-line interface. Note that you can use command-line options to execute an automatic scan with results logged to a file, which is the equivalent of the command-line version’s behavior.
More Here

MVPS HOSTS Update [14.11.06]

Blocking Unwanted Parasites with a Hosts File

http://www.mvps.org/winhelp2002/hosts.htm
http://www.mvps.org/winhelp2002/hosts.zip (119 kb)
http://www.mvps.org/winhelp2002/hosts.txt (485 kb)
Note: the “text” version makes a good reference for determining possible
culprits

How To: Download and Extract the HOSTS file
http://www.mvps.org/winhelp2002/hosts2.htm

HOSTS File – Frequently Asked Questions
http://www.mvps.org/winhelp2002/hostsfaq.htm

Sign up for HOSTS file update notices
http://www.mvps.org/winhelp2002/hosts.htm#contribute

Visit the Hosts News blog
http://msmvps.com/blogs/hostsnews/default.aspx

SpyBot Definition File Update 10.11.06

Please use the web update feature to obtain these latest definition files.
NOTE: ~Beta Definitions are for ADVANCED USERS ONLY!

Highlights of the new/added detections:
Adware
+ DuDuAccelerator
Hijacker
+ 7FaSSt + ISearchTech.ISTbar + Mirar
Keylogger
+ MDMSpy
Malware
+ BannerRotator + Batty + CMFibula + Command Service + DeepDive ++ Deskbar + Errorsafe + Look2Me + MediaMotor
+ MediaMotor.IEMonitor + PSCastor + Smitfraud-C. + SurfSideKick
+ Systemdoctor2006 + Zelda
PUPS
+ DriveCleaner 2006 + YazzleSudoku
Spyware
+ MarketScore + NSIS Media Extension + PurityScan + WebHancer
Trojan
+ FirePass.E + SearchClickAds + Win32.Agent.uj + Win32.Bagle.N
+ Win32.Ezula.cc + Win32.SdBot.aad + XPreload
+ Zlob.PornPassManager + Zlob.VideoKeyCodec
Total: 331286 fingerprints in 52053 rules for 2406 products.

NOTE: Choose the download mirror site closest to you!
If you receive error messages such as "bad checksum" it is due to heavy server traffic. Wait until later or tomorrow to avoid disappointment.

Don't forget to re-immunize SpyBot once the new definitions are applied!

Continue Immunizing until you see this screen:
 

A brief explanation of the differences in Immunzation between Windows XP and Windows 9x.
http://forums.spybot.info/showthread.php?t=1988

SpyBot Updates History –
http://spybot.info/en/updatehistory/index.html
http://forums.spybot.info/forumdisplay.php?f=2