Page 1 of 1

BugHunter v2.2

Posted: Sat Feb 24, 2007 1:16 am
by Raid
See newer post for a better description!

Posted: Wed Mar 28, 2007 12:50 am
by Raid
An important update concerning BugHunter! :)

What is BugHunter?

BugHunter is a DOS based malware scanner which has a frequently updated
database of signatures as well as engine updates. The program is designed
to quickly scan for and optionally disable/remove any known malware found.

BugHunter is able to detect browser hijackers, rogue programs, adware,
keyloggers, spyware (including some commercial ones), rootkits which
are file based, malicious java/html/vb scripts, and various worms.

As BugHunter is DOS based and does not require installation of any sort,
it can easily be copied to various media and used to disinfect other
systems without those systems having potentially harmful code present in
memory. BugHunter gets along fine with most memory resident programs, and
supports being run from a boot diskette/cdrom, such as BartPE.

The scanning routine is very fast, and requires few resources from your
machine. BugHunter will run well on DOS, Windows 3.x, Windows 9x, Windows
NT, Windows 2k, Windows XP and Windows 2003.

BugHunter does not edit the registry of the system in any way, it simply
identifies and optionally removes found files. As BugHunter relies on dat
file technology similar to that of a virus scanner, updates to the datafile
and the program itself will be released from time to time on the Website.

For NTFS based operating systems, BugHunter can be run from a BartPE
cdrom. BugHunter will run under NTFSDOS, but odd results have been
reported using it. For example, the date/time stamp of the log file will
be wrong. Scanning does not seem to be affected.

BugHunter Signature Updates from 02.20.2007 to 03.28.2007

Posted: Wed Mar 28, 2007 12:51 am
by Raid
March 28th, 2007

Additions:

Backdoor.Mirc.AE (+2)
Malicious HOST! See PCBUTTS.TXT
Malicious Script! See PCBUTTS.TXT
Trojan.FakeAlert.DO
Trojan.FakeCodecs.A (+25)
Trojan.IRC.FLOOD.gl
Trojan.MSNMaker.Ae
Trojan.Peed.LD (+2)
Trojan.Zlob.Gen (+4)

Total now stands at 6,911 signatures for malware.

March 23rd, 2007

Additions:

Adware.Cinmus.N
Backdoor.IRCBot.DK
Backdoor.SDBot.VanBot.A
Malicious JavaScript
Trojan.Agent.AON
Trojan.Cipher
Trojan.Clicker.Agent.Is
Trojan.Delf.gen
Trojan.Dialer.RI
Trojan.Dldr.Agent.ABE
Trojan.Dldr.Agent.AVV
Trojan.Dldr.Delf.Bgn
Trojan.Dldr.Js.Agent.Ab
Trojan.Dldr.Js.Psyme.Dy
Trojan.Dldr.Mediket.Cz
Trojan.Dldr.Small.Cwj
Trojan.Dldr.Small.Edb (+5)
Trojan.Dldr.Small.Egd
Trojan.Dldr.Small.Ehs
Trojan.Dldr.Small.Eih (+2)
Trojan.Dldr.Zlob.Boi
Trojan.Dldr.Zlob.Bpn
Trojan.Dldr.Zlob.ZQS (+2)
Trojan.Dldr.Zlob.ZQT (+2)
Trojan.Dldr.Zlob.ZQU
Trojan.Dldr.Zlob.ZQW (+3)
Trojan.Dldr.Zlob.ZQX
Trojan.Dropper.DB
Trojan.Proxy.Agent.Mh
Trojan.Proxy.Dlena.CA
Trojan.Qhost.It
Trojan.Rootkit.AB
Trojan.Rootkit.AT
Trojan.Rootkit.L
Trojan.Spambot.H
Trojan.Spy.Goldun.Ms
Unclassified Trojan (+46)
Unclassified Worm

Total now stands at 6,872 signatures for malware.

March 20th, 2007

Additions:

Adware.Agent.Bs
Adware.Delf.O
Adware.Videocatch
Adware.Zango.Foosball
Application.ServiceMan.A
Application.StealthProxy.A
Backdoor.Suspect.A
BackDoor.Volt
BDS/PcClient.qf
Malicious HTML Script (+2)
Malicious Script (+5)
Program.SlimFTPd.316
RemoteAdmin.BO
Rootkit.Agent.Ea
Spyware.Remoteadmin.H (+2)
Tool.Shutdown.D
Trojan.Agent.AOU
Trojan.Agent.Qq
Trojan.Callgate.Oleadm.3
Trojan.Delf.O
Trojan.DHijacker.A
Trojan.Dialer.RI
Trojan.Dldr.Agent.Es
Trojan.Dldr.Conhook.A
Trojan.Dldr.Tiny.Gc
Trojan.Dldr.Vb.Apq
Trojan.FakeCodec.OCX
Trojan.FakeCodecs.A (+8)
Trojan.Hacdef.Fha
Trojan.Hupigon.Emq
Trojan.MatrixHasYou
Trojan.Peed.JZ
Trojan.Proxy.Agent.Cl
Trojan.Proxy.Slaper.P
Trojan.Sdbot.Aqj
Trojan.Shell.H
Trojan.Small.EV
Trojan.Small.Nz
Trojan.Spambot.H
Trojan.Spy.Banker.Cji
Trojan.Spy.Delf.EY
Trojan.Spy.Goldun.Ms
Trojan.Spy.Iambigbrother.91
Trojan.SpyICQ
Trojan.StealthProxy.A
Trojan.Zlob.Gen (+45)
Unclassified mIRC Bot
Unclassified Trojan (+116)
Worm.Zhelatin.Gen (+6)

Total now stands at 6,780 signatures for malware.

March 12th, 2007

Adware.Maxsearch.E (+2)
BackDoor.IRC.Sdbot.1123
Backdoor.Sdbot.QJ
Backdoor.Spy.Dimpy.A (+6)
BDS/HackMess.A
BDS/Messiah.D
Dialer.Porn.GbI
Dropper.SpamBot.H.1
Malicious JavaScript
Malicious Mirc Script (+6)
PuP: Multimedia Fusion
Rootkit.Agent.dp
Rootkit.Agent.EA.2
Rootkit.Zlob.A
SpamTool.Agent.u
Trojan.AAYN
Trojan.Agent.Aef (+2)
Trojan.Agent.Amd
Trojan.Agent.ANT
Trojan.Agent.ANU
Trojan.BHO.Ad
Trojan.Bho.Al
Trojan.Clicker.Agent.JG (+2)
Trojan.Clicker.Agent.JX
Trojan.Ddos.Small.O
Trojan.Delf.bvb
Trojan.Delf.Nj (+2)
Trojan.Dldr.Agent.Ayg
Trojan.Dldr.Agent.Bcc (+2)
Trojan.Dldr.Agent.Bef (+2)
Trojan.Dldr.Agent.Bga
Trojan.Dldr.Busky.T (+3)
Trojan.Dldr.CWS.am
Trojan.Dldr.Delf.RY
Trojan.Dldr.Small.AEZ
Trojan.Dldr.Small.Dwc
Trojan.Dldr.Small.Ego
Trojan.Dldr.Small.VQ (+2)
Trojan.Dldr.Zlob.bpt (+3)
Trojan.Dldr.Zlob.DH
Trojan.Dldr.Zlob.PA
Trojan.Dnschanger.Ik (+9)
Trojan.DNSChanger.IO.7
Trojan.Dropper.Bho.B
Trojan.Fuklip.k
Trojan.HackerDefense
Trojan.HackerDefense
Trojan.Irc.Zapchast
Trojan.Lager.Dp38
Trojan.Lager.Dp51 (+3)
Trojan.Nimosw.A
Trojan.Peed.Gen
Trojan.Peed.GX
Trojan.Peed.IU
Trojan.Proxy.Agent.CL
Trojan.Proxy.Agent.FQ
Trojan.Proxy.Dlena.Bo
Trojan.Proxy.Small.Du
Trojan.Psw.Ldpinch.Bex
Trojan.Psw.Ldpinch.Bky
Trojan.Small.Gp
Trojan.Small.Lf
Trojan.Small.Lh
Trojan.Spambot.BXA

Trojan.Spambot.BXB (+3)
Trojan.Spamtool.Delf.J
Trojan.Spy.Agent.PZ (+2)
Trojan.Spy.Bancos.Aam
Trojan.Spy.Keylogger.Lp
Trojan.Vanbot.Bh
Trojan.Vanbot.Bj
Trojan.Zlob.AK
Trojan.Zlob.Bpt
Unclassified Trojan (+35)
Worm.Locksky.Ba
Worm.Locksky.NAG
Worm.Rays.A

Total now stands at 6,538 signatures for malware.

March 11th, 2007

Additions:

Adware.Renos.WW
Adware.Spysheriff.AJ
BackDoor.Generic5.LVM (+2)
Backdoor.Rbot.bwa
Backdoor.Sdbot.VM
Malicious Exploit Script (+9)
Malicious HTML Script (+5)
Malicious JavaScript
Malicious Script
Malicious Self Extractor!
PSW.Generic3.JZN
SYMBOS.Cabir.G.1
Trojan.BHO.AB
Trojan.Clicker.Small.Cc (+2)
Trojan.Dldr.ConHook.ah
Trojan.Dldr.Nurech.Az
Trojan.Dldr.Small.Cwj
Trojan.Dldr.Small.eih
Trojan.Dldr.Zlob.Variant
Trojan.DNSChanger.IH (+3)
Trojan.DNSChanger.IK
Trojan.DNSChanger.IO (+2)
Trojan.Downloader.HP
Trojan.ExplorerHijack
Trojan.FWDisable
Trojan.Pakes
Trojan.Peed.G
Trojan.Peed.GW
Trojan.Peed.GZ (+2)
Trojan.Peed.HI (+3)
Trojan.Peed.IK
Trojan.Peed.IT
Trojan.Peed.IU (+2)
Trojan.Peed.U (+2)
Trojan.Peed.Variant
Trojan.Proxy.Agent.GB
TrojanDropper.Agent.AKO (+2)
Unclassified Trojan (+51)
Worm.Locksky.AW@mm
Worm.Womble.c (+2)

Total now stands at 6,394 signatures for malware.

March 7th, 2007

Additions:

Adware.Hotbar (+9)
Adware.NewDotNet
Adware.Webhancer
Trojan.Dldr.Zlob.d (+28)
Worm.Warezov.Bl
Worm.Warezov.Do
Worm.Warezov.Dq
Worm.Warezov.Ep
Worm.Warezov.Ky
Worm.Warezov.Lg
Worm.Warezov.Lj (+3)
Worm.Warezov.LN (+3)

Removals:
2 signatures deemed to be false alarms

Total now stands at 6,280 signatures for malware.

March 4th, 2007

Additions:

Adware.NaviPromo.Am
Adware.Virtumonde.Fp
Adware.Virtumonde.Ha (+3)
Keylogger.iOpus.A
Malicious HTML Script (+9)
RogueApp: PcCleaner Installer
Trojan.Agent.Agv
Trojan.Agent.Alx (+3)
Trojan.Bho.G
Trojan.Downloader.Agent.Axh
Trojan.Downloader.Agent.Bbr
Trojan.Downloader.Busky.Az
Trojan.Downloader.Donn.Af
Trojan.Downloader.Small.Ccm
Trojan.Downloader.Small.Egw
Trojan.Downloader.Small.QU
Trojan.Downloader.Zlob.DT
Trojan.Downloader.Zlob.EI
Trojan.Downloader.Zlob.EK
Trojan.Downloader.Zlob.gen (+2)
Trojan.Hupigon.Eli
Trojan.IRCBot.Aaf
Trojan.Kolweb.J
Trojan.Peed.GZ
Trojan.VanBot.Ay
Trojan.Vundo.Af
Trojan.Zlob.X
Unclassified IRCBot
Unclassified Trojan (+65)
Worm.Mydoom.57344
Worm.Warezov.BCX
Worm.Warezov.Dq
Worm.Warezov.Lh
Worm.Zhelatin.Aw (+7)

Total now stands at 6,231 signatures for malware.

March 3rd, 2007

Additions:

Adware.CoolWebSearch.H
Adware.NaviPromo.Am
Adware.VirtuMonde (+12)
Backdoor.Agent.FO
BackDoor.IRC.Sdbot.795
Backdoor.IRCBot.AA
Backdoor.SDBot.VU
Backdoor.VanBot.L
Backdoor.VB.KP
Trojan.Agent.agz
Trojan.Agent.Alx
Trojan.Agent.Jta
Trojan.Agent.Qt
Trojan.Delf.zj
Trojan.Dldr.CWS.gen (+47)
Trojan.Dldr.Cws.P
Trojan.Dldr.Harnig.XB
Trojan.Dldr.Small.AAU
Trojan.Dldr.Small.Ego
Trojan.Dldr.Tiny.eu
Trojan.Fakealert
Trojan.IRC.Bot
Trojan.Peed.GW
Trojan.Proxy.Ranky.Gen
Trojan.Regpat.A
Trojan.SpamTool.Agent.U
Trojan.Spy.Bzub.Ic
Worm.Bagle.hq
Worm.Delf.I

Removals:
1 False alarm with Google Earth

Total now stands at 6,108 signatures for malware.

February 25th, 2007

Additions:

Adware.Adclicker.E
Adware.Agent.Bn (+2)
Adware.Baidu.C
Adware.Lop
Adware.Navipromo.AU
Adware.NewDotNet
Adware.Package: WebBuying.A,Navipromo.Au,NewDotNet.B
Adware.SurfSide.AX (+2)
AdWare.SurfSide.AY
Adware.VirtuMonde.DY
Adware.Virtumonde.Ft
Adware.Vstoolbar.A (+2)
Adware.Vundo.Ffa
Adware.WebBuying.A
Backdoor.AFCore.F
Backdoor.Rbot.bwq
Backdoor.SDBot.UR
Dialer.EWJ
Dialer.Riprova (+2)
Dialer.Riprova.E
Downloader.Generic3.UBD
Downloader.Tibs.3.G (+2)
Dropped:Trojan.DNSChanger.IH (+2)
Malicious Script (+32)
Malicious.Mirc.batch control file
Malicious.Mirc.bot control entries
Malicious.Mirc.Script (+5)
Rootkit.Agent.Dw
Rootkit.Agent.J
Trojan.Agent.Afs
Trojan.Agent.Fib
Trojan.Agent.Qt
Trojan.BHO.g (+3)
Trojan.Clicker.Agent.jc
Trojan.Dldr.Agent.AZK (+2)
Trojan.Dldr.ConHook.at
Trojan.Dldr.Delf.bas
Trojan.Dldr.Small.Buy
Trojan.Dldr.Small.Dxm
Trojan.Dldr.Zlob.boy
Trojan.DNSChanger.IH (+3)
Trojan.Downloader.Femad.gen
Trojan.Downloader.Fontra.C
Trojan.Downloader.Harnig.XB
Trojan.Downloader.Small.Cib
Trojan.Downloader.Small.Dwc
Trojan.Downloader.Small.Dxm
Trojan.Downloader.Zlob.blr
Trojan.Dropper.Zlob.Bod
Trojan.Ircbot.Aaa
Trojan.Ircbot.Zx
Trojan.Keylogger.FTPbased
Trojan.KillFiles.lw
Trojan.KillProc.q
Trojan.Mirc.Bot
Trojan.ngvck
Trojan.Peed.R
Trojan.Peed.U
Trojan.Proxy.Agent.CL
Trojan.Proxy.Agent.CQ
Trojan.Proxy.BK
Trojan.Proxy.Caprobad.c
Trojan.PSW.Agent.km
Trojan.PSW.Maha.f
Trojan.PurityScan.A
Trojan.PWS.Pinch.A (+2)
Trojan.RBot.Bwk
Trojan.SdBot.Bev
Trojan.Small.Nz
Trojan.SpamBot.DT
Trojan.Spy.agent.Pr
Trojan.Spy.Bzub.Gr (+2)
Trojan.Spy.VBStat.B
Trojan.Spy.Vbstat.H
Trojan.Vanbot.Ay
Trojan.Vundo.AF
Trojan.Zlob.Bnk (+3)
Trojan.Zlob.BnL (+2)
Trojan.Zlob.Bod
Unclassified Trojan (+51)
Worm.Vb.Cp
Worm.Warezov.Lk

Total now stands at 6,021 signatures for malware.

February 24th, 2007

Additions:

Adware.DriveCleaner
Adware.Winantispyware2007
Adware.Winantivirus2007

Total now stands at 5,838 signatures for malware.

Posted: Wed Mar 28, 2007 10:29 am
by MysteryFCM
You seem to have forgotten the link ;)

http://bughunter.it-mate.co.uk

Posted: Wed Mar 28, 2007 6:33 pm
by Raid
My Bad, seems I did indeed!

The signatures for today have been re-released. They clear up a false alarm issue with one particular version of Sysinternals RootKit Revealer. Sorry about that gang.

They add additional protection tho too, Including the 3 baddies I picked up last night surfing Temerc's links. *hehehe*

Whats new in this signature database update?
March 28th, 2007

Additions:

Adware.MyWeb (+3)
Adware.MyWebSearch (+4)
Adware.Softomate.Aa
Adware.Wintools (+3)
Backdoor.Mirc.AE (+2)
BackDoor.SdBot2.XFO
BackDoor.SdBot2.YDN
Exploit.Win32.WMF-PFV (+2)
Malicious HOST! See PCBUTTS.TXT
Malicious Script! See PCBUTTS.TXT
Trojan.FakeAlert.DO
Trojan.FakeCodecs.A (+25)
Trojan.IRC.FLOOD.gl
Trojan.MSNMaker.Ae
Trojan.Peed.LD (+2)
Trojan.PornAccess.A
Trojan.Zlob.Gen (+4)

Total now stands at 6,926 signatures for malware.

http://bughunter.it-mate.co.uk

Please let me know what you think of the program. you can checkout some of the awards it's recently gotten by visiting
http://bughunter.it-mate.co.uk/Awards.htm

If you think the program is useful and neat, feel free to help pass it along to free software sites. I'd certainly appreciate it! :)

If your an ASP person, my pad file link is here:

http://bughunter.it-mate.co.uk/pad.xml

Posted: Thu Mar 29, 2007 10:02 am
by JeanInMontana
Does my heart good to see these two entries: Malicious HOST! See PCBUTTS.TXT
Malicious Script! See PCBUTTS.TXT