Wednesday, March 29, 2006

NOD32 1.1461 (20060329)

NOD32 - v.1.1461 (20060329)
Virus signature database updates:
JS/TrojanDownloader.Tivso.S, Win32/Adware.Broadcap (5), Win32/Adware.Virtumonde.AM (8), Win32/Adware.Virtumonde.O, Win32/Delf.NAY (2), Win32/DNSChanger, Win32/Haxdoor (10), Win32/Haxdoor.NAN (2), Win32/Mocalo.CC (4), Win32/Mytob.RS (2), Win32/Mytob.RT (2), Win32/Spy.Asher, Win32/TrojanDownloader.Small.CAT (2), Win32/TrojanDownloader.Small.CJG, Win32/TrojanDownloader.Small.CKM, Win32/TrojanDownloader.Small.NIE (2), Win32/TrojanDownloader.Small.NKD (2), Win32/TrojanDownloader.Zlob.JD (3), Win32/TrojanDownloader.Zlob.JG, Win32/TrojanDownloader.Zlob.JP (6), Win32/TrojanDropper.Small.ALI (2), Win32/VB.AKP (3)


http://www.eset.com/

Spyware Doctor March 27th

Latest Database Version: 3.0437 0
Intelli-Signatures: 51,391

New Intelli-Signatures:
3.0436 2 - Backdoor.Agent.JJ, Backdoor.Rbot.BEC, Dialer.Linea, PornDialer.Juicy, Spyware Stormer, Trojan.Agent.HT, Trojan.Downloader.Small.AHG, Trojan.Downloader.Small.FO, Trojan.PSW.Hangame, Trojan.Spy.Webmoner.AB
3.0437 0 - CZDialer, Dialer.Archiviosex, Dialer.CJ, Dialer.EB, Dialer.GlobalDialer, Dialer.GXB, Dialer.J, LinkGrabber, Rootkit.Hearse, SpywareQuake, Trojan.Bancos.DR, Trojan.Dialer.MA, Trojan.Dialer.MC, Trojan.Dialer.MN, Trojan.Dialer.MO, Trojan.FakeGina, Trojan.Proxy.Agent.DT, Trojan.PWSteal.QQPass.AK, Trojan.Spy.Delf.MQ, Trojan.Spy.Gepost


Extended Intelli-Signatures:
3.0436 2 - Advertising, Backdoor.GirlFriend, Backdoor.Hackdoor, Common Components for Transponders, Common Components for Trojans, CrackedEarth, CWS.Home Search Assistant, Energy Plugin, ErrorGuard, Instant Access, Known Bad Sites, MediaGateway, MediaMotor, Mirar, SexVideoPro Dialer, Trojan.Bancban, Trojan.Banker, Trojan.Downloader.Small.US, Trojan.Proxy.Small.BO, Trojan.Spy.WinFlux, Trojan.StartPage.GEN, Trojan.Zapchast, WebDialer, WinSpy Stealth Monitor
3.0437 0 - AdProtector, Anti-Phishing, AsianRaw, Backdoor.Jeem, Backdoor.Rbot.AEU, Backdoor.Sdbot.AAD, Celebat, Common Components for Claria, Common Components for Trojans, Common Components Unrelated, Dapsol, Dialer.IComp.E, DialerOffline, EliteBar, Instant Access, Lop.com, Maxifiles, MD - Dialer, MPGCom Toolbar, QQFace, SexVideoPro Dialer, SpyAxe, Trojan.Bancban, Trojan.Banker, Trojan.Dialer.HC, Trojan.DNS Changer, Trojan.Downloader.Delf.VT, Trojan.Downloader.Delf.YB, Trojan.LdPinch, Trojan.Small.AH, Trojan.StartPage.GEN, Trojan.Zapchast, Virtumonde, WebDialer, WinTools



PCTools Homepage:
http://www.pctools.com/

Ad Aware SE1R101 27.03.2006

============================================
Definition file Notification - Lavasoft News
============================================
SE1R101 27.03.2006

New Definitions:
========================
Adware.Henbang
WareOut

Updated Definitions:
========================
180Solutions +1
404search
ABetterInternet.Aurora +3
Adintelligence.AproposToolbar +9
Adware.Look2Me +12
Adware.ZenoSearch
AlfaCleaner
Alset
Coulomb Dialer
DealHelper
Dialer
e2give
ErrorSafe +3
eUniverse
GetMiraR
Lop +14
Malware.SpywareStrike
Purityscan +3
SCBAR
SpyAxe +2
SpywareNo +2
Tracking cookie
WebHancer
Win32.Trojan.Downloader +11
Win32.Trojan.Mirc +3
Win32.TrojanDownloader.Qoologic +2
WinFixer +3
Virtumonde +2
Zango

The MD5 checksum for the defs.ref file is 88ba24f7b36c3f3fb5ee88617db856dc

Additional Information
============================================
You can use Webupdate to install the new reference file, or download it manually from:
http://download.lavasoft.de.edgesuite.net/public/defs.zip

Saturday, March 25, 2006

SpywareQuake is Newest SpyAxe Clone

Been looking around and I am seeing a new probable variant of SpyAxe, SpywareStrike, and SpyFalcon. Newest name is SpywareQuake. You may see the following line from Hijackthis:


O4 - HKLM\..\Run: [SpywareQuake] C:\Program Files\SpywareQuake\SpywareQuake.exe /h


You may also find this file as a new dll controlling the fake warning near the clock:


C:\WINDOWS\system32\stickrep.dll


You can follow the SpyFalcon removal instructions and add the above to the fix as needed

Friday, March 24, 2006

IE Spyad March 22nd

IE Spyad has been updated. You can download all of these new versions at:

http://www.spywarewarrior.com/uiuc/resource.htm

What is IE Spyad? It is a free list of bad sites that are added to Internet Explorer's restricted zone. By putting those sites in the restricted zone, it limits the harm they can do your computer. Here is an excerpt from the author describing it:

IE-SPYAD adds a long list of sites and domains associated with known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer. Once you merge this list of sites and domains into the Registry, the web sites for these companies will not be able to use cookies, ActiveX controls, Java applets, or scripting to compromise your privacy or your PC while you surf the Net. Nor will they be able to use your browser to push unwanted pop-ups, cookies, or auto-installing programs on your PC.IE-SPYAD adds a long list of sites and domains associated with known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer. Once you merge this list of sites and domains into the Registry, the web sites for these companies will not be able to use cookies, ActiveX controls, Java applets, or scripting to compromise your privacy or your PC while you surf the Net. Nor will they be able to use your browser to push unwanted pop-ups, cookies, or auto-installing programs on your PC.

Here is an explanation on how to use it, including screen shots.


Ad Aware SE1R100 23.03.2006

============================================
Definition file Notification - Lavasoft News
============================================
SE1R100 23.03.2006

New Definitions:
========================
Accoona +3

Updated Definitions:
========================
Adgoblin
Adintelligence.AproposToolbar +2
AdShooter
Adware.Look2Me +14
Adware.WebSearch
BargainBuddy
ClickSpring
CommonName
CoolWebSearch
Dialer
DyFuCA +2
Elitum.ElitebarBHO +3
eUniverse
GAIN
IELoader
ImIServer IEPlugin
Lop
MediaMotor
Perflogger
PromulGate
Rads01.Quadrogram
Win32.Adverts.TrojanDownloader
Win32.PWSteal.Tarno
Win32.Spybot.Worm
Win32.Trojan.Downloader +5
Win32.Trojan.Startpage
Win32.TrojanClicker +2
WinFavorites
Virtumonde +5

The MD5 checksum for the defs.ref file is 1dcad199c8358141cc3cebac7fb6c53a

Additional Information
============================================
You can use Webupdate to install the new reference file, or download it manually from:
http://download.lavasoft.de.edgesuite.net/public/defs.zip

Spyware Doctor

Latest Database Version: 3.0435 0
Intelli-Signatures: 51,026

New Intelli-Signatures:
3.0433 0 - Scalable Software, Trojan.Proxy.Ranky.EL
3.0434 0 - 123Search, Alasrou, Fearless KeySpy, Trojan.Downloader.Murlo, Trojan.Downloader.Small.ABX, Trojan.PWSteal.Lmir.AAI
3.0435 0 - Backdoor.Rbot.AEU, KeySpy BR


Extended Intelli-Signatures:
3.0433 0 - 180search Assistant, 2nd-thought.com, ActiveX Objects, Adlogix Browser Hijacker, Adlogix InPop, Backdoor.Hackdoor, ClearSearch, ClkOptimizer, CWS.Cassandra.A, FU Rootkit, Marketscore Netsetter, Maxifiles, SurfSideKick, Trojan.Clicker.GEN, Trojan.Daemonize, Trojan.Downloader.Agent.SY, Trojan.Downloader.Delf.KS, Trojan.Proxy.Small.CT, Trojan.PWSteal.Lineage.CI, Trojan.Spy.Delf.KF, Webhancer, WebSearch Toolbar, YourSiteBar
3.0434 0 - ActMon Keylogger, Advanced Keylogger, Anti-Phishing, Backdoor.Forbot, Backdoor.Sdbot.YX, Boss Everyware, CWS.Search For, CWS.XPSystem, Deskwizz, EasySearch, eZula, ISTbar, Seekmo Search Assistant, SexVideoPro Dialer, SpecialOffers, Transponder.Bolger, Trojan.Downloader.Delf.LH, Trojan.Downloader.Ruins, Trojan.Dropper.Small.AEK, Trojan.LdPinch, Trojan.PSW.QQRob.U, Trojan.Surila, Trojan.Zapchast, Tubby Toolbar, Webhancer, WebRebates, WhenU.SaveNow, WinTools
3.0435 0 - 180search Assistant, Admess, Alexa, Back Orifice 2K, Backdoor.Delf.TZ, Backdoor.PCclient, BoCai Toolbar, ClickSpring, Common Components for Claria, Common Components for Trojans, Deskwizz, Dollarrevenue, E2.Give.IEBHOs, Elite Keylogger, eZula, Instant Access, MediaMotor, Perfect Keylogger, Pops Stop, Pru-tect, Roings Search Enhancement, Trojan.Banker, Trojan.Downloader.Agent.IS, Trojan.Downloader.LA, Trojan.Downloader.Small.BON, Trojan.Downloader.Small.BWR, Trojan.Dropper.Agent.MY, Trojan.Dumaru, Trojan.FakeAlert, Trojan.Pakes.A, Trojan.Proxy.Lager.f, Trojan.Repsamo, Trojan.Zlob.AP, Virtumonde, Webhancer, Yazzle Sudoku


Tool Update releases:
Notifier 3.5.0.8

General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

PCTools Homepage:
http://www.pctools.com/


Spybot Search & Destroy

2006-03-24

Hijacker
+ MaxSearch + CoolWWWSearch.Feat2Installer + CoolWWWSearch.Service + CoolWWWSearch.Feat2DLL
Malware
+ SpyFalcon + Vcodec.eMedia + Winsoftware.WinAntiVirusPro2006 + MyNetProtector + SpywareStrike + AzeSearch + Smitfraud-C.Toolbar888 + Look2Me.Topconverting + Web-Nexus + Smitfraud-C. + Command Service + Vcodec
Security
+ Windows.RedirectedHosts
Spyware
+ KillSec + UCmore + Torpig
Trojan
+ Jupilites + Win32.VB.un + Win32.VB.vg + Win32.Winspg.a + Zlob.Downloader + Spyware Disinfector + BPS Spyware Remover + BraveSentry + Nous-Tech.UDefender
Total: 312126 fingerprints in 38463 rules for 1892 products.

http://www.safer-networking.org/en/home/index.html

Monday, March 20, 2006

Spyware Doctor

Latest Database Version: 3.0432 0
Intelli-Signatures: 50,721

New Intelli-Signatures:
3.0431 0 - Backdoor.Small.EO, SpySpotter
3.0432 0 - Trojan.Small.TT


Extended Intelli-Signatures:
3.0431 0 - AlfaCleaner, Backdoor.Agent.PX, Bargain Buddy, Casino, Coulomb Dialer, Email.Worm.Bagle, Keylog-sters, Known Bad Sites, LockSky, MediaGateway, PSGuard Desktop Hijacker, PSGuard, Raze Spyware, Rogue Anti-Spyware Products, SexCam, SubSeven, SurfSideKick, System Processes, TargetSavers, Tracking Cookie(s), Trojan.Downloader.CashDeluxe.A, Trojan.Downloader.Druser, Trojan.Downloader.Small.ATL, Trojan.Downloader.Small.AWA, Trojan.Downloader.Small.BON, Trojan.Dropper.Agent.ABU, Trojan.Dropper.Small.AEK, Trojan.Drsnsrch, Trojan.Goldun, Trojan.Lodear.D, Trojan.LowZones, Trojan.Popuper, Trojan.Proxy.Lager.f, Trojan.Wayphisher, Virtumonde, WebRebates, Wild Flix, Windows AdStatus, Wishbone Toolbar
3.0432 0 - Backdoor.Hackdoor, Common Components for Trojans, CommonScripts.txt, FavoriteMan, Klikfind, Known Bad Sites, Lineage.MN, Mediaback, Trojan.Downloader.Agent.AM, Trojan.Goldun, Trojan.PWSteal.Gamec.G, Trojan.PWSteal.Lineage, Trojan.Small.AH, Trojan.Surila


PCTools Homepage:
http://www.pctools.com/

Ad Aware SE1R99 20.03.2006

============================================
Definition file Notification - Lavasoft News
============================================
SE1R99 20.03.2006

New Definitions:
========================
Adware.SearchingAll +2
Win32.Trojan.Hexdoor

Updated Definitions:
========================
Adintelligence.AproposToolbar
Adroar
Adware.DollarRevenue +3
Adware.Look2Me +2
Adware.ZenoSearch +5
AlfaCleaner
CometSystems
iSearch Toolbar
Malware.SpywareStrike
PurityScan +4
Rads01.Quadrogram
Starware Toolbar
Targetsaver
WebHancer
Win32.PWSteal.Tarno +2
Win32.Trojan.Delf
Win32.Trojan.Downloader +8
Win32.TrojanClicker
Win32.TrojanDownloader.Delf
Win32.TrojanSpy.Goldun
Winfixer +2

The MD5 checksum for the defs.ref file is 63b7d662f2262e6bdbc81e5b024d7395

Additional Information
============================================
You can use Webupdate to install the new reference file, or download it manually from:
http://download.lavasoft.de.edgesuite.net/public/defs.zip

Sunday, March 19, 2006

Spybot Search & Destroy

2006-03-19
Dialer
+ Baciami
Hijacker
+ C2.lop + CoolWWWSearch.Feat2Installer + CoolWWWSearch.Feat2Installer.ADS + CoolWWWSearch.Service + CoolWWWSearch.Feat2DLL
Malware
+ Vcodec.eMedia + ConHook-N ++ MS Guard + SpyFalcon + Vcodec + WinFixer2005
Spyware
+ GAIN.Gator
Trojan
+ Win32.Small.cgc + Win32.Small.dsf + Win32.Banker.anv + Win32.Small.dsg ++ SpyShield + Zlob.Downloader + LdPinch-DH
Total: 309631 fingerprints in 37698 rules for 1869 products.

Spybot info

Friday, March 17, 2006

SpywareBlaster March 16th

New SpywareBlaster updates available.

Database 5619 items
Updated March 16th, 2006

SpywareBlaster is free and available from here.

SpywareBlaster can:

  • Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software
  • Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox
  • Restrict the actions of potentially unwanted sites in Internet Explorer

Thursday, March 16, 2006

Ad Aware SE1R98 16.03.2006

============================================
Definition file Notification - Lavasoft News
============================================
SE1R98 16.03.2006

New Definitions:
========================
Adware.FreeAccessBar
Adware.Look2Me +2
Adware.PLook
Adware.Sidesearch
Win32.Trojan.Spambot

Updated Definitions:
========================
Adintelligence.AproposToolbar
AdwareSheriff +2
Alexa
AlfaCleaner
Dialer +3
Elitum.ElitebarBHO
Lop +4
Rads01.Quadrogram
SpyFalcon
Spyware.AdvancedKeylogger
Win32.Trojan.Agent
Win32.Trojan.Downloader +3
Win32.TrojanDropper
Virtumonde +3

The MD5 checksum for the defs.ref file is 608b52d79f9e1b285d498ac9ec570d86

Additional Information
============================================
You can use Webupdate to install the new reference file, or download it manually from:
http://download.lavasoft.de.edgesuite.net/public/defs.zip

Wednesday, March 15, 2006

Ad Aware SE1R97 13.03.2006

============================================
Definition file Notification - Lavasoft News
============================================
SE1R97 13.03.2006

New Definitions:
========================
OurXin +2
Win32.Backdoor.Bifrose

Updated Definitions:
========================
Adware.NaviPromo
Coolwebsearch
Malware.SpyGuard
Spyaxe
SpyFalcon
Win32.Trojan.Puper.d
Win32.TrojanSpy.Goldun +4
WinAntiSpyware
WinFixer +5

The MD5 checksum for the defs.ref file is a8eb8b5e6608e84b160b567461f71567

Additional Information
============================================
You can use Webupdate to install the new reference file, or download it manually from:
http://download.lavasoft.de.edgesuite.net/public/defs.zip

Friday, March 10, 2006

Spybot Search and Destroy

2006-03-10
Dialer
+ VacPro
Hijacker
+ CoolWWWSearch.XPlugin + MetaStop + InterDefaultTool + CoolWWWSearch.Feat2Installer + CoolWWWSearch.Service + CoolWWWSearch.Feat2DLL
Malware
+ WinFixer2005 + Mailbot + Smitfraud-C. + CashDeluxe + Smitfraud-C.Toolbar888 + Adware.Webtext + MS Guard
Spyware
+ Torpig + GAIN.Gator
Trojan
+ Win32.QQHelper.j + Win32.Delf.afv + Win32.Small.cfo + SpyShield + SpywareStop
Total: 308427 fingerprints in 37457 rules for 1862 products.

http://www.safer-networking.org/en/home/index.html

Thursday, March 09, 2006

Spyware Doctor March 9th

Latest Database Version: 3.0425 0
Intelli-Signatures: 49,758

New Intelli-Signatures:
3.0423 0 - Backdoor.Delf.JZ, MoneyGainer, Spytector Keylogger, Surf Speak, Trojan.Bancban, Trojan.Clicker.Cibula.D, Trojan.Delf.EQ, Trojan.Downloader.Agent.EB, Trojan.Downloader.Small.CJG
3.0424 0 - Backdoor.Small.HL, Net Pay GmbH, Trojan.Downloader.Agent.AEA, Trojan.Proxy.Small.BP, Trojan.Spy.Gritz.C, Trojan.Startpage.GE, Trojan.StartPage.OX
3.0425 0 - Backdoor.Ubriel.F, Mediaback, Trojan.AOLPass.B, Trojan.Clicker.GEN, Trojan.Clicker.SJFS, Trojan.Delf.JM, Trojan.Downloader.Small.BYD

Extended Intelli-Signatures:
3.0423 0 - AdBlaster, AdRotator, AlfaCleaner, Backdoor.SdBot.ADS, CashSaver, Common Components for Claria, Common Components for Trojans, Comsoft, CWS.Cassandra.A, DealHelper, DelfinProject, EliteBar, Elitemedia Pop64, Gigatech.Superbar, HotBar, IE Driver, ISTbar, Known Bad Sites, Metadirect hijacker, NetObserve, Rogue Anti-Spyware Products, Surf Accuracy, TopSearch, Transponder.BI, Trojan.Agent.CL, Trojan.Bankem, Trojan.Clagger.H, Trojan.Downloader.Agent.SY, Trojan.Downloader.VB.RI, Trojan.Dropper.Small.NA, Trojan.Popuper, Trojan.Proxy.Lager.f, Trojan.PWS.Tanspy, Trojan.PWSteal.Gamec.G, Trojan.PWSteal.Lineage, Virtumonde, WhenU.SaveNow, WinFixer, WinSpy Stealth Monitor

3.0424 0 - Backdoor.AimBot.X, Backdoor.Bifrose.D, Backdoor.Hackdoor, Backdoor.Rbot.Gen, Backdoor.SdBot, Common Components for Claria, Common Components for WhenU, Cram Toolbar, CWS, CWS.Conyc, Desktop Media, EliteBar, eZula, HotBar, InetSpeak, Known Bad Sites, Lop.com, Lycos SideSearch, Mirar, PSGuard Desktop Hijacker, QuickSearch, SearchNugget Toolbar, The PC Detective, TizzleTalk, TopSearch, Trojan.Delf.IT, Trojan.Downloader.JW, Trojan.Downloader.Pacimedia, Trojan.Downloader.Small.CJG, Trojan.Dropper.Agent.ABU, Trojan.Dropper.Small.AEK, Trojan.Popuper, Trojan.PWSteal.Gamec.G, Trojan.StartPage.ADH, Virtual Bouncer, WorldAntiSpy, WurldMedia, YourSiteBar

3.04250 - Backdoor.IRCBot.GW, DealHelper, Dialer.KS, Dollarrevenue, Email.Worm.Bagle, IE Driver, Instant Access, ISTbar, Kazaa Promotional Items, LinkMaker Hijacker, Lop.com, Pops Stop, PSGuard Desktop Hijacker, Slagent, Surf Accuracy, Transponder.BI, Trojan.Banker, Trojan.Clicker.CP, Trojan.Downloader.CashDeluxe.A, Trojan.Downloader.Pacimedia, Trojan.Downloader.VB.TW, Trojan.FakeAlert, Trojan.Mailbot, Trojan.PWSteal.Lineage, Trojan.StartPage.BN, Trojan.StartPage.XS, Virtumonde, Wild Flix, WildFlics, WinFixer, Worm.Mytob



General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

PCTools Homepage:
http://www.pctools.com/

For more information on malware please visit the PCTools Malware
Research Center:
http://www.pctools.com/mrc/

If you have any queries you are welcome to contact PCTools on
http://www.pctools.com/contact/

Ad Aware SE1R96 09.03.2006

SE1R96 09.03.2006

New Definitions:
========================
Spyagent

Updated Definitions:
========================
AdwareSheriff +2
Ezula
GoGoTools
SpyAxe
SpywareNo
WinFixer
Virtumonde
VX2 +2

The MD5 checksum for the defs.ref file is 95f3031c892d60647aea2d09bd3d03cd

Additional Information
============================================
You can use Webupdate to install the new reference file, or download it manually from:
http://download.lavasoft.de.edgesuite.net/public/defs.zip

Wednesday, March 08, 2006

SpywareBlock List Discontinued

I haven't mentioned the Spyware Block list before here, but if you do use it or heard of it, it has been discontinued.

http://www.spywareguide.com/blockfile.php


The block list was similar to what SpywareBlaster and the Immunize feature of Spybot Search and Destroy offer. You can use both of the to block unwanted Active X installs.

NOD32 updated to 1.1435 (20060308)

I just saw my copy of NOD32 update to a newer version, 1.1435 (20060308). I don't see it on the Eset site yet, but if you manually check for updates, you should get it.

SpyFalcon Fix updated

The files and regitry entries targetted by SmitRem and associated tools have been updated. Full instructions are located at my other blog here.

New file targetted:

C:\Windows\System32\ginuerep.dll

Registry entries:

HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{D1A2E7CD-F5C1-21A8-CA2C-13D0AC72D19D}
HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}

If manual removal is not for you, I have tested Spyware Doctor and it is able to remove SpyFalcon. Spyware Doctor does cost money and is not free however.

NOD32 v.1.1433 (20060307)


NOD32 latest update detections.

Virus signature database updates: A97M/Exploit.MSJet (2), A97M/TrojanDropper.C, BAT/FormatC, BAT/Nodesktop, DOS32/Qhost.A, HTML/Exploit.IEPageSpoof, IRC/SdBot (7), IRC/Zapchast, JS/Exploit.BO, JS/Linker.P, JullyKiller.A, KIX/Ixlam.A, Linux/Exploit.Edir.A (2), Linux/Exploit.Freeciv.A, Linux/Exploit.Ipb.A, Linux/Exploit.Lime.A, Linux/Exploit.Mdaem.A, Linux/Exploit.Ocean.A, Linux/Exploit.Outbuf.A, Linux/Exploit.PhpBB.B, Linux/Exploit.Seq.A, Linux/Exploit.Shell.Qpop.A, Linux/Exploit.Shell.Qpop.B, Linux/Exploit.Strayhorn.A, Linux/Exploit.Xash.A, Linux/Exploit.Xmlrpc.A, Perl/Dogymo.A (3), Perl/DoS.BBDoS.A, Perl/DoS.Mccs.A, Perl/DoS.Panic.A, Perl/Exploit.Adob.A, Perl/Exploit.Asport, Perl/Exploit.Batalla, Perl/Exploit.BT.A, Perl/Exploit.Carte.A, Perl/Exploit.Ecard.A (2), Perl/Exploit.Fusion.A, Perl/Exploit.Inv.A, Perl/Exploit.MS05-37.A, Perl/Exploit.Osh.A, Perl/Exploit.PhpBB.D, Perl/Exploit.PhpBB.F, Perl/Exploit.PhpBB.H, Perl/Exploit.Poc.B, Perl/Exploit.Seq.A, Perl/Exploit.SPB.A, Perl/Exploit.Trapset.A, Perl/Exploit. Zen.A, Perl/Exploit.Zone.A, Perl/Spyki.B, Perl/Termapp.A, PHP/Exploit.Deftool.A, PHP/Exploit.Deftool.B, PHP/Exploit.Deftool.C, PHP/Exploit.Inject.A, PHP/Exploit.Inject.B, PHP/Exploit.Inject.C, PHP/Exploit.Serv-U.15, PHP/Exploit.Small.A, PHP/Nucledor.B, PHP/PhpShell.A, REG/StartPage, Swart.B, Unix/Exploit.Local.A, Unix/Exploit.Vxcron.A, VBS/Agent.C, VBS/Bebop.B, VBS/DelFile.V, VBS/Exploit.Phel, VBS/Exploit.Phel.A, VBS/Exploit.Phel.AA, VBS/Exploit.Phel.AH, VBS/Exploit.Phel.AS, VBS/Exploit.Phel.AU, VBS/Exploit.Phel.AV, VBS/Exploit.Phel.B, VBS/Exploit.Phel.BG, VBS/Exploit.Phel.BI, VBS/Exploit.Phel.BQ, VBS/Exploit.Phel.BR, VBS/Exploit.Phel.BT, VBS/Exploit.Phel.BW, VBS/Exploit.Phel.BX, VBS/Exploit.Phel.CA, VBS/Exploit.Phel.CB (2), VBS/Exploit.Phel.CE, VBS/Exploit.Phel.CG (2), VBS/Exploit.Phel.CH, VBS/Exploit.Phel.CJ, VBS/Exploit.Phel.CK (2), VBS/Exploit.Phel.E, VBS/Exploit.Phel.L (4), VBS/Exploit.Phel.N, VBS/Exploit.Phel.P, VBS/Exploit.Phel.W, VBS/Exploit.Phel.Z, VBS/KillFiles.N, VBS/Psyme, VBS/Qrap, VBS/RunScript (2), VBS/Samplo, VBS/Seeker.D (2), VBS/Sevenc.L, VBS/Starter.A (3), VBS/StartPage.A, VBS/StartPage.AG, VBS/StartPage.H, VBS/StartPage.U, VBS/Trode, VBS/TrojanDownloader.Cacher.A, VBS/TrojanDownloader.Phel.A, VBS/TrojanDownloader.Psyme (2), VBS/TrojanDownloader.Psyme.BR, VBS/TrojanDownloader.Psyme.BV, VBS/TrojanDownloader.Small.AA, VBS/TrojanDownloader.Small.AC, VBS/TrojanDownloader.Small.E (2), VBS/TrojanDownloader.Small.I, VBS/TrojanDropper.Bomgen.A, VBS/TrojanDropper.Bomgen.E, VBS/TrojanDropper.Bomgen.F, VBS/TrojanDropper.Bomgen.N (2), VBS/TrojanDropper.Bomgen.Q, VBS/TrojanDropper.Inor.BH, VBS/TrojanDropper.Inor.BU, VBS/TrojanDropper.Inor.CT, VBS/TrojanDropper.Inor.CW, VBS/TrojanDropper.Inor.CZ (5), VBS/TrojanDropper.Inor.DO (2), VBS/TrojanDropper.Inor.EG, VBS/TrojanDropper.Inor.EO, VBS/TrojanDropper.Inor.EQ, VBS/TrojanDropper.Small.P, VBS/Valg, VBS/Wisis.D, VBS/Wukill.A, W97M/Exploit.CAN-2003-0820 (11), W97M/Exploit.MS05-016.A, Win16/Win tiny.E, Win32/Adware.BHO.AA (2), Win32/Adware.Virtumonde.AQ, Win32/Agobot (5), Win32/Delf.UL, Win32/Dialer.DialHub, Win32/Dialer.DW, Win32/Exploit.MS05-013.A, Win32/Exploit.MS05-020.B (2), Win32/Exploit.MS05-038.C, Win32/Kakkeys.H (2), Win32/KillDisk.Q, Win32/Mytob.RC (2), Win32/Mytob.RD (2), Win32/Mytob.RE (2), Win32/Mytob.RF (2), Win32/Mytob.RG (2), Win32/Mytob.RH (2), Win32/Pazetus.C (3), Win32/PSW.LdPinch (2), Win32/Qhosts, Win32/Randon.I, Win32/Randon.O, Win32/Randon.V, Win32/Rbot (6), Win32/Rootkit.Agent.N, Win32/Small.NAO, Win32/SpamTool.Mailbot (3), Win32/Spy.Agent.FA, Win32/Spy.Banker.AHY, Win32/Spy.Banker.AVY, Win32/Spy.Banker.NHP (2), Win32/TrojanClicker.VB.LI, Win32/TrojanDownloader.Adload.NAC, Win32/TrojanDownloader.Adload.NAD, Win32/TrojanDownloader.Bagle.NAF (2), Win32/TrojanDownloader.Banload.ZJ, Win32/TrojanDownloader.Delf.NEW (2), Win32/TrojanDownloader.Small.AXY, Win32/TrojanDownloader.Small.BOF, Win32/TrojanDownloader.Small.CIE, Win32/TrojanDownloader.Sma ll.CJG, Win32/TrojanDownloader.VB.WG, Win32/TrojanDownloader.Zlob (3), Win32/TrojanDownloader.Zlob.DA (2), Win32/TrojanDownloader.Zlob.FP (8), Win32/TrojanDownloader.Zlob.GN (2), Win32/TrojanDownloader.Zlob.GP (2), Win32/TrojanDownloader.Zlob.HD (2), Win32/TrojanDownloader.Zlob.HP, Win32/TrojanDownloader.Zlob.HR, Win32/TrojanDownloader.Zlob.HT (15), Win32/TrojanDownloader.Zlob.HW (3), Win32/TrojanDropper.Bagle.F, Win32/Tumbi.AY (2), Win32/VB.AKD (2), Win32/VB.NEX, WinampPLS/Exploit

SpywareBlaster

SpywareBlaster has been updated.

5604 items in the database

Update by clicking "Download Latest Protection Updates" in the program.


SpywareBlaster download and info

Friday, March 03, 2006

Spyware Doctor

Latest Database Version: 3.0420 0
Intelli-Signatures: 48,928

New Intelli-Signatures:
3.04180 - 123bar, AdultIt, Advanced Port Redirection, Crystalysmedia Assistant, Trojan.Downloader.VB.CZ, Trojan.Tibick.GEN

3.0419 0 - Adservice Scanner, Dialer.GoInDirect, Trojan.Downloader.Small.BUW

3.0420 0 - AlfaCleaner, SearchPro Toolbar, Trojan.Clagger.H, Trojan.Downloader.Delf.BU, Trojan.Mailbot, Trojan.MakeCall, Worm.Sality


Extended Intelli-Signatures:
3.04180 - Adware.Henbang, Backdoor.Rbot.Gen, Backdoor.Sdbot.AAD, Backdoor.SdBot, BearShare, Comet Cursor, Common Components for Network Essentials, Common Components Unrelated, CWS, CWS.XPSystem, Deskwizz, Dialer.AY, Enbrowser, FavoriteMan, InternetOptimizer, ISTbar, LockSky, MediaGateway, Mirar, PSGuard Desktop Hijacker, Radlight, SpywareNo, SubSeven, SurfSideKick, The PC Detective, Trojan.Downloader.PassAlert, Trojan.Dropper.Small.NA, Trojan.Pakes, Trojan.Proxy.Agent.GM, Trojan.PWSteal.Lineage, Trojan.Spywad.A, Trojan.StartPage.GEN, Tubby Toolbar, Virtumonde, Windows SyncroAd, Zango Search Assistant

3.04190 - 123bar, Anti-Phishing, Backdoor.Agent.PX, BearShare, Common Components for Claria, Common Components Unrelated, CWS.XPSystem, Deskwizz, IE Driver, Known Bad Sites, PSGuard Desktop Hijacker, SexVideoPro Dialer, Trojan.Agent.DQ, Trojan.Clicker.Agent.FL, Trojan.Dialer.HC, Trojan.Downloader.Small.CDJ, Trojan.Dropper.Agent.ABU, Trojan.Dumaru, Trojan.FakeAlert, Trojan.Pakes, Winpage Blocker

3.0420 0 - Backdoor.Hackdoor, ClkOptimizer, Common Components for Claria, Coulomb Dialer, CrackSpider, IEPlugin, Instant Access, IntexusDial, Klikfind, Lycos SideSearch, Marketscore Netsetter, MediaGateway, MediaTickets, SearchCentrix, Superlogy.com, Trojan.Downloader.Mediket, Trojan.Downloader.VB.RI, Trojan.Dropper.Agent.ABU, Trojan.Fivesec.A, Trojan.PWSteal.Lineage, Trojan.StartPage.GEN, UCmore toolbar, Virtumonde, Winsys Hijacker

General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

PCTools Homepage:
http://www.pctools.com/

For more information on malware please visit the PCTools Malware
Research Center:
http://www.pctools.com/mrc/

Spybot Search & Destroy

2006-03-03
Dialer
+ Carima Enterprises
Hijacker
+ CoolWWWSearch.Feat2Installer + CoolWWWSearch.Service + CoolWWWSearch.Feat2DLL + MaxSearch
Malware
- MaxSearch + SpywareNo + SpyContra
Trojan
+ Goldun + Win32.Agent.AEW + Win32.Agent.acy + Win32.Banload.sr + Win32.Dadobra.kd + Win32.Dadobra.ke
Total: 307088 fingerprints in 37135 rules for 1844 products.
http://www.safer-networking.org/en/home/index.html

Sitemeter