Sunday, December 31, 2006

New Years Resolutions

happy new year


This is the time of year when we decide to make ourselves a few promises. In this technological age, our computers and the data we keep on them are becoming more and more important to us in our daily lives. So it makes sense to review how you use your computer and how you look after it and now is as good a time as any!

Update, Update, Update

The makers of the software you use work very hard to keep it up to date so that you are as
protected as you can be from the latest security threats, it is up to you to make sure that you keep your software updated.

  • Windows Update - you can set your computer to automatically download and install updates when they become available. If you don’t like that idea then you can change your settings in the security centre to notify you when updates are available.

  • AntiVirus – Your AntiVirus should be set to automatically update, check your settings. If you use a paid for application then check your subscription renewal date too. If you use AVG Free AntiVirus then make sure you have installed version 7.5 as version 7.1 will no longer be supported after 15th January.

  • Other Stuff – I’m sure it is a pain going through all your software to check whether updates are needed, SecuniaSoftware Inspector will do that job for you, bookmark that site and run a scan about once a month.

Check Your Security Software

Now would be a good time to review your software, I’ve already mentioned Antivirus, do you have a firewall? Do you have some anti Malware software? Do you have a temp file cleaner? If you want some suggestions then I have some freely available software listed here.

Secure your Wireless Network

More and more of us are going wireless, which is great!
But, a wireless router is unsecured by default, so please check out your router’s manual and secure that network. If you don’t then your computer is wide open for anyone to get in and have a good rummage about and your bandwidth is open for anyone to steal. There are lots of articles available on this subject here is one to get you started. Top 10 Tips for Wireless Home Network Security by Bradley Mitchell.

Use Strong Passwords

If you have to use a password for something then make it a Strong Password. What’s a Strong Password? Click here

Backup

Now would be a good time to get a backup routine started. However careful we are, disasters will happen. Some tips;

  • Never store your backups on the same partition as your operating system, even better, invest in a separate hard drive and burn your backups to disk regularly.

  • Invest in some good imaging software and take the time to learn how it works, restoring an image after disaster has struck is quick and painless.

  • Keep your backups secure, remember, they contain all your information. I wouldn’t recommend that you store them on line.

  • If possible, keep more than one backup and store them in different locations.

Maintenance

You wouldn’t run your car without checking it’s oil and water, keeping it clean and sending it for a service now and then would you? The same goes for your computer. Look after your baby, some tips;

  • Run a full anti virus and anti malware scan at least once a week, on all your hard drives.

  • Run a temp file cleaner once a week, CCleaner is good for this.

  • Defragment your hard drives about once a month.

  • Uninstall programs that you no longer use

  • Clean your hardware about once every six months, if your fans are really clogged up with dust then replace them, I find a can of compressed air, a soft real bristle paintbrush and a vacuum hose (held at a safe distance) ideal for cleaning out the inside of my case, don’t forget your keyboard.

Be careful what you install

We all love a freebie, and there are plenty of useful and safe applications that are available for download out there… there are also quite a few that will give you a nasty surprise!! If you can, then try the software out in a safe environment first, you can get Microsoft’s Virtual PC for free now. At the very least, check out the EULA before you install, if you find that hard going then Javacool has a program that will help you with this called EULAlyzer™. If you do find some free software that you like, then consider donating to the author if you have a few pennies spare at the end of a month.

Be careful where you surf

The internet is a wonderful place, but it is full of dark corners so do watch your step. Ultimately, it is your choice where you go, but McAfee’s Site Advisor, Firetrust’s Sitehound and the MVPS Hosts File will all help to keep you away from the bad guys.

Finally…………. Have a Wonderful New Year!!!



Saturday, December 30, 2006

Spybot Search and Destroy December 29th

Adware
+ NSIS Media Extension
Hijacker
++ PartyPoker
Malware
+ ErrorSafe + PSW.WOW + Smitfraud-C. (3) + SystemDoctor2006
+ VirtuMonde
PUPS
+ AntiverminsPro ++ CyberDefender
Trojan
+ AnotherBOT + BPS Spyware Remover ++ CIOLE.Media.Extension
+ Dumaru (2) ++ GoldenRivieraCasinoLoader + LZIO.Small + QQRob (5) ++ War3z + WarezP2P (2) ++ Win32.Agent.At + Win32.Agent.uj
+ Win32.Bancos.zm + Win32.Banker.anv ++ Win32.Delf.acc
++ Win32.SdBot.azc ++ Win32.VB.atz (2) + Zlob.GoldCodec (3)
+ Zlob.KeyGenerator + Zlob.PornMagPass (2) + Zlob.PornPassManager ++ Zlob.SoftCodec + Zlob.VideoAccess (4)
+ Zlob.VideoActiveXObject (3)
Total: 346147 in fingerprints in 57026 rules for 2586 products.

http://www.safer-networking.org/en/home/index.html

AD AWare SE1R141 27.12.2006

SE1R141 27.12.2006 is now available, new definition file for Ad-Aware SE.

New definitions:
====================
Adware.Mirar+2
Adware.PluginDL +6
Adware.TrafficSol +3
BraveSentry +7
Win32.Hacktool.WinSpy +3
Win32.TrojanDownloader.Banload +19

Updated definitions:
====================
Adware.180Solutions.SeekmoSearchAssistant
Adware.BHO(generic) +2
Adware.NewWeb +3
Adware.Searchcolours
Adware.WebRebates +6
AntiVermins +2
Backdoor.Prorat.16 +2
BargainBuddy +4
ErrorSafe
PestCapture +2
PestTrap
PurityScan +2
Softomate Toolbar +3
SpywareSheriff +2
TopSearch +2
Virtumonde +3
VirusBurst
WebHancer
Win32.Backdoor.Agent +5
Win32.Backdoor.Agobot
Win32.Backdoor.PcClient +3
Win32.Backdoor.RBot +2
Win32.Bagle.B +3
Win32.Dialer.Trojan
Win32.Generic.PWS +13
Win32.Trojan.Agent +13
Win32.Trojan.Delf +2
Win32.Trojan.Downloader +37
Win32.Trojan.Klone +2
Win32.Trojan.MatrixHasYou +6
Win32.Trojan.Mirc +3
Win32.Trojan.Small
Win32.Trojan.Spy +11
Win32.TrojanClicker +4
Win32.TrojanDownloader.Adload +2
Win32.TrojanDownloader.Agent +11
Win32.TrojanDownloader.Delf +7
Win32.TrojanDownloader.Small +14
Win32.Trojandownloader.Zlob +4
Win32.TrojanDropper +3
Win32.TrojanProxy.Agent.dl +3
Win32.TrojanProxy.Small
Win32.Trojan-PSW.Lineage +9
Win32.TrojanSpy.Banker +76
Win32.Worm.Agobot.E +5
Win32.Worm.MSNMaker
Win32.Worm.Viking +6
Win32.Worm.Warezov +15
WinPopup +3

Ad Aware can be downloaded from the official Lavasoft Ad Aware page.

Spyware Doctor 3.0635 1

Spyware Doctor has been updated with new spyware definitions.

Latest Database Version: 3.0635 1
Intelli-Signatures: 178,711

Spyware Doctor protects your computer in 3 ways. First, it has the On guard monitor which watches places spyware will change your computer settings. By alerting you, Spyware Doctor gives you the option to not allow unwanted programs on your computer. Second, Spyware Doctor has a feature called Immunize that completely blocks known spyware from even installing. Third, spyware Doctor has a large detection database that removes spyware that has gotten onto your computer. I have used Spyware Doctor in tests against SpyAxe and SpyFalcon. It completely removed the those two. A restart of the computer and resetting my wallpaper was the hardest part.

A free scan is available from the Spyware Doctor Homepage:
http://www.pctools.com/spyware-doctor/

New Intelli-Signatures:

3.0635 1 - Backdoor.DHCPCom, Backdoor.Sdbot.AZS, Common Components for Worm.Warezov, Exploit.MSWord.MS06-027, Trojan.Dropper.Agent.NCR, Trojan.Spy.Banker.ABS, Trojan.Spy.Banker.ACQ, Trojan.Spy.Banker.AEM, Worm.Padobot, Worm.Warezov.ET, Worm.Warezov.FH

3.0634 0 - Backdoor.Badrat.E, Backdoor.MoonPie, Hacktool.HIDD, Trojan.Agent.DPY, Trojan.Spy.Banpaes

3.0633 0 - Backdoor.VB.JV, Firehole, Trojan.Agent.AZV, Trojan.PSW.Tmp636

3.0632 1 - Christmas Blessing-4

Extended Intelli-Signatures:
3.0635 1 - Backdoor.Poison, Backdoor.Rbot, Backdoor.Sdbot.AAD, Common Components for Trojans, CWS, Known Bad Sites, SexVideoPro Dialer, Suspicious File, Trojan.Banbra, Trojan.Banker.AEM, Trojan.Banker, Trojan.Dluca, Trojan.Downloader.Banload.MS, Trojan.Proxy.Lager.f, Trojan.Spy.Banker.AEZ, Trojan.Win32.Agent.ZQ, Worm.Warezov

3.0634 0 - ActiveX Objects, Maxifiles, PurityScan, Trojan.Banker, Trojan.Goldun, VSToolbar, Worm.Licat

3.0633 0 - AntiVermins, Backdoor.AimBot, Backdoor.IRCBot, Borlander, CleverIEHooker, Common Components Unrelated, InstaFinder, Keylog-sters, MemoryMeter, Trojan.Banbra, Trojan.Bancos.JZ, Trojan.Banker.FZ, Trojan.Downloader.Ruins, Trojan.Pakes, Trojan.Popuper.Downloader, Trojan.Popuper, Trojan.Spy.Banpaes.J, TV Media Display

3.0632 1 - Common Components for Trojans, Trojan.Clagger.H


General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

Friday, December 22, 2006

SpywareBlaster Updated, 23 New Items

Updated: December 19th, 2006
New: 32 Items
Total: 7030 Items

SpywareBlaster is free and available from Javacool's SpywareBlaster page.

SpywareBlaster can:

  • Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software
  • Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox
  • Restrict the actions of potentially unwanted sites in Internet Explorer
Please use the web update feature withinSpywareBlaster to obtain the latest definitions.
Enable all protections once downloaded.

Spybot Search & Destroy Dec 22nd

22nd, December 2006
Dialer
+ StarnetItalia
Keylogger
+ Smitfraud-C.Keylogger
Malware
+ Backdoor.Win32.SdBot.gen + CarpeDiem Vars + Cimuz + PestTrap + PWS.WOW (2) + Smitfraud-C. (2) + VirtuMonde + WinClean + Winsoftware.WinAntiVirusPro2006 ++ Backdoor.Win32.MsnLog ++ Win32.Bancos.zm
PUPS
+ MalwareWipe
Spyware
+ TargetMarketingAgency
Trojan
+ Cassava + FakeBill + LZIO.Small + QQRob (3) + SeachToolbarCorp.ToolbarVision + VistaActivation.Trojan + Win32.Bifrose.aci + Win32.Delf + Zlob.DigiPassword + Zlob.PornMagPass (2) + Zlob.Wave ++ Zlob.VideoActiveXObject
Total: 343132 fingerprints in 56039 rules for 2557 products.
http://www.safer-networking.org/en/home/index.html

Spyware Doctor 3.0630 0

Spyware Doctor has been updated with new spyware definitions.

Latest Database Version: 3.0630 0
Intelli-Signatures: 176,841

Spyware Doctor protects your computer in 3 ways. First, it has the On guard monitor which watches places spyware will change your computer settings. By alerting you, Spyware Doctor gives you the option to not allow unwanted programs on your computer. Second, Spyware Doctor has a feature called Immunize that completely blocks known spyware from even installing. Third, spyware Doctor has a large detection database that removes spyware that has gotten onto your computer. I have used Spyware Doctor in tests against SpyAxe and SpyFalcon. It completely removed the those two. A restart of the computer and resetting my wallpaper was the hardest part.

A free scan is available from the Spyware Doctor Homepage:
http://www.pctools.com/spyware-doctor/

New Intelli-Signatures:
3.0630 0 - Trojan.PSW.Trillian, Trojan.Spy.Banker.ADS, Trojan.Spy.Banker.AHE, Trojan.Spy.Banpaes.X

3.0629 0 - AntiVermins, Trojan.PSW.TRBM, Trojan.Spy.Banker.CAW, Trojan.Spy.Banpaes.AS, Trojan.Spy.Banpaes.J

3.0628 0 - Adwin, Backdoor.Novadoor, Trojan.Banbra.HK, Trojan.PSW.TVGame

Extended Intelli-Signatures:
3.0630 0 - AdUrl, Adware.NewWeb, Ardamax Keylogger, Backdoor.Agobot, Backdoor.AimBot, Backdoor.Assasin, Backdoor.Beastdoor, Backdoor.Bifrose, Backdoor.BO2K, Backdoor.CIADoor.13, Backdoor.CIADoor, Backdoor.Ginwui, Backdoor.Gobot, Backdoor.Graybird.GEN, Backdoor.Hackdoor, Backdoor.Hupigon.GEN, Backdoor.InfecDoor, Backdoor.IRC.Flood, Backdoor.MoSucker, Backdoor.Optix, Backdoor.PCclient, Backdoor.ProRAT.K, Backdoor.ProRat, Backdoor.Radmin, Backdoor.Rbot.ADF, Backdoor.Rbot.YH, Backdoor.SdBot, Common Components for 180Solutions items, Common Components for Keyloggers, Common Components for Trojans, Common Components Unrelated, Common Components used by Gator, 7Fasst and 0Cat Yellowpages, Email.Worm.Bagle, Email.Worm.NetSky, Spector Pro Keylogger, Trojan.Downloader.Tiny.BM, Trojan.FakeAlert, Trojan.LdPinch, Trojan.Pakes, Trojan.Proxy.Lager.f, Trojan.PWS.Tanspy, Trojan.Spy.Banker.ABG, Trojan.Spy.Banker.ADD, Trojan.Spy.Banpaes.J, Trojan.Spy.Banpaes.W, Worm.Warezov, Zestyfind

3.0629 0 - Adware.Sogou, Backdoor.Rbot.AEU, Drive Cleaner, Keylog-sters, PurityScan, SubSeven, Suspicious File, SystemDoctor, Trojan.Banbra, Trojan.Banker, Trojan.Popuper, Trojan.Spy.Banker.ABG, Trojan.Spy.Banker.AHO, VirusBurst

3.0628 0 - Backdoor.Agent, Backdoor.Bifrose, Backdoor.EggDrop, Backdoor.Hupigon.GEN, Backdoor.IRCBot.AZ, Backdoor.MoSucker, Backdoor.Rbot.ADF, Backdoor.Rbot.BEC, Backdoor.Rbot.C, Backdoor.Rbot.Gen, Backdoor.Rbot.WI, Backdoor.Sdbot.AAD, Bestoffers, Common Components for Backdoors, Common Components Unrelated, Dollarrevenue, ILookup.Begin2Search, SpyAxe, Trojan.Banbra.DF, Trojan.Bancos.JZ, Trojan.Bancos.LX, Trojan.Bancos.WN, Trojan.Bancos, Trojan.Banker.AJ, Trojan.Downloader.Adload, Trojan.PWSteal.Lemir.AEH, Trojan.Spy.Banker.ADD, Trojan.Spy.Banker.AEC, Trojan.Traffloads


General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

Christmas is Coming

It's getting near to that time of year again, no doubt you will know of family members or friends who will be treating themselves or their children to a nice new bit of kit or an online connection.

As the person in their lives who knows a bit about computers, no doubt you will be asked to help set it up and you will be asked for a little expert advice, which will go in one ear and out of the other because they just can't wait to get started!! rolleyes.gif

May I suggest that you leave them with a few sites to visit... perhaps even make a HTML file with some handy links and leave it on their desktop. Here are a few suggestions for you.

Get Safe Online: A site sponsored by the UK Government and leading businesses to help you protect yourself against internet threats. And excellent site and well worth spending some time browsing around it. My only gripe is that they don't really have a comprehensive list of freely available software but I have a few listed on my Favourites page.

Bank Safe online; Provides advice on steps to take to bank safely online, plus a whole lot more. Make sure you check out the Helpful Sites page.

Stay Safe Online - A US site similar to Get Safe Online, well worth a visit.

Think U Know - Teenagers know it all.. and this is an excellent site aimed at them to make sure that they do know it all when it comes to staying safe and having fun on the internet.

Chatdanger - It's an exciting world out there and our kids are going to chat whether we like it or not. This site has been produced by the charity Childnet International. Another great site for teaching kids about online safety.

Microsoft Security at Home - This is Microsoft's security site and is another great place to start to get information about how to keep yourself, your computer and your children safe and secure online, it will also keep you up to date with all the Windows XP related news.

Finally... our kids love to talk and they love Messenger and they will love Messenger Plus Live, because all their friends have it. Please make sure you check that they install this program without the sponsor program, Lop infections seem to make a dramatic increase over the Christmas period for some reason or other!!!! Sandi Hardmeier has a nice write up on the latest version of MessengerPlus on her blog

Merry Christmas to you all and please have a safe and secure 2007

Monday, December 18, 2006

Mr Clean in the Spyware Business now?

The latest fake antispyware program, Mr Antispy, looks familiar. It seems the spyware makers ran out of ideas and ripped off Mr Clean, the household cleaner. The only thing that will get cleaned by Mr Antispy will be your wallet if you buy it. Comparison picture included in link.

It should go without saying that you shouldn't buy this program. It's made by the same people who brought us SpyAxe, SpyFalcon, SpywareStrike, MalwareWipe, Pest Trap, and many other rogue programs. The registration for mrantispy.com is done by ESTDOMAINS who is associated with all of those fake programs. If any Proctor & Gamble lawyers come across this, why not give them a call at 1.3027224217

Digg it

Ad Aware SE1R140 18.12.2006

Ad Aware has been updated, the new definition is SE1R140 18.12.2006


Updated definitions:
====================
Adware.Agent +5
Adware.Allsum +2
Adware.BHO(generic) +8
Adware.CasClient +2
Adware.Eztracks +4
Adware.Henbang +2
Adware.Suggestor +3
Dialer
ErrorSafe +2
EzuLa +3
FakeAlert
Purityscan +3
Virtumonde +2
Win32.Backdoor.Agent +6
Win32.Generic.PWS +20
Win32.Trojan.Agent +2
Win32.Trojan.Delf +2
Win32.Trojan.Downloader +20
Win32.Trojan.Klone
Win32.Trojan.Spy
Win32.TrojanDownloader.Agent +2
Win32.TrojanDownloader.Delf +3
Win32.TrojanDownloader.Small
Win32.Trojandownloader.Zlob +5
Win32.TrojanDropper +5
Win32.Trojan-PSW.Lineage +4
Win32.TrojanSpy.Banker +24
Win32.TrojanSpy.Goldun +3
Win32.Worm.MSNMaker +2
Win32.Worm.Warezov +9

Ad Aware can be downloaded from the official Lavasoft Ad Aware page.

Sunday, December 17, 2006

World of Warcraft Patch 2.0.1 issue down to WareOut?

My friends at Security Central have had a few gamers asking for help just recently. Some players of the World of Warcraft game have been unable to log into thier accounts since downloading a patch, there is a big long thread on the WoW forums about it.

Now whether the patch was infected or the server it was downloaded from was infected or it's just a bad co-incidence, I don't know, but the team at Security Central have noticed that every log from a WoW gamer asking for help so far has been infected with WareOut.

Little Eagle has put together a self help thread using FixWareOut, developed and maintained by fellow Microsoft MVP LonnyJones. If you are a Wow gamer and are still having problems after running this fix then please ask for help on the forums.

Thursday, December 14, 2006

Spyware Doctor 3.0622 0

Spyware Doctor has been updated with new spyware definitions.

Latest Database Version: 3.0622 0
Intelli-Signatures: 142,527

Spyware Doctor protects your computer in 3 ways. First, it has the On guard monitor which watches places spyware will change your computer settings. By alerting you, Spyware Doctor gives you the option to not allow unwanted programs on your computer. Second, Spyware Doctor has a feature called Immunize that completely blocks known spyware from even installing. Third, spyware Doctor has a large detection database that removes spyware that has gotten onto your computer. I have used Spyware Doctor in tests against SpyAxe and SpyFalcon. It completely removed the those two. A restart of the computer and resetting my wallpaper was the hardest part.

A free scan is available from the Spyware Doctor Homepage:
http://www.pctools.com/spyware-doctor/

New Intelli-Signatures:

3.0622 0 - Backdoor.GrayBird.X, Backdoor.IRCBot.YH, Backdoor.Mechbot, Backdoor.Medbot, Backdoor.Nark, Backdoor.Neodurk, Backdoor.Netcrack, Backdoor.Netshadow, Backdoor.Netsnake, Backdoor.Nightmare, Backdoor.Noknok, Backdoor.Nuclear, Backdoor.Nucledor, Backdoor.Nucleroot, Backdoor.Oblivion, Backdoor.Outbreak, Backdoor.Packbot, Backdoor.Peepviewer, Backdoor.Pestdoor, Backdoor.Plunix, Backdoor.Poebot, Backdoor.Poison, Backdoor.PPDoor, Backdoor.Ptakks, Backdoor.Reload, Backdoor.Revenge, Backdoor.Rukap, Backdoor.Runar, Backdoor.Sbot, Backdoor.Schoolbus, Backdoor.Sensode, Backdoor.Servidor, Backdoor.Shadow, Backdoor.Shbot, Backdoor.Silentspy, Backdoor.Singu, Backdoor.SkSocket, Backdoor.Slackbot, Backdoor.Snowcap, Backdoor.Spartadoor, Backdoor.Spookdoor, Backdoor.Subot, Backdoor.Subroot, Backdoor.Tsunami, Backdoor.Ullysee, Backdoor.Vanbot, Backdoor.VBBot, Backdoor.Wardoor, Backdoor.Webex, Backdoor.WinterLove, Backdoor.Wisdoor, Backdoor.Wollf, Backdoor.Xdoor, Backdoor.Y3KRat, Backdoor.Yurist, Backdoor.Zalivator, Backdoor.Zemac, Trojan.Agent.AD, Trojan.Banbra.DQ, Trojan.Bancos.PX, Trojan.Bancos.QW, Trojan.Downloader.Hanlo, Trojan.Downloader.Lopin, Trojan.Downloader.Nurech, Trojan.Downloader.Obfuscated, Trojan.Lodear, Trojan.Mitglieder, Trojan.Proxy.Lager, Trojan.PSW.Vingrad, Trojan.PWSteal.Gamec, Trojan.Rebooter, Trojan.Spy.Agent, Trojan.Spy.Banker.AHO


3.0621 0 - Backdoor.Amitis, Backdoor.Bandok, Backdoor.Berbew, Backdoor.Blackhole, Backdoor.Bladerunner, Backdoor.Brabot, Backdoor.Cakl, Backdoor.Death, Backdoor.Deepthroat, Backdoor.Dragonbot, Backdoor.Evilbot, Backdoor.Firefly, Backdoor.Flux, Backdoor.Frenzy, Backdoor.G_Door, Backdoor.GGDoor, Backdoor.Ghost, Backdoor.Hacarmy, Backdoor.Hacktack, Backdoor.Helios, Backdoor.Igloo, Backdoor.Isen, Backdoor.Justjoke, Backdoor.Kokodoor, Backdoor.Lanfiltrator, Backdoor.Lecna, Backdoor.LittleWitch, Backdoor.MasterParadise, Trojan.Banbra.EJ, Trojan.Banbra.GI, Trojan.PWSteal.Lemir.ACN, Trojan.Spy.Banker.BFK, Trojan.Spy.Banker.BLF, Trojan.Spy.Banker.BUG


Extended Intelli-Signatures:

3.0622 0 - Backdoor.Agent, Backdoor.Agobot, Backdoor.GrayBird.Q, Backdoor.Hackdoor, Backdoor.Hupigon.GEN, Backdoor.IRCBot.AZ, Backdoor.Rbot.ADF, Backdoor.Rbot, Bestoffers, ClkOptimizer, Common Components for Trojans, Common Components Unrelated, Fearless KeySpy, InternetOptimizer, Lop.com, MSNMaker, QQFace, SC Keylogger, Trojan.AVKillers, Trojan.Bancos.JL, Trojan.Bancos.KL, Trojan.Bancos, Trojan.Banker, Trojan.Downloader.Banload.AM, Trojan.Downloader.Banload.CU, Trojan.Downloader.Delf, Trojan.Dropper.Agent.AWB, Trojan.Dropper.Small.AEK, Trojan.Dumaru, Trojan.FakeAlert, Trojan.FakeAOL, Trojan.FakeGina, Trojan.FakeMSN, Trojan.Favadd, Trojan.Fearless.Spy, Trojan.Fivesec.A, Trojan.Goldun, Trojan.HacDef, Trojan.Horst, Trojan.Jakposh, Trojan.Kapod, Trojan.KillFiles, Trojan.LdPinch, Trojan.LipGame, Trojan.LowZones, Trojan.Mailbot, Trojan.Notifier, Trojan.NSAnti, Trojan.Pakes, Trojan.Popuper.Downloader, Trojan.Popuper, Trojan.Proxy.Ranky, Trojan.Proxy.Xorpix, Trojan.PSW.Agent.CK, Trojan.PSW.Hangame, Trojan.PSW.Mifeng, Trojan.PSW.Nilage, Trojan.PSW.Platan, Trojan.PSW.QQDragon, Trojan.PSW.QQGame, Trojan.PSW.QQRob, Trojan.PSW.Wowcraft, Trojan.PSW.Yahoo, Trojan.PWS.Hukle, Trojan.PWS.Tanspy, Trojan.PWS.Tibia, Trojan.PWSteal.Bancos, Trojan.PWSteal.Gadu, Trojan.PWSteal.Gamania, Trojan.PWSteal.Kuang, Trojan.PWSteal.Lemir, Trojan.PWSteal.Lineage, Trojan.PWSteal.Lmir.GEN, Trojan.PWSteal.QQPass, Trojan.Qhosts, Trojan.Repsamo, Trojan.Rux, Trojan.SpaBot, Trojan.SpamBot, Trojan.Spy.Banker.AEC, Trojan.Spy.Banker.BFN, Trojan.Spy.GWGhost, Trojan.Spy.Iespy, Trojan.Spy.Ransom.A, Trojan.Startpage, Trojan.Surila, Trojan.Tooso, Trojan.TroySpy, Trojan.Vipgsm, Trojan.Wayphisher, Ultimate Cleaner, Virtumonde, Worm.Mytob, Worm.Opnis


3.0621 0 - Adware.DM, Backdoor.Bionet.404, Backdoor.Blueang, Backdoor.BO2K, Backdoor.Cheeser, Backdoor.Chupa, Backdoor.CIADoor, Backdoor.Codbot.Gen, Backdoor.CommInet, Backdoor.Darkmoon, Backdoor.DonaldDick, Backdoor.DSNX, Backdoor.EggDrop, Backdoor.Fadedoor, Backdoor.Feardoor, Backdoor.Ginwui, Backdoor.Gobot.GEN, Backdoor.Graybird.GEN, Backdoor.Hackdoor, Backdoor.Harvester, Backdoor.Hupigon.GEN, Backdoor.InfecDoor, Backdoor.IRC.Flood, Backdoor.IRC.Mimic, Backdoor.IRC.Zapchast, Backdoor.IRCBot.ET, Backdoor.IRCBot, Backdoor.IrcContact, Backdoor.Lithium, Backdoor.Litmus, Backdoor.Lixy, Backdoor.MoSucker, Backdoor.Netdevil, Backdoor.NetThief, Backdoor.Optix, Backdoor.Optixpro, Backdoor.Pahador, Backdoor.PCclient, Backdoor.PowerSpider, Backdoor.ProRat, Backdoor.Radmin, Backdoor.Rbot.AEU, Backdoor.Rbot, Backdoor.Redkod, Backdoor.Robobot, Backdoor.Sdbot.AAD, Backdoor.SDBot.XD, Backdoor.SdBot, Backdoor.SkRat, Backdoor.SpyBoter, Backdoor.Theef, Backdoor.UltimateRAT, Backdoor.Virkel, Backdoor.Webdor, Backdoor.Winshell, Backdoor.Wootbot.Gen, Bestoffers, Breplibot, Common Components for Trojan.PWStealers, Common Components for Trojans, Common Components Unrelated, CouponAge, Desktop Hijacker, Dollarrevenue, EliteBar, HideWindows, ICQ Password Spy, Iroffer, ISTbar, Keylogger.Cone.Trojan, LinkOptimizer, NetBus, NetSpy, Power Spy, PurityScan, Rootkit.Vanti, SubSeven, Trojan.Adclicker, Trojan.Agent, Trojan.AVKillers, Trojan.Banbra.CC, Trojan.Banbra, Trojan.Bancos.CR, Trojan.Bancos.HA, Trojan.Bancos.JZ, Trojan.Bancos, Trojan.Bankem, Trojan.Banker.ANV, Trojan.Busky, Trojan.Clicker.Aditer, Trojan.Conycspa, Trojan.Crypt.D, Trojan.Crypt.E, Trojan.Crypt.I, Trojan.Crypt.T, Trojan.Dadobra, Trojan.Daemonize, Trojan.Danmec, Trojan.Delsha, Trojan.Dluca, Trojan.DNS Changer, Trojan.Downloader.Adload, Trojan.Downloader.Apher.GEN, Trojan.Downloader.CashDeluxe, Trojan.Downloader.Centim, Trojan.Downloader.ConHook, Trojan.Downloader.Femad, Trojan.Downloader.Fuetel, Trojan.Downloader.Harnig, Trojan.Downloader.Iciko, Trojan.Downloader.Mediket, Trojan.Downloader.Monurl, Trojan.Downloader.Murlo, Trojan.Downloader.MyPay, Trojan.Downloader.PassAlert, Trojan.Downloader.TIBS, Trojan.Dropper.Agent.AMR, Trojan.Dropper.Agent.AXO, Trojan.Dropper.ExeBinder, Trojan.Dumaru, Trojan.Pakes, Trojan.Popuper, Trojan.Proxy.Small.BO, Trojan.PSW.Yap Variant, Trojan.PWSteal.Lineage, Trojan.Spy.Banker.AEC, Virtumonde


General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

Phishing Scams on the Increase in the UK

I came across this article in the Register today, it makes scary reading.

UK incidents of phishing scams have grown 8,000 per cent over the last two years, according to the government's financial watchdog authority. Although losses remain modest compared to other forms of financial fraud, banking security experts speaking before the House of Lords science and technology committee are concerned about the growing prevalence of scams designed to trick consumers into handing over online banking credentials.

Rob Gruppetta, of the Financial Services Authority (FSA) financial crime team, told the parliamentary committee, "We are very concerned about the rate of increase. It has gone up by 8,000 per cent in the past two years. But in the grand scheme of total fraud it is still quite small," he added.

Between January and June 2005, 312 phishing incidents were recorded, a figure that shot up to 5,059 for the first half of 2006, according to figures from UK banking payment organisation Apacs. Improved detection rates are partly behind the increase but even so the growing sophistication of scammers is leading to heavy losses from UK banks.

Apacs security chief Philip Whitaker told peers that scammers had transformed phishing scams from a cottage industry into an industrial process.

An estimated £23.2m was stolen from UK online bank accounts using email scams in the first half of 2006, with a slight decreases in losses to £22.5m for the second half of the year, the BBC reports. In the year prior to October 2004, Apacs estimated phishing cost UK banks £4.5m, which compares to a £45.7m estimated loss for 2006. Despite growing losses, security experts testified that online banking was essentially safe.


There are some simple precautions you can take to make sure you don't become a victim;

1. Never click on a link in an email to take you to a secure site, if you need to log into your internet banking or ebay account then use the link in your favourites
2. Never, give out your password or login details either on line or over the phone.

If you think you have had a phishing email then you can report it to the PIRT squad at CastleCops, they will investigate it and actively work to get the site taken down. There is more information about phishing and staying safe online at Bank Safe Online

Tuesday, December 12, 2006

MalwareWiped a New Rogue Program

While looking at some web sites, I came across a new rogue antispyware program, Malwarewiped. If that sounds familiar, then that's because it's a renamed copy of MalwareWipe. The website name is Malwarewiped.com, which is not much different than the old one, malwarewipe.com.

This program is advertised by trojans and other malware to try to trick you into buying it. My copy got downloaded by clicking a fake warning from updatestate.com. Avoid this program, it's not worth paying for. Especially when most people will have it installed on their computer by spyware and trojans.





McAfee Antivirus detects it as a potentially unwanted program. Other security programs will add it to their detections soon I'm sure.

New Scam Sites

Several new scam websites found by Sunbelt Software and posted on their blog. These sites use different tricks to get people to install software. Don't download or install anything from them or anything else advertised this way.

Details and screen shots at Sunbelt Blog.

IP: 85.255.117.196
activexmediaobject.com

IP: 85.255.117.194
multimediaobject.com

IP: 85.255.116.210
iesafetywarning.com

IP: 85.255.116.210
uptodateprotect.com

IP: 85.255.116.212
allsecuritysite.com

Monday, December 11, 2006

MS Security Bulletin Advance Notification for December

I'm late with this notification this month as it is patch day tomorrow.. but here goes anyway.

Don't forget to prepare for the updates as I've outlined in an earlier entry - How To Prepare for Patch Tuesday.

On 12 December 2006 Microsoft is planning to release:

Security Updates

  • Five Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. Some of these updates will require a restart.
  • One Microsoft Security Bulletins affecting Microsoft Visual Studio. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.
Microsoft Windows Malicious Software Removal Tool
  • Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.
    Note that this tool will NOT be distributed using Software Update Services (SUS).
Non-security High Priority updates on MU, WU, WSUS and SUS
  • Microsoft will release four NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).
  • Microsoft will release 10 NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).
Microsoft Security Bulletin Advance Notification

Microsoft will also be hosting a webcast on Wednesday December 13th, for attendees to ask questions about the bulletins and get answers from the security experts.

Sunday, December 10, 2006

Ad Aware SE1R137 06.12.2006

SE1R137 06.12.2006 is now available, new definition file for Ad-Aware SE.



Updated definitions:
====================
Win32.Trojandownloader.Zlob +16

MD5 checksum is a390eef6adabc65574a9dbc6ad12d212

Ad Aware can be downloaded from the official Lavasoft Ad Aware page.

CounterSpy 1.5 Update 461

CounterSpy 1.5 latest update definition is 461

CounterSpy is able to catch more spyware than almost every other utility on the market because the CounterSpy threat database (with the signatures of every spyware and malware utility we can identify) is constantly updated. Our researchers constantly look for ways to improve our spyware searching database so that it catches all spyware that could potentially be on your system. Keyloggers, spyware cookies, remote access trojans (backdoors), and more are all identified.

Download free 15 day trial

CounterSpy offers a 15 day fully functional trial. So that means you can not only test how it detects spyware, but how well it removes spyware, malware, and other threats.

New Threats Added to Database
Adware.51115, Adware.AdultLinks, Adware.ILookup, Adware.Statblaster.A, Blubster Toolbar, Clickspring/PuritySCAN, Cookie: msnwm.com, Cookie: my-content.net, Cookie: x69x.net, DomainHelper, OpenCash, Plugin369, Porn-Dialer.Win32.GBDialer.i, Spyware.KBGuardian, ToolBar.Ppack, Trojan-PSW.Win32.QQPass.w, Trojan.AntiSpySoldier.A, Trojan.Ardamax.49978424


Threats that have been updated
3721 Chinese Keywords (CNSMin), AdultLinks.QBar, Adware.Cinmus, Adware.LoopAd, Adware.NCast, Altnet/Topsearch, Application.TrojanSimulator, AproposMedia.ContextPlus, Ardamax Keylogger, Back Orifice, BaiduBar, BraveSentry, BrowserAid, C2.Lop, CarpeDiem, CasinoOnNet, ClickSpring.PuritySCAN, ComforestDial, Constructor.Win32.GoboTools, CoolWebSearch.CameUp, Cure, DesktopScam, Dimpy.Win32VBsy, ErrorSafe, eZula.CommonElements, FakeAlert, Family KeyLogger, FavoriteMan, Gigatech Superbar, Goldun.Fam, Hacker Defender, Hacktool.Rootkit, Haxdoor.Fam, HungryHands, IBIS.WebSearch Toolbar, iLookup, Infostealer, iOpus STARR, IRC Trojan, IRC-Worm.IRC.generic, IRC.Backdoor.Trojan, iSearch.Toolbar, IShowBao, JS.Cardsteal.Trojan, KeenValue.IncrediFind, Kuaiso Toolbar,
Maxifiles, MediaTickets CDT, Navihelper, Neoturk, Netbus, NSIS Media, Optix, P2P-Worm.Win32.SpyBot.gen, P2P-Worm.Win32.SpyBot.gl, Packed.Win32.NSAnti.b, Perfect Keylogger, PWS-Win32/Cimuz.gen, PWS-Win32/Wowsteal.gen!A, RainbowCrack, Remacc.RAServer, SafeSearch, SC-KeyLog, SearchWords.Toolbar, Slagent/Navipromo, SpamTool.Win32.Agent, SpySheriff, SpywareStormer, StatBlaster, SystemDoctor, Toolbar.CommonElements, Trojan-BAT.Zapchast, WatchDog, WebMail Spy, WildMedia.OverPro, Win32.Doombot.K@mm, Win32.ExplorerHijack, Win32.Worm.SQL.Slammer.B, Win32/Alureon.gen, WinAntiSpyware, Winshow

Spybot Search and Destroy December 8th

Adware
+ AdMoke (2) + AdSponsor + NCast (10)
Dialer
+ Prisparky
Hijacker
+ HappyToFind.Toolbar + MediaTickets
Malware
+ Ad-Protect + AV-Gold + CMFibula + CrawlwsToolbar + Fake.xpRecovery + FotosScreenSaver + MediaMotor (2) + PSCastor + Smitfraud-C. + SystemDoctor2006 + VirusBurst + VirusRescue + Warezov ++ Smitfraud-C.Toolbar888
PUPS
+ YazzleSudoku
Trojan
+ AnotherBOT + AstaKiller + Fraud.ProtectionBar + Hupigon + Kolweb.B ++ Papinha (2) + TagASaurus + VirtuMonde + Win32.Agent.baf + Win32.Banker.anv + Win32.Bzub.e + Win32.NLC + Win32.Small.lr + XPreload (3) + Zlob.EliteCodec + Zlob.FreeVideo.DVDCodec (2) + Zlob.GoldCodec (3) + Zlob.HQCodec + Zlob.HQvideo + Zlob.iCodecPack + Zlob.iMediaCodec + Zlob.IVideoCodec (3) + Zlob.JPEG-Encoder (2) + Zlob.KeyCodec + Zlob.MediaCodec + Zlob.MMediaCodec + Zlob.MPVideoCodec + Zlob.MyPassGenerator + Zlob.PerfectCodec (2) + Zlob.PornMagPass (2) + Zlob.PornPassManager + Zlob.PowerCodec (2) + Zlob.QualityCodec (2) + Zlob.SilverCodec (3) + Zlob.StrCodec (3) + Zlob.SuperCodec + Zlob.TrueCodec (2) ++ Zlob.Vcodec + Zlob.VidCodec (2) + Zlob.VideoAccess + Zlob.VideoCompressionCodec + Zlob.VideoKeyCodec (2) + Zlob.WinMediaCodec + Zlob.XpassGenerator + Zlob.XPasswordManager + Zlob.ZCodec
Total: 340797 fingerprints in 55352 rules for 2515 products.
http://www.safer-networking.org/en/home/index.html

SpywareBlaster Updated December 8th

Updated: December 8th, 2006
New: 51 Items
Total: 6998 Items

SpywareBlaster is free and available from Javacool's SpywareBlaster page.

SpywareBlaster can:

  • Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software
  • Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox
  • Restrict the actions of potentially unwanted sites in Internet Explorer
Please use the web update feature withinSpywareBlaster to obtain the latest definitions.
Enable all protections once downloaded.

Monday, December 04, 2006

Spyware Doctor 3.0615 0

Spyware Doctor has been updated with new spyware definitions.

Latest Database Version: 3.0615 0
Intelli-Signatures: 92,405

Spyware Doctor protects your computer in 3 ways. First, it has the On guard monitor which watches places spyware will change your computer settings. By alerting you, Spyware Doctor gives you the option to not allow unwanted programs on your computer. Second, Spyware Doctor has a feature called Immunize that completely blocks known spyware from even installing. Third, spyware Doctor has a large detection database that removes spyware that has gotten onto your computer. I have used Spyware Doctor in tests against SpyAxe and SpyFalcon. It completely removed the those two. A restart of the computer and resetting my wallpaper was the hardest part.

A free scan is available from the Spyware Doctor Homepage:
http://www.pctools.com/spyware-doctor/

New Intelli-Signatures:
3.0615 0 - Adware.CurePCSolutions, Adware.DomainHelper, Backdoor.VB.AAF, Trojan.Bancos.MF, Trojan.Downloader.Agent.AIC, Trojan.PWSteal.ZombSmallTrojan.01, Trojan.Spy.Banker.BSU, Trojan.Spy.Banker.BSY, Trojan.Spy.Banker.BT, Trojan.Spy.Banker.BTG, Trojan.Spy.Banker.BUH

3.0614 1 - Suspicious File, Trojan.Bancos.GX, Trojan.Bancos.HQ, Trojan.PSW.QQDragon.T, Trojan.PWSteal.Lemir

3.0614 0 - Suspicious File, Trojan.Bancos.GX, Trojan.Bancos.HQ, Trojan.PSW.QQDragon.T, Trojan.PWSteal.Lemir

3.0613 0 - Trojan.PWSteal.Zaba.b, Trojan.PWSteal.ZRM
Extended Intelli-Signatures:
3.0615 0 - AdRotator, Adware.NewWeb, Backdoor.Agobot, Backdoor.AimBot, Backdoor.Bifrose, Backdoor.Radmin.J, Backdoor.Rbot, Backdoor.Sdbot.AAD, Backdoor.SdBot.GEN, BookedSpace, eZula, Maxifiles, Trojan.Downloader.Agent.AFL, Trojan.Downloader.ConHook, Trojan.Downloader.Ruins, Trojan.FakeAlert, Trojan.LdPinch, Trojan.Pakes, Trojan.PWSteal.Lemir, Trojan.PWSteal.QQPass.AC, Trojan.Qhosts, Trojan.Spy.Banker.ABG, Zeno Search Assistant

3.0614 1 - Backdoor.Agobot.AGZ, Backdoor.IRC.Zapchast, Backdoor.IRCBot.FP, Backdoor.Rbot.AJK, Backdoor.Rbot.Gen, Backdoor.Rbot, Backdoor.Robobot, Backdoor.Sdbot.AAD, Backdoor.Sdbot.AFX, Backdoor.SdBot.AJH, Backdoor.SdBot.GEN, Backdoor.SDBot.XD, Backdoor.Tixanbot, Backdoor.VBbot.I, Borlander, Common Components for Trojans, Common Components Unrelated, CWS.XPlugin, CWS.XPSystem, FU Rootkit, ILookup.Begin2Search, Known Bad Sites, MediaMotor, Recipe Rewards Toolbar, Slagent, Specific911 Hijack, Surf Speak, SurfSideKick, TIBS Premium Rate Dialer, Trojan.Agent.HS, Trojan.Agent.HT, Trojan.Agent.QW, Trojan.AntiMcAfee.B, Trojan.AVKillers, Trojan.Banbra.FB, Trojan.Bancos.JL, Trojan.Bancos.JZ, Trojan.Bancos, Trojan.Banker, Trojan.BeastPWS.C, Trojan.Bumerang, Trojan.Clicker.Aditer, Trojan.Clicker.Promo.A, Trojan.Clicker.VB.LX, Trojan.Crypt.D, Trojan.Delf.BZ, Trojan.Delf.PX, Trojan.Downloader.AEU, Trojan.LowZones, Trojan.PSW.QQRob.U, Trojan.Small.AH, Trojan.Spy.Banker.BBH, Trojan.StartPage.HT, Worm.Mytob.BI, XTS Keylogger, ZToolbar

3.0614 0 - Backdoor.Agobot.AGZ, Backdoor.IRC.Zapchast, Backdoor.IRCBot.FP, Backdoor.Rbot.AJK, Backdoor.Rbot.Gen, Backdoor.Rbot, Backdoor.Robobot, Backdoor.Sdbot.AAD, Backdoor.Sdbot.AFX, Backdoor.SdBot.AJH, Backdoor.SdBot.GEN, Backdoor.SDBot.XD, Backdoor.Tixanbot, Backdoor.VBbot.I, Borlander, Common Components for Trojans, Common Components Unrelated, CWS.XPlugin, CWS.XPSystem, FU Rootkit, ILookup.Begin2Search, Known Bad Sites, MediaMotor, Recipe Rewards Toolbar, Slagent, Specific911 Hijack, Surf Speak, SurfSideKick, TIBS Premium Rate Dialer, Trojan.Agent.HS, Trojan.Agent.HT, Trojan.Agent.QW, Trojan.AVKillers, Trojan.Banbra.FB, Trojan.Bancos.JL, Trojan.Bancos.JZ, Trojan.Bancos, Trojan.Banker, Trojan.BeastPWS.C, Trojan.Bumerang, Trojan.Clicker.Aditer, Trojan.Clicker.Promo.A, Trojan.Clicker.VB.LX, Trojan.Crypt.D, Trojan.Delf.BZ, Trojan.Delf.PX, Trojan.Downloader.AEU, Trojan.LowZones, Trojan.PSW.QQRob.U, Trojan.Small.AH, Trojan.Spy.Banker.BBH, Trojan.StartPage.HT, Worm.Mytob.BI, XTS Keylogger, ZToolbar

3.0613 0 - Backdoor.Agobot, Backdoor.AimBot, Backdoor.Bifrose, Backdoor.Delf.TZ, Backdoor.Hackdoor, Backdoor.Rbot, Backdoor.Sdbot.AAD, Backdoor.SdBot.GEN, Backdoor.Theef, Borlander, CnsMin, Common Components for About Blank, Common Components for Backdoors, Common Components Unrelated, Cram Toolbar, CWS.SvcHost, CWS.VDOMP, IO Brisa, Lineage.MN, Lop.com, Maxifiles, Maya Password Stealer, MediaGateway, MediaMotor, MSConnect, PSGuard Desktop Hijacker, RPCC Spammer, SpyAxe, Trojan.Bancos.GU, Trojan.Downloader.Agent.AAE, Trojan.Downloader.Agent.ACM, Trojan.Downloader.Agent.AEF, Trojan.Downloader.Agent.NR, Trojan.Downloader.Delf.XG, Trojan.Downloader.JW, Trojan.Downloader.NL, Trojan.Downloader.Small.ATL, Trojan.Downloader.VB, Trojan.Emspy, Trojan.LdPinch, Trojan.Pakes, Trojan.Popuper, Trojan.Proxy.Lager.f, Trojan.Proxy.Xorpix, Trojan.PWSteal.Lmir.AAI, Trojan.SpamThru, Trojan.Spy.Banker.ABG, Trojan.Spy.Gepost, Trojan.Spy.MSN.B, Trojan.StartPage.AV, Trojan.Startpage.GE, Trojan.StartPage.GEN, Trojan.StartPage.Y, Trojan.VB.ADD, Trojan.Win32.Alureon.B, Trustin Toolbar, Virtumonde, VirusBurst, WebSearch Toolbar, WinAntiVirus, Wink, WinSpy Stealth Monitor, Worm.Mytob.CK, Worm.Opnis, Worm.Padobot.Z, Worm.Viking, Worm.WGAVN, Worm.Zotob.B

Renamed Intelli-Signatures:

3.0615 0 - Trojan.Popuper.Downloader

3.0614 1 - Trojan.Bancos.HA

3.0614 0 - Trojan.Bancos.HA

General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

Friday, December 01, 2006

Ad Aware SE1R135 27.11.2006

The latest update for Ad Aware is SE1R135 27.11.2006

Updated definitions:
AdBlaster +2
Adware.Adhelper +5
Adware.BHO(generic) +3
Adware.NewWeb +2
Adware.Searchcolours +2
Lop +4
PurityScan +3
SpyAgent +2
TVMedia
Win32.Backdoor.Agent +6
Win32.Backdoor.PcClient
Win32.Backdoor.SDBot
Win32.Bagle.B
Win32.Dialer.Trojan +3
Win32.Generic.PWS +31
Win32.Trojan.Agent +9
Win32.Trojan.Downloader +25
Win32.Trojan.Klone
Win32.Trojan.MatrixHasYou +11
Win32.Trojan.Qhost +3
Win32.Trojan.SDBot
Win32.Trojan.Small +2
Win32.Trojan.Spambot +7
Win32.Trojan.Spy +2
Win32.Trojan.StartPage
Win32.TrojanClicker
Win32.TrojanDownloader.Agent +9
Win32.TrojanDownloader.Delf
Win32.TrojanDownloader.Small +2
Win32.TrojanDownloader.VB +3
Win32.Trojandownloader.Zlob +1578
Win32.TrojanDropper +3
Win32.TrojanProxy.Agent.dl +3
Win32.Trojan-PSW.Lineage +18
Win32.TrojanSpy.Banker +25
Win32.Worm.Warezov +5
Win32.Worm.Viking +7
Virtumonde +4
Zango

MD5 checksum is c0f5033fa432381818476a7b39a15684

Ad Aware can be downloaded from the official Lavasoft Ad Aware page.

SpywareBlaster Update 294 New Items

Updated: Novemebr 20th, 2006
New: 294 Items
Total: 6937 Items

SpywareBlaster is free and available from Javacool's SpywareBlaster page.

SpywareBlaster can:

  • Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software
  • Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox
  • Restrict the actions of potentially unwanted sites in Internet Explorer
Please use the web update feature withinSpywareBlaster to obtain the latest definitions.
Enable all protections once downloaded.

Spyware Doctor 3.0612 0

Spyware Doctor has been updated with new spyware definitions.

Latest Database Version: 3.0612 0
Intelli-Signatures: 92,404

Spyware Doctor protects your computer in 3 ways. First, it has the On guard monitor which watches places spyware will change your computer settings. By alerting you, Spyware Doctor gives you the option to not allow unwanted programs on your computer. Second, Spyware Doctor has a feature called Immunize that completely blocks known spyware from even installing. Third, spyware Doctor has a large detection database that removes spyware that has gotten onto your computer. I have used Spyware Doctor in tests against SpyAxe and SpyFalcon. It completely removed the those two. A restart of the computer and resetting my wallpaper was the hardest part.

A free scan is available from the Spyware Doctor Homepage:
http://www.pctools.com/spyware-doctor/

New Intelli-Signatures:
3.0612 0 - Adware.Ncast, Trojan.Bancos.KD, Trojan.Spy.Banker.ABG, Trojan.Spy.Banker.BBH

Extended Intelli-Signatures:
3.0612 0 - Adware.Henbang, Backdoor.AimBot, Backdoor.IRC.Zapchast, Backdoor.IRCBot, Backdoor.Rbot, Backdoor.Sdbot.AAD, Borlander, Common Components for Backdoors, CWS.XPSystem, Trojan.Banker, Trojan.Downloader.ConHook, Trojan.Dropper.Agent.AXO, Trojan.Killav.AU, Trojan.LowZones, Trojan.Proxy.Small.BO, Trojan.Proxy.Xorpix, Trojan.PSW.Agent.CK, Virtumonde, VX2.Look2Me

3.0611 0 - Backdoor.Delf.TZ, Backdoor.Sdbot.AAD, Exploit.ANI, Flingstone Infamous Downloader, Maxifiles, Trojan.Bancos, Trojan.Banker, Trojan.Busky, Trojan.Conycspa, Trojan.Downloader.Small.DTC, Trojan.Downloader.Sohanad, Trojan.FakeAlert, Trojan.Luzia.M, Trojan.Mailbot, Trojan.Proxy.Agent.Df, Trojan.SpamThru, Trojan.Win32.SecondThought.l


General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

Spybot Search and Destroy December 1st

2006-12-01
Hijacker
++ Absolutee.PornoHome
Malware
+ Aest + ISearchTech.YSB ++ NavBHO ++ SearchEnhancer ++ Smitfraud-C. (4) ++ Smitfraud-C.Toolbar888 (3) + SpyHeal ++ VirtuMonde (2)
PUPS
+ VirusBurst + Zango
Trojan
+ Bancos + Cimuz + Krepper-G + Lineage.DN ++ MSNservice ++ Smitfraud-C. ++ Stration.C ++ Tibs.id ++ Win32.Adload.fu ++ Win32.Clicker + Win32.Delf.aml + Win32.Limar ++ Win32.Pakes + Win32.SdBot.aad ++ Win32.Small.na + Zlob.Downloader ++ Zlob.EliteCodec + Zlob.HQvideo + Zlob.IVideoCodec ++ Zlob.PerfectCodec (2) + Zlob.PornPassManager + Zlob.MediaCodec ++ Zlob.SuperCodec ++ Zlob.TrueCodec ++ Zlob.VideoCompressionCodec
Total: 336820 fingerprints in 53970 rules for 2500 products.


http://www.spybot.info/en/home/index.html

Sitemeter